last executing test programs:

9.684016021s ago: executing program 4 (id=201):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x1000002)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000240)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080", @ANYBLOB], 0x48)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000001100)=ANY=[], 0x40}, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(0xffffffffffffffff, 0x28, 0x1, &(0x7f0000000000)=0x2, 0x8)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2008, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
getsockopt$nfc_llcp(0xffffffffffffffff, 0x6, 0x19, 0x0, 0x2000e881)

8.748037597s ago: executing program 4 (id=204):
clock_adjtime(0x0, &(0x7f0000000700)={0x1000000000066fb, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0, 0x0, 0x137, 0x240b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
openat(0xffffffffffffff9c, 0x0, 0x1a36c1, 0x335)
openat(0xffffffffffffff9c, 0x0, 0x143042, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file3\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000600)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f00000feff006926000000000000bf67000000000000560602000fff0700670600001f000000170200000ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffbd35010000000000840400000000000014000000100000009500000000000000db13d5d8b741f2cdaabc8383c8f56b8c2b848b00ea6553f304000000815dcf00c3ee7b042d1937ba52037fdedb2150e1918c30b6301f0212feb0cff9fc56357d81b2cc1a9e37d7b75c020b070000003eb22062bafaca036d9cc7db6671573e202e0a92ee4ba12b064981cc32d1ac0b9ecc8f604dcac2563e1c1e7624cc3b88b330ad416c4c1d8c60589b6045a4ffff50df4d34bc5847bebb943a84cb56956931ba9cc39c4a9deea5d77aa843a40000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

8.273965405s ago: executing program 3 (id=208):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000070000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x9)
epoll_create1(0x0)
listen(r1, 0xfff)
syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
dup(r0)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x401, 0x0, 0x4, 0x200}})

7.761117193s ago: executing program 4 (id=211):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x8, &(0x7f0000000a40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000b0000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad03c22624c9f87f9793f50bb546040677b2d9e31fc79db0c5077da90fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c4089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302003d2036b8a24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3a4d6926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873095cbff90326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288c9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffff9c77000000000000ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0f3494d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36060000000000000006f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb9973164a714b930b075bdaaedbf17866fb84d4173731efe895ff2e1c5560926e90109b598502c9e959ef939ec71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a45a1c168d832fecb06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a636c3b0e69102d1567f2e4d9dc080466c51bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf790842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc9da71c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e4a4660fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000200000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1b3be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fad05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6000010237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b0842bd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920386f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945eceda26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9f96756ea5cce7daac4be29bcf58ff30159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf974fcf36cbf6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e3c78b2a78f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397dacafa86966d7ba10413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd574d67ff2a49c4f93c0984b5c2d452340000d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d2cd1fe21ba8eaab827624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c79217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b29637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000002b77000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae4ffffffffb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a73efb16d4b2db6421fd4e343fa23bad8240e51067d5d675d0104361c37c61a43b5afd865b60d4cae891b73220f17d25979a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2d7a510000a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7f090000001551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab0300d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c7a1b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e64701b049239e7f5faac16441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867810000004faa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a2689217380400a9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3adf01a072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a20ffffffff682139c58ac1deb039a691ad640e12c12fe11d70fe495906f2d5d71778acbd4eee53a3996cb0de84bd2b059d60c0f96a53ea44e0b293865aa68df494f87db976e36ad6c06912244d4c883c4aaa60b4a1392ce0b2f2c51966504652ff871e0f6dfff9f7d34ecf04be0a58c354fb7388ff7796d53174b67d1886e34b81ad8c60da56acc64739c3acab24aa8d0ac92d465074f915608b1b60a948bad401b1a7fb3627bbe6c45123ed44bfdf8cc143bd1b7a663dc3d0476b8e39becffc429e41f66b1e37ae52aacaff0f1dc8ea70b68c25072e20586b19127d75fa71577f265c51000000000000000000000000003bba840af65aff3d8261bc163b57a23d3e3ab2d8bbd314cd5c7699bd08f58b83c07e8c3d36261609e8d5461e2e7633e8377627ccf0613308155aaf7d746c08a685ea9ae0ab702ee4edc393d76a73d00452b1cc6eeadd186f54ea77c416a4b2cbcfe37fc778621a3178baae78ff1b7ded218a3366712b3feb9415141ecb23abfb37f43a1c6dd6354a104b2cb17b90757b6a71459cc758463be2ca2d80aa285ff00fff4381bfcf659dd02147b74f784d06d0c3be24f26405ce09fb31688dbc5430c8a02079d2d128a6b72cc54d6c859d9a2fd8e87f87cd096ec92440c5c6d6905955d0e74a80385011e16f05d3eb815b0333ca5f6d3cf82962a4ed240ef1bcd2ad552c00e10fb9dd9f0ea7987eb6187aa310dfc3d5e63c31118d284b253d8a52d0081eb36e502b6de0ae05836469bf82b5055feaeef92a3e07446d86a971bcfdd7ed1b1cb44ac59faa9fc81d405c65cf0b74709a000000001283bf8f1df0acd0edffa16ed206042809d15ca101afda8a461d1f0f48e28e8a5c8ccccc0d86a9ec1fac367a2b7c6879000000000000000000000000000000000000da408de957a3b509882b212e0169d0a4194b21a144d9c08f5c9460ff45701d0a8db27d34fe973fab987d6ceb2e8524b84f6aedb811c048f5d8e7f8f5879f4a430fa4275f2cb50e0575dacb04b510d19d1a3b21b937f85ec9948cd3efedff8c886ce01119c36e76088b4e452f94b7a45421058132cc74a21b37c587dccdc209ff86840d75e58a806f90a243664cceedfc2d915f6f4f6047390c9ac78bb7bf8f01a08d63c925c9a5718ce721cb4207697ff3d524897436f9696321878639ce34af2c3807fb181b1471eff7470f1254b426e2d2550ab5cd8210664f318f4a0b370d63ebc658b4544b6bc4ac192fe39e554bcaab67caaf6e058e46d0eb71d6ec2137c0487602e2175c87581b7b1aecb6158ac1fe65e37e7eb581873c95f3eb4c6e2ebcc2ae55f3d25bbf3bc3b35bfbb4233db7d998a7b6c494992680380caf577b04d6d44883a547f401ab2df13ba6ef0f96e626ed3a4ea196e99ccad3234f9648cb5d6bc140472c0721660b963d6f5bf70f78f541c7a5e7a91e4741317a0d779b44b52d8c2b200d1e2e8674c427ec2d1c2286118dbb839ada07fa4ee86b9e18b4114b2b4dd8d799aa76d07bbd3a6e350be8591aadefef39e1d4b7cf59b2e9a3b23ed81110beca3190faa027dc7cba6a214a5f2ff011db2e77f51cedd449103b3ef36d04d9fa0f67dc78053640f06364c9c745eadd6ab3052750c54137a18ea3eb7e7caf8542934586fea611b94c1800b7ab4bd371da15027d88ac1cdb52c2f73467ee66f050"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
socket$tipc(0x1e, 0x5, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f00000006c0)={{0x12, 0x1, 0x0, 0x4b, 0x42, 0xe6, 0x8, 0x1a0a, 0x103, 0xad1d, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xf6, 0x39, 0xbe}}]}}]}}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000040), 0x10, &(0x7f0000000180))

7.606669162s ago: executing program 1 (id=214):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000013c0), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r3, 0x8004551a, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x2d)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x40f41, 0x7a8f08989cc21170)
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000a80), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r8, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
sendmsg$NL80211_CMD_GET_REG(r0, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000001400)={0x14, r1, 0x701, 0x70bd27, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x4000000)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)

7.27219182s ago: executing program 3 (id=215):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x1000002)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000240)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080", @ANYBLOB], 0x48)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000001100)=ANY=[], 0x40}, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(0xffffffffffffffff, 0x28, 0x1, &(0x7f0000000000)=0x2, 0x8)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2008, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
getsockopt$nfc_llcp(0xffffffffffffffff, 0x6, 0x19, 0x0, 0x2000e881)

6.383327447s ago: executing program 1 (id=217):
getgroups(0x2, &(0x7f0000000040)=[0xee00, 0x0])
gettid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file2\x00', 0x200000, &(0x7f00000000c0)={[{@dioread_lock}, {@noblock_validity}, {@lazytime}, {@noblock_validity}]}, 0xfc, 0x564, &(0x7f00000008c0)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUo2ixoPe6JNNQsumW7KY0sWB7sBcvUgQRC6J37x6L/4B/RUELRUrQg5eV2cym22Y32aSbJu1+PjDJezOzee+7M9+XNzu7bAB9ayz7UYh4NSK+TSJGWrYNRr5xbHW/lYfXp7MliXr9s7+TSPJ1zf2T/PehvPJKRPz+dcTJwvp2q0vLc6VyOV3I6+O1+Svj1aXlU5fmS7PpbHp5cmrqzDtTk++/927PYn3z/L8/fHr3ozPfHF/5/tf7R24ncTYO59ta43gKN1orYzGWPydDcfaJHSd60Nhekux2B9iWgTzPhyIbA0ZiIM/6tuojz7JrwA77KktroE8l8h/6VHMe0Ly279F18HPjwYerF0Dr4x9cfW0khhvXRgdXkseujLLr3dEetJ+18dtfd25nS/TudQiATd24GRGnBwfXj39JPv5t3+ku9nmyDeMfPDt3s/nPW+3mP4W1+U+0mf8capO727F5/hfu96CZjrL53wdt579rN61GB/LaS40531By8VI5zca2lyPiRAztz+ob3M/5orByr95pY+v8L1uy9ptzwbwf9wf3P/6YmVKt9FRBt3hwM+K1tvPfZO34J22Of/Z8nO+yjWPpndc7bds8/p1V/znijbbH/9EdrWTj+5PjjfNhvHlWrPfPrWN/dGp/t+PPjv/BjeMfTVrv11a33sZPw/+lnbZt9/zfl3zeKO/L110r1WoLExH7kk/Wr5989Nhmvbl/Fv+J4xuPf+3O/wNZYncZ/62jt1p3Hd5a/Dsri39mS8d/64V7H3/5Y6f2uzv+bzdKJ/I13Yx/3XbwaZ47AAAAAAAA2GsKEXE4kkJxrVwoFIur7+84GgcL5Uq1dvJiZfHyTDQ+KzsaQ4Xmne6RlvdDTOTvh23WJ5+oT0XEkYj4buBAo16crpRndjt4AAAAAAAAAAAAAAAAAAAA2CMORQy3+/x/5s+B3e4dsOM2+Mpv4AXXOf/zLb34pidgT/L/H/qX/If+Jf+hf8l/6F/yH/qX/If+Jf+hf20l/385t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPnsqW+8vD6dFafubq0OFe5emomrc4V5xeni9OVhSvF2UpltpwWpyvzm/29cqVyZWIyFq+N19Jqbby6tHxhvrJ4uXbh0nxpNr2QDj2TqAAAAAAAAAAAAAAAAAAAAOD5Ul1aniuVy+mCgsK2CoN7oxsKPS7s9sgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/8HwAA///F1Dry")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000010000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

6.228678136s ago: executing program 3 (id=219):
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000006c0)='/proc/schedstat\x00', 0x0, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x2, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendmmsg$inet(r2, &(0x7f0000001a40)=[{{0x0, 0x0, &(0x7f0000001640)=[{&(0x7f0000000140)="53a1b228144d4835415007b390c577cc8a52baa9acba00f1dd7513f66663907dd44196b10d83678ae900d813987c30ec", 0x30}, {&(0x7f0000000540)="0b8b61a9d3983220d21a6c51b2595f671ffd4f674d81bec0e74d44fc1f87c6699a37d7dc912a573f5160648d2dc6dcb9b7fadbfa5f6d0b77afb8e72fc808ca522704d3a40c10a4ec42cef49e0f14cfed658cd906fbfbd5662ad2d46f866d5822", 0x60}, {&(0x7f0000000700)="ecb0cf337e24fac56e2538eeef46cfc55416975a2b339dc2fd50692d3a8701efab83f5d5522b4d66e05b95861dbd39ec103f21789acad70354be14337dee47726ee004957151164ff869fd080c8aba3cbbb98dc6833516bd27cea00e2bcf832865128a661ee2d8bb45952d584728fc7b3d9031f3fca7780d3345a6386a1380b311cbf7dcfcc6f0cc62cef4971d77e32d4df628932e98b716b22833c4f753ae66f24ad52ad704929d72860c28223013a4e9e1f1d0457b2ced6397ba", 0xbb}, {&(0x7f0000000340)="88b1b408f4505cceda1a52bd9275c1cee323958beab018ed3fcfbda5a40856fff0e5775f3964edba0dffc9d6d5781f0cd36e643553f83c877d4abcf0197bdc9e0420107e5ce648500ee9d4e1d6f9b70f882178e1d16aedb5ac18916125c173da0679e5256e3494915f76f31d", 0x6c}, {&(0x7f0000000880)="f3800fa39c041d1b847639be7e710c9d84b36d726fd1c0c270e96d7301800d1474a8eb421e917e4356d41fe994c2f77cbe4d1c995b1457fe265375b93d0921e88a50b1ecd43d26e80ac566f640c663150d78beb087b3b94a4abfe1f4595f787d80ddb07bd31da39d135514a9bb1489bef35ef7a524ce59fcada09cab615172ab3d844b24bb76d2b1443a7942708f845d143499446d609aba4d95531eb7396d6606b9d0e6f559fb04ec9352e6dc104d1f6d89e4157200fea77e", 0xb9}, {&(0x7f00000009c0)="91e63bba648258706160117885363debd7e23684aa6e7c41fd6873ca56f4cffd1550819bdaee6c6d923c1ccd95950a085ca74094eee665b3a23811bb4e193946573ddf786db600d95230e5e4771638575d297fc5d7055a5aac2323a863e69f0843e1978fcf5a8501bf0a587601a0019e315d68a38b2fbbc07016fbc5938551d39b5dafe31a7c50f47d8c9d8b0c152d5bbe2194208c2093faa1447e1bff7f78e8e715b29dc3f4ff086a0570bf519be43633f57dfa1628a5665fd75f78295733525e2952887565d265698c93b1c551e71d5b04074a6af623f6b7142de0f4608c4cfb12e49e17f0d2598ea42337393f690fe4f4f29ae7b31753f769c85387c0f22e28df35968d6353e2f0db11339b7d136bff95efb22dae41c46f2d0046486e2ab1ae862a5fe46f32ce0f40d710ef0ffe579497a49404094f2161d17b4401b85481b2d72001ff", 0x145}, {&(0x7f00000007c0)="3efce8a8cebdc7241cb440f11fea781548d34d5e722a5dba696e4537ea944559f4e059a3fe4330959c11510fa33e1c42452283b13d4c83a23330b6408a9be851c6236b43a9ea7afb34e1a990513670a5c28bc7e3214ef988fed2004e84214e139f098cdd67c5f34c9080698ef5b3624d7da6c42114782f19b032ea52", 0x7c}, {&(0x7f0000000940)="c8", 0x1}, {&(0x7f0000000640)='i', 0x1}], 0x9}}], 0x1, 0x7c9ce320e12db95)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r5)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r7}, 0x18)
close(r6)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r6, 0x8943, &(0x7f0000000100)={'syzkaller0\x00'})
ioctl$SIOCSIFHWADDR(r5, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
sendfile(r2, r1, 0x0, 0x4000000000010046)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0xf)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)

6.097927686s ago: executing program 2 (id=220):
openat$ptmx(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
getpid()
bpf$MAP_CREATE(0x0, 0x0, 0x50)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2f, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x3, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, 0x0, &(0x7f00000002c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x27)
pipe(&(0x7f00000045c0))
syz_clone(0x0, 0x0, 0x44, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

6.005662785s ago: executing program 0 (id=221):
clock_adjtime(0x0, &(0x7f0000000700)={0x1000000000066fb, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0, 0x0, 0x137, 0x240b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
openat(0xffffffffffffff9c, 0x0, 0x1a36c1, 0x335)
openat(0xffffffffffffff9c, 0x0, 0x143042, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x1fe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file3\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000600)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000fff07006706000020000000170200000ee60000bf2500000000004c2d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffbd35010000000000840400000000000014000000100000009500000000000000db13d5d8b741f2cdaabc8383c8f56b8c2b848b00ea6553f304000000815dcf00c3ee7b042d1937ba52037fdedb2150e1918c30b6301f0212feb0cff9fc56357d81b2cc1a9e37d7b75c020b070000003eb22062bafaca036d9cc7db6671573e202e0a92ee4ba12b064981cc32d1ac0b9ecc8f604dcac2563e1c1e7624cc3b88b330ad416c4c1d8c60589b6045a4ffff50df4d34bc5847bebb943a84cb56956931ba9cc39c4a9deea5d77aa843a40000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

4.544779849s ago: executing program 1 (id=222):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000040)=0x1000007c, 0xfe4d)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_getaddrlabel={0x30, 0x1a, 0x1, 0x0, 0x0, {0x2, 0x0, 0x20}, [@IFAL_ADDRESS={0x14, 0x1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, 0x30}}, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0x0, 0x0, 0x0, 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=@base={0x11, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setresgid(0xee00, 0x0, 0x0)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setgid(0x0)
prlimit64(r4, 0xa, 0x0, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r3}, 0x57)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000040)=0x1000007c, 0xfe4d) (async)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_getaddrlabel={0x30, 0x1a, 0x1, 0x0, 0x0, {0x2, 0x0, 0x20}, [@IFAL_ADDRESS={0x14, 0x1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, 0x30}}, 0x0) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0x0, 0x0, 0x0, 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=@base={0x11, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
setresgid(0xee00, 0x0, 0x0) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
setgid(0x0) (async)
prlimit64(r4, 0xa, 0x0, 0x0) (async)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r3}, 0x57) (async)

4.538538379s ago: executing program 0 (id=223):
syz_mount_image$fuse(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="05000000070000000700000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000005740)=ANY=[], 0x48)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000057c0), 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = openat$selinux_member(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000005740)={&(0x7f0000000180)='rxrpc_tx_fail\x00', r2, 0x0, 0xe80}, 0x18)
write$selinux_access(r3, &(0x7f00000004c0)=ANY=[@ANYBLOB='system_u:object_r:ptch0 unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 0'], 0x67)
socket(0x10, 0x803, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x2, 0xfff, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000005800)=ANY=[@ANYBLOB="180000000000000000bf6d7a9ca3d26572ab99509fa6a4b148e2d9a12aa14b78ed14f901feeca64994332ec91467dc6b3378e2eeb3b23833820600d60d7229c69bf6b83b1ef7cde4262c0695f54d2e0f5df28ffe23f500653d1562394ed473c693a4223fc865bba2fb69404a9a2d951043273058de36db043bf4a366790697e76a82c12857ca3a39f6c5938ee51cb335e68d499c2b44d5022d01a42f561f0d4c5b0962", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r6}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

4.371021988s ago: executing program 0 (id=224):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x18)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
pwrite64(r1, &(0x7f0000000080)='3', 0x1, 0x0)

4.285905088s ago: executing program 3 (id=225):
syz_mount_image$fuse(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="05000000070000000700000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000005740)=ANY=[], 0x48)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000057c0), 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = openat$selinux_member(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000005740)={&(0x7f0000000180)='rxrpc_tx_fail\x00', r2, 0x0, 0xe80}, 0x18)
write$selinux_access(r3, &(0x7f00000004c0)=ANY=[@ANYBLOB='system_u:object_r:ptch0 unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 0'], 0x67)
socket(0x10, 0x803, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x2, 0xfff, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000005800)=ANY=[@ANYBLOB="180000000000000000bf6d7a9ca3d26572ab99509fa6a4b148e2d9a12aa14b78ed14f901feeca64994332ec91467dc6b3378e2eeb3b23833820600d60d7229c69bf6b83b1ef7cde4262c0695f54d2e0f5df28ffe23f500653d1562394ed473c693a4223fc865bba2fb69404a9a2d951043273058de36db043bf4a366790697e76a82c12857ca3a39f6c5938ee51cb335e68d499c2b44d5022d01a42f561f0d4c5b0962", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001840)={{r4}, &(0x7f00000017c0), &(0x7f0000001800)='%-5lx  \x00'}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00'}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r5}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

