last executing test programs:

13.918598313s ago: executing program 2 (id=345):
socket(0x80000000000000a, 0x2, 0x0)
getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x22)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00'})
bind$inet(r3, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10)
sendmsg$inet(r3, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)
recvmsg(r3, &(0x7f0000000580)={0x0, 0x7, &(0x7f0000000500)=[{&(0x7f0000000740)=""/4096, 0xa15b0}], 0x1}, 0x700)

11.835875442s ago: executing program 2 (id=351):
getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x22)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'lo\x00'})
bind$inet(r3, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10)
sendmsg$inet(r3, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)
recvmsg(r3, &(0x7f0000000580)={0x0, 0x7, &(0x7f0000000500)=[{&(0x7f0000000740)=""/4096, 0xa15b0}], 0x1}, 0x700)

10.382961908s ago: executing program 2 (id=362):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000012000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_clone3(&(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffeb3}, 0x58)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r4, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x2)
accept4$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000380)=0x1c, 0x80800)
dup(r5)
r6 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x80001, 0x0)
fcntl$setstatus(r6, 0x4, 0x2800)
io_setup(0x7, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000000240)={0x10, 0x0, &(0x7f0000000340)=[@acquire={0x40046305, 0x3}, @acquire={0x40046305, 0x2}], 0x0, 0x0, 0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="2000000010000000000000000000000000000000a3ffb01a12ff5b3c778e46ea8da1721c45c724444d47960d9831114bbd0017", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x7, 0x6, &(0x7f0000000080)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x9e, 0x6a, 0xa, 0xff00}, [@call={0x79, 0x0, 0x7c}, @exit, @jmp]}, &(0x7f0000000140)='GPL\x00', 0x2, 0x95, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

8.250191856s ago: executing program 2 (id=366):
r0 = syz_usb_connect$cdc_ecm(0x0, 0x56, &(0x7f00000000c0)=ANY=[@ANYBLOB="120040251bc5aa24f14300090400001202060000052406000005240000000d240f0100000000000000000009058103ff0300000009058202000400000009050302500000000100"/81], 0x0)
socket$packet(0x11, 0x2, 0x300)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa60e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b0a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000f841b35af2e300"/3601], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000001b40), 0x1, 0x0)
writev(r2, &(0x7f0000004340)=[{&(0x7f0000002080)="4f7f61bfe7ec271202403a540b524a03bda1e44111dd69d3924090d27ac2f6b2c654d94690a10a33d0", 0x29}], 0x1)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001400)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$inet(r4, &(0x7f0000002d00)=[{{0x0, 0x0, &(0x7f0000001300)=[{&(0x7f0000000100)="95", 0x7ffff000}, {&(0x7f0000000180)="10322e8d572377b7fbaa8dc8f35ec8c1ecd3ca56262712cbfe04df13dc88e21b06b99555568d2762d2482bb7886f9834d61d30fff3f238eb2b967634ec9914d7cbed0bd7c409e3a93edc9dcd0068c44b80e97653ca49b28d98992ecc9cee86b434bb2a1051a5205bae307d3edaad4e5cfbe37c31e228f740d8a1fad419e169229e8f9ed748b7415d8b23f32c9499542db82cc59c786433aae69d2a63ccd4d2f4e1cf0573a7de8b9aef75e7b576c936a05524c93e6e4363c6a07d605688568fca4f6de4c8b4c946c3fa54addb139322a13399dab6abbae06e1d4c0a0bdc02be99a7744277e6af4e8aa9cbf9eb13a4f951fc1abebd07f53a727742529ccac4bb5f9e7ef43bc7be743d2015655766c7769aabfb2dddb3d7aa3266524b48e78744b795eb8636c4ec5dfdf3e8a5034ffc95f982bc52baa4b88de5e99638a68baeabed92a11c961392c18eb96ce2618ff7432ecea196d1fc83d8e0a6fe6d26b85cc70411b324e371d2e446e84acf8993e29b999fd6ef21d17d1265104939a5561774caa5fd7677d515f8671cd86bccce2323d67b288a2c5045ffec83cb225ad05bb5d83264592c2702f4318ee194e8282dd1b46dae0685c55cc27f08ac43fcbadadc19dbe7e946ca064df715824163087d458aa7efcdb16462b058534a85dac780833fd073b5a85ac3de22085253ff61e6b4c6ca60bd2730eb6ec16afd1905ae77d7e68d3ef51214616487d750ccd6b3832a9dbc8cfe8b72844be017c5a24370a8ec28c791b747a776e944e51a3bb2ac94d989e927601781359328605484a963318dbaf8648215b853d06e57e49b9f492ca52f9bea87fb0d621280ce666d78ea437a5361fd2eedf5733bd38b33c76085811db3d7dc094b0a839de24ac85eab1275fda153342b46aff9dfe4ae3b01c114ee4c4ae8d5fc6a690d0023fe930d5765e3faefc387ff4f3634ee3ec9219923c394a635c1a9b82476d98f8dcbbcad30d7aee1056f98bf572be5b871b085ea1da90937d7fd5818cc6ec147269810565b4471a0e41a45c61668a6bf3c7b477719741cad3c6b950f2e0d8e6ec4c032b620d334da9696d0d46406bc855d3652b28fcfe5182d0a567d63557827040538a6552d424e790ba054b355b9484634c4a1b5d7934a20c2a147620188e50691f02517b46b2d81fd2c9f47c6cfc03cf45a40984d5d838ad5b6218a0bf3c547b1a9816664058b44ad90264eb9819f329633bdd34061de254e8fdae2c59fa6a126d77baee8c938b39f5e12ce37678190cbf0cbada8a86e805ea5efd0fe3ddfc97ae7e28c6fc0dcdeeb046b10fc2b9bba90e0f59c4fa912c9905959fbd30e15943d364851808b99b7e9e58c29f65a2078d89a464013724781dc5fba91d53e4bc9bbe92a40351dd3dcd473d0ede1672864ff04dc247e68471b0ca572175b689343089da2487429f4e0a0c5c2373002c0fca5541bde4da4e948449c5699c1c93c8d0a7a4e6d6aabfef414f39c476aa36f3c86469bafd372cdf568d851b91506119c91ba9f68355ad21a93784aa226dfabed59e4ef87fe6931f8e1ba54d03234912a3a0d60ef0f254310c8cac836eb6f7a9d977e8034e98ea247d0ac1b98d30561b6f838762e7c2c8aa5b606d78259aee48bbb61892842c15221db00759404ca90e2e550992fdf356367e4e0baa823ceac36ad16862cb915ef78c872ff78720fac6a20fd58e0e0c9fc73c6bf474f6f0ee2a0c80497cdd29e3e7193f23097ad933d6a40364659b611149ab608a5698ab423fa05bcaa3f2f8167bbb1d1dd3afbe28b27f80c5b420878570ba30bf5a84b49a65c64a1c165dd1b5fb58959e93911bf908bb95384f28c2faa58e004f4817f7a3aec13f497f876a283fc4c2dbf0b09b1c9084cdda1e0207357e83a2feeb95fd5428ce408d31384e3973eb0a3a6583194a46b201004c2bbd8ffc8c8b51f5a8cb892c87dec9d2fd428524e67452e1eae12747fd53ed3ad773808aee7245f70511c4c967b99ed4dc1c64c4c47fe68d80a3eb5757ce0783e937042504e7a473c64c407843c25e9e78c62bf381d066bc59be9155de02f7dea3145599d08eec1b9fa1242429eded19841bfef4b03a1a20dee15af087844b37f970b51decfa6c168ff2f24095a0be3ee012591723fa5d8a3a7697e9ee1e74919ff0b5f53bf1de2da65969c1b07eda9abeb1a42e864fd07c8b761dee493adf341f076d2489b1683df9331386826ff949764d4b087b79a95c9bfca43f6d63e35cd154a7e586f1d1aa1723116c90c28012048678f638dac464921f3194a2a8651483d79c3370373dad75af1904abf3cee5267a52144651e4ee124c9459c42cc5a08dbd31c6642048c98c21e4efbc671eda620452d718738dd757663b8dd501b0223a893e1e0c491a08fb8b52c0f5a6b6776a7c569230ba24a7971f5ef41929d15f80cd0738802e63c57351686addb61646778d48c2a49238794bf5cc93a7a140c4dc5cb64a551da23fbbbd2a16b6a026df641ea2d2cde453ac5328f110959f43ac224648c7653fa4efc7253a02cb46714022fef8427c5bf9555e91201bd1860cd8974e88e08a7ac4c77d79902a7e92a7ac6df2fe8663bccae3173d19c789f6c594aa8786e668f5d04207ee3c548b2807d644e7d05302a4d571584fe590ed5686b0a99a072336f82559293c84f7debebec2e649c2f4d91ecaceb96eb7d4a9d442f7b8112fd014859a0ce5b5fb65991dac4d0aa5ecf6994010f954a8c269bd868520d19772d68a075f23d4ab8ef9de6242e87063fd191836bead1235c214d1f5f2d234fa68d32d92bfdd73103be6c2e2fccea215e1edacd3105eb69a9955cebae0edb9f8182744ea994d9b00bf244d46862cd141118aca3bab32d3a71481d4be2400067833a7ba625819f8a39144e2f42dbc725e49da97cbec0e9e588b0805b32524647888d8c16867990672b549f9beaf80f48643492a94ab93b8c86a27aec9caa11d1300eb80dfc34ad6097daf684825b5a703aebae0c6801ab89fc81a630fb9a7d70add1c54d0c28bdac211960fc7e135625db88d730774a0cf372ace32bde2cdda536e4ca6414cc401dcf53a44932dc944f3299b59bde2260999f558c97c6a7da1b29b73f86aea382c7605532c3da889b75a9dbba15e7bf143063031a24376c6c00c977d5045e4244c3b4a7e1890eb195c870ebf251280c21a077a000398838a7bd3dc560df5ac9c70ab8a45bcdd9552f20cdf209ad2c1e0a3c69e9425fd78b0b60f5f1dc3e44496be36681a288b359e8c6d0a7451df19ff294797aa7eb443be797986ca090b916f5ff6b358ce1bf99cb1ad4b3d6b09d1b38ec3066ceb4a737bddaad09866ccd46750e2ef20c7c5992ebfbfe5dedfd48c1663d71a034ebbf457fbffcb03ea95b6473fe2928350d45fec96df4d59684e36212cfaede32c0ca08883fb3e430847dee21a5f61a950da5a40c0d8d9d1f9712454011b947f210a27c850cbe9929139ffea1435ee8070d142bf558205ae18dddc42781206f2a9b2ee4213be8dc4a3c6a7a53dc80e1ee061065d008301708c2b049d92f41fe4525b98932a7c672334bf1f6688057d031dbfd59e2068da65962eff0135330547dc420e66fa64d36927f9f6a68c32c06cf668e5e924b3286754828166dc804b4a101b6d7a88f530280701ac8d1f653e6a8d6b82f5d45b67339d195a5809f95c7213bf09b384c9d48027f4476cc43de753a3717744bcff25aad401ffa81e7564b3defbd5af96f367903127fe74ba051c0d077c6866a635ca62dfd694449fbafaa8468608b4652fa81eb1dfd73c93e234d791cb9d951ec73458d7b3db87ba848700632b8b7753c1b45ab1cccbfa5d7ebb0cb756cfdedbff86da591144b879dc4041903a7919ba329e6a8eeb59a71489a816ba9ae8509fdc4bf0cc287776ec689630ccd33ee0a07edfa7b1c8ef067a883e54877024dd964407c0d116e528f07d5e367f882d7740cbdcc2c080672b774a86318574cbb5c1881084b7a3fb39acbc6462a07d3fa5f5bc3088bd38a6cd9226fe53eafb34ba0197a4653a87d3c694896531f310f5fec9a0b1752949a5caf3844f195fa9020bb063ea7f52e9d4eb2352c21d511c223d541c1cf98f28a8bdee868f9d4f148a520ca167b97f5b2717bc51af8ab15b3ad1e03d0fc37e7135f44b5313b8c43012ba51a06d03188393660faa4f202205476b4fff6f9b25ac1b3c6a99a54ed5fc5a3b3749a0843f3de33fc17781f9b8bbbecbce970371601f6874ab1c6fa125e0171ff9079c06b8b50c76a2026cd4235b137c4bde1f54389b0a91d64e01f71b2713ffb98a50d928d62cf0220ef76f6ebf3875998fe6990ad0f0f95eef0ddf07c23783095669e590acd2df3d8e3d3fe473b6ef644f4cc45b6f493901badb44d3b6ca4028f73cbca3c1d639c1b20b40bf739e5f3678bad92459fe5bcc019c82f1d8af1667a41647a4184aeb0e08dc1b5b5e1ffc6093cd12795990612de3cfc876370546e07c83618c008f753e29c09fb8bc9f13474cc97ecb2bd8368cfacc3cf644410f3d5760acdcc8c93feda7c52777ddf3a774363085075ff05793e6fdf291995a046a759a43ad155429a1df5d844abb9bf12e9ed9d1bc2da2ad34ed748966211265019909d3480453f83f95b4a6272e948c4f91264dd69ff19058d6da0eafb0e022438026f7081422b5265d5e7512969e77c17de5029", 0xd00}], 0x2}}], 0x3e, 0x0)
ppoll(&(0x7f0000000080)=[{}, {r4}], 0x2, 0x0, 0x0, 0x0)
close(r3)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)