4.285172218s ago: executing program 0 (id=226):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f00000000c0)=0x9, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000440)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
io_submit(0x0, 0x2, &(0x7f0000000a00)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x6}, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x3, 0xb6c, r1, &(0x7f00000008c0)="9b879c8636c7a8540188bb03ec58dd613d1cc32d9a151ea748d88fb0051ee801d29f187213b9f1456b2d70de82090c1a4994e33615daeadee805eba5b7fc58028919cdfadf1b2ac94ee467dd369f1fbe415d331aa7be57e7a17e8e196c9b7b1894770c71d8179491f8fe766fa8cbc58e3af14e9fd55a16730f198af92fe2cc0c2e0f6979696a3cb1a4f291f19aa3abbbad4c1374f41d3576ba4fd953dd2c5fdd77f58686cfdf4039318ca9338c2fb825e935e4364971cda6479bbdfdf3a4fc9750f918fd3131ec1ff72fb9ea78c11a503e64ecb80cf280b8af832eb3d6b3899e21839ab772fce7fe37062b5a6715f0d6", 0xf0, 0xfffffffeffffffff, 0x0, 0x2}])

4.282685848s ago: executing program 1 (id=227):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000013c0), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r3, 0x8004551a, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x2d)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x40f41, 0x7a8f08989cc21170)
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000a80), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r8, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
sendmsg$NL80211_CMD_GET_REG(r0, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000001400)={0x14, r1, 0x701, 0x70bd27, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x4000000)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)

4.282293448s ago: executing program 2 (id=228):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file0\x00', 0x20)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000100))
r5 = fcntl$dupfd(r4, 0x406, r4)
ioctl$TCFLSH(r5, 0x400455c8, 0x1)
ioctl$KDSIGACCEPT(r4, 0x400455c8, 0xf)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r6, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r6, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r6, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r6, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
write$binfmt_elf64(r6, &(0x7f0000000780)=ANY=[], 0x78)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r6, 0x6, 0x16, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r6, 0x6, 0x13, 0x0, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'blkio'}]}, 0x7)

4.274099268s ago: executing program 3 (id=229):
r0 = syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x1018ed8, &(0x7f0000000000)={[{@dioread_nolock}, {@noload}, {@nobh}, {@jqfmt_vfsv0}, {@journal_dev={'journal_dev', 0x3d, 0x17}}, {@norecovery}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@nouid32}]}, 0x6, 0x64b, &(0x7f0000000d40)="$eJzs3c9rXFsdAPDvvZOkSRqbVkRsUAy4aEGaJrVYdWNbF3ZRsGAXIi4amqSGTn+QpGBroQm4UFAQcVukG/8B99K9OxHU3Vs/6Hs8+niF90rncWfuNJPJTGbaZGaS3M8HJnPuuefmnG/unNxz78yZG0BhTWc/0oiTEW9uJBGTDesmorZyOi/38pPHN7NHEpXKzz9OIsnz6uWT/PlovjAaEf++HPHV0vZ6Vx8+uj1frtQ8iTi7duf+2dWHj84s35m/tXhr8e7cuR+cvzD7w7nzcw0NfX9H8+crV3/2zT/97tffX/pP+UwSF+P68G8XoimOvTId0/EmD7ExfygiLmSJFn+Xg+YQhFBopfz1OBwRX4/JKFWXaiZj+Y8DbRzQU5VSRGVnyZYCI/UNgYMv0ZWhoOrjgPq5fXfnwdd7OCLprxeXaidA2+Mfyi85jFbPjcZfJg1nRrVrG8f3oP6sjtePR5++fjz1NLZch3j1du8M7UE97axvRMQ3WsWfVNt2vBppFn+65Vw/iYjZiBjJ2/eTXbQhaUj34jrMTrqMv5TF37gf0oi4mD9n+Zffs/7my1r9jh+AYnp+KT+Qr2dLm8e/bOxRH//E5vjnSX27iT0alwz6+Nd+/Fc/3o9Wxz1pU7zZmOVa61853JzxwR+u/KVd/bXx39TT+iOrvz4W7IcXGxFTTfH/Pgs2H/9k8Sctxr9ZkRsXu6vjp//96Eq7dYOOv/Is4lTL85/NUWmW2uH9ybNLy+XF2drPlnX881+/+nu7+lvHf6QHkbaW7f/xNvE37P+0ebvsb3K/9a/caM74x7Vnd9rVP9Fx/6cfjiS18836peffbKytrcxFjCRX8yJ5/vza2sq5neOtlXlVqT7P1eI//Z3W/X/L678pqrH6v8wu3P/F7Zft1r3P67/hzeQ3lS7b0E4W/0Ln/b+t/2d5f+6yjs9++eBb7da1jj/ZVUwAAAAAAABQVGn1PdgknXmbTtOZmdp82a/FeFq+t7r23aV7D+4uRJyufh5yOI00qX5kZLK2nCwtlxfn8s/D1pfPNS1/LyJORMRfS2PV5Zmb98oLgw4eAAAAAAAAAAAAAAAAAAAA9omj+fz/+n2qPy3V5v8DBdH5Ri7b7v8AHBK9vMEksL9V+/9Oh/hj/WsL0F+O/1Bc+j8Ul/4PxaX/Q3Hp/1Bc+j8Ul/4PxaX/AwAAAMChdOLbz/+fRMT6j8aqj8xIvs6kXzjcht+pdKln7QD6T4+G4nr71r/BPhROV+P/z/MvB+x9c4ABSFplVgcHlZ07//OWW27a2H3bAAAAAAAAAAAAAICaUyfbz/9/t7nBwEFj2h8U1y7m//vqADjgfPU/FJdzfKDDLP4Ybbei0/x/AAAAAAAAAAAAAGDPTFQfSTqTzwWeiDSdmYn4SkQcj+Fkabm8OBsRxyLif6XhI9ny3KAbDQAAAAAAAAAAAAAAAAAAAIfM6sNHt+fL5cWVxsQX23IOd6J+F9TOhStdlNkx8eN4x60i6f+fZSwiBr5TepYYashJItazPb8vGrayGvujGdXEgP8xAQAAAAAAAAAAAAAAAABAATXMPW5t6m99bhEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9N/m/f87JBbGaxt0LHxsW86gYwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADqYvAwAA///lRjOA")
r1 = socket(0x1e, 0x4, 0x0)
r2 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x455}, 0x10)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x5, &(0x7f00000001c0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x94, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x3, 0xb)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=ANY=[@ANYBLOB="6c00000010000304002000003c0e77897399f655", @ANYRES32=0x0, @ANYBLOB="15020000000000003c0012800b00010067726574617000", @ANYBLOB, @ANYRES32], 0x6c}, 0x1, 0xba01}, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000180)={0x3, 0x80000000, 0x4, 0xe, 0xeef})
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r8 = dup3(r2, r1, 0x0)
read$watch_queue(r8, &(0x7f0000000580)=""/199, 0xc7)
r9 = getpid()
sched_setscheduler(r9, 0x2, &(0x7f0000000200)=0x6)
ptrace(0x4208, r9)

4.272711388s ago: executing program 4 (id=230):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x1000002)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000240)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080", @ANYBLOB], 0x48)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000001100)=ANY=[], 0x40}, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(0xffffffffffffffff, 0x28, 0x1, &(0x7f0000000000)=0x2, 0x8)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2008, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
getsockopt$nfc_llcp(0xffffffffffffffff, 0x6, 0x19, 0x0, 0x2000e881)

3.689261446s ago: executing program 0 (id=231):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8)
r0 = gettid()
timer_create(0x3, &(0x7f0000000180)={0x0, 0x17, 0x4, @tid=r0}, &(0x7f0000000080))
timer_settime(0x0, 0x236bd4336e4642df, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x1200052, &(0x7f00000003c0), 0x1, 0x7aa, &(0x7f0000000800)="$eJzs3d1rW+UfAPDvSZt2v24/W0Fw86ogaGEstbNuCl5MvBDBwUCv3Uqaldm0GU061lKYQwRvBB1eCHqza1/mnbe+3Oq/oDcisjG1G068kMhJkzVd0y7dmnTazwfO9jznPOn3fM/Lc57kHJIAdq3h9J9MxIGIeC+JGKzPTyIiWyv1RhxbaXdreSmfTklUq6/+ltTa3FxeykfTa1J765X9EfHN2xEHM+vjlhcWpyeKxcJcvT5amTk7Wl5YPHRmZmKqMFWYPTI2Pn746DNH+7cv1z++X9x37f2Xnvz82F9vPXrl3W+TOBb76sua89guwzFc3ybZdBOu8eJ2B9thyRbbb+Nu5T6kp2bPylkeB2Iwemql9rTfEgB4kFyIiCoAsMskrv8AsMs0Pge4ubyUT6fqhZ39PKLbrr8QEXtW8m/c31xZ0lu/Z7endh904Gay5n5HEhFD2xB/OCI+/vL1T9MpOnQfEqCVNy9GxKmh4Ub/v9r/JOueWVjR/p37p9poM3xHXf8H3fNVOv55dnX8t3r+ZW6Pf6LF+Ke/xbl7L4Yj+prr68//zNVtCLOhdPz3fHb12bZbTfnXDfXUa/+vjfmyyekzxULatz0UESOR7U/rY5vEGLnx9401M3pWi83jv98vvfFJGj/9f7VF5mrvHV3u5ERl4n7zbrh+MeKx3lb5J7f3f7LB+PdEmzFefu6djzZaluaf5tuY1ua/1afKtq56OeKJaJ1/Q7LZ84lHRmuHw2jjoGjhi58+HNgofvP+T6c0fuO9QDek+39g8/yHkubnNctbj/Hd5cGvN1p29/xbH/99yWu1cqPzOD9RqcyNRfQlr6yff3j1tY16o32a/8jjrc//zY7/9D3hqTbz773262f3nn9npflPbmn/b71w5dZ0z0bx29v/47XSSH1OO/1fuyt4P9sOAAAAAAAAAAAAAAAAAAAAAAAAANqViYh9kWRyt8uZTC638hvej8RAplgqVw6eLs3PTkbtt7KHIptpfNXlYNP3oY7Vvw+/UT98R/3piHg4Ij7o/1+tnsuXipM7nTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O3d4Pf/U7/07/TaAQAds+euLW4UurIiAEDX3P36DwD817j+A8Dus/n1P9u19QAAusf7fwDYfVz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6LATx4+nU/XP5aV8Wp88tzA/XTp3aLJQns7NzOdz+dLc2dxUqTRVLOTypZmml/7Q6u8VS6Wz4zE7f360UihXRssLiydnSvOzlZNnZiamCicL2a5lBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADtKy8sTk8Ui4W5jhT66lE6GGL3FaqDKxv1QVmfzhd+PvTj/s3aXOrwYdxcqF7Y6a3RpcJO9koAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/x7/BAAA//910CYH")
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1001f0)
rt_sigtimedwait(&(0x7f0000000000)={[0x7fffffff]}, 0x0, 0x0, 0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0xd, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000002c0)={r8}, 0x69)

2.052996279s ago: executing program 4 (id=232):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000240)=@abs, 0x6e)
socketpair(0x1, 0x805, 0x0, 0x0)
r3 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
read$FUSE(r3, &(0x7f00000000c0)={0x2020}, 0x2020)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000002180)=ANY=[], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
fgetxattr(0xffffffffffffffff, &(0x7f0000000000)=@known='trusted.overlay.upper\x00', 0x0, 0x9100)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x98}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r6 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER_AVC(r6, &(0x7f0000001fc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000005304"], 0x14}}, 0x0)
setsockopt$MRT6_DEL_MFC(r3, 0x29, 0xcd, &(0x7f0000002100)={{0xa, 0x4e24, 0xffffffff, @private0, 0x3}, {0xa, 0x4e23, 0x8000, @private0={0xfc, 0x0, '\x00', 0x1}, 0x5}, 0x0, {[0x7fff, 0x1ff, 0xfffff000, 0x2, 0xbf1e, 0x9, 0x5, 0x5]}}, 0x5c)
r7 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000080)=@base={0x9, 0x16, 0xb4, 0x7f, 0x0, 0xffffffffffffffff, 0x4000def, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0xa, &(0x7f0000000680)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018100000", @ANYRES32=r7, @ANYBLOB="000000000000000079008300000000001800000000000000000000000400000095000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0xee, &(0x7f0000000340)=""/238, 0x41000, 0x6, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2.048543359s ago: executing program 0 (id=233):
getgroups(0x2, &(0x7f0000000040)=[0xee00, 0x0])
gettid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file2\x00', 0x200000, &(0x7f00000000c0)={[{@dioread_lock}, {@noblock_validity}, {@lazytime}, {@noblock_validity}]}, 0xfc, 0x564, &(0x7f00000008c0)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUo2ixoPe6JNNQsumW7KY0sWB7sBcvUgQRC6J37x6L/4B/RUELRUrQg5eV2cym22Y32aSbJu1+PjDJezOzee+7M9+XNzu7bAB9ayz7UYh4NSK+TSJGWrYNRr5xbHW/lYfXp7MliXr9s7+TSPJ1zf2T/PehvPJKRPz+dcTJwvp2q0vLc6VyOV3I6+O1+Svj1aXlU5fmS7PpbHp5cmrqzDtTk++/927PYn3z/L8/fHr3ozPfHF/5/tf7R24ncTYO59ta43gKN1orYzGWPydDcfaJHSd60Nhekux2B9iWgTzPhyIbA0ZiIM/6tuojz7JrwA77KktroE8l8h/6VHMe0Ly279F18HPjwYerF0Dr4x9cfW0khhvXRgdXkseujLLr3dEetJ+18dtfd25nS/TudQiATd24GRGnBwfXj39JPv5t3+ku9nmyDeMfPDt3s/nPW+3mP4W1+U+0mf8capO727F5/hfu96CZjrL53wdt579rN61GB/LaS40531By8VI5zca2lyPiRAztz+ob3M/5orByr95pY+v8L1uy9ptzwbwf9wf3P/6YmVKt9FRBt3hwM+K1tvPfZO34J22Of/Z8nO+yjWPpndc7bds8/p1V/znijbbH/9EdrWTj+5PjjfNhvHlWrPfPrWN/dGp/t+PPjv/BjeMfTVrv11a33sZPw/+lnbZt9/zfl3zeKO/L110r1WoLExH7kk/Wr5989Nhmvbl/Fv+J4xuPf+3O/wNZYncZ/62jt1p3Hd5a/Dsri39mS8d/64V7H3/5Y6f2uzv+bzdKJ/I13Yx/3XbwaZ47AAAAAAAA2GsKEXE4kkJxrVwoFIur7+84GgcL5Uq1dvJiZfHyTDQ+KzsaQ4Xmne6RlvdDTOTvh23WJ5+oT0XEkYj4buBAo16crpRndjt4AAAAAAAAAAAAAAAAAAAA2CMORQy3+/x/5s+B3e4dsOM2+Mpv4AXXOf/zLb34pidgT/L/H/qX/If+Jf+hf8l/6F/yH/qX/If+Jf+hf20l/385t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPnsqW+8vD6dFafubq0OFe5emomrc4V5xeni9OVhSvF2UpltpwWpyvzm/29cqVyZWIyFq+N19Jqbby6tHxhvrJ4uXbh0nxpNr2QDj2TqAAAAAAAAAAAAAAAAAAAAOD5Ul1aniuVy+mCgsK2CoN7oxsKPS7s9sgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/8HwAA///F1Dry")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000010000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

2.047792009s ago: executing program 1 (id=234):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8)
r0 = gettid()
timer_create(0x3, &(0x7f0000000180)={0x0, 0x17, 0x4, @tid=r0}, &(0x7f0000000080))
timer_settime(0x0, 0x236bd4336e4642df, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x1200052, &(0x7f00000003c0), 0x1, 0x7aa, &(0x7f0000000800)="$eJzs3d1rW+UfAPDvSZt2v24/W0Fw86ogaGEstbNuCl5MvBDBwUCv3Uqaldm0GU061lKYQwRvBB1eCHqza1/mnbe+3Oq/oDcisjG1G068kMhJkzVd0y7dmnTazwfO9jznPOn3fM/Lc57kHJIAdq3h9J9MxIGIeC+JGKzPTyIiWyv1RhxbaXdreSmfTklUq6/+ltTa3FxeykfTa1J765X9EfHN2xEHM+vjlhcWpyeKxcJcvT5amTk7Wl5YPHRmZmKqMFWYPTI2Pn746DNH+7cv1z++X9x37f2Xnvz82F9vPXrl3W+TOBb76sua89guwzFc3ybZdBOu8eJ2B9thyRbbb+Nu5T6kp2bPylkeB2Iwemql9rTfEgB4kFyIiCoAsMskrv8AsMs0Pge4ubyUT6fqhZ39PKLbrr8QEXtW8m/c31xZ0lu/Z7endh904Gay5n5HEhFD2xB/OCI+/vL1T9MpOnQfEqCVNy9GxKmh4Ub/v9r/JOueWVjR/p37p9poM3xHXf8H3fNVOv55dnX8t3r+ZW6Pf6LF+Ke/xbl7L4Yj+prr68//zNVtCLOhdPz3fHb12bZbTfnXDfXUa/+vjfmyyekzxULatz0UESOR7U/rY5vEGLnx9401M3pWi83jv98vvfFJGj/9f7VF5mrvHV3u5ERl4n7zbrh+MeKx3lb5J7f3f7LB+PdEmzFefu6djzZaluaf5tuY1ua/1afKtq56OeKJaJ1/Q7LZ84lHRmuHw2jjoGjhi58+HNgofvP+T6c0fuO9QDek+39g8/yHkubnNctbj/Hd5cGvN1p29/xbH/99yWu1cqPzOD9RqcyNRfQlr6yff3j1tY16o32a/8jjrc//zY7/9D3hqTbz773262f3nn9npflPbmn/b71w5dZ0z0bx29v/47XSSH1OO/1fuyt4P9sOAAAAAAAAAAAAAAAAAAAAAAAAANqViYh9kWRyt8uZTC638hvej8RAplgqVw6eLs3PTkbtt7KHIptpfNXlYNP3oY7Vvw+/UT98R/3piHg4Ij7o/1+tnsuXipM7nTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O3d4Pf/U7/07/TaAQAds+euLW4UurIiAEDX3P36DwD817j+A8Dus/n1P9u19QAAusf7fwDYfVz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6LATx4+nU/XP5aV8Wp88tzA/XTp3aLJQns7NzOdz+dLc2dxUqTRVLOTypZmml/7Q6u8VS6Wz4zE7f360UihXRssLiydnSvOzlZNnZiamCicL2a5lBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADtKy8sTk8Ui4W5jhT66lE6GGL3FaqDKxv1QVmfzhd+PvTj/s3aXOrwYdxcqF7Y6a3RpcJO9koAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/x7/BAAA//910CYH")
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1001f0)
rt_sigtimedwait(&(0x7f0000000000)={[0x7fffffff]}, 0x0, 0x0, 0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, 0x0, 0x38}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0xd, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r7}, 0x10)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000002c0)={r9}, 0x69)

2.047308978s ago: executing program 2 (id=235):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file0\x00', 0x20)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000100))
r4 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
ioctl$TCFLSH(r4, 0x400455c8, 0x1)
ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x400455c8, 0xf)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r5, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
write$binfmt_elf64(r5, &(0x7f0000000780)=ANY=[], 0x78)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r5, 0x6, 0x16, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f00000001c0), 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_mount_image$fuse(0x0, 0x0, 0x44000, 0x0, 0x1, 0x0, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'blkio'}]}, 0x7)