8.248767106s ago: executing program 3 (id=367):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000001000/0x3000)=nil, 0x32100, 0x0, 0x11, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
syz_mount_image$erofs(&(0x7f0000000200), &(0x7f0000000100)='./file1\x00', 0x810801, &(0x7f0000000400)=ANY=[], 0x4, 0x227, &(0x7f0000000fc0)="$eJzslTFvEzEUx/++3KVJhZAYYGAJQyWKRC93F0BdGMqOhNQiYIyoqQpuU6UZ2i4kYmFhRnwRhk4gscHEzABISAxkZEJg5LNz9pFL0oNsvJ8S5917fvbz88s7EATx3/L50/ePz26sblwGcApLWDD6rxU7x3Pmf3hRCYz4ZjfAcX417S2l1fgz9q8CeLVWAfqB8XW9gSUADMAGvFRW3IaHS0a+A4ZwFKu03hwM94z64Z5UMx4ruVM3SsHZ/Y7YfLAteKSGWA2JGlqAzMU/HDBsAqiZLZgT3/7h0aO2ALpaEHwkBHK0z5iprDAtf2l8ax6uOylQ93X36ZOBeg6NPnLyF8PLjtACw7rJySoWEIZhw5h47Jz/vG/Xr+hr0/TLnKRWbOqPp88IfVN9f5e+MysFJlWj093rgqvTztjCP3EYv6TgWV2eyAuTTZ5NZq4E51BnZYXAFreKo/w6XmPcqzpjHf7vwbM/NcwtiXPD47fa9Bp2zpe5pa4+u7R+Ss2c7gumUlzTc1U27xeFuFnodTanuTDhL2O7QMHutj8xH7jo9CffeSs0ezt7zf3Do5XtnfYW3+K7SdK6Fl2JoqtJM+3NepzS/2ppf1ocrR+oTzFVVsVBu9frxgdArxtnz4kenY67/rLzDajr7jMceFj+Ye7EvLOyFyXL78HM10t/lbRcmRg8QRAEQRAEQRAEQRAEQRBEKRpgeHc6e5TF+Mmt1Pw7AAD//912U3k=")
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = getpid()
sched_setscheduler(r4, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000004000000000000000000008500000050000000850000005000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x80088}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()

8.099403067s ago: executing program 1 (id=370):
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r3}, &(0x7f0000000240), &(0x7f0000000280)=r4}, 0x20)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x3, &(0x7f0000000540)=@framed={{0x18, 0x0, 0x0, 0x0, 0xf6, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000380)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000400)={0x0, 0xe, 0x6, 0x8}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000480)=[r5, r3, r3], &(0x7f00000007c0), 0x10, 0x3, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x34, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mlock2(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x1)
mlock2(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x1)
r6 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) (fail_nth: 1)
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, r6)

6.939180502s ago: executing program 3 (id=372):
getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x22)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'lo\x00'})
bind$inet(r3, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10)
sendmsg$inet(r3, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)
recvmsg(r3, &(0x7f0000000580)={0x0, 0x7, &(0x7f0000000500)=[{&(0x7f0000000740)=""/4096, 0xa15b0}], 0x1}, 0x700)

6.492564854s ago: executing program 1 (id=374):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x22)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r3}, 0x18)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'lo\x00'})
bind$inet(r4, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10)
sendmsg$inet(r4, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000001600)=[{0x0}], 0x1}, 0x0)
recvmsg(r4, &(0x7f0000000580)={0x0, 0x7, &(0x7f0000000500)=[{&(0x7f0000000740)=""/4096, 0xa15b0}], 0x1}, 0x700)

5.074604259s ago: executing program 1 (id=375):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000240)=ANY=[@ANYRES64=0x0], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), 0xffffffffffffffff)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='pids.events\x00', 0x275a, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r1 = dup(r0)
write$FUSE_BMAP(r1, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="b0"], 0xb0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
r3 = fsopen(&(0x7f0000000100)='sysfs\x00', 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0)
r4 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
fchdir(r4)
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
open$dir(&(0x7f00000002c0)='./control/file0\x00', 0x80840, 0x0)
mkdir(&(0x7f0000000240)='./file0\x00', 0x0)
rename(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='./control\x00')
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(r3, 0x0, 0x0)
capset(&(0x7f0000000200)={0x19980330}, &(0x7f0000000040))
fsconfig$FSCONFIG_SET_BINARY(r3, 0x2, &(0x7f0000000640)='Eaw\x10\xf6\xa2d\x89Nw\xc6\x1e\xf2j\x82\x8cJ\x1ev\xb7\xc7\a\xa3.\xe0?\xc8\xb3\xa9\x84\x97\xcc\x8f\x16:\xd4A\x99Z\xce\xb5\xa1\a\vq\x1a)\xef5\xc7\xe0\xe6C)F\r)\x86\xf5\xfc}iz)0\x96\xca\xacvt\xd3\xee\x8e\x0f\x86\xcd\x95\xec\x9c\xe3|\x00\x00/<8\xe0F\xe5\xb5\xc0\xe1\xca\xce+\xc94\x026\xfdC\x91\xad\xc7\xd7\x00t\xdb\xa3\xe3\xf3/dT\xe3++X\xe0\x95\xb0\xc2\xb8d\x89\xb8\xdc,\xe3\v\xddVO\xd4^ j\x1c\xa2\xa3\x1d\x0f\xbb\xc7\x88\x18\xee\xa6\xf1P\xf32\xc93G\\\xb4\xa5\xe6&\xaa\xd1\xba\xcc\xdc\xf3\xa4\xf1\xf2)\xdcvv\x1a9\xf0N\\R\xe7\xcfEs\x04n\xad\xf3\xdd\xcd\x98D\x02\xc0\x93eH\x06\x0e\x82S\x8a\x9e\"E%o\xb8\x96\x12\xba\vv\x9e[\v$^\xbe\x94\x05\x9e\x88\x0f\xc65\xee', &(0x7f0000000280), 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0000000004000000080000000800000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000d018704898c51bed07a4a95a6f03e607f44c474177e819966772cfb6da8d6fa4edeedced7d80acece230421c470134dfad232b111c5f4e64856c5d56d0", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000107b0af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r5, 0x0, 0x0}, 0x10)

4.95423056s ago: executing program 4 (id=376):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NL80211_CMD_AUTHENTICATE(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010001000000000000002500000008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000100))
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
setsockopt$MRT6_TABLE(r1, 0x29, 0xcf, &(0x7f0000000340)=0xff, 0x4)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r4, 0xc018620c, &(0x7f00000005c0))
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, 0x0)
ioctl$VHOST_SET_VRING_CALL(r2, 0x4008af21, &(0x7f0000000300)={0x1})
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000040)={[{0x42d, 0x400, 0xaa, 0x1, 0x6, 0xc3, 0xfc, 0x4, 0xf9, 0x7, 0x8, 0x31, 0x10000}, {0xfffffff7, 0x7ff, 0xff, 0x0, 0x7, 0x9, 0x80, 0xc, 0x4, 0x9, 0x9, 0x64, 0x8001}, {0xd, 0x6, 0x3, 0x4, 0xd3, 0x0, 0x0, 0x9, 0x5a, 0xa, 0x1, 0xe}], 0x2})
syz_emit_ethernet(0x0, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0xb, 0x2618b, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xffffffff, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f0000000380)={<r6=>0xffffffffffffffff})
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRESOCT=r6, @ANYRES64=r5, @ANYRESOCT, @ANYRES32], &(0x7f0000000140)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000400)='sys_enter\x00', r8}, 0x18)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'bridge0\x00'})
r9 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
clock_nanosleep(0xfffffffa, 0x0, &(0x7f0000000080)={0x77359400}, &(0x7f0000000000))
dup3(r7, r0, 0x80000)

4.95388436s ago: executing program 2 (id=377):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r4, &(0x7f0000000100)={0x20000014})
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
epoll_wait(r2, &(0x7f0000000040)=[{}], 0x1, 0x400)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0x3, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r5}, 0x10)
syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000380)=ANY=[@ANYBLOB="12010000020000082505a3a440000102030109023b00010100000009040000"], 0x0)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
unshare(0x22020600)
recvfrom(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCVHANGUP(r7, 0x5437, 0x0)
unshare(0x22020600)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000300)=@filter={'filter\x00', 0xe, 0x4, 0x2e8, 0xffffffff, 0x0, 0x200, 0xb0, 0xffffffff, 0xffffffff, 0x328, 0x328, 0x328, 0xffffffff, 0x4, 0x0, {[{{@ip={@rand_addr=0x64010102, @broadcast, 0x0, 0x0, 'geneve0\x00', 'syz_tun\x00', {}, {0xff}, 0x62, 0x2, 0x49}, 0x0, 0x70, 0xb0}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x7, 0x8, "4edef53db37bf84c784ad890537bb2408afac8dfac7fc9d26ae9804d8470"}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, 0xff000000, 0x0, 'rose0\x00', 'veth1_vlan\x00', {0xff}, {}, 0x5e, 0x1, 0x11}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x3, [0x4, 0x3, 0x4, 0x3, 0x6, 0x2], 0x1, 0x3}, {0x3, [0x1, 0x4, 0x7, 0x1, 0x0, 0x5], 0x1, 0x2}}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, 0x0, 0xf, [0x1, 0x25, 0x19, 0x31, 0x22, 0x33, 0x30, 0x37, 0x3d, 0x2a, 0x16, 0x1, 0x7, 0x3a, 0x0, 0x21], 0x2, 0xfffffffa, 0x7}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x348)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
r8 = socket$pppl2tp(0x18, 0x1, 0x1)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r8, &(0x7f0000000300)=@pppol2tpin6={0x18, 0x1, {0x0, r9, 0x4, 0x0, 0x3, 0x0, {0xa, 0x480, 0x0, @private0}}}, 0x32)
r10 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r10, &(0x7f0000000380)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}, 0x4, 0x4}}, 0x26)