1.959309458s ago: executing program 3 (id=236):
socket$inet_udp(0x2, 0x2, 0x0) (async)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r0, &(0x7f00000070c0)=[{{&(0x7f00000009c0)={0x2, 0x4e22, @multicast2}, 0x10, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="7400000000000000000000000700000001861600000001070f"], 0x78}}], 0x1, 0x0)
syz_clone(0x800200, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(r0, 0x89f9, &(0x7f0000000e40)={'sit0\x00', &(0x7f0000000e00)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @dev={0xac, 0x14, 0x14, 0x29}, 0x3, 0xe}})
syz_usb_disconnect(0xffffffffffffffff)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x60b40, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$key(0xffffffffffffffff, 0x0, 0x1)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(0x0, 0x0) (async)
pipe2$9p(0x0, 0x0)
r2 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15) (async)
write$P9_RVERSION(r4, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
dup(r4) (async)
r5 = dup(r4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r5, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x4000, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])
mount$incfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0) (async)
mount$incfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect(0x3, 0x42d, &(0x7f0000000500)={{0x12, 0x1, 0x110, 0x78, 0xa8, 0x37, 0x10, 0x1bc7, 0x1102, 0xe0fc, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x41b, 0x1, 0x8, 0xa5, 0x50, 0x6, [{{0x9, 0x4, 0x4c, 0x51, 0x9, 0xff, 0x66, 0x8c, 0x34, [@hid_hid={0x9, 0x21, 0x1, 0xfc, 0x1, {0x22, 0x10}}, @cdc_ecm={{0xa, 0x24, 0x6, 0x0, 0x0, "a3cbd14f42"}, {0x5, 0x24, 0x0, 0x1}, {0xd, 0x24, 0xf, 0x1, 0x644, 0x100, 0x7, 0x6}, [@network_terminal={0x7, 0x24, 0xa, 0x9, 0x20, 0x2, 0x7}]}], [{{0x9, 0x5, 0x3, 0x1, 0x20, 0x6, 0xa, 0x3, [@generic={0x79, 0x3, "519f3fceaf777b6dda3bbcf5ae9c1ac3fe0a5221d5527f32e888ec9e62d1b96c31fa103b8f361d761f36d8b77724a0eb18e11436ecd98a8ea8cde6a1e7943ea6b0c3f8bcfb245436a15afbfbd33c0cbca69d9ff6938c129212090f4f9a670480d55a28fbc5b3517c2d08f75994de5a0665a8eacb897f46"}]}}, {{0x9, 0x5, 0xa, 0x0, 0x440, 0xa, 0x7, 0x1, [@generic={0xaa, 0x5, "0e07c5a1e04981b99cfa23593e8c083a4ab0d727363262505074404cd6e049b3ec9b4a3711973b3be32ecd8663e14fb4ce2ac8a7d0451d70593432cc658ffa21846e4a6dfd42a244c6340c4096b6b8ff54651837a9545b943f3f9d27f3192f67384d41ef4fa7efa9f949ab685209e8c5d2319d45e5a25c15b48b49649bf5551b6f62d5be818e1ef51aa115994f9bdeccbc17c3b580a2cb0e2d4298e73ca7d77c92480cf4dd80a226"}]}}, {{0x9, 0x5, 0xf, 0x0, 0x400, 0x5, 0x8}}, {{0x9, 0x5, 0x6, 0x1, 0x200, 0x6, 0xde, 0x80}}, {{0x9, 0x5, 0x0, 0x0, 0x3ff, 0x2, 0x8, 0x90}}, {{0x9, 0x5, 0x0, 0x13, 0x40, 0x40, 0x5, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0xc0, 0x2, 0x200}]}}, {{0x9, 0x5, 0x6, 0x3, 0x20, 0xb3, 0x5, 0x7, [@generic={0xe5, 0xd, "f9979f3c4395edd323b55e2f83e33e6810ccbc3e26fa47d3b296fe91cbb6fba0c26e4b1f73fdd887c3e030a3e2e46aab1453b222e058488dc690415cf981fed39ef51d65103f55c04cbf7a0f3e5b7ed561c70cba0ba28df0a6f21f41e98af8fff003e86bceb27a4325a378e196d51a7c9697dafa826c23a175e54dc04b4e85452ae04e869bca2c2b1960bcf87ebc239a1f655aa798168ea18d50b90614db64a1b6e0e668828d74513c820d236821cb01a270fba26694b5d6da520a462064a4d8259a538f0d9cc5e689f8d899206141ae9d7d1b71e212a7bac81956cbedec2977a7a317"}, @generic={0xca, 0x31, "08244e330268ccc573b2a35939464c1c160833dbc4f20581cad1243c603a944eae6acd3f176b49e7147c906bce1cd7a1f97abbf5d6a44cb0eb0cac5d28226664285a728740be32c8805140626782e5659fed50e1ad4e5919e62f20efff46c5e4a775302b532e32355d0338336fefb4f8c8502eab25c40ac0556673f597d96bc551de2e6f9a5b05b774b4324e6f984013dbb65557a99a8bb27c101bbcbe7f41a1648301ce2811390d901f8307d40296f305057299a43c462add4a37b881ad44e8a5bf451cf00fb5d4"}]}}, {{0x9, 0x5, 0x1, 0x18, 0x20, 0x4, 0x7, 0xd, [@generic={0xac, 0x3, "6d6419e2b76335287d6e37d2a7e60ad98549a17ed641ac7d6761342f5d17eb7820501938e4443f0c962692e493c2c604e615985e1956decd4f08054de13deb18142ef07316cf4ba5e422bf048efe9b896f2c6b1b0a1ac70ba8d9682f8c8c1135bac68fedd3ba759127f69b68c12d921e06e3e403524a0344588baf5a3924eace6f78f2f10b57244ee47bac8f96bbf28149e64fae46a82dd8fd9008d9cf3208a6252b718dba1150c9e4f6"}]}}, {{0x9, 0x5, 0x4, 0x1, 0x40, 0x6, 0x6, 0xe6, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x0, 0x6}]}}]}}]}}]}}, &(0x7f0000000d40)={0xa, &(0x7f0000000280)={0xa, 0x6, 0x200, 0x80, 0x6, 0x3, 0x40, 0x1}, 0x5, &(0x7f00000002c0)={0x5, 0xf, 0x5}, 0xa, [{0x4, &(0x7f0000000300)=@lang_id={0x4, 0x3, 0x408}}, {0x53, &(0x7f0000000340)=@string={0x53, 0x3, "c7f04108d616d013c4b9a0cf83ff310087e71b87e5cf0fbe974a52b78a36bcb95d1994f3b15e45a34fb6676f6a47fb7fbb078af641972edfe9a170d20fe97c35a2b2b2979966c721bfa613cd289b32f459"}}, {0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x801}}, {0x94, &(0x7f0000000400)=@string={0x94, 0x3, "29772cb43313e8d80820638cde51f2c358ef71a46dd2e3ec095ebf282fc5485e36a2653b08a26c5593add7690e910058038f1a8d64d127776cd4f43df6b568d247a0cd4ec41533deb3c457ee48336813cb10d5039e548ba25604e433088c46f55f0ca80c052c9f68aa757000c9391e64ff9f529f13ab6bd5d55d10ac6a3304f10705aedc045ab376a808ba8a60501b71ba7b"}}, {0x65, &(0x7f0000000940)=@string={0x65, 0x3, "db36b9e5aeee55c4944e07715afa5fb6a83d3228318a9c94eed7668d82129b4e67d8da92806ddf918b9464108d6b92c7f4f18d987aec04a80de18a84c5ee73017874f05f473aae6810f3fe167a35286ba3d8f9fb6308660fa8a4b6cf870e27fc541670"}}, {0xdf, &(0x7f0000000a00)=@string={0xdf, 0x3, "47fd85b31e6d7927c2a54e2d66279eb83914bc39f2b91a2981372177415a2e59f8113a2c5dbd8101d360202e0acd13e80763c5a000c577ced7719dc79f74b76b69878f1c2cc21f98b764408f6ace1dac033a08ce606ccbf917e1050e5a32a1be186d0434bfd10dcd7d93615b0882ed08f284f6c89a8e4f12ef16f01d9dd8c6ca273eced25b4639d6dd62906f60754e2ac4120871aa29b2ec88cf508b094cfeea01f28ee788af0259b851790d7a2c948625179602dda3fb95368165909cfe0f6ec3a61c74807a333e5d08ec04b2a9a8913f91d5ddb8c4d21f13f0fcab46"}}, {0xbc, &(0x7f0000000b00)=@string={0xbc, 0x3, "51b4b21bab26b4892148c206c98ad7de10b24a53932fe64b5c3eb05238f9594518139777502fd26ae6836c2d3ff68b462e853b0688010c91b50cc4b079554370d175970c4d0ddbdf7cc5c7f8c29ec3400db9e8644778426b8eff17ab3ee5f8f1e0fb43b3770f683e39be874587859305ba8475036b8c029f8b5a96fc754dd57a67bc027355a401384492edac25651707dfa9a292b5f9d6dc538a8aceca4c3f94ea31d03dfaa4a59ced5a2c2fd91ecdb7595c362c6eb043b257cd"}}, {0x4, &(0x7f0000000bc0)=@lang_id={0x4, 0x3, 0x1001}}, {0x4, &(0x7f0000000c00)=@lang_id={0x4, 0x3, 0x816}}, {0xcc, &(0x7f0000000c40)=@string={0xcc, 0x3, "3db512b612c89286dc3ba4b0bc35ad1606728ae632bfa3070942643facf1655ad51d746e63f8bb872ce60813bb18996ee6ae9a984440b1e1127848c71cab870b964d4b78cfb7d218ed03875c6d6fd03717cb5dd9df506bada90a3c6d18738ec84ce627d1bfd29a2632c5b808adfd67f04bbecb8bf057bcf1cdcd7df29a2a2ff8c8588636cdf596640b0ec682cb3fc4ff7561d291c25687ef11d0eb503c67f1087ebbe78aaec0680a6aafcb25d8e6ad5dae4dce8218b9d9f1ef2a2d3151ccf28134b5af6192b459761c9d"}}]}) (async)
syz_usb_connect(0x3, 0x42d, &(0x7f0000000500)={{0x12, 0x1, 0x110, 0x78, 0xa8, 0x37, 0x10, 0x1bc7, 0x1102, 0xe0fc, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x41b, 0x1, 0x8, 0xa5, 0x50, 0x6, [{{0x9, 0x4, 0x4c, 0x51, 0x9, 0xff, 0x66, 0x8c, 0x34, [@hid_hid={0x9, 0x21, 0x1, 0xfc, 0x1, {0x22, 0x10}}, @cdc_ecm={{0xa, 0x24, 0x6, 0x0, 0x0, "a3cbd14f42"}, {0x5, 0x24, 0x0, 0x1}, {0xd, 0x24, 0xf, 0x1, 0x644, 0x100, 0x7, 0x6}, [@network_terminal={0x7, 0x24, 0xa, 0x9, 0x20, 0x2, 0x7}]}], [{{0x9, 0x5, 0x3, 0x1, 0x20, 0x6, 0xa, 0x3, [@generic={0x79, 0x3, "519f3fceaf777b6dda3bbcf5ae9c1ac3fe0a5221d5527f32e888ec9e62d1b96c31fa103b8f361d761f36d8b77724a0eb18e11436ecd98a8ea8cde6a1e7943ea6b0c3f8bcfb245436a15afbfbd33c0cbca69d9ff6938c129212090f4f9a670480d55a28fbc5b3517c2d08f75994de5a0665a8eacb897f46"}]}}, {{0x9, 0x5, 0xa, 0x0, 0x440, 0xa, 0x7, 0x1, [@generic={0xaa, 0x5, "0e07c5a1e04981b99cfa23593e8c083a4ab0d727363262505074404cd6e049b3ec9b4a3711973b3be32ecd8663e14fb4ce2ac8a7d0451d70593432cc658ffa21846e4a6dfd42a244c6340c4096b6b8ff54651837a9545b943f3f9d27f3192f67384d41ef4fa7efa9f949ab685209e8c5d2319d45e5a25c15b48b49649bf5551b6f62d5be818e1ef51aa115994f9bdeccbc17c3b580a2cb0e2d4298e73ca7d77c92480cf4dd80a226"}]}}, {{0x9, 0x5, 0xf, 0x0, 0x400, 0x5, 0x8}}, {{0x9, 0x5, 0x6, 0x1, 0x200, 0x6, 0xde, 0x80}}, {{0x9, 0x5, 0x0, 0x0, 0x3ff, 0x2, 0x8, 0x90}}, {{0x9, 0x5, 0x0, 0x13, 0x40, 0x40, 0x5, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0xc0, 0x2, 0x200}]}}, {{0x9, 0x5, 0x6, 0x3, 0x20, 0xb3, 0x5, 0x7, [@generic={0xe5, 0xd, "f9979f3c4395edd323b55e2f83e33e6810ccbc3e26fa47d3b296fe91cbb6fba0c26e4b1f73fdd887c3e030a3e2e46aab1453b222e058488dc690415cf981fed39ef51d65103f55c04cbf7a0f3e5b7ed561c70cba0ba28df0a6f21f41e98af8fff003e86bceb27a4325a378e196d51a7c9697dafa826c23a175e54dc04b4e85452ae04e869bca2c2b1960bcf87ebc239a1f655aa798168ea18d50b90614db64a1b6e0e668828d74513c820d236821cb01a270fba26694b5d6da520a462064a4d8259a538f0d9cc5e689f8d899206141ae9d7d1b71e212a7bac81956cbedec2977a7a317"}, @generic={0xca, 0x31, "08244e330268ccc573b2a35939464c1c160833dbc4f20581cad1243c603a944eae6acd3f176b49e7147c906bce1cd7a1f97abbf5d6a44cb0eb0cac5d28226664285a728740be32c8805140626782e5659fed50e1ad4e5919e62f20efff46c5e4a775302b532e32355d0338336fefb4f8c8502eab25c40ac0556673f597d96bc551de2e6f9a5b05b774b4324e6f984013dbb65557a99a8bb27c101bbcbe7f41a1648301ce2811390d901f8307d40296f305057299a43c462add4a37b881ad44e8a5bf451cf00fb5d4"}]}}, {{0x9, 0x5, 0x1, 0x18, 0x20, 0x4, 0x7, 0xd, [@generic={0xac, 0x3, "6d6419e2b76335287d6e37d2a7e60ad98549a17ed641ac7d6761342f5d17eb7820501938e4443f0c962692e493c2c604e615985e1956decd4f08054de13deb18142ef07316cf4ba5e422bf048efe9b896f2c6b1b0a1ac70ba8d9682f8c8c1135bac68fedd3ba759127f69b68c12d921e06e3e403524a0344588baf5a3924eace6f78f2f10b57244ee47bac8f96bbf28149e64fae46a82dd8fd9008d9cf3208a6252b718dba1150c9e4f6"}]}}, {{0x9, 0x5, 0x4, 0x1, 0x40, 0x6, 0x6, 0xe6, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x0, 0x6}]}}]}}]}}]}}, &(0x7f0000000d40)={0xa, &(0x7f0000000280)={0xa, 0x6, 0x200, 0x80, 0x6, 0x3, 0x40, 0x1}, 0x5, &(0x7f00000002c0)={0x5, 0xf, 0x5}, 0xa, [{0x4, &(0x7f0000000300)=@lang_id={0x4, 0x3, 0x408}}, {0x53, &(0x7f0000000340)=@string={0x53, 0x3, "c7f04108d616d013c4b9a0cf83ff310087e71b87e5cf0fbe974a52b78a36bcb95d1994f3b15e45a34fb6676f6a47fb7fbb078af641972edfe9a170d20fe97c35a2b2b2979966c721bfa613cd289b32f459"}}, {0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x801}}, {0x94, &(0x7f0000000400)=@string={0x94, 0x3, "29772cb43313e8d80820638cde51f2c358ef71a46dd2e3ec095ebf282fc5485e36a2653b08a26c5593add7690e910058038f1a8d64d127776cd4f43df6b568d247a0cd4ec41533deb3c457ee48336813cb10d5039e548ba25604e433088c46f55f0ca80c052c9f68aa757000c9391e64ff9f529f13ab6bd5d55d10ac6a3304f10705aedc045ab376a808ba8a60501b71ba7b"}}, {0x65, &(0x7f0000000940)=@string={0x65, 0x3, "db36b9e5aeee55c4944e07715afa5fb6a83d3228318a9c94eed7668d82129b4e67d8da92806ddf918b9464108d6b92c7f4f18d987aec04a80de18a84c5ee73017874f05f473aae6810f3fe167a35286ba3d8f9fb6308660fa8a4b6cf870e27fc541670"}}, {0xdf, &(0x7f0000000a00)=@string={0xdf, 0x3, "47fd85b31e6d7927c2a54e2d66279eb83914bc39f2b91a2981372177415a2e59f8113a2c5dbd8101d360202e0acd13e80763c5a000c577ced7719dc79f74b76b69878f1c2cc21f98b764408f6ace1dac033a08ce606ccbf917e1050e5a32a1be186d0434bfd10dcd7d93615b0882ed08f284f6c89a8e4f12ef16f01d9dd8c6ca273eced25b4639d6dd62906f60754e2ac4120871aa29b2ec88cf508b094cfeea01f28ee788af0259b851790d7a2c948625179602dda3fb95368165909cfe0f6ec3a61c74807a333e5d08ec04b2a9a8913f91d5ddb8c4d21f13f0fcab46"}}, {0xbc, &(0x7f0000000b00)=@string={0xbc, 0x3, "51b4b21bab26b4892148c206c98ad7de10b24a53932fe64b5c3eb05238f9594518139777502fd26ae6836c2d3ff68b462e853b0688010c91b50cc4b079554370d175970c4d0ddbdf7cc5c7f8c29ec3400db9e8644778426b8eff17ab3ee5f8f1e0fb43b3770f683e39be874587859305ba8475036b8c029f8b5a96fc754dd57a67bc027355a401384492edac25651707dfa9a292b5f9d6dc538a8aceca4c3f94ea31d03dfaa4a59ced5a2c2fd91ecdb7595c362c6eb043b257cd"}}, {0x4, &(0x7f0000000bc0)=@lang_id={0x4, 0x3, 0x1001}}, {0x4, &(0x7f0000000c00)=@lang_id={0x4, 0x3, 0x816}}, {0xcc, &(0x7f0000000c40)=@string={0xcc, 0x3, "3db512b612c89286dc3ba4b0bc35ad1606728ae632bfa3070942643facf1655ad51d746e63f8bb872ce60813bb18996ee6ae9a984440b1e1127848c71cab870b964d4b78cfb7d218ed03875c6d6fd03717cb5dd9df506bada90a3c6d18738ec84ce627d1bfd29a2632c5b808adfd67f04bbecb8bf057bcf1cdcd7df29a2a2ff8c8588636cdf596640b0ec682cb3fc4ff7561d291c25687ef11d0eb503c67f1087ebbe78aaec0680a6aafcb25d8e6ad5dae4dce8218b9d9f1ef2a2d3151ccf28134b5af6192b459761c9d"}}]})
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CHANNEL(r7, &(0x7f0000000240)={&(0x7f0000000040), 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x54, r8, 0x400, 0x70bd25, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x3}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x9a3}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16df}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x4}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16f3}]}, 0x54}, 0x1, 0x0, 0x0, 0x874a025e6cd7d18c}, 0x10) (async)
sendmsg$NL80211_CMD_SET_CHANNEL(r7, &(0x7f0000000240)={&(0x7f0000000040), 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x54, r8, 0x400, 0x70bd25, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x3}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x9a3}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16df}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x4}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16f3}]}, 0x54}, 0x1, 0x0, 0x0, 0x874a025e6cd7d18c}, 0x10)
writev(r1, &(0x7f0000000100)=[{&(0x7f00000000c0)="4c9b791504fd11f8893a1e25adf5", 0xe}], 0x1)

706.411273ms ago: executing program 2 (id=237):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x18)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
pwrite64(r1, &(0x7f0000000080)='3', 0x1, 0x0)

695.965843ms ago: executing program 1 (id=238):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x9)
epoll_create1(0x0)
listen(r1, 0xfff)
syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
dup(r0)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x401, 0x0, 0x4, 0x200}})

344.191072ms ago: executing program 2 (id=239):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r1}, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000140)=@x86={0x4, 0x1, 0x9, 0x0, 0x1, 0x5, 0x7, 0x7, 0x3, 0x9c, 0xa, 0x7, 0x0, 0x7, 0x0, 0x10, 0x2, 0x6, 0xd, '\x00', 0x8, 0x1})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004000)={&(0x7f0000000600)=@newtaction={0x84, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x1100}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}]]}, {0x2}, {0xc}, {0xc}}}]}]}, 0x84}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r6}, 0x10)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r7, 0x400, 0x0)
fsetxattr$trusted_overlay_redirect(r7, &(0x7f0000000040), 0x0, 0x0, 0x0)

149.379071ms ago: executing program 4 (id=240):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
unshare(0x20000)
unshare(0x64000600)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x80049367, &(0x7f0000000600))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
process_vm_readv(r1, &(0x7f00000003c0)=[{&(0x7f0000000300)=""/184, 0xb8}, {&(0x7f0000000c00)=""/4096, 0x1000}], 0x2, &(0x7f00000004c0)=[{&(0x7f0000000780)=""/187, 0xbb}, {&(0x7f0000000840)=""/143, 0x8f}, {&(0x7f0000000400)=""/18, 0x12}], 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000003000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000095366f7600772615921272671400"/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4}, 0x0, &(0x7f00000002c0)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x480, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x27)
sendto$inet6(r0, 0x0, 0x0, 0x2200c851, 0x0, 0x0)
pipe(0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020641700000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x42002, 0x180)
write$cgroup_int(r8, &(0x7f00000001c0)=0x700, 0x12)
syz_clone(0x0, 0x0, 0x44, 0x0, 0x0, 0x0)

0s ago: executing program 2 (id=241):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f00000000c0)=0x9, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000440)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
io_setup(0x5, &(0x7f0000000a40)=<r1=>0x0)
io_submit(r1, 0x2, &(0x7f0000000a00)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x6}, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x3, 0xb6c, 0xffffffffffffffff, &(0x7f00000008c0)="9b879c8636c7a8540188bb03ec58dd613d1cc32d9a151ea748d88fb0051ee801d29f187213b9f1456b2d70de82090c1a4994e33615daeadee805eba5b7fc58028919cdfadf1b2ac94ee467dd369f1fbe415d331aa7be57e7a17e8e196c9b7b1894770c71d8179491f8fe766fa8cbc58e3af14e9fd55a16730f198af92fe2cc0c2e0f6979696a3cb1a4f291f19aa3abbbad4c1374f41d3576ba4fd953dd2c5fdd77f58686cfdf4039318ca9338c2fb825e935e4364971cda6479bbdfdf3a4fc9750f918fd3131ec1ff72fb9ea78c11a503e64ecb80cf280b8af832eb3d6b3899e21839ab772fce7fe37062b5a6715f0d6", 0xf0, 0xfffffffeffffffff, 0x0, 0x2}])