4.811795321s ago: executing program 0 (id=378):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x2cf6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000400)={0x2c, &(0x7f0000000280)={0x0, 0x21, 0x7, {0x7, 0x0, "3d7da32915"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000480)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="292243eba1c6fb56ca634775fae570ae18d8781a2de46d1e34638391a393b1ef960136fc05bbbc8ddb51e39137e1c80f801c8255f42b26a15fcc0e39d7509090c1540ca6ccfbf09fe3e9765323d4486cd032c032e188cfd50d1bae6bf65aa77fc7d802fe24e7794ce30f2adc6bfeed965c4860904bb98dddc1c6ccd4e0f5d80c7d8a44e12c8035a2a275cdad8ce3705144cd943b065b529cd533e0b447a2d806cb113051e86adafda8f467946644389c669624baca36473f5164dd5bab25de4be0a2f97001cfd2d79f29c645a77d9d2154a7d108f3838131a7f8cd16"], 0x0})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0a000000050000000200f5ff0700000000000000775ed2bcde3dce6af37b4ee4ae0dfeff31a459b4757e5301ab51bb40cd1446c524edbf26305aff9f5f623e4d5031c2891945dc2e63f9e68c9ff381e12fea3f50f3fad8f3ee83b9db85c938b8471f5ed906620e8542cf28e60678700e037e0fbead1f41064dba08f75431bb6108b6a7ed94a731475047f680911f4c27e61bc8fdd4146779852e5c608bee807ecdce20d6d6e3206913aa1ed3f6a45c66e497a3248323121b2ad46a0a79868f449dc8ee9663a1f200d381da2d84a56378fdb0462e13b116b3328b0fee54a1f6be96092fbe8eaa26a3c72d8f810fc2778a", @ANYRES32=r1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=r1], 0x48)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000180), 0x40080, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAPCLR(r2, 0x4b68, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
ptrace$ARCH_SET_GS(0x1e, 0x0, 0x0, 0x1001)
socket$inet6(0xa, 0x802, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000040000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0xfc}}, 0x0)
r6 = socket$inet6(0xa, 0x3, 0x1)
connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r6, &(0x7f0000000480), 0x21, 0x0)

4.707177511s ago: executing program 1 (id=379):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @private0, 0x9}, 0x1c)
listen(r0, 0x3)
eventfd2(0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x8, &(0x7f0000000000)=0x3, 0x4)
syz_emit_ethernet(0x72, &(0x7f0000000680)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd602a8435003c060000000000000000000000000000000000fe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="f8c20b009078000005060000000c030308fe06e2d4c3d9fe14f989a459e46d6a20b6aa81a47ba095e9e80c04020303f9"], 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001400010000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0001}]})
time(0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
syz_usb_connect(0x0, 0xf5, &(0x7f0000000900)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505240600010524007f000d240f0104000000080000000006241a03000a052401010704acb10a1524120009a317a88b045e4f01a607c0ffcb7e392a09044c03003a92a2010a240109000102010205240401050c240203010104030700ff070c24023706000205050200d07f072408040700470c24"], 0x0)
close(r0)
syz_emit_ethernet(0x4a, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd608a96460014ff7f00000000000000000000000000000000fe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5007000090780000"], 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000b8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
r3 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000640)={'batadv_slave_1\x00'})
syz_read_part_table(0x5df, &(0x7f0000000000)="$eJzs3DGIE1kYB/CXIBEFETs7gykichAh3UkEDXGQgAnBQ4s70c4t0qyVRYxgQCzMNhE5Gy0UYQ1aaCUiCCImFkIqUXavuN1l2eJY2CawLHMEZrvjYG/JHQe/Hzx4b97/zcfHMOVM4H8tHf6I4zgVQoj37vz0T/OVs+ey9dONCyGkwi8hhN/zs79OdlJJYvuuR5P1YrIuvt3TvDcf3en2Dhx+nd38nE72byVjZfjw8q6bY+qOXT/+/sh4dOhNNTwenBqc3N+8dK2fL7f7X+qvzjzNPtt+7oUp1X9Z+njwdmc26t4ozXyNWkvRanpjPTr/4FEhM9du5NdOJLkrU6rf3LqYef7kQ7mzvK/4qVqr9V58v59rVd51bo6GuW/ju1eT3MI/eLsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPj3Hbt+/P2R8ejQm2p4PDg1OLm/eelaP19u97/UX515mn12NMkVplT/Zenjwdud2ah7ozTzNWotRavpjfXo/INHhcxcu5FfO5HkrvzV4TiO27us39y6mHn+5EO5s7yv+Klaq/VefL+fa1XedW6Ohrlv47tXk9zC3l0WAgAAAAAAAAAAAAAAAAAAgL9ROXsuWz/duDCZ/xxC+GHmx7nJPE6+d08lue3/ACxOrqdDKL7d07w3H93p9g4cfp3d/Pxbkr+VjJXhw8v/QTvs0J8BAAD//9odjZ8=")
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000600)=0xffffffffffffffff, 0x4)

4.371151912s ago: executing program 3 (id=380):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x2cf6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000400)={0x2c, &(0x7f0000000280)={0x0, 0x21, 0x7, {0x7, 0x0, "3d7da32915"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000480)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="292243eba1c6fb56ca634775fae570ae18d8781a2de46d1e34638391a393b1ef960136fc05bbbc8ddb51e39137e1c80f801c8255f42b26a15fcc0e39d7509090c1540ca6ccfbf09fe3e9765323d4486cd032c032e188cfd50d1bae6bf65aa77fc7d802fe24e7794ce30f2adc6bfeed965c4860904bb98dddc1c6ccd4e0f5d80c7d8a44e12c8035a2a275cdad8ce3705144cd943b065b529cd533e0b447a2d806cb113051e86adafda8f467946644389c669624baca36473f5164dd5bab25de4be0a2f97001cfd2d79f29c645a77d9d2154a7d108f3838131a7f8cd16"], 0x0})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0a000000050000000200f5ff0700000000000000775ed2bcde3dce6af37b4ee4ae0dfeff31a459b4757e5301ab51bb40cd1446c524edbf26305aff9f5f623e4d5031c2891945dc2e63f9e68c9ff381e12fea3f50f3fad8f3ee83b9db85c938b8471f5ed906620e8542cf28e60678700e037e0fbead1f41064dba08f75431bb6108b6a7ed94a731475047f680911f4c27e61bc8fdd4146779852e5c608bee807ecdce20d6d6e3206913aa1ed3f6a45c66e497a3248323121b2ad46a0a79868f449dc8ee9663a1f200d381da2d84a56378fdb0462e13b116b3328b0fee54a1f6be96092fbe8eaa26a3c72d8f810fc2778a", @ANYRES32=r1, @ANYBLOB='\x00'/19, @ANYRES32=0x0, @ANYRES32=r1, @ANYBLOB='\x00'/28], 0x48)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000180), 0x40080, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAPCLR(r2, 0x4b68, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6(0xa, 0x802, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000), 0x8)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000040000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0xfc}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = socket$inet6(0xa, 0x3, 0x1)
connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r6, &(0x7f0000000480), 0x21, 0x0)

4.099213713s ago: executing program 4 (id=381):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xa, 0x4, 0xf1, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000023000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r1}, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})

3.872140775s ago: executing program 4 (id=382):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000001200000000000000009500"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
syz_clone3(&(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffeb3}, 0x58)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r3, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x2)
accept4$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000380)=0x1c, 0x80800)
dup(r4)
r5 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x80001, 0x0)
fcntl$setstatus(r5, 0x4, 0x2800)
io_setup(0x7, &(0x7f0000000000))
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000240)={0x8, 0x0, &(0x7f0000000340)=[@acquire={0x40046305, 0x3}], 0x0, 0x0, 0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="2000000010000000000000000000000000000000a3ffb01a12ff5b3c778e46ea8da1721c45c724444d47960d9831114bbd0017", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000280)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x1000, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x7, 0x4, &(0x7f0000000080)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x9e, 0x6a, 0xa, 0xff00}, [@call={0x79, 0x0, 0x7c}, @exit, @map_fd, @jmp]}, &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2d)

2.51125312s ago: executing program 1 (id=383):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000018c0)=ANY=[@ANYBLOB="0b00000007000000020000000400000005"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000800)={{r1, <r2=>0xffffffffffffffff}, &(0x7f00000001c0), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000004000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffff6c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001a40)=ANY=[@ANYBLOB="0900000004000000163c000001", @ANYRES32=0x0], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, 0x0, &(0x7f0000000580), 0xffffffff, r4}, 0x38)

2.201580981s ago: executing program 1 (id=384):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000020000000000000000000000065ab4faa8f8ffb4e2618a10000002011d9d73834b2ed6f33b9b5e2c7396ef8bc6cc03aff95cc7d509be949f27aa5e1e74aa8ad830f5e8096c5e9cb1d46c76772cb65"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x64c159d03152c38, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800010001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000001000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008180000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
mincore(&(0x7f0000fff000/0x1000)=nil, 0x1000, &(0x7f0000000000)=""/70)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1fd2, 0x6007, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x4}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
r4 = accept4$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @broadcast}, &(0x7f0000000100)=0x10, 0x1c0800)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000180)=0x14)
statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x100, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c00000000000000f2ffffff850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r7}, 0x10)
r8 = socket(0x10, 0x3, 0x0)
ioctl$RTC_PLL_GET(r8, 0x80207011, &(0x7f0000000580))
sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)={0x14, 0x1e, 0x6b4e12c8a09f3155}, 0x14}}, 0x0)
setsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f0000000300)={{{@in6=@local, @in6=@mcast1, 0x4e21, 0x0, 0x4e24, 0x4, 0x7b55e0014a4d8856, 0x20, 0x20, 0x21, r5, r6}, {0x4, 0x9, 0x4, 0xb407, 0x14000000, 0xa, 0x80000001, 0x7}, {0x6, 0xf, 0xfffffffffffff801, 0xe}, 0x5, 0x6e6bb0, 0x1, 0x1, 0x3, 0x3}, {{@in=@remote, 0x4d6, 0x6c}, 0x2, @in6=@ipv4={'\x00', '\xff\xff', @local}, 0x3507, 0x4, 0x3, 0x9, 0x4, 0xa5fd3f1, 0x6}}, 0xe8)
syz_usb_control_io$hid(r3, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\"\a'], 0x0}, 0x0)

2.168834471s ago: executing program 4 (id=385):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x22)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r3}, 0x18)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'lo\x00'})
bind$inet(r4, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10)
sendmsg$inet(r4, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000001600)=[{0x0}], 0x1}, 0x0)
recvmsg(r4, &(0x7f0000000580)={0x0, 0x7, &(0x7f0000000500)=[{&(0x7f0000000740)=""/4096, 0xa15b0}], 0x1}, 0x700)

1.744707423s ago: executing program 2 (id=386):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x2cf6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000400)={0x2c, &(0x7f0000000280)={0x0, 0x21, 0x7, {0x7, 0x0, "3d7da32915"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000480)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="292243eba1c6fb56ca634775fae570ae18d8781a2de46d1e34638391a393b1ef960136fc05bbbc8ddb51e39137e1c80f801c8255f42b26a15fcc0e39d7509090c1540ca6ccfbf09fe3e9765323d4486cd032c032e188cfd50d1bae6bf65aa77fc7d802fe24e7794ce30f2adc6bfeed965c4860904bb98dddc1c6ccd4e0f5d80c7d8a44e12c8035a2a275cdad8ce3705144cd943b065b529cd533e0b447a2d806cb113051e86adafda8f467946644389c669624baca36473f5164dd5bab25de4be0a2f97001cfd2d79f29c645a77d9d2154a7d108f3838131a7f8cd16"], 0x0})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0a000000050000000200f5ff0700000000000000775ed2bcde3dce6af37b4ee4ae0dfeff31a459b4757e5301ab51bb40cd1446c524edbf26305aff9f5f623e4d5031c2891945dc2e63f9e68c9ff381e12fea3f50f3fad8f3ee83b9db85c938b8471f5ed906620e8542cf28e60678700e037e0fbead1f41064dba08f75431bb6108b6a7ed94a731475047f680911f4c27e61bc8fdd4146779852e5c608bee807ecdce20d6d6e3206913aa1ed3f6a45c66e497a3248323121b2ad46a0a79868f449dc8ee9663a1f200d381da2d84a56378fdb0462e13b116b3328b0fee54a1f6be96092fbe8eaa26a3c7", @ANYRES32=r1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=r1, @ANYBLOB='\x00'/28], 0x48)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000180), 0x40080, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAPCLR(r2, 0x4b68, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
ptrace$ARCH_SET_GS(0x1e, r3, 0x0, 0x1001)
socket$inet6(0xa, 0x802, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000040000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0xfc}}, 0x0)
r7 = socket$inet6(0xa, 0x3, 0x1)
connect$inet6(r7, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r7, &(0x7f0000000480), 0x21, 0x0)

1.715639193s ago: executing program 3 (id=387):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000040000000f"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000180)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000300)='kvm_fpu\x00', r2}, 0x10)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (fail_nth: 1)

1.627588453s ago: executing program 0 (id=388):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r2}, 0x10)
io_setup(0x3, &(0x7f0000000340)) (fail_nth: 1)