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.10.2' (ED25519) to the list of known hosts.
[   18.712283][   T28] audit: type=1400 audit(1734297716.913:66): avc:  denied  { mounton } for  pid=280 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   18.713468][  T280] cgroup: Unknown subsys name 'net'
[   18.715406][   T28] audit: type=1400 audit(1734297716.913:67): avc:  denied  { mount } for  pid=280 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   18.719062][   T28] audit: type=1400 audit(1734297716.923:68): avc:  denied  { unmount } for  pid=280 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   18.719188][  T280] cgroup: Unknown subsys name 'devices'
[   18.838220][  T280] cgroup: Unknown subsys name 'hugetlb'
[   18.843615][  T280] cgroup: Unknown subsys name 'rlimit'
[   18.975590][   T28] audit: type=1400 audit(1734297717.173:69): avc:  denied  { setattr } for  pid=280 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   18.998637][   T28] audit: type=1400 audit(1734297717.173:70): avc:  denied  { mounton } for  pid=280 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   19.011711][  T283] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   19.023444][   T28] audit: type=1400 audit(1734297717.173:71): avc:  denied  { mount } for  pid=280 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   19.054450][   T28] audit: type=1400 audit(1734297717.243:72): avc:  denied  { relabelto } for  pid=283 comm="mkswap" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   19.057412][  T280] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   19.079848][   T28] audit: type=1400 audit(1734297717.243:73): avc:  denied  { write } for  pid=283 comm="mkswap" path="/root/swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   19.113455][   T28] audit: type=1400 audit(1734297717.263:74): avc:  denied  { read } for  pid=280 comm="syz-executor" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   19.138734][   T28] audit: type=1400 audit(1734297717.263:75): avc:  denied  { open } for  pid=280 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   20.380909][  T290] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.387809][  T290] bridge0: port 1(bridge_slave_0) entered disabled state
[   20.394878][  T290] device bridge_slave_0 entered promiscuous mode
[   20.403354][  T290] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.410253][  T290] bridge0: port 2(bridge_slave_1) entered disabled state
[   20.417424][  T290] device bridge_slave_1 entered promiscuous mode
[   20.451393][  T292] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.458268][  T292] bridge0: port 1(bridge_slave_0) entered disabled state
[   20.465444][  T292] device bridge_slave_0 entered promiscuous mode
[   20.474035][  T292] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.480909][  T292] bridge0: port 2(bridge_slave_1) entered disabled state
[   20.488175][  T292] device bridge_slave_1 entered promiscuous mode
[   20.526990][  T294] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.533835][  T294] bridge0: port 1(bridge_slave_0) entered disabled state
[   20.541048][  T294] device bridge_slave_0 entered promiscuous mode
[   20.560136][  T294] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.566994][  T294] bridge0: port 2(bridge_slave_1) entered disabled state
[   20.574061][  T294] device bridge_slave_1 entered promiscuous mode
[   20.620662][  T291] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.627637][  T291] bridge0: port 1(bridge_slave_0) entered disabled state
[   20.634749][  T291] device bridge_slave_0 entered promiscuous mode
[   20.648991][  T291] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.655827][  T291] bridge0: port 2(bridge_slave_1) entered disabled state
[   20.663097][  T291] device bridge_slave_1 entered promiscuous mode
[   20.698904][  T293] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.705743][  T293] bridge0: port 1(bridge_slave_0) entered disabled state
[   20.712963][  T293] device bridge_slave_0 entered promiscuous mode
[   20.734172][  T293] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.741222][  T293] bridge0: port 2(bridge_slave_1) entered disabled state
[   20.749635][  T293] device bridge_slave_1 entered promiscuous mode
[   20.817538][  T292] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.824380][  T292] bridge0: port 2(bridge_slave_1) entered forwarding state
[   20.831503][  T292] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.838277][  T292] bridge0: port 1(bridge_slave_0) entered forwarding state
[   20.854223][  T290] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.861081][  T290] bridge0: port 2(bridge_slave_1) entered forwarding state
[   20.868176][  T290] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.874953][  T290] bridge0: port 1(bridge_slave_0) entered forwarding state
[   20.895425][  T294] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.902284][  T294] bridge0: port 2(bridge_slave_1) entered forwarding state
[   20.909372][  T294] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.916149][  T294] bridge0: port 1(bridge_slave_0) entered forwarding state
[   20.981380][  T291] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.988248][  T291] bridge0: port 2(bridge_slave_1) entered forwarding state
[   20.995322][  T291] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.002141][  T291] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.013756][  T293] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.020609][  T293] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.027710][  T293] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.034479][  T293] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.043976][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.051092][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   21.058557][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.065472][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.072882][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.079821][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.086932][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.094071][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.101131][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.108056][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.114888][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.139341][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   21.147131][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   21.155028][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.161785][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.169522][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   21.177637][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.184462][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.191719][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   21.198967][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   21.206074][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   21.227626][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   21.235292][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   21.243347][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.250186][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.257494][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   21.265409][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.272243][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.279534][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   21.287715][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.294528][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.306776][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   21.314695][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.321529][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.337236][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   21.344919][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   21.352269][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   21.372803][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   21.380912][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   21.389091][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.395916][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.403157][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   21.412274][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   21.420184][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   21.428120][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   21.436569][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   21.444704][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   21.452727][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.459572][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.471852][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   21.480023][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   21.499339][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   21.506767][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   21.513946][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   21.522484][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   21.530635][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.537492][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.544818][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   21.552933][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   21.560905][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.567736][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.574954][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   21.583092][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   21.592429][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   21.600588][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   21.612783][  T292] device veth0_vlan entered promiscuous mode
[   21.623595][  T290] device veth0_vlan entered promiscuous mode
[   21.636000][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   21.643932][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   21.651818][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   21.659636][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   21.667734][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   21.675302][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   21.683116][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   21.690993][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   21.698798][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   21.706666][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   21.714382][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   21.721734][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   21.728979][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   21.736128][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   21.743428][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   21.750631][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   21.759331][  T294] device veth0_vlan entered promiscuous mode
[   21.772477][  T290] device veth1_macvtap entered promiscuous mode
[   21.781629][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   21.789759][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   21.797978][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   21.805819][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   21.813943][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   21.821529][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   21.829646][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   21.837713][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   21.845453][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   21.854084][  T294] device veth1_macvtap entered promiscuous mode
[   21.868007][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   21.875444][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   21.883628][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   21.891766][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   21.899998][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   21.914739][  T293] device veth0_vlan entered promiscuous mode
[   21.926005][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   21.933884][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   21.941247][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   21.948641][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   21.957278][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   21.965321][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   21.973470][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   21.981661][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   21.989806][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   21.997973][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   22.005834][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.014642][  T292] device veth1_macvtap entered promiscuous mode
[   22.029635][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   22.037158][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   22.045308][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   22.055744][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.069664][  T294] request_module fs-gadgetfs succeeded, but still no fs?
[   22.072975][  T293] device veth1_macvtap entered promiscuous mode
[   22.085597][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   22.095838][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   22.106723][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   22.114297][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   22.123606][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   22.130889][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   22.146988][  T291] device veth0_vlan entered promiscuous mode
[   22.172534][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   22.182128][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   22.190985][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   22.199221][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   22.207849][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   22.215832][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   22.237783][  T291] device veth1_macvtap entered promiscuous mode
[   22.249064][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.287923][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   22.301037][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   22.316643][  T328] loop3: detected capacity change from 0 to 256
[   22.325698][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   22.346337][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   22.422904][  T332] loop2: detected capacity change from 0 to 512
[   22.496334][   T24] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   23.557448][  T341] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=341 comm=syz.3.4
[   23.611651][  T332] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.3: casefold flag without casefold feature
[   23.624932][  T332] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.3: couldn't read orphan inode 15 (err -117)
[   23.637170][  T332] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   23.762183][   T28] kauditd_printk_skb: 35 callbacks suppressed
[   23.762197][   T28] audit: type=1400 audit(1734297721.843:111): avc:  denied  { mount } for  pid=324 comm="syz.2.3" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   23.816111][  T343] syz.1.2[343] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   23.816512][  T343] syz.1.2[343] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   23.819783][   T28] audit: type=1400 audit(1734297721.963:112): avc:  denied  { write } for  pid=324 comm="syz.2.3" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   23.829134][   T24] usb 5-1: Using ep0 maxpacket: 8
[   23.838422][   T28] audit: type=1400 audit(1734297721.963:113): avc:  denied  { add_name } for  pid=324 comm="syz.2.3" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   23.897907][   T24] usb 5-1: New USB device found, idVendor=1a0a, idProduct=0103, bcdDevice=ad.1d
[   23.909121][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   23.920437][   T24] usb 5-1: Product: syz
[   23.925401][   T28] audit: type=1400 audit(1734297721.963:114): avc:  denied  { create } for  pid=324 comm="syz.2.3" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   23.983213][  T292] EXT4-fs (loop2): unmounting filesystem.
[   23.990809][   T24] usb 5-1: Manufacturer: syz
[   23.995264][   T24] usb 5-1: SerialNumber: syz
[   24.006465][   T24] usb 5-1: config 0 descriptor??
[   24.019665][   T24] usb_ehset_test: probe of 5-1:0.0 failed with error -32
[   24.048612][   T28] audit: type=1400 audit(1734297722.003:115): avc:  denied  { mounton } for  pid=324 comm="syz.2.3" path="/0/file0/file0" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   24.070892][   T28] audit: type=1400 audit(1734297722.003:116): avc:  denied  { write } for  pid=324 comm="syz.2.3" name="file0" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   24.092324][   T28] audit: type=1400 audit(1734297722.003:117): avc:  denied  { add_name } for  pid=324 comm="syz.2.3" name="work" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   24.122197][   T28] audit: type=1400 audit(1734297722.003:118): avc:  denied  { setattr } for  pid=324 comm="syz.2.3" name="work" dev="loop2" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   24.172111][   T28] audit: type=1400 audit(1734297722.003:119): avc:  denied  { write open } for  pid=324 comm="syz.2.3" path=2F202864656C6574656429 dev="loop2" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   24.215332][   T28] audit: type=1400 audit(1734297722.003:120): avc:  denied  { create } for  pid=324 comm="syz.2.3" name="#1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   24.280188][   T24] usb 5-1: USB disconnect, device number 2
[   24.824590][  T354] bridge0: port 3(syz_tun) entered blocking state
[   24.851761][  T354] bridge0: port 3(syz_tun) entered disabled state
[   24.884304][  T354] device syz_tun entered promiscuous mode
[   24.904015][  T354] bridge0: port 3(syz_tun) entered blocking state
[   24.910284][  T354] bridge0: port 3(syz_tun) entered forwarding state
[   24.958897][  T357] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[   25.012386][  T357] syz.4.8 (357) used greatest stack depth: 22224 bytes left
[   25.103282][  T331] syz.0.1 (331) used greatest stack depth: 20528 bytes left
[   25.331493][  T363] overlayfs: upper fs does not support RENAME_WHITEOUT.
[   25.359469][  T363] overlayfs: failed to set xattr on upper
[   25.396333][  T363] overlayfs: failed to resolve './file0': -2
[   26.083643][  T371] loop4: detected capacity change from 0 to 40427
[   26.106262][  T371] F2FS-fs (loop4): invalid crc value
[   26.135783][  T371] F2FS-fs (loop4): Found nat_bits in checkpoint
[   26.168337][  T350] loop2: detected capacity change from 0 to 262144
[   26.181590][  T378] syz.3.14[378] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   26.181661][  T378] syz.3.14[378] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   26.183431][  T350] F2FS-fs (loop2): invalid crc value
[   26.297141][  T371] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[   26.326147][  T350] F2FS-fs (loop2): Found nat_bits in checkpoint
[   26.348037][  T378] loop3: detected capacity change from 0 to 2048
[   26.394291][  T378] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   26.399906][  T350] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[   26.415451][  T378] netlink: 40 bytes leftover after parsing attributes in process `syz.3.14'.
[   26.449793][  T293] EXT4-fs (loop3): unmounting filesystem.
[   26.576690][  T397] loop3: detected capacity change from 0 to 2048
[   26.583046][  T397] =======================================================
[   26.583046][  T397] WARNING: The mand mount option has been deprecated and
[   26.583046][  T397]          and is ignored by this kernel. Remove the mand
[   26.583046][  T397]          option from the mount to silence this warning.
[   26.583046][  T397] =======================================================
[   26.904274][    T6] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   26.989937][  T397] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   27.126254][    T6] usb 2-1: Using ep0 maxpacket: 16
[   27.132470][    T6] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[   27.141314][    T6] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   27.279637][  T407] Driver unsupported XDP return value 0 on prog  (id 15) dev N/A, expect packet loss!
[   27.486232][    T6] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[   27.504998][  T293] EXT4-fs (loop3): unmounting filesystem.
[   27.512579][    T6] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   27.526525][    T6] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   27.544531][    T6] usb 2-1: Product: syz
[   27.554759][    T6] usb 2-1: Manufacturer: syz
[   27.559684][    T6] usb 2-1: SerialNumber: syz
[   27.598353][  T411] device veth0_to_team entered promiscuous mode
[   27.753551][   T39] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   27.962139][   T39] usb 5-1: Using ep0 maxpacket: 32
[   27.970539][   T39] usb 5-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[   27.987264][   T39] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   28.012266][  T411] loop2: detected capacity change from 0 to 40427
[   28.031453][  T411] F2FS-fs (loop2): invalid crc value
[   28.033017][   T39] usb 5-1: Product: syz
[   28.039224][  T411] F2FS-fs (loop2): Found nat_bits in checkpoint
[   28.040671][   T39] usb 5-1: Manufacturer: syz
[   28.052293][   T39] usb 5-1: SerialNumber: syz
[   28.052440][    T6] usb 2-1: 0:2 : does not exist
[   28.059982][   T39] usb 5-1: config 0 descriptor??
[   28.086143][  T411] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   28.203744][  T422] input: syz0 as /devices/virtual/input/input4
[   28.454896][  T292] syz-executor: attempt to access beyond end of device
[   28.454896][  T292] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   28.558175][  T430] loop2: detected capacity change from 0 to 512
[   28.572774][  T430] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   28.585838][  T430] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   28.598708][  T430] EXT4-fs (loop2): 1 orphan inode deleted
[   28.604278][  T430] EXT4-fs (loop2): 1 truncate cleaned up
[   28.619353][  T430] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   28.706214][   T24] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   28.883784][   T28] kauditd_printk_skb: 82 callbacks suppressed
[   28.883799][   T28] audit: type=1400 audit(1734297727.083:203): avc:  denied  { write } for  pid=429 comm="syz.2.24" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   28.916473][   T39] (unnamed net_device) (uninitialized): Assigned a random MAC address: 66:58:98:53:fd:2e
[   28.927259][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[   28.944785][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[   28.957499][   T39] rtl8150 5-1:0.0: eth1: rtl8150 is detected
[   28.971330][   T28] audit: type=1400 audit(1734297727.173:204): avc:  denied  { read } for  pid=141 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[   28.983747][   T39] usb 5-1: USB disconnect, device number 3
[   29.000430][   T24] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[   29.004151][   T28] audit: type=1400 audit(1734297727.173:205): avc:  denied  { search } for  pid=141 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   29.028883][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   29.030650][   T28] audit: type=1400 audit(1734297727.173:206): avc:  denied  { read } for  pid=141 comm="dhcpcd" name="n15" dev="tmpfs" ino=657 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   29.054991][   T24] usb 1-1: Product: syz
[   29.079911][   T24] usb 1-1: Manufacturer: syz
[   29.084333][   T24] usb 1-1: SerialNumber: syz
[   29.102821][   T28] audit: type=1400 audit(1734297727.173:207): avc:  denied  { open } for  pid=141 comm="dhcpcd" path="/run/udev/data/n15" dev="tmpfs" ino=657 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   29.130766][   T24] usb 1-1: config 0 descriptor??
[   29.132909][   T28] audit: type=1400 audit(1734297727.173:208): avc:  denied  { getattr } for  pid=141 comm="dhcpcd" path="/run/udev/data/n15" dev="tmpfs" ino=657 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   29.161183][   T28] audit: type=1400 audit(1734297727.303:209): avc:  denied  { read } for  pid=441 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=420 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   29.187881][   T28] audit: type=1400 audit(1734297727.303:210): avc:  denied  { open } for  pid=441 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=420 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   29.214607][   T28] audit: type=1400 audit(1734297727.303:211): avc:  denied  { getattr } for  pid=441 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=420 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   29.241475][   T28] audit: type=1400 audit(1734297727.303:212): avc:  denied  { mounton } for  pid=381 comm="syz.1.16" path="/proc/13/task" dev="proc" ino=16671 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[   29.337019][    T6] usb 2-1: 1:0: failed to get current value for ch 0 (-22)
[   29.360954][    T6] usb 2-1: USB disconnect, device number 2
[   29.471236][   T24] usb 1-1: USB disconnect, device number 2
[   29.777604][  T473] netlink: 12 bytes leftover after parsing attributes in process `syz.4.26'.
[   29.808063][  T473] netlink: 24 bytes leftover after parsing attributes in process `syz.4.26'.
[   29.831092][  T473] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   29.838372][  T473] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   29.938385][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[   29.948166][  T472] loop3: detected capacity change from 0 to 256
[   29.963492][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   30.004715][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[   30.035975][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   30.056555][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   30.079288][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   30.088455][  T292] EXT4-fs (loop2): unmounting filesystem.
[   30.108753][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   30.124079][  T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   30.872987][  T485] loop0: detected capacity change from 0 to 2048
[   30.899580][  T485] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   31.734353][  T290] EXT4-fs (loop0): unmounting filesystem.
[   32.034486][  T508] loop1: detected capacity change from 0 to 512
[   32.077367][  T503] input: syz0 as /devices/virtual/input/input5
[   32.108909][  T508] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.33: casefold flag without casefold feature
[   32.121562][  T508] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.33: couldn't read orphan inode 15 (err -117)