867.361327ms ago: executing program 0 (id=389):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r2}, 0x10)
io_setup(0x3, &(0x7f0000000340))

812.097597ms ago: executing program 3 (id=390):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_io_uring_setup(0x6ae5, &(0x7f0000000440)={0x0, 0x0, 0x2}, 0x0, &(0x7f0000000340))
io_uring_enter(r1, 0x2, 0x0, 0xb, 0x0, 0x0)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(r0, 0x8982, &(0x7f0000000040)={0x6, '\x00', {0x1}, 0x5})
r2 = socket$unix(0x1, 0x5, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f0000000240))
statx(0xffffffffffffff9c, &(0x7f0000002480)='./file0\x00', 0x400, 0x4, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
read$FUSE(0xffffffffffffffff, &(0x7f00000003c0)={0x2020, 0x0, 0x0, <r4=>0x0}, 0x2020)
fstat(r2, &(0x7f0000002400)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
r6 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
getdents(0xffffffffffffffff, &(0x7f0000000480)=""/141, 0x8d)
getdents64(0xffffffffffffffff, &(0x7f0000002f40)=""/4092, 0xffc)
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000003080), 0x2, 0x0)
r7 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
socket$tipc(0x1e, 0x2, 0x0)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10)
ppoll(&(0x7f0000000500)=[{r8}], 0x1, 0x0, 0x0, 0x0)
write(r7, &(0x7f0000000100)="094f2a3589cfbfdb5c318568291435ca23f9f2ac3854b1c5d8700ac89122457f6b852051114d6598c734bf6f85fc655d3516fdab899636ef4b57f0b7ad1cb509de0a3ddc7ca9c2e85fb8a7a6a6d89d9761f0104750d7ec416c998803374a28c8e40d288fadf2fa33d64bad6b79d4cbde000000000000000000", 0xffffff48)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000002900)={{{@in=@private, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0}}, {{@in=@multicast1}, 0x0, @in=@initdev}}, &(0x7f0000002a00)=0xe8)
stat(&(0x7f0000002a40)='./file0\x00', &(0x7f0000002a80)={0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0})
sendmmsg$unix(r2, &(0x7f0000002fc0)=[{{&(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002780)=[{&(0x7f0000000140)="144ee134a536ce544875f6efde59b5fc207c06190526f6249b4001f2c4751f3d0bda281c7534f6c3f1e3da52f4ffffffffb0dcc1a018f798deaeb5b0da92b4bed70de1d70b86252da2b3b8e493a1d384f152fdf060f824e670035cb33c3c66aeda5b547a4e581857959f864e33d5026c0bb5441ae6ff2dd515f34cd542136d3b0ee7", 0x82}, {&(0x7f0000003f80)="e4129d4aa3e8c35d0efdea8afbc1d92dfdd55b48fd29ec9b6659ca613ecef07384652685729a0f1213faa7740b61763b926184405b6afb7b1b8aa84114b410d2c7800c04ca7273a373631fbb468d107ccb6c18eee52945354d7032f1ebd168beaf", 0x61}, {&(0x7f0000004040)="317ba2b87e3644be77b01ae202d3587658d4b87db126cc3b12d482f9f49a95e6ec5d2856f7a70867d2d11c9f3e2fc685c199be0cf031bffe5979b71010c71c8c519afdd37b2ded3f70146f7e7cbb8b878ea72bdd7eb0fafec7a3dbffd37acd0bc8965a724edef07304398654aedebda9f5a389e1f2cefc83eaf8ef84d2e42a6504e62696a35f0d5af7864b6f633f0c1cc53eadd009e1b377eefec6651d08e2773393921d63310d91f4d78f5da071feca44b71a86cf78d953cd44893163f435e807db577b81c460e08dd0407384a87938f1aaba4cbba942287e3cb85d122d9a8571ac4575dfcf58db81d71361bcac7df7e8ec0d85af0b75a34501a0c7cf81ace2e47d7218f69f73a2ede7f13c6df058c50b4138f4851cd1167751b1b0ca8ab5ee3e08ebca896a197ddc23912a33deeb594765b0dbd866872c834dca8a94c0a37b21af99cc04e23341bcd2201e95c4cbfd777f910545ff50a1a11d25b70c101d46c611813de67d26941d079e4d5d68d236451dd401f44e8c48d80d817125ad0fd09dabeeb1f0db1f8ec4737bc6cbafdcd9690bb9f6a925dcec2e75a233d1c4e67070f53f74e77d492e278dd0ab1b80911a274557dc897c07d26c17533d62006009c6449ce2dc0e6e9e0f6ca8f9b3d220bf54a620cdaeee8b62ed74dd0ab59f0ce43705c0991a03726b390937ec83bbc9ede0e170447b4e09c5689539f7735af720e0ab491b829a9571651e2e9d9c2ac9aa0bd019d872c001b170dd5b75a19475cb5f1b544cee2c90dd77ee8c43124ecb10593a83075532ab2e32edf558aa3fe2b6cbbb09233ef721ceba94ca95f6adae88a566e4e63d37d31e132490cf3ddf8dfc781937103b8abdc851bcff288a6486761a7e8e3264b3b93868a00193e8f34fbf946d74cba8fdb65f19f5adc0a0ec33d16a5cb8dee3b0da79087b848b8de83b2d7466de352396644d019df31eef5c4b75189bd3bd24e17c11d1028da325e98c59b081b7a5bb7af00c0cf36b021b20a955ac4f268eb1d9915897fff07adedd3725a67a3dc42cbb4883e938e4404ac2bbd222e5d5ca7bcd7b606a006f54f46633fd8172ffd37589dffd9df7f2d