[   32.133395][  T508] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   32.234587][  T342] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   32.329655][  T514] loop3: detected capacity change from 0 to 512
[   32.395910][  T514] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.37: casefold flag without casefold feature
[   32.436218][  T342] usb 5-1: Using ep0 maxpacket: 8
[   32.443939][  T342] usb 5-1: New USB device found, idVendor=1a0a, idProduct=0103, bcdDevice=ad.1d
[   32.469188][  T342] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   32.477608][  T514] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.37: couldn't read orphan inode 15 (err -117)
[   32.489278][  T342] usb 5-1: Product: syz
[   32.494081][  T342] usb 5-1: Manufacturer: syz
[   32.509239][  T342] usb 5-1: SerialNumber: syz
[   32.531647][  T342] usb 5-1: config 0 descriptor??
[   32.550875][  T342] usb_ehset_test: probe of 5-1:0.0 failed with error -32
[   32.563805][  T514] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   32.642750][  T291] EXT4-fs (loop1): unmounting filesystem.
[   33.576294][  T342] usb 5-1: USB disconnect, device number 4
[   33.841629][  T532] netlink: 20 bytes leftover after parsing attributes in process `syz.2.42'.
[   33.856242][    T6] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   34.036209][    T6] usb 1-1: Using ep0 maxpacket: 8
[   34.096226][    T6] usb 1-1: New USB device found, idVendor=1a0a, idProduct=0103, bcdDevice=ad.1d
[   34.107116][    T6] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   34.115098][    T6] usb 1-1: Product: syz
[   34.119177][   T28] kauditd_printk_skb: 26 callbacks suppressed
[   34.119189][   T28] audit: type=1400 audit(1734297732.313:239): avc:  denied  { connect } for  pid=538 comm="syz.4.45" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   34.355603][   T28] audit: type=1400 audit(1734297732.313:240): avc:  denied  { write } for  pid=538 comm="syz.4.45" laddr=172.20.20.170 lport=255 faddr=172.20.20.0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   34.394279][    T6] usb 1-1: Manufacturer: syz
[   34.450250][    T6] usb 1-1: SerialNumber: syz
[   34.475743][    T6] usb 1-1: config 0 descriptor??
[   34.486303][    T6] usb_ehset_test: probe of 1-1:0.0 failed with error -32
[   34.514121][  T293] EXT4-fs (loop3): unmounting filesystem.
[   34.531546][  T546] syz.3.47[546] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   34.531617][  T546] syz.3.47[546] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   34.543849][   T28] audit: type=1400 audit(1734297732.743:241): avc:  denied  { create } for  pid=545 comm="syz.3.47" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   34.576099][   T28] audit: type=1400 audit(1734297732.743:242): avc:  denied  { bind } for  pid=545 comm="syz.3.47" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   34.596690][   T28] audit: type=1400 audit(1734297732.803:243): avc:  denied  { append } for  pid=85 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   34.627215][   T28] audit: type=1400 audit(1734297732.833:244): avc:  denied  { read write } for  pid=292 comm="syz-executor" name="loop2" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   34.641185][  T549] loop2: detected capacity change from 0 to 2048
[   34.657705][   T28] audit: type=1400 audit(1734297732.833:245): avc:  denied  { open } for  pid=292 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   34.683051][   T28] audit: type=1400 audit(1734297732.833:246): avc:  denied  { ioctl } for  pid=292 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=116 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   34.684022][    T6] usb 1-1: USB disconnect, device number 3
[   34.714704][   T28] audit: type=1400 audit(1734297732.863:247): avc:  denied  { mounton } for  pid=548 comm="syz.2.48" path="/7/file0" dev="tmpfs" ino=58 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   34.738710][   T28] audit: type=1400 audit(1734297732.883:248): avc:  denied  { bpf } for  pid=550 comm="syz.3.49" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   34.761363][  T549] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   35.407906][  T563] loop4: detected capacity change from 0 to 2048
[   35.430827][  T563] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   35.536775][  T568] input: syz0 as /devices/virtual/input/input6
[   36.197918][  T292] EXT4-fs (loop2): unmounting filesystem.
[   36.310369][  T294] EXT4-fs (loop4): unmounting filesystem.
[   36.326228][  T576] loop2: detected capacity change from 0 to 256
[   36.332656][  T576] exfat: Deprecated parameter 'namecase'
[   36.341126][  T576] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[   36.341733][  T578] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   37.169170][  T583] fuse: Unknown parameter 'ÿÿ'
[   37.226058][  T589] loop1: detected capacity change from 0 to 2048
[   37.247927][  T589] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   37.364595][  T597] loop0: detected capacity change from 0 to 512
[   37.782933][  T597] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.58: casefold flag without casefold feature
[   37.796282][  T597] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.58: couldn't read orphan inode 15 (err -117)
[   37.812640][  T597] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   38.202650][  T591] sched: RT throttling activated
[   38.873843][  T604] loop2: detected capacity change from 0 to 512
[   40.139187][  T604] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.59: casefold flag without casefold feature
[   40.154916][  T604] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.59: couldn't read orphan inode 15 (err -117)
[   40.167254][  T604] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   40.215541][   T19] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   40.225699][  T291] EXT4-fs (loop1): unmounting filesystem.
[   40.268821][   T28] kauditd_printk_skb: 50 callbacks suppressed
[   40.268836][   T28] audit: type=1107 audit(1734297738.160:299): pid=601 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='upp'
[   40.271065][  T609] syz.1.60[609] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   40.278318][  T610] loop4: detected capacity change from 0 to 256
[   40.288349][  T609] syz.1.60[609] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   40.307436][   T28] audit: type=1400 audit(1734297738.197:300): avc:  denied  { mount } for  pid=607 comm="syz.4.61" name="/" dev="loop4" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   40.340253][   T28] audit: type=1400 audit(1734297738.206:301): avc:  denied  { create } for  pid=608 comm="syz.1.60" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   40.360594][   T28] audit: type=1400 audit(1734297738.243:302): avc:  denied  { append } for  pid=85 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   40.446210][  T290] EXT4-fs (loop0): unmounting filesystem.
[   40.454441][   T28] audit: type=1400 audit(1734297738.308:303): avc:  denied  { read write } for  pid=291 comm="syz-executor" name="loop1" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   40.478844][   T28] audit: type=1400 audit(1734297738.308:304): avc:  denied  { open } for  pid=291 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   40.509139][   T28] audit: type=1400 audit(1734297738.308:305): avc:  denied  { ioctl } for  pid=291 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=115 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   40.534524][   T28] audit: type=1400 audit(1734297738.317:306): avc:  denied  { execmem } for  pid=607 comm="syz.4.61" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   40.539623][  T614] loop3: detected capacity change from 0 to 256
[   40.553908][   T28] audit: type=1400 audit(1734297738.326:307): avc:  denied  { unmount } for  pid=290 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   41.217819][  T619] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=619 comm=syz.4.61
[   41.246726][  T292] EXT4-fs (loop2): unmounting filesystem.
[   41.283619][   T28] audit: type=1400 audit(1734297738.326:308): avc:  denied  { write } for  pid=290 comm="syz-executor" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   41.324419][  T622] loop0: detected capacity change from 0 to 2048
[   41.358770][  T622] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   41.431622][  T618] syz.1.62 (618) used greatest stack depth: 20160 bytes left
[   41.910103][  T633] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=633 comm=syz.3.65
[   41.933476][   T19] usb 4-1: device not accepting address 2, error -71
[   42.176602][  T635] input: syz0 as /devices/virtual/input/input7
[   42.253012][    C1] hrtimer: interrupt took 17771 ns
[   42.286982][  T290] EXT4-fs (loop0): unmounting filesystem.
[   42.717870][  T647] FAULT_INJECTION: forcing a failure.
[   42.717870][  T647] name failslab, interval 1, probability 0, space 0, times 1
[   42.730409][  T647] CPU: 0 PID: 647 Comm: syz.2.69 Not tainted 6.1.115-syzkaller-00017-g22b7ded8b55b #0
[   42.739778][  T647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   42.749673][  T647] Call Trace:
[   42.752804][  T647]  <TASK>
[   42.755579][  T647]  dump_stack_lvl+0x151/0x1b7
[   42.760092][  T647]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[   42.765386][  T647]  ? __mutex_lock_slowpath+0x10/0x10
[   42.770506][  T647]  ? flush_workqueue_prep_pwqs+0x449/0x4b0
[   42.776142][  T647]  dump_stack+0x15/0x19
[   42.780132][  T647]  should_fail_ex+0x3d0/0x520
[   42.784648][  T647]  __should_failslab+0xaf/0xf0
[   42.789246][  T647]  ? kvm_uevent_notify_change+0xca/0x3c0
[   42.794714][  T647]  should_failslab+0x9/0x20
[   42.799054][  T647]  __kmem_cache_alloc_node+0x3d/0x2a0
[   42.804259][  T647]  ? __mutex_lock_slowpath+0x10/0x10
[   42.809383][  T647]  ? kvm_uevent_notify_change+0xca/0x3c0
[   42.814871][  T647]  kmalloc_trace+0x2a/0xa0
[   42.819190][  T647]  kvm_uevent_notify_change+0xca/0x3c0
[   42.824491][  T647]  kvm_put_kvm+0x99/0x1340
[   42.828738][  T647]  ? kvm_irqfd_release+0x1ae/0x1d0
[   42.833696][  T647]  ? percpu_counter_add_batch+0x13d/0x160
[   42.839242][  T647]  ? kvm_vm_compat_ioctl+0x590/0x590
[   42.844363][  T647]  kvm_vm_release+0x46/0x50
[   42.848699][  T647]  __fput+0x1e5/0x870
[   42.852519][  T647]  ____fput+0x15/0x20
[   42.856338][  T647]  task_work_run+0x24d/0x2e0
[   42.860763][  T647]  ? task_work_cancel+0x2e0/0x2e0
[   42.865623][  T647]  ? close_fd+0x2f0/0x2f0
[   42.869788][  T647]  exit_to_user_mode_loop+0x94/0xa0
[   42.874824][  T647]  exit_to_user_mode_prepare+0x5a/0xa0
[   42.880116][  T647]  syscall_exit_to_user_mode+0x26/0x130
[   42.885499][  T647]  do_syscall_64+0x47/0xb0
[   42.889750][  T647]  ? clear_bhb_loop+0x55/0xb0
[   42.894264][  T647]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   42.899993][  T647] RIP: 0033:0x7f2c14985d19
[   42.904248][  T647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   42.923687][  T647] RSP: 002b:00007f2c15774038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[   42.931932][  T647] RAX: 0000000000000000 RBX: 00007f2c14b75fa0 RCX: 00007f2c14985d19
[   42.939743][  T647] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000003
[   42.947554][  T647] RBP: 00007f2c15774090 R08: 0000000000000000 R09: 0000000000000000
[   42.955366][  T647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   42.963176][  T647] R13: 0000000000000000 R14: 00007f2c14b75fa0 R15: 00007ffe8bdcd168
[   42.970989][  T647]  </TASK>
[   42.974646][   T65] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   43.049305][  T650] loop2: detected capacity change from 0 to 512
[   43.056874][  T650] EXT4-fs (loop2): Test dummy encryption mode enabled
[   43.063508][  T650] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   43.073765][  T650] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[   43.081725][  T650] System zones: 1-12
[   43.085989][  T650] EXT4-fs (loop2): 1 truncate cleaned up
[   43.091781][  T650] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   43.174254][   T65] usb 2-1: Using ep0 maxpacket: 8
[   43.181726][   T65] usb 2-1: New USB device found, idVendor=1a0a, idProduct=0103, bcdDevice=ad.1d
[   43.190688][   T65] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   43.198526][   T65] usb 2-1: Product: syz
[   43.202526][   T65] usb 2-1: Manufacturer: syz
[   43.206952][   T65] usb 2-1: SerialNumber: syz
[   43.212241][   T65] usb 2-1: config 0 descriptor??
[   43.218290][   T65] usb_ehset_test: probe of 2-1:0.0 failed with error -32
[   43.391094][    T6] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   43.435684][   T19] usb 2-1: USB disconnect, device number 3
[   43.566677][  T659] FAULT_INJECTION: forcing a failure.
[   43.566677][  T659] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   43.587224][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 97, changing to 10
[   43.602604][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 25199, setting to 1024
[   43.613663][  T659] CPU: 0 PID: 659 Comm: syz.4.72 Not tainted 6.1.115-syzkaller-00017-g22b7ded8b55b #0
[   43.623010][  T659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   43.632904][  T659] Call Trace:
[   43.636028][  T659]  <TASK>
[   43.638805][  T659]  dump_stack_lvl+0x151/0x1b7
[   43.643322][  T659]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[   43.648617][  T659]  dump_stack+0x15/0x19
[   43.652608][  T659]  should_fail_ex+0x3d0/0x520
[   43.657121][  T659]  should_fail+0xb/0x10
[   43.661122][  T659]  should_fail_usercopy+0x1a/0x20
[   43.665975][  T659]  strncpy_from_user+0x24/0x2b0
[   43.670659][  T659]  setxattr+0xca/0x2b0
[   43.674566][  T659]  ? path_setxattr+0x2a0/0x2a0
[   43.679171][  T659]  ? __mnt_want_write+0x1f6/0x270
[   43.684026][  T659]  ? mnt_want_write_file+0x27c/0x480
[   43.689149][  T659]  __se_sys_fsetxattr+0x18d/0x200
[   43.694008][  T659]  __x64_sys_fsetxattr+0xbf/0xd0
[   43.698780][  T659]  x64_sys_call+0x50d/0x9a0
[   43.703120][  T659]  do_syscall_64+0x3b/0xb0
[   43.707370][  T659]  ? clear_bhb_loop+0x55/0xb0
[   43.711885][  T659]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   43.717612][  T659] RIP: 0033:0x7fc2b0b85d19
[   43.721867][  T659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   43.741308][  T659] RSP: 002b:00007fc2b1a1e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[   43.749550][  T659] RAX: ffffffffffffffda RBX: 00007fc2b0d75fa0 RCX: 00007fc2b0b85d19
[   43.757361][  T659] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000008
[   43.765175][  T659] RBP: 00007fc2b1a1e090 R08: 0000000000000000 R09: 0000000000000000
[   43.772985][  T659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   43.780969][  T659] R13: 0000000000000000 R14: 00007fc2b0d75fa0 R15: 00007ffc31f75d58
[   43.788785][  T659]  </TASK>
[   43.792218][    T6] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   43.804927][    T6] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   43.813779][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   43.838321][    T6] usb 3-1: config 0 descriptor??
[   43.845607][  T662] syz.3.73[662] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   43.845679][  T662] syz.3.73[662] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   44.692966][    T6] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[   44.714286][    T6] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[   44.724920][    T6] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[   44.727857][  T673] loop3: detected capacity change from 0 to 40427
[   44.735516][    T6] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[   44.746779][    T6] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[   44.757349][    T6] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[   44.766307][  T673] F2FS-fs (loop3): fault_type options not supported
[   44.767926][    T6] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[   44.780987][  T673] F2FS-fs (loop3): invalid crc value
[   44.791908][    T6] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving
[   44.800566][  T673] F2FS-fs (loop3): Found nat_bits in checkpoint
[   44.815080][    T6] plantronics 0003:047F:FFFF.0001: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   44.893806][  T673] F2FS-fs (loop3): Start checkpoint disabled!
[   44.918208][  T673] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[   44.995433][    T6] usb 3-1: USB disconnect, device number 2
[   45.037774][  T688] syz.3.78: attempt to access beyond end of device
[   45.037774][  T688] loop3: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[   45.317136][  T692] loop1: detected capacity change from 0 to 40427
[   45.326196][  T694] loop4: detected capacity change from 0 to 128
[   45.332591][  T694] FAT-fs (loop4): Unrecognized mount option "iocha‘set=utf8" or missing value
[   45.343469][  T692] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[   45.351020][  T692] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   45.360565][  T692] F2FS-fs (loop1): invalid crc value
[   45.439485][  T680] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   45.512284][  T692] F2FS-fs (loop1): Found nat_bits in checkpoint
[   45.652155][  T692] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   45.659068][  T692] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   45.684709][  T292] EXT4-fs (loop2): unmounting filesystem.
[   45.699469][  T680] usb 4-1: Using ep0 maxpacket: 8
[   45.706614][  T680] usb 4-1: config 0 has no interfaces?
[   45.732218][  T680] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[   45.758178][  T700] loop2: detected capacity change from 0 to 256
[   45.770584][   T28] kauditd_printk_skb: 79 callbacks suppressed
[   45.770599][   T28] audit: type=1400 audit(1734297743.235:388): avc:  denied  { mount } for  pid=699 comm="syz.2.83" name="/" dev="loop2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   45.853489][  T680] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   45.869134][   T28] audit: type=1400 audit(1734297743.327:389): avc:  denied  { append } for  pid=691 comm="syz.1.82" path="/16/file0/cpuset.effective_cpus" dev="loop1" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   45.871220][  T680] usb 4-1: config 0 descriptor??
[   45.899645][   T28] audit: type=1400 audit(1734297743.327:390): avc:  denied  { ioctl } for  pid=691 comm="syz.1.82" path="/16/file0/cpuset.effective_cpus" dev="loop1" ino=10 ioctlcmd=0xf510 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   45.901512][  T692] overlayfs: failed to resolve './file1': -2
[   45.994516][  T703] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=703 comm=syz.2.83
[   46.009322][   T28] audit: type=1400 audit(1734297743.327:391): avc:  denied  { create } for  pid=691 comm="syz.1.82" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   46.197157][  T705] loop4: detected capacity change from 0 to 256
[   46.219862][   T28] audit: type=1400 audit(1734297743.355:392): avc:  denied  { mounton } for  pid=691 comm="syz.1.82" path="/16/file0/file0" dev="loop1" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   46.302969][   T28] audit: type=1400 audit(1734297743.355:393): avc:  denied  { mount } for  pid=691 comm="syz.1.82" name="/" dev="ramfs" ino=16191 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   46.305209][  T291] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[   46.361243][  T291] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[   46.378702][   T28] audit: type=1400 audit(1734297743.355:394): avc:  denied  { mounton } for  pid=691 comm="syz.1.82" path="/16/file0/file0/bus" dev="ramfs" ino=16193 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[   46.424876][   T28] audit: type=1400 audit(1734297743.438:395): avc:  denied  { mounton } for  pid=699 comm="syz.2.83" path="/13/file1/bus" dev="loop2" ino=1048606 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1
[   46.447991][  T291] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[   46.448224][  T291] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[   46.627182][   T28] audit: type=1400 audit(1734297743.613:396): avc:  denied  { unlink } for  pid=704 comm="syz.4.84" name="#d" dev="tmpfs" ino=125 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   46.661110][  T291] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[   46.661157][  T291] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[   46.670733][  T291] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[   46.802619][   T28] audit: type=1400 audit(1734297743.705:397): avc:  denied  { create } for  pid=672 comm="syz.3.78" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   46.881706][  T716] FAULT_INJECTION: forcing a failure.
[   46.881706][  T716] name failslab, interval 1, probability 0, space 0, times 0
[   46.894237][  T716] CPU: 1 PID: 716 Comm: syz.0.87 Not tainted 6.1.115-syzkaller-00017-g22b7ded8b55b #0
[   46.903594][  T716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   46.913490][  T716] Call Trace:
[   46.916619][  T716]  <TASK>
[   46.918591][  T718] syz.1.85[718] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   46.919388][  T716]  dump_stack_lvl+0x151/0x1b7
[   46.919440][  T718] syz.1.85[718] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   46.930238][  T716]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[   46.930264][  T716]  dump_stack+0x15/0x19
[   46.930278][  T716]  should_fail_ex+0x3d0/0x520
[   46.930301][  T716]  ? lease_alloc+0x2b/0x340
[   46.963827][  T716]  __should_failslab+0xaf/0xf0
[   46.968426][  T716]  should_failslab+0x9/0x20
[   46.972764][  T716]  kmem_cache_alloc+0x3b/0x320
[   46.977368][  T716]  lease_alloc+0x2b/0x340
[   46.981528][  T716]  __break_lease+0x10f/0x13b0
[   46.986162][  T716]  ? selinux_inode_getattr+0x3e0/0x3e0
[   46.991448][  T716]  ? cap_capable+0x1d2/0x270
[   46.995875][  T716]  ? locks_wake_up_blocks+0x310/0x310
[   47.001082][  T716]  ? capable+0x88/0xe0
[   47.004987][  T716]  ? security_inode_setxattr+0x13c/0x180
[   47.010455][  T716]  __vfs_setxattr_locked+0x182/0x230
[   47.015576][  T716]  vfs_setxattr+0x21d/0x420
[   47.019915][  T716]  ? __kasan_check_write+0x14/0x20
[   47.024861][  T716]  ? xattr_permission+0x540/0x540
[   47.029728][  T716]  setxattr+0x250/0x2b0
[   47.033716][  T716]  ? path_setxattr+0x2a0/0x2a0
[   47.038317][  T716]  ? __mnt_want_write+0x1f6/0x270
[   47.043174][  T716]  ? mnt_want_write_file+0x27c/0x480
[   47.048295][  T716]  __se_sys_fsetxattr+0x18d/0x200
[   47.053154][  T716]  __x64_sys_fsetxattr+0xbf/0xd0
[   47.057931][  T716]  x64_sys_call+0x50d/0x9a0
[   47.062268][  T716]  do_syscall_64+0x3b/0xb0
[   47.066527][  T716]  ? clear_bhb_loop+0x55/0xb0
[   47.071035][  T716]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   47.076762][  T716] RIP: 0033:0x7f0efb985d19
[   47.081015][  T716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.100456][  T716] RSP: 002b:00007f0efc8a3038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[   47.108703][  T716] RAX: ffffffffffffffda RBX: 00007f0efbb75fa0 RCX: 00007f0efb985d19
[   47.116513][  T716] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000008
[   47.124323][  T716] RBP: 00007f0efc8a3090 R08: 0000000000000000 R09: 0000000000000000
[   47.132137][  T716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   47.139949][  T716] R13: 0000000000000000 R14: 00007f0efbb75fa0 R15: 00007ffc91655148
[   47.147762][  T716]  </TASK>
[   47.908277][  T740] loop1: detected capacity change from 0 to 512
[   47.925239][  T740] EXT4-fs error (device loop1): ext4_expand_extra_isize_ea:2759: inode #11: comm syz.1.94: corrupted xattr block 95
[   47.937487][  T740] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2809: Unable to expand inode 11. Delete some EAs or run e2fsck.
[   47.966773][  T740] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm syz.1.94: bg 0: block 7: invalid block bitmap
[   47.979993][    T6] usb 4-1: USB disconnect, device number 4
[   47.988743][  T740] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem
[   48.005080][   T43] kworker/u4:2: attempt to access beyond end of device
[   48.005080][   T43] loop3: rw=1, sector=77824, nr_sectors = 2200 limit=40427
[   48.005579][  T740] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2925: inode #11: comm syz.1.94: corrupted xattr block 95
[   48.031746][  T740] EXT4-fs warning (device loop1): ext4_evict_inode:299: xattr delete (err -117)
[   48.046282][   T43] kworker/u4:2: attempt to access beyond end of device
[   48.046282][   T43] loop3: rw=1, sector=80024, nr_sectors = 1896 limit=40427
[   48.062688][  T740] EXT4-fs (loop1): 1 orphan inode deleted
[   48.070882][   T43] kworker/u4:2: attempt to access beyond end of device
[   48.070882][   T43] loop3: rw=1, sector=49152, nr_sectors = 4096 limit=40427
[   48.079616][  T740] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   48.097521][  T740] EXT4-fs (loop1): unmounting filesystem.
[   48.103210][   T43] kworker/u4:2: attempt to access beyond end of device
[   48.103210][   T43] loop3: rw=1, sector=57344, nr_sectors = 6808 limit=40427
[   48.125464][   T43] kworker/u4:2: attempt to access beyond end of device
[   48.125464][   T43] loop3: rw=1, sector=64152, nr_sectors = 2256 limit=40427
[   48.152396][   T43] kworker/u4:2: attempt to access beyond end of device
[   48.152396][   T43] loop3: rw=1, sector=66408, nr_sectors = 2288 limit=40427
[   48.171383][   T43] kworker/u4:2: attempt to access beyond end of device
[   48.171383][   T43] loop3: rw=1, sector=68696, nr_sectors = 936 limit=40427
[   48.187630][   T43] kworker/u4:2: attempt to access beyond end of device
[   48.187630][   T43] loop3: rw=1, sector=69632, nr_sectors = 8 limit=40427
[   48.201931][   T43] kworker/u4:2: attempt to access beyond end of device
[   48.201931][   T43] loop3: rw=1, sector=69640, nr_sectors = 8 limit=40427
[   48.218724][  T745] netlink: 'syz.4.97': attribute type 16 has an invalid length.
[   48.277130][  T749] FAULT_INJECTION: forcing a failure.
[   48.277130][  T749] name failslab, interval 1, probability 0, space 0, times 0
[   48.308480][  T749] CPU: 0 PID: 749 Comm: syz.4.98 Not tainted 6.1.115-syzkaller-00017-g22b7ded8b55b #0
[   48.317850][  T749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   48.327758][  T749] Call Trace:
[   48.330873][  T749]  <TASK>
[   48.333647][  T749]  dump_stack_lvl+0x151/0x1b7
[   48.338160][  T749]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[   48.343453][  T749]  ? __break_lease+0x11cb/0x13b0
[   48.348228][  T749]  ? __se_sys_fsetxattr+0x18d/0x200
[   48.353261][  T749]  ? x64_sys_call+0x50d/0x9a0
[   48.357860][  T749]  ? do_syscall_64+0x3b/0xb0
[   48.362289][  T749]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   48.368192][  T749]  dump_stack+0x15/0x19
[   48.372200][  T749]  should_fail_ex+0x3d0/0x520
[   48.376696][  T749]  __should_failslab+0xaf/0xf0
[   48.381295][  T749]  ? kvmalloc_node+0x221/0x640
[   48.385899][  T749]  should_failslab+0x9/0x20
[   48.390234][  T749]  __kmem_cache_alloc_node+0x3d/0x2a0
[   48.395475][  T749]  ? kvmalloc_node+0x221/0x640
[   48.400044][  T749]  __kmalloc_node+0xa3/0x1e0
[   48.404471][  T749]  kvmalloc_node+0x221/0x640
[   48.408900][  T749]  ? kasan_quarantine_put+0x34/0x1a0
[   48.414022][  T749]  ? vm_mmap+0xb0/0xb0
[   48.417926][  T749]  ? kmem_cache_free+0x291/0x560
[   48.422699][  T749]  simple_xattr_set+0xba/0x580
[   48.427296][  T749]  shmem_xattr_handler_set+0x46/0xe0
[   48.432412][  T749]  ? shmem_xattr_handler_get+0x50/0x50
[   48.437715][  T749]  __vfs_setxattr+0x3ed/0x440
[   48.442222][  T749]  __vfs_setxattr_noperm+0x126/0x5e0
[   48.447344][  T749]  __vfs_setxattr_locked+0x215/0x230
[   48.452463][  T749]  vfs_setxattr+0x21d/0x420
[   48.456800][  T749]  ? __kasan_check_write+0x14/0x20
[   48.461751][  T749]  ? xattr_permission+0x540/0x540
[   48.466611][  T749]  setxattr+0x250/0x2b0
[   48.470601][  T749]  ? path_setxattr+0x2a0/0x2a0
[   48.475208][  T749]  ? __mnt_want_write+0x1f6/0x270
[   48.480065][  T749]  ? mnt_want_write_file+0x27c/0x480
[   48.485185][  T749]  __se_sys_fsetxattr+0x18d/0x200
[   48.490044][  T749]  __x64_sys_fsetxattr+0xbf/0xd0
[   48.494917][  T749]  x64_sys_call+0x50d/0x9a0
[   48.499242][  T749]  do_syscall_64+0x3b/0xb0
[   48.503495][  T749]  ? clear_bhb_loop+0x55/0xb0
[   48.508008][  T749]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   48.513738][  T749] RIP: 0033:0x7fc2b0b85d19
[   48.518105][  T749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.537537][  T749] RSP: 002b:00007fc2b1a1e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[   48.545777][  T749] RAX: ffffffffffffffda RBX: 00007fc2b0d75fa0 RCX: 00007fc2b0b85d19
[   48.553586][  T749] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000008
[   48.561399][  T749] RBP: 00007fc2b1a1e090 R08: 0000000000000000 R09: 0000000000000000
[   48.569211][  T749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   48.577022][  T749] R13: 0000000000000000 R14: 00007fc2b0d75fa0 R15: 00007ffc31f75d58
[   48.584841][  T749]  </TASK>
[   48.618414][  T747] loop0: detected capacity change from 0 to 40427
[   48.628650][  T747] F2FS-fs (loop0): invalid crc value
[   48.647482][  T747] F2FS-fs (loop0): Found nat_bits in checkpoint
[   48.712161][  T754] loop4: detected capacity change from 0 to 256
[   48.718360][  T747] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[   48.727128][  T754] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   48.866173][  T760] syz.0.96 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   48.952430][  T762] syz.4.100[762] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   48.952504][  T762] syz.4.100[762] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   49.134899][  T780] loop4: detected capacity change from 0 to 512
[   49.244405][  T784] FAULT_INJECTION: forcing a failure.
[   49.244405][  T784] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   49.257354][  T784] CPU: 1 PID: 784 Comm: syz.3.106 Not tainted 6.1.115-syzkaller-00017-g22b7ded8b55b #0
[   49.266718][  T784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   49.276620][  T784] Call Trace:
[   49.279738][  T784]  <TASK>
[   49.282514][  T784]  dump_stack_lvl+0x151/0x1b7
[   49.287030][  T784]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[   49.292336][  T784]  dump_stack+0x15/0x19
[   49.296315][  T784]  should_fail_ex+0x3d0/0x520
[   49.300828][  T784]  should_fail+0xb/0x10
[   49.304820][  T784]  should_fail_usercopy+0x1a/0x20
[   49.309684][  T784]  _copy_to_user+0x1e/0x90
[   49.313932][  T784]  simple_read_from_buffer+0xc7/0x150
[   49.319139][  T784]  proc_fail_nth_read+0x1a3/0x210
[   49.324003][  T784]  ? proc_fault_inject_write+0x390/0x390
[   49.329468][  T784]  ? fsnotify_perm+0x269/0x5b0
[   49.334068][  T784]  ? security_file_permission+0x86/0xb0
[   49.339451][  T784]  ? proc_fault_inject_write+0x390/0x390
[   49.344919][  T784]  vfs_read+0x26c/0xae0
[   49.348914][  T784]  ? plist_add+0x3e0/0x460
[   49.353170][  T784]  ? kernel_read+0x1f0/0x1f0
[   49.357590][  T784]  ? mutex_lock+0xb1/0x1e0
[   49.361838][  T784]  ? bit_wait_io_timeout+0x120/0x120
[   49.366961][  T784]  ? __fdget_pos+0x2e2/0x390
[   49.371386][  T784]  ? ksys_read+0x77/0x2c0
[   49.375552][  T784]  ksys_read+0x199/0x2c0
[   49.379636][  T784]  ? vfs_write+0xed0/0xed0
[   49.383881][  T784]  ? fpregs_restore_userregs+0x130/0x290
[   49.389350][  T784]  __x64_sys_read+0x7b/0x90
[   49.393689][  T784]  x64_sys_call+0x28/0x9a0
[   49.397944][  T784]  do_syscall_64+0x3b/0xb0
[   49.402196][  T784]  ? clear_bhb_loop+0x55/0xb0
[   49.406708][  T784]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   49.412437][  T784] RIP: 0033:0x7f7e8e98472c
[   49.416691][  T784] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   49.436132][  T784] RSP: 002b:00007f7e8f7fc030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   49.444376][  T784] RAX: ffffffffffffffda RBX: 00007f7e8eb76160 RCX: 00007f7e8e98472c
[   49.452186][  T784] RDX: 000000000000000f RSI: 00007f7e8f7fc0a0 RDI: 0000000000000009
[   49.459997][  T784] RBP: 00007f7e8f7fc090 R08: 0000000000000000 R09: 0000000000000000
[   49.467811][  T784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   49.475620][  T784] R13: 0000000000000000 R14: 00007f7e8eb76160 R15: 00007ffe981b7278
[   49.483438][  T784]  </TASK>
[   49.579268][  T780] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   49.623563][  T780] EXT4-fs error (device loop4): ext4_orphan_get:1426: comm syz.4.105: bad orphan inode 131083
[   49.634424][  T780] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   49.839848][  T794] loop2: detected capacity change from 0 to 512
[   49.868138][  T294] EXT4-fs (loop4): unmounting filesystem.
[   49.883015][  T315] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   49.905327][  T799] FAULT_INJECTION: forcing a failure.
[   49.905327][  T799] name failslab, interval 1, probability 0, space 0, times 0
[   49.919342][  T799] CPU: 0 PID: 799 Comm: syz.2.111 Not tainted 6.1.115-syzkaller-00017-g22b7ded8b55b #0
[   49.928794][  T799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   49.928807][  T799] Call Trace:
[   49.928813][  T799]  <TASK>
[   49.928819][  T799]  dump_stack_lvl+0x151/0x1b7
[   49.928844][  T799]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[   49.928865][  T799]  dump_stack+0x15/0x19
[   49.928881][  T799]  should_fail_ex+0x3d0/0x520
[   49.928904][  T799]  __should_failslab+0xaf/0xf0
[   49.928923][  T799]  ? simple_xattr_set+0x10a/0x580
[   49.928944][  T799]  should_failslab+0x9/0x20
[   49.928964][  T799]  __kmem_cache_alloc_node+0x3d/0x2a0
[   49.928983][  T799]  ? simple_xattr_set+0x10a/0x580
[   49.929003][  T799]  __kmalloc_node_track_caller+0xa2/0x1e0
[   49.929024][  T799]  ? simple_xattr_set+0xfd/0x580
[   49.929045][  T799]  kstrdup+0x39/0x70
[   49.929063][  T799]  simple_xattr_set+0x10a/0x580
[   49.929085][  T799]  shmem_xattr_handler_set+0x46/0xe0
[   49.929104][  T799]  ? shmem_xattr_handler_get+0x50/0x50
[   49.929122][  T799]  __vfs_setxattr+0x3ed/0x440
[   49.929143][  T799]  __vfs_setxattr_noperm+0x126/0x5e0
[   49.929164][  T799]  __vfs_setxattr_locked+0x215/0x230
[   49.929183][  T799]  vfs_setxattr+0x21d/0x420
[   49.929200][  T799]  ? __kasan_check_write+0x14/0x20
[   49.929216][  T799]  ? xattr_permission+0x540/0x540
[   49.929238][  T799]  setxattr+0x250/0x2b0
[   49.929257][  T799]  ? path_setxattr+0x2a0/0x2a0
[   49.929282][  T799]  ? __mnt_want_write+0x1f6/0x270
[   49.929298][  T799]  ? mnt_want_write_file+0x27c/0x480
[   49.929313][  T799]  __se_sys_fsetxattr+0x18d/0x200
[   49.929335][  T799]  __x64_sys_fsetxattr+0xbf/0xd0
[   49.929355][  T799]  x64_sys_call+0x50d/0x9a0
[   49.929373][  T799]  do_syscall_64+0x3b/0xb0
[   49.929390][  T799]  ? clear_bhb_loop+0x55/0xb0
[   49.929410][  T799]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   49.929430][  T799] RIP: 0033:0x7f2c14985d19
[   49.929444][  T799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.929455][  T799] RSP: 002b:00007f2c15774038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[   49.929474][  T799] RAX: ffffffffffffffda RBX: 00007f2c14b75fa0 RCX: 00007f2c14985d19
[   49.929486][  T799] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000008
[   49.929517][  T799] RBP: 00007f2c15774090 R08: 0000000000000000 R09: 0000000000000000
[   49.929534][  T799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   49.929543][  T799] R13: 0000000000000000 R14: 00007f2c14b75fa0 R15: 00007ffe8bdcd168
[   49.929557][  T799]  </TASK>
[   49.963821][  T806] syz.2.113[806] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   49.963889][  T806] syz.2.113[806] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   50.091356][  T813] loop1: detected capacity change from 0 to 256
[   50.455881][  T820] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=820 comm=syz.1.114
[   50.847393][  T680] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   51.053332][  T680] usb 1-1: Using ep0 maxpacket: 8
[   51.060905][  T680] usb 1-1: New USB device found, idVendor=1a0a, idProduct=0103, bcdDevice=ad.1d
[   51.063624][  T833] loop3: detected capacity change from 0 to 40427
[   51.091723][  T680] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   51.107692][  T833] F2FS-fs (loop3): fault_type options not supported
[   51.110509][  T680] usb 1-1: Product: syz
[   51.118127][  T680] usb 1-1: Manufacturer: syz
[   51.123239][  T833] F2FS-fs (loop3): invalid crc value
[   51.129014][  T680] usb 1-1: SerialNumber: syz
[   51.141137][  T680] usb 1-1: config 0 descriptor??
[   51.146439][  T833] F2FS-fs (loop3): Found nat_bits in checkpoint
[   51.146832][  T680] usb_ehset_test: probe of 1-1:0.0 failed with error -32
[   51.216915][  T833] F2FS-fs (loop3): Start checkpoint disabled!
[   51.223418][  T833] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[   51.231265][   T28] kauditd_printk_skb: 184 callbacks suppressed
[   51.231278][   T28] audit: type=1400 audit(1734297748.282:582): avc:  denied  { mount } for  pid=832 comm="syz.3.119" name="/" dev="loop3" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   51.278161][  T840] bio_check_eod: 1510 callbacks suppressed
[   51.278176][  T840] syz.3.119: attempt to access beyond end of device
[   51.278176][  T840] loop3: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[   51.281454][   T28] audit: type=1400 audit(1734297748.319:583): avc:  denied  { write } for  pid=832 comm="syz.3.119" name="/" dev="loop3" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   51.318656][   T28] audit: type=1400 audit(1734297748.319:584): avc:  denied  { add_name } for  pid=832 comm="syz.3.119" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   51.324243][  T330] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   51.339072][   T28] audit: type=1400 audit(1734297748.319:585): avc:  denied  { create } for  pid=832 comm="syz.3.119" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   51.370344][    T6] usb 1-1: USB disconnect, device number 4
[   51.382273][   T28] audit: type=1400 audit(1734297748.319:586): avc:  denied  { write open } for  pid=832 comm="syz.3.119" path="/25/file1/bus" dev="loop3" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   51.405197][   T28] audit: type=1400 audit(1734297748.319:587): avc:  denied  { read } for  pid=832 comm="syz.3.119" name="bus" dev="loop3" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   51.414904][  T838] loop2: detected capacity change from 0 to 40427
[   51.435224][  T838] F2FS-fs (loop2): invalid crc value
[   51.446641][  T838] F2FS-fs (loop2): Found nat_bits in checkpoint
[   51.484727][  T838] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[   51.552692][   T28] audit: type=1400 audit(1734297748.577:588): avc:  denied  { create } for  pid=837 comm="syz.2.121" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   51.572638][  T342] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[   51.580138][   T28] audit: type=1400 audit(1734297748.605:589): avc:  denied  { write } for  pid=837 comm="syz.2.121" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   51.600279][   T28] audit: type=1400 audit(1734297748.605:590): avc:  denied  { module_request } for  pid=837 comm="syz.2.121" kmod="net-pf-16-proto-16-family-fou" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   51.623453][  T330] usb 5-1: Using ep0 maxpacket: 8
[   51.628572][   T28] audit: type=1400 audit(1734297748.605:591): avc:  denied  { read } for  pid=837 comm="syz.2.121" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   51.650602][  T292] syz-executor: attempt to access beyond end of device
[   51.650602][  T292] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   51.651723][  T330] usb 5-1: New USB device found, idVendor=1a0a, idProduct=0103, bcdDevice=ad.1d
[   51.673442][  T330] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   51.681252][  T330] usb 5-1: Product: syz
[   51.685506][  T330] usb 5-1: Manufacturer: syz
[   51.689940][  T330] usb 5-1: SerialNumber: syz
[   51.700641][  T330] usb 5-1: config 0 descriptor??
[   51.715939][  T330] usb_ehset_test: probe of 5-1:0.0 failed with error -32
[   52.039360][  T342] usb 4-1: Using ep0 maxpacket: 8
[   52.067799][  T342] usb 4-1: config 0 has no interfaces?
[   52.073133][  T342] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[   52.081947][  T342] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   52.090660][  T330] usb 5-1: USB disconnect, device number 5
[   52.100904][  T342] usb 4-1: config 0 descriptor??
[   52.247502][  T853] loop0: detected capacity change from 0 to 512
[   52.261284][  T853] EXT4-fs error (device loop0): ext4_expand_extra_isize_ea:2759: inode #11: comm syz.0.123: corrupted xattr block 95
[   52.273586][  T853] EXT4-fs error (device loop0): ext4_validate_block_bitmap:429: comm syz.0.123: bg 0: block 7: invalid block bitmap
[   52.285961][  T853] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6170: Corrupt filesystem
[   52.294783][  T853] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2925: inode #11: comm syz.0.123: corrupted xattr block 95
[   52.307041][  T853] EXT4-fs warning (device loop0): ext4_evict_inode:299: xattr delete (err -117)
[   52.316161][  T853] EXT4-fs (loop0): 1 orphan inode deleted
[   52.321916][  T853] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   52.332694][  T853] EXT4-fs (loop0): unmounting filesystem.
[   52.734234][  T862] FAULT_INJECTION: forcing a failure.
[   52.734234][  T862] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   52.747829][  T862] CPU: 1 PID: 862 Comm: syz.4.125 Not tainted 6.1.115-syzkaller-00017-g22b7ded8b55b #0
[   52.756035][  T864] syz.2.126[864] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   52.757281][  T862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   52.757294][  T862] Call Trace:
[   52.757299][  T862]  <TASK>
[   52.757305][  T862]  dump_stack_lvl+0x151/0x1b7
[   52.774993][  T864] syz.2.126[864] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   52.778112][  T862]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[   52.778137][  T862]  dump_stack+0x15/0x19
[   52.778153][  T862]  should_fail_ex+0x3d0/0x520
[   52.778174][  T862]  should_fail+0xb/0x10
[   52.817263][  T862]  should_fail_usercopy+0x1a/0x20
[   52.822114][  T862]  _copy_to_user+0x1e/0x90
[   52.826367][  T862]  simple_read_from_buffer+0xc7/0x150
[   52.831577][  T862]  proc_fail_nth_read+0x1a3/0x210
[   52.836438][  T862]  ? proc_fault_inject_write+0x390/0x390
[   52.841903][  T862]  ? fsnotify_perm+0x269/0x5b0
[   52.846507][  T862]  ? security_file_permission+0x86/0xb0
[   52.851883][  T862]  ? proc_fault_inject_write+0x390/0x390
[   52.857359][  T862]  vfs_read+0x26c/0xae0
[   52.861347][  T862]  ? kvfree+0x35/0x40
[   52.865166][  T862]  ? kernel_read+0x1f0/0x1f0
[   52.869592][  T862]  ? mutex_lock+0xb1/0x1e0
[   52.873845][  T862]  ? bit_wait_io_timeout+0x120/0x120
[   52.878964][  T862]  ? __fdget_pos+0x2e2/0x390
[   52.883391][  T862]  ? ksys_read+0x77/0x2c0
[   52.887555][  T862]  ksys_read+0x199/0x2c0
[   52.891639][  T862]  ? vfs_write+0xed0/0xed0
[   52.895889][  T862]  ? debug_smp_processor_id+0x17/0x20
[   52.901096][  T862]  ? fpregs_assert_state_consistent+0xb6/0xe0
[   52.906996][  T862]  __x64_sys_read+0x7b/0x90
[   52.911337][  T862]  x64_sys_call+0x28/0x9a0
[   52.915589][  T862]  do_syscall_64+0x3b/0xb0
[   52.919844][  T862]  ? clear_bhb_loop+0x55/0xb0
[   52.924355][  T862]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   52.930087][  T862] RIP: 0033:0x7fc2b0b8472c
[   52.934339][  T862] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   52.953775][  T862] RSP: 002b:00007fc2b1a1e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   52.962019][  T862] RAX: ffffffffffffffda RBX: 00007fc2b0d75fa0 RCX: 00007fc2b0b8472c
[   52.969830][  T862] RDX: 000000000000000f RSI: 00007fc2b1a1e0a0 RDI: 0000000000000009
[   52.977642][  T862] RBP: 00007fc2b1a1e090 R08: 0000000000000000 R09: 0000000000000000
[   52.985455][  T862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.993268][  T862] R13: 0000000000000000 R14: 00007fc2b0d75fa0 R15: 00007ffc31f75d58
[   53.001082][  T862]  </TASK>
[   53.540593][  T882] loop0: detected capacity change from 0 to 40427
[   53.548202][  T882] F2FS-fs (loop0): invalid crc value
[   53.555304][  T882] F2FS-fs (loop0): Found nat_bits in checkpoint
[   53.582584][  T882] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[   53.676056][   T24] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   53.882014][   T24] usb 2-1: Using ep0 maxpacket: 8
[   53.888972][   T24] usb 2-1: unable to get BOS descriptor or descriptor too short
[   53.897524][   T24] usb 2-1: config 3 has an invalid interface number: 203 but max is 0
[   53.905659][   T24] usb 2-1: config 3 has no interface number 0
[   53.911678][   T24] usb 2-1: config 3 interface 203 has no altsetting 0
[   53.919949][   T24] usb 2-1: New USB device found, idVendor=06f8, idProduct=b000, bcdDevice=60.3a
[   53.928847][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   53.936663][   T24] usb 2-1: Product: syz
[   53.940602][   T24] usb 2-1: Manufacturer: syz
[   53.945010][   T24] usb 2-1: SerialNumber: syz
[   54.026784][  T330] usb 4-1: USB disconnect, device number 5
[   54.063558][   T43] kworker/u4:2: attempt to access beyond end of device
[   54.063558][   T43] loop3: rw=1, sector=77824, nr_sectors = 4096 limit=40427
[   54.095055][   T43] kworker/u4:2: attempt to access beyond end of device
[   54.095055][   T43] loop3: rw=1, sector=49152, nr_sectors = 4096 limit=40427
[   54.117527][   T43] kworker/u4:2: attempt to access beyond end of device
[   54.117527][   T43] loop3: rw=1, sector=57344, nr_sectors = 3920 limit=40427
[   54.148881][   T43] kworker/u4:2: attempt to access beyond end of device
[   54.148881][   T43] loop3: rw=1, sector=61264, nr_sectors = 8368 limit=40427
[   54.203839][   T24] usb 2-1: USB disconnect, device number 4
[   54.209842][   T43] kworker/u4:2: attempt to access beyond end of device
[   54.209842][   T43] loop3: rw=1, sector=69632, nr_sectors = 8 limit=40427
[   54.227082][   T43] kworker/u4:2: attempt to access beyond end of device
[   54.227082][   T43] loop3: rw=1, sector=69640, nr_sectors = 8 limit=40427
[   54.242127][   T43] kworker/u4:2: attempt to access beyond end of device
[   54.242127][   T43] loop3: rw=1, sector=69648, nr_sectors = 8 limit=40427
[   54.256398][   T43] kworker/u4:2: attempt to access beyond end of device
[   54.256398][   T43] loop3: rw=1, sector=69656, nr_sectors = 8 limit=40427
[   54.297213][  T895] loop2: detected capacity change from 0 to 16
[   54.305748][  T895] erofs: (device loop2): mounted with root inode @ nid 36.
[   54.364869][  T900] syz.2.137[900] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.364941][  T900] syz.2.137[900] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.611897][  T907] loop0: detected capacity change from 0 to 512
[   54.639675][  T907] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   54.651082][  T907] EXT4-fs (loop0): 1 truncate cleaned up
[   54.656950][  T907] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   54.734683][  T290] EXT4-fs (loop0): unmounting filesystem.
[   55.093686][  T920] loop1: detected capacity change from 0 to 256
[   55.225616][  T902] loop2: detected capacity change from 0 to 131072
[   55.251103][  T902] F2FS-fs (loop2): Wrong CP boundary, start(512) end(1536) blocks(0)
[   55.274358][  T902] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   55.303842][  T924] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=924 comm=syz.1.142
[   55.483376][  T902] F2FS-fs (loop2): Found nat_bits in checkpoint
[   55.569830][  T902] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   55.583582][  T902] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   55.649849][  T902] fuse: Bad value for 'user_id'
[   55.702883][  T922] loop4: detected capacity change from 0 to 40427
[   55.731164][  T922] F2FS-fs (loop4): fault_injection options not supported
[   55.736266][  T902] netlink: 44 bytes leftover after parsing attributes in process `syz.2.138'.
[   55.738185][  T922] F2FS-fs (loop4): fault_type options not supported
[   55.754003][  T922] F2FS-fs (loop4): Image doesn't support compression
[   55.761004][  T922] F2FS-fs (loop4): Image doesn't support compression
[   55.769963][  T922] F2FS-fs (loop4): invalid crc value
[   55.770864][  T902] capability: warning: `syz.2.138' uses deprecated v2 capabilities in a way that may be insecure
[   55.776129][  T922] F2FS-fs (loop4): Found nat_bits in checkpoint
[   55.826672][  T922] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   56.229327][  T916] loop0: detected capacity change from 0 to 131072
[   56.246053][  T916] F2FS-fs (loop0): invalid crc value
[   56.252949][  T916] F2FS-fs (loop0): Found nat_bits in checkpoint
[   56.294118][  T916] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   56.383688][  T940] loop4: detected capacity change from 0 to 40427
[   56.390774][  T940] F2FS-fs (loop4): fault_type options not supported
[   56.399210][  T940] F2FS-fs (loop4): invalid crc value
[   56.407943][  T940] F2FS-fs (loop4): Found nat_bits in checkpoint
[   56.449901][  T940] F2FS-fs (loop4): Start checkpoint disabled!
[   56.493163][  T940] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[   56.563346][  T954] loop3: detected capacity change from 0 to 1024
[   56.576338][  T949] netem: unknown loss type 5
[   56.583333][  T949] netem: change failed
[   56.808219][   T19] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   56.919036][   T28] kauditd_printk_skb: 95 callbacks suppressed
[   56.919119][   T28] audit: type=1400 audit(1734297753.514:687): avc:  denied  { name_bind } for  pid=955 comm="syz.0.149" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   57.032113][   T28] audit: type=1400 audit(1734297753.514:688): avc:  denied  { node_bind } for  pid=955 comm="syz.0.149" saddr=172.20.20.170 src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   57.064271][  T960] syz.2.148[960] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   57.064342][  T960] syz.2.148[960] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   57.082276][   T28] audit: type=1400 audit(1734297753.680:689): avc:  denied  { read write } for  pid=292 comm="syz-executor" name="loop2" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   57.117358][   T28] audit: type=1400 audit(1734297753.680:690): avc:  denied  { open } for  pid=292 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   57.141218][   T28] audit: type=1400 audit(1734297753.680:691): avc:  denied  { ioctl } for  pid=292 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=116 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   57.166482][   T28] audit: type=1400 audit(1734297753.689:692): avc:  denied  { create } for  pid=961 comm="syz.2.150" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   57.186251][   T28] audit: type=1400 audit(1734297753.689:693): avc:  denied  { read } for  pid=961 comm="syz.2.150" dev="nsfs" ino=4026532382 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   57.206891][   T19] usb 5-1: Using ep0 maxpacket: 8
[   57.211793][   T28] audit: type=1400 audit(1734297753.689:694): avc:  denied  { open } for  pid=961 comm="syz.2.150" path="net:[4026532382]" dev="nsfs" ino=4026532382 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   57.234603][   T28] audit: type=1400 audit(1734297753.689:695): avc:  denied  { create } for  pid=961 comm="syz.2.150" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   57.254252][   T28] audit: type=1400 audit(1734297753.735:696): avc:  denied  { append } for  pid=85 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   57.258404][  T967] loop2: detected capacity change from 0 to 40427
[   57.277928][   T19] usb 5-1: config 0 has no interfaces?
[   57.288551][   T19] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[   57.295647][  T967] F2FS-fs (loop2): invalid crc value
[   57.297617][   T19] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   57.304313][  T967] F2FS-fs (loop2): Found nat_bits in checkpoint
[   57.311628][   T19] usb 5-1: config 0 descriptor??
[   57.340865][  T967] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[   57.562765][  T979] loop3: detected capacity change from 0 to 512
[   60.496982][   T19] usb 5-1: USB disconnect, device number 6
[   60.526616][  T988] loop0: detected capacity change from 0 to 2048
[   60.550633][  T979] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.153: casefold flag without casefold feature
[   60.563162][  T979] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.153: couldn't read orphan inode 15 (err -117)
[   60.574856][  T979] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   60.575636][  T337] bio_check_eod: 1510 callbacks suppressed
[   60.575648][  T337] kworker/u4:4: attempt to access beyond end of device
[   60.575648][  T337] loop4: rw=1, sector=77824, nr_sectors = 4096 limit=40427
[   60.610218][  T988] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   60.678116][  T337] kworker/u4:4: attempt to access beyond end of device
[   60.678116][  T337] loop4: rw=1, sector=49152, nr_sectors = 4096 limit=40427
[   61.393104][  T293] EXT4-fs (loop3): unmounting filesystem.
[   61.632146][  T290] EXT4-fs (loop0): unmounting filesystem.
[   61.642032][  T337] kworker/u4:4: attempt to access beyond end of device
[   61.642032][  T337] loop4: rw=1, sector=57344, nr_sectors = 7336 limit=40427
[   61.672475][  T337] kworker/u4:4: attempt to access beyond end of device
[   61.672475][  T337] loop4: rw=1, sector=64680, nr_sectors = 2120 limit=40427
[   61.686384][ T1003] loop2: detected capacity change from 0 to 2048
[   61.691644][  T337] kworker/u4:4: attempt to access beyond end of device
[   61.691644][  T337] loop4: rw=1, sector=66800, nr_sectors = 2048 limit=40427
[   61.709490][  T337] kworker/u4:4: attempt to access beyond end of device
[   61.709490][  T337] loop4: rw=1, sector=68848, nr_sectors = 784 limit=40427
[   61.725808][  T337] kworker/u4:4: attempt to access beyond end of device
[   61.725808][  T337] loop4: rw=1, sector=69632, nr_sectors = 8 limit=40427
[   61.739392][  T337] kworker/u4:4: attempt to access beyond end of device
[   61.739392][  T337] loop4: rw=1, sector=69640, nr_sectors = 8 limit=40427
[   61.753034][  T337] kworker/u4:4: attempt to access beyond end of device
[   61.753034][  T337] loop4: rw=1, sector=69648, nr_sectors = 8 limit=40427
[   61.766890][  T337] kworker/u4:4: attempt to access beyond end of device
[   61.766890][  T337] loop4: rw=1, sector=69656, nr_sectors = 8 limit=40427
[   61.781094][ T1003] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   62.420347][ T1016] input: syz0 as /devices/virtual/input/input8
[   62.430490][   T28] kauditd_printk_skb: 36 callbacks suppressed
[   62.438747][   T28] audit: type=1400 audit(1734297758.588:733): avc:  denied  { read write } for  pid=1005 comm="syz.3.158" name="uinput" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   62.667259][ T1011] syz.0.159 (1011) used greatest stack depth: 19352 bytes left
[   62.846739][  T292] EXT4-fs (loop2): unmounting filesystem.
[   62.873381][ T1025] loop0: detected capacity change from 0 to 2048
[   62.906338][ T1025] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   62.956236][ T1029] loop2: detected capacity change from 0 to 512
[   62.997141][ T1029] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   63.006022][ T1029] ext4 filesystem being mounted at /34/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   63.006148][   T28] audit: type=1400 audit(1734297758.588:734): avc:  denied  { open } for  pid=1005 comm="syz.3.158" path="/dev/uinput" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   63.294543][   T28] audit: type=1400 audit(1734297758.598:735): avc:  denied  { ioctl } for  pid=1005 comm="syz.3.158" path="/dev/uinput" dev="devtmpfs" ino=258 ioctlcmd=0x5501 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   63.319614][ T1029] SELinux:  Context @ is not valid (left unmapped).
[   63.408375][   T28] audit: type=1400 audit(1734297758.607:736): avc:  denied  { create } for  pid=1005 comm="syz.3.158" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   63.440469][   T28] audit: type=1400 audit(1734297758.607:737): avc:  denied  { map } for  pid=1005 comm="syz.3.158" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=18503 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   63.491757][   T28] audit: type=1400 audit(1734297758.607:738): avc:  denied  { read write } for  pid=1005 comm="syz.3.158" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=18503 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   63.668495][ T1042] IPv6: sit1: Disabled Multicast RS
[   63.763643][   T28] audit: type=1400 audit(1734297758.607:739): avc:  denied  { read } for  pid=88 comm="acpid" name="event3" dev="devtmpfs" ino=621 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   63.801591][   T28] audit: type=1400 audit(1734297758.607:740): avc:  denied  { open } for  pid=88 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=621 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   63.825107][   T28] audit: type=1400 audit(1734297758.607:741): avc:  denied  { ioctl } for  pid=88 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=621 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   63.849573][   T28] audit: type=1400 audit(1734297758.616:742): avc:  denied  { read write } for  pid=985 comm="syz.1.155" name="fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   63.872872][  T290] EXT4-fs (loop0): unmounting filesystem.
[   63.983513][  T292] EXT4-fs (loop2): unmounting filesystem.
[   64.311840][ T1057] loop4: detected capacity change from 0 to 512
[   64.582199][ T1058] loop0: detected capacity change from 0 to 512
[   64.738072][ T1060] loop3: detected capacity change from 0 to 512
[   64.859532][ T1058] EXT4-fs error (device loop0): ext4_expand_extra_isize_ea:2759: inode #11: comm syz.0.165: corrupted xattr block 95
[   65.037313][ T1060] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2759: inode #11: comm syz.3.166: corrupted xattr block 95
[   65.197455][ T1057] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.168: casefold flag without casefold feature
[   65.197469][ T1058] EXT4-fs error (device loop0): ext4_validate_block_bitmap:429: comm syz.0.165: bg 0: block 7: invalid block bitmap
[   65.197568][ T1060] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm syz.3.166: bg 0: block 7: invalid block bitmap
[   65.210403][ T1057] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.168: couldn't read orphan inode 15 (err -117)
[   65.221896][ T1058] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6170: Corrupt filesystem
[   65.234089][ T1057] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   65.283342][ T1060] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6170: Corrupt filesystem
[   65.369976][ T1058] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2925: inode #11: comm syz.0.165: corrupted xattr block 95
[   65.456792][ T1060] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2925: inode #11: comm syz.3.166: corrupted xattr block 95
[   65.506936][  T294] EXT4-fs (loop4): unmounting filesystem.
[   65.525129][ T1058] EXT4-fs warning (device loop0): ext4_evict_inode:299: xattr delete (err -117)
[   65.543530][ T1060] EXT4-fs warning (device loop3): ext4_evict_inode:299: xattr delete (err -117)
[   65.577949][ T1060] EXT4-fs (loop3): 1 orphan inode deleted
[   65.609101][ T1060] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   65.633168][ T1067] loop4: detected capacity change from 0 to 2048
[   65.641129][ T1058] EXT4-fs (loop0): 1 orphan inode deleted
[   65.648763][ T1058] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   65.673194][ T1067] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   65.673805][ T1060] EXT4-fs (loop3): unmounting filesystem.
[   65.912495][ T1058] EXT4-fs (loop0): unmounting filesystem.
[   67.101816][  T294] EXT4-fs (loop4): unmounting filesystem.
[   67.567115][ T1090] input: syz0 as /devices/virtual/input/input9
[   67.858636][   T28] kauditd_printk_skb: 65 callbacks suppressed
[   67.858663][   T28] audit: type=1400 audit(1734297763.617:808): avc:  denied  { compute_member } for  pid=1092 comm="syz.1.175" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   67.918440][ T1095] loop1: detected capacity change from 0 to 2048
[   67.941970][ T1095] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   68.849372][ T1114] loop0: detected capacity change from 0 to 512
[   68.909617][  T291] EXT4-fs (loop1): unmounting filesystem.
[   69.068122][ T1114] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.180: casefold flag without casefold feature
[   69.081421][ T1114] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.180: couldn't read orphan inode 15 (err -117)
[   69.093982][ T1114] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   69.164301][   T28] audit: type=1107 audit(1734297764.817:809): pid=1111 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='upp'
[   69.736485][ T1110] loop2: detected capacity change from 0 to 40427
[   69.771246][ T1110] F2FS-fs (loop2): invalid crc value
[   69.803749][ T1110] F2FS-fs (loop2): Found nat_bits in checkpoint
[   69.863389][  T290] EXT4-fs (loop0): unmounting filesystem.
[   69.954654][ T1110] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[   70.154280][   T28] audit: type=1400 audit(1734297765.739:810): avc:  denied  { create } for  pid=1128 comm="syz.3.184" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   70.223379][   T28] audit: type=1400 audit(1734297765.739:811): avc:  denied  { getopt } for  pid=1128 comm="syz.3.184" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   70.236435][ T1122] loop1: detected capacity change from 0 to 40427
[   70.264666][ T1124] loop0: detected capacity change from 0 to 40427
[   70.275424][ T1137] loop3: detected capacity change from 0 to 1024
[   70.290898][ T1122] F2FS-fs (loop1): fault_type options not supported
[   70.306261][ T1124] F2FS-fs (loop0): fault_type options not supported
[   70.313320][ T1137] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   70.316280][ T1122] F2FS-fs (loop1): invalid crc value
[   70.351324][ T1124] F2FS-fs (loop0): invalid crc value
[   70.354430][ T1122] F2FS-fs (loop1): Found nat_bits in checkpoint
[   70.358400][ T1124] F2FS-fs (loop0): Found nat_bits in checkpoint
[   70.478314][  T292] bio_check_eod: 1507 callbacks suppressed
[   70.478349][  T292] syz-executor: attempt to access beyond end of device
[   70.478349][  T292] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   70.523586][ T1122] F2FS-fs (loop1): Start checkpoint disabled!
[   70.543741][ T1124] F2FS-fs (loop0): Start checkpoint disabled!
[   70.550772][ T1122] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[   70.558199][ T1124] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[   70.589244][ T1146] syz.1.181: attempt to access beyond end of device
[   70.589244][ T1146] loop1: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[   70.590818][   T28] audit: type=1400 audit(1734297766.136:812): avc:  denied  { read write } for  pid=1121 comm="syz.1.181" name="raw-gadget" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   70.680251][   T28] audit: type=1400 audit(1734297766.173:813): avc:  denied  { open } for  pid=1121 comm="syz.1.181" path="/dev/raw-gadget" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   70.704661][   T28] audit: type=1400 audit(1734297766.173:814): avc:  denied  { ioctl } for  pid=1121 comm="syz.1.181" path="/dev/raw-gadget" dev="devtmpfs" ino=254 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   70.732103][ T1150] syz.0.182: attempt to access beyond end of device
[   70.732103][ T1150] loop0: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[   70.919012][   T19] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   71.114002][   T19] usb 2-1: Using ep0 maxpacket: 8
[   71.140294][  T342] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   71.157751][   T19] usb 2-1: config 0 has no interfaces?
[   71.163812][  T293] EXT4-fs (loop3): unmounting filesystem.
[   71.169451][   T19] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[   71.178478][   T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   71.190649][   T19] usb 2-1: config 0 descriptor??
[   71.565731][   T28] audit: type=1400 audit(1734297767.031:815): avc:  denied  { create } for  pid=1121 comm="syz.1.181" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   71.755942][  T342] usb 1-1: Using ep0 maxpacket: 8
[   71.762512][  T342] usb 1-1: config 0 has no interfaces?
[   71.769488][  T342] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[   71.778668][  T342] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   71.795829][  T342] usb 1-1: config 0 descriptor??
[   71.922135][   T28] audit: type=1400 audit(1734297767.354:816): avc:  denied  { create } for  pid=1121 comm="syz.1.181" name=E91F7189591E9233614B scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1
[   72.068576][ T1166] loop2: detected capacity change from 0 to 512
[   72.398131][ T1166] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2759: inode #11: comm syz.2.190: corrupted xattr block 95
[   72.448605][ T1166] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz.2.190: bg 0: block 7: invalid block bitmap
[   72.449221][   T28] audit: type=1400 audit(1734297767.852:817): avc:  denied  { create } for  pid=1171 comm="syz.4.191" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   72.461128][ T1166] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem
[   72.491457][ T1166] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2925: inode #11: comm syz.2.190: corrupted xattr block 95
[   72.538004][ T1166] EXT4-fs warning (device loop2): ext4_evict_inode:299: xattr delete (err -117)
[   72.568010][ T1166] EXT4-fs (loop2): 1 orphan inode deleted
[   72.584664][ T1166] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   72.597754][ T1166] EXT4-fs (loop2): unmounting filesystem.
[   72.772198][   T65] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[   72.967308][   T65] usb 5-1: Using ep0 maxpacket: 8
[   72.975955][   T65] usb 5-1: New USB device found, idVendor=1a0a, idProduct=0103, bcdDevice=ad.1d
[   72.985210][   T65] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   72.993248][   T65] usb 5-1: Product: syz
[   72.997475][   T65] usb 5-1: Manufacturer: syz
[   73.002127][   T65] usb 5-1: SerialNumber: syz
[   73.010479][   T65] usb 5-1: config 0 descriptor??
[   73.017667][   T65] usb_ehset_test: probe of 5-1:0.0 failed with error -32
[   73.152620][  T984] usb 2-1: USB disconnect, device number 5
[   73.170733][  T810] kworker/u4:5: attempt to access beyond end of device
[   73.170733][  T810] loop1: rw=1, sector=77824, nr_sectors = 2048 limit=40427
[   73.187967][  T810] kworker/u4:5: attempt to access beyond end of device
[   73.187967][  T810] loop1: rw=1, sector=79872, nr_sectors = 2048 limit=40427
[   73.204875][  T810] kworker/u4:5: attempt to access beyond end of device
[   73.204875][  T810] loop1: rw=1, sector=49152, nr_sectors = 2056 limit=40427
[   73.205690][  T680] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[   73.224283][  T810] kworker/u4:5: attempt to access beyond end of device
[   73.224283][  T810] loop1: rw=1, sector=51208, nr_sectors = 2040 limit=40427
[   73.241191][  T342] usb 5-1: USB disconnect, device number 7
[   73.251722][  T810] kworker/u4:5: attempt to access beyond end of device
[   73.251722][  T810] loop1: rw=1, sector=57344, nr_sectors = 4112 limit=40427
[   73.272269][  T810] kworker/u4:5: attempt to access beyond end of device
[   73.272269][  T810] loop1: rw=1, sector=61456, nr_sectors = 4080 limit=40427
[   73.293126][  T810] kworker/u4:5: attempt to access beyond end of device
[   73.293126][  T810] loop1: rw=1, sector=65536, nr_sectors = 4096 limit=40427
[   73.400837][   T65] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[   73.444122][  T680] usb 4-1: Using ep0 maxpacket: 8
[   73.451334][   T28] audit: type=1400 audit(1734297768.775:818): avc:  denied  { name_bind } for  pid=1179 comm="syz.3.195" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[   73.461687][ T1180] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   73.480452][ T1180] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   73.494688][  T680] usb 4-1: unable to get BOS descriptor or descriptor too short
[   73.502768][  T680] usb 4-1: unable to read config index 0 descriptor/start: -71
[   73.510171][  T680] usb 4-1: can't read configurations, error -71
[   73.553096][  T313] usb 1-1: USB disconnect, device number 5
[   73.597338][   T65] usb 3-1: config index 0 descriptor too short (expected 156, got 27)
[   73.607854][   T65] usb 3-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[   73.624806][   T65] usb 3-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[   73.636081][   T65] usb 3-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[   73.647063][   T65] usb 3-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[   73.660489][   T65] usb 3-1: config 0 interface 0 has no altsetting 0
[   73.971385][   T65] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[   73.980345][   T65] usb 3-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[   73.996334][   T28] audit: type=1400 audit(1734297769.273:819): avc:  denied  { read } for  pid=85 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   73.999596][   T65] usb 3-1: Product: syz
[   74.027421][   T65] usb 3-1: Manufacturer: syz
[   74.032065][   T65] usb 3-1: SerialNumber: syz
[   74.037870][   T65] usb 3-1: config 0 descriptor??
[   74.042691][   T28] audit: type=1400 audit(1734297769.273:820): avc:  denied  { search } for  pid=85 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   74.064667][   T28] audit: type=1400 audit(1734297769.273:821): avc:  denied  { append } for  pid=85 comm="syslogd" name="messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   74.073353][ T1183] raw-gadget.4 gadget.2: fail, usb_ep_enable returned -22
[   74.093711][   T28] audit: type=1400 audit(1734297769.273:822): avc:  denied  { open } for  pid=85 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   74.116304][   T28] audit: type=1400 audit(1734297769.273:823): avc:  denied  { getattr } for  pid=85 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   74.147103][   T28] audit: type=1400 audit(1734297769.283:824): avc:  denied  { read write } for  pid=294 comm="syz-executor" name="loop4" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   74.171233][   T28] audit: type=1400 audit(1734297769.283:825): avc:  denied  { open } for  pid=294 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   74.210386][   T28] audit: type=1400 audit(1734297769.283:826): avc:  denied  { ioctl } for  pid=294 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=118 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   74.235764][   T28] audit: type=1400 audit(1734297769.310:827): avc:  denied  { bpf } for  pid=1194 comm="syz.4.201" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   74.454538][ T1203] loop0: detected capacity change from 0 to 1024
[   74.627197][ T1203] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   75.254753][  T290] EXT4-fs (loop0): unmounting filesystem.
[   75.342278][ T1224] loop0: detected capacity change from 0 to 256
[   75.856762][ T1238] loop0: detected capacity change from 0 to 512
[   75.890881][ T1238] EXT4-fs error (device loop0): ext4_expand_extra_isize_ea:2759: inode #11: comm syz.0.207: corrupted xattr block 95
[   75.903898][ T1238] EXT4-fs error (device loop0): ext4_validate_block_bitmap:429: comm syz.0.207: bg 0: block 7: invalid block bitmap
[   75.926115][ T1238] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6170: Corrupt filesystem
[   75.958616][ T1238] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2925: inode #11: comm syz.0.207: corrupted xattr block 95
[   75.970604][ T1238] EXT4-fs warning (device loop0): ext4_evict_inode:299: xattr delete (err -117)
[   75.979511][ T1238] EXT4-fs (loop0): 1 orphan inode deleted
[   75.986782][ T1238] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   75.997379][ T1238] EXT4-fs (loop0): unmounting filesystem.
[   76.257255][  T639] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[   76.403219][   T19] usb 3-1: USB disconnect, device number 3
[   76.532911][  T639] usb 5-1: Using ep0 maxpacket: 8
[   76.540485][  T639] usb 5-1: New USB device found, idVendor=1a0a, idProduct=0103, bcdDevice=ad.1d
[   77.305908][  T639] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   77.319497][  T639] usb 5-1: Product: syz
[   77.323735][  T639] usb 5-1: Manufacturer: syz
[   77.328362][  T639] usb 5-1: SerialNumber: syz
[   77.334113][  T639] usb 5-1: config 0 descriptor??
[   77.341805][  T639] usb_ehset_test: probe of 5-1:0.0 failed with error -32
[   77.369902][ T1265] loop1: detected capacity change from 0 to 1024
[   77.411393][ T1265] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   77.561020][  T680] usb 5-1: USB disconnect, device number 8
[   79.151552][  T291] EXT4-fs (loop1): unmounting filesystem.
[   79.153291][   T28] kauditd_printk_skb: 92 callbacks suppressed
[   79.153305][   T28] audit: type=1400 audit(1734297773.398:920): avc:  denied  { read } for  pid=1275 comm="syz.2.220" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   79.185788][   T28] audit: type=1400 audit(1734297773.398:921): avc:  denied  { open } for  pid=1275 comm="syz.2.220" path="/dev/kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   79.209785][   T28] audit: type=1400 audit(1734297773.592:922): avc:  denied  { ioctl } for  pid=1275 comm="syz.2.220" path="/dev/kvm" dev="devtmpfs" ino=83 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   79.236517][   T28] audit: type=1400 audit(1734297774.025:923): avc:  denied  { read } for  pid=1275 comm="syz.2.220" dev="nsfs" ino=4026532382 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   79.236661][ T1289] netlink: 'syz.1.222': attribute type 1 has an invalid length.
[   79.263520][   T28] audit: type=1400 audit(1734297774.025:924): avc:  denied  { open } for  pid=1275 comm="syz.2.220" path="net:[4026532382]" dev="nsfs" ino=4026532382 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   79.288744][   T28] audit: type=1400 audit(1734297774.034:925): avc:  denied  { unmount } for  pid=291 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   79.308393][   T28] audit: type=1400 audit(1734297774.062:926): avc:  denied  { compute_member } for  pid=1286 comm="syz.0.223" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   79.350167][   T28] audit: type=1400 audit(1734297774.219:927): avc:  denied  { read write } for  pid=293 comm="syz-executor" name="loop3" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   79.402045][   T28] audit: type=1400 audit(1734297774.219:928): avc:  denied  { open } for  pid=293 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   79.470490][ T1303] loop3: detected capacity change from 0 to 1024
[   79.476997][ T1303] EXT4-fs: Ignoring removed nobh option
[   79.511177][ T1303] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   79.522404][ T1303] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   79.551553][ T1303] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #11: comm syz.3.229: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[   79.817647][ T1303] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.229: couldn't read orphan inode 11 (err -117)
[   79.844949][   T28] audit: type=1400 audit(1734297774.219:929): avc:  denied  { ioctl } for  pid=293 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=117 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   79.872902][ T1303] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   80.028912][ T1315] loop0: detected capacity change from 0 to 2048
[   80.045606][ T1315] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   80.976859][ T1318] netlink: 16 bytes leftover after parsing attributes in process `syz.3.229'.
[   80.985546][ T1318] netlink: 44 bytes leftover after parsing attributes in process `syz.3.229'.
[   81.654017][  T290] EXT4-fs (loop0): unmounting filesystem.
[   81.694238][ T1330] loop1: detected capacity change from 0 to 2048
[   81.703639][  T293] EXT4-fs (loop3): unmounting filesystem.
[   81.718314][ T1330] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   82.481183][ T1337] loop4: detected capacity change from 0 to 512
[   82.997154][  T291] EXT4-fs (loop1): unmounting filesystem.
[   83.117615][ T1337] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.232: casefold flag without casefold feature
[   83.130731][ T1337] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.232: couldn't read orphan inode 15 (err -117)
[   83.143374][ T1337] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   83.269266][ T1350] loop0: detected capacity change from 0 to 1024
[   83.366086][ T1350] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   83.396616][ T1354] netlink: 28 bytes leftover after parsing attributes in process `syz.2.239'.
[   83.409827][ T1354] netlink: 28 bytes leftover after parsing attributes in process `syz.2.239'.
[   83.424196][ T1346] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   83.444630][ T1346] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   83.579070][  T294] EXT4-fs (loop4): unmounting filesystem.
[   84.090034][  T984] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[   84.226281][  T290] EXT4-fs (loop0): unmounting filesystem.
[   84.237259][ T1351] ------------[ cut here ]------------
[   84.242729][ T1351] kernel BUG at fs/buffer.c:2714!
[   84.256112][ T1351] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[   84.262007][ T1351] CPU: 0 PID: 1351 Comm: kmmpd-loop0 Not tainted 6.1.115-syzkaller-00017-g22b7ded8b55b #0
[   84.271723][ T1351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   84.281622][ T1351] RIP: 0010:submit_bh_wbc+0x4cd/0x4f0
[   84.286829][ T1351] Code: c3 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c bd fe ff ff 48 89 df e8 e4 ce e6 ff e9 b0 fe ff ff e8 da 5c 9f ff 0f 0b e8 d3 5c 9f ff <0f> 0b e8 cc 5c 9f ff 0f 0b e8 c5 5c 9f ff 0f 0b e8 be 5c 9f ff 0f
[   84.306267][ T1351] RSP: 0018:ffffc90010547c20 EFLAGS: 00010293
[   84.312173][ T1351] RAX: ffffffff81d629dd RBX: 0000000000000000 RCX: ffff88811863e540
[   84.319990][ T1351] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   84.327876][ T1351] RBP: ffffc90010547c70 R08: ffffffff81d625b0 R09: ffffed10217d1c2b
[   84.335689][ T1351] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000
[   84.343672][ T1351] R13: 1ffff110217d1c2a R14: ffff88810be8e150 R15: 0000000000003801
[   84.351487][ T1351] FS:  0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[   84.360254][ T1351] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   84.366674][ T1351] CR2: 0000000000000000 CR3: 0000000130eda000 CR4: 00000000003526b0
[   84.374495][ T1351] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   84.382300][ T1351] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   84.390109][ T1351] Call Trace:
[   84.393233][ T1351]  <TASK>
[   84.396107][ T1351]  ? __die_body+0x62/0xb0
[   84.400264][ T1351]  ? die+0x88/0xb0
[   84.403821][ T1351]  ? do_trap+0x103/0x330
[   84.407905][ T1351]  ? submit_bh_wbc+0x4cd/0x4f0
[   84.412500][ T1351]  ? handle_invalid_op+0x95/0xc0
[   84.417273][ T1351]  ? submit_bh_wbc+0x4cd/0x4f0
[   84.421879][ T1351]  ? exc_invalid_op+0x32/0x50
[   84.426388][ T1351]  ? asm_exc_invalid_op+0x1b/0x20
[   84.431246][ T1351]  ? submit_bh_wbc+0xa0/0x4f0
[   84.435757][ T1351]  ? submit_bh_wbc+0x4cd/0x4f0
[   84.440374][ T1351]  ? submit_bh_wbc+0x4cd/0x4f0
[   84.444960][ T1351]  ? __kasan_check_read+0x11/0x20
[   84.449823][ T1351]  submit_bh+0x1d/0x30
[   84.453722][ T1351]  write_mmp_block_thawed+0x3a0/0x570
[   84.458936][ T1351]  ? read_mmp_block+0x7d0/0x7d0
[   84.463619][ T1351]  ? update_process_times+0x1b0/0x1b0
[   84.468831][ T1351]  write_mmp_block+0x12b/0x2a0
[   84.473429][ T1351]  kmmpd+0x263/0xa10
[   84.477163][ T1351]  ? write_mmp_block_thawed+0x570/0x570
[   84.482545][ T1351]  ? __kthread_parkme+0x12d/0x180
[   84.487403][ T1351]  kthread+0x26d/0x300
[   84.491307][ T1351]  ? write_mmp_block_thawed+0x570/0x570
[   84.496689][ T1351]  ? kthread_blkcg+0xd0/0xd0
[   84.501115][ T1351]  ret_from_fork+0x1f/0x30
[   84.505374][ T1351]  </TASK>
[   84.508238][ T1351] Modules linked in:
SYZFAIL: failed to send rpc
fd=3 want=776 sent=0 n=-1 (errno 32: Broken pipe)
[   84.534529][ T1351] ---[ end trace 0000000000000000 ]---
[   84.539938][ T1351] RIP: 0010:submit_bh_wbc+0x4cd/0x4f0
[   84.545165][ T1351] Code: c3 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c bd fe ff ff 48 89 df e8 e4 ce e6 ff e9 b0 fe ff ff e8 da 5c 9f ff 0f 0b e8 d3 5c 9f ff <0f> 0b e8 cc 5c 9f ff 0f 0b e8 c5 5c 9f ff 0f 0b e8 be 5c 9f ff 0f
[   84.564656][ T1351] RSP: 0018:ffffc90010547c20 EFLAGS: 00010293
[   84.570851][ T1351] RAX: ffffffff81d629dd RBX: 0000000000000000 RCX: ffff88811863e540
[   84.592028][ T1351] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   84.607395][ T1351] RBP: ffffc90010547c70 R08: ffffffff81d625b0 R09: ffffed10217d1c2b
[   84.635088][ T1351] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000
[   84.642958][ T1351] R13: 1ffff110217d1c2a R14: ffff88810be8e150 R15: 0000000000003801
[   84.650950][ T1351] FS:  0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[   84.664835][ T1351] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   84.671253][ T1351] CR2: 00007ffc31f760e8 CR3: 000000000700f000 CR4: 00000000003506b0
[   84.679112][ T1351] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   84.686906][ T1351] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   84.694745][ T1351] Kernel panic - not syncing: Fatal exception
[   84.700789][ T1351] Kernel Offset: disabled
[   84.704912][ T1351] Rebooting in 86400 seconds..