96972243bd8fa3219945ced62b6ef509192d213d185634c9b9cd2a18e82b050e01e1bcd667519670ff531540e192f4c9e71add33cbd9eaf63d6ad0e2d06454eb2052837caa2d940b92eb49b67d05a5c9917a38f9206177fdb86b0dac0060460fec095a4983eb00dbc2d0da03519036cc9b24052c57e0649189c7d30965bf9ca3471d34c962544484c32302939ace3804280446755800328bcc016f1964b289a1a5058e5b3ac066c24347338066a2655ff2e0ca3118699d9b93b4a7599197050eb0cf81fd1768483acf447c2c81a8d6591b02af146019a01166ad16855cc12c5bc2abab7a1306070e6e909a877f98b6cb50430322bc76159bd48c4fca2ee3aac8bd485805a42d84e884f7d5c4c15f03455dac97bea8074dd0e2702fbfdce5ee80364b3926877a630fa8928358f035fbb067f2bff046c35b38213679d8e18501bcf593b9ab31e2ee32ab1e07376c23f3cc10cfc491776ecf4c253c3250186fef8f9c4e14e9a631ff0f19c87624b9e617a0292356104b392fdfce8bdea1723a5477f187d51abff020d9e4b48ac628351527574538917512e68874454ffe4ce767976ef2fcc0cbb64ea66f3943504badbf8d7fade555dcce316a8aef23c89c26a4fe064b583be9015cc3e6df583de391a0338de5bb8b43eeb502ba9aaa6dcbec74d067de4fb5ba2b978e4c7444a70d0519e52a466e72b080f95947d4e56a914ecaa5b1250a54ac79b1f7e9ec4d6cea57bded17460df31dbf97e0a033f89683f80f35075831f283aa6028fe8b95b92fcbfd9c6e09cd838e2b56b5cb5d2ac1fc8e7a006c83afd21ea41002e4f8fc8078f88a410368d381b261e0258b490dd106eb519a63430382112a805891e4126dbf0d6908bcbd8b2d3fdb0ba8cc43d16e4fcee41981d609cd61e1ba2f32d3dcc03476f44b82cebba0f4aae65e44c5976b2a7d103589dab1d2cf192e7973bdfbbcf3e2a0f911a7fc2d2243a407016ce543b091bd9b86d9f76930ed9a044b64e27558c2f340120b77b01c5d92e69bb9e8bded8044f750c2bf2ddf88637825cd3e452bf3e0ace4ae5397c5fcb7539fbb8da95996b6befab8a1994317533c908b554c1d069ecd968b5612ce4a0555bc9145eef3ef567eaca943156b55ea67251c508a4f6a412a37b67ca20c23bbd6c60500e28a5c17b0480983d0999539c55655e49a5ab359da436fb66c58344fe48f34c32b6423b137996b6e77af375a751d611dcf201a30af36faf1bb895efb62d8c193ff439d9d9f43e5e402a7a2eaa44b5facd1944b8f5c1c41c64080cd19db65bcbcce554623f9ef3c79fd83d2dd917c4bfcf38f1e4931054e6c39418e6543b5b60e141ce3623d472681a26f2142bdcf87919f29d831e6ceecea32a250cd58902a0664bfad3af4c7f71637a04d37779b268010e302a79c4c89642430b610e7bd65cb7b2c939b5f9fd16f2f4e0493169cd30bd9571924265cd00e8e577481de2bc443f172c1f4a518eec74f142b1dec2504df2980a422e454582497041068a501cf8a1c76c44ab908776c26dd93b2084b0abc1df7944141f6a68c446182ee819a3bc075d925591aff4dc462d60a3c29d0cca1ad732200d88d975e7c374727faa915f7a1c73f4f380778fd8555e977f9fe6e7ac3cb4139fba91179623dfe58a601662199600e4bebefbc13e4f4a0c00ed4523d25c6df873752b2ce2c5f63f868ea8a2d03eee0a8bc7418d07d53c1e6f737d813bd1185ec2efac243c17d6aca1f01a0e5d15e1df1c3bcc8ba4c145c8ff03c7cea4adba3f8cdb383a80ae296ab7c3d2281aa8df3382176fe6c234d6f3f8495b922bf6dcd9cad079bfe9162f20ba4837226bc7b14b4bb0044493f6bf188dd331e399cc4760216a0809ed39cb711a9a60db2bca9c59b73a70375f42f77889e724004a61067612f575c0f321394f751b3d8b405a4ae434bfa984fcf6bb4cf8f0cff87ed8c77e2ef96556092bceb5ff8cb26bb958cd990bd81d0bcc9d211be4d06f9a0470c186986ee741af9b911c03e0f0f50f52fe2f172053cf202f777b3af0be5f07c4cb9d88f4ba6186c2934954f43977da14988071092c12a7d63b9d915c9f8595d2e1f8fefa775c459dc5f34bfb8dbc7675aaf253014ded4eb64580f056eae727a1cdd7a0e1583194b093e37e5ace94b3f810fadd80a3d712bedc03817c83a2610c8d7243d7fd337adb1a2a2f53a93cd4f92d00ad3d3893e5db2b5bfdb2c15015094acfb73a7fa86fb90395a18f74972e949ff6aca1dc6b84f20c42eacd0261e95bf5161d80d0b37b6ba305f46043dcb3149bbb700f0c68b5d46b6bb8434cfa20b2ec8d4a02bf9269743ed82eb4340e0faaf711d0bde5d9484cdcad784fd9a503c49bfbdf505a667b0ea4ac6b01c8116170b46c161fe5aaaf89d7b2a0b48bb1d58997124f81891715395e5f95ddadc6bd99195c4d7dd1018fe76556e761be544f0c35a6094b7f14d51b48ba4823bc19a109c6d478758a4fb2a434449231e33af82a894aace418e4102e9bd0e007b9037e28868b959ca29680dfbd94d0c37da1f021f1837009ac859d09fe62922a1e54e04f16183a84640508b7f9899eacd5e50eec58efef5a6175abbb88cc4b17c11f65f7e8670a84c52469b4810299685d1845e9d42cd2e4db5d1aae5cc406bdf61d0ac98f782d8d6793e7515f9c4e4ff26fd290ed668ce9cef57fe4f425b4f065b8c1d1fd383d4e465389298ccbac5f98ceda570b197cd8c6d31313bdf747d92b0570a01d52354f88baa872872d949002137367e7c6618ce0d8cce9d84ccedd3fcb0c1f6ecbd2f906860dd185574f64d52b9e85184856b2d4da2c5d9d64e29acc78ac1ca5407e26574cb1f7372d8bb8bdc08a638f5e4260b739ea44c038248227f38df659a06b00b4391487aad5c19f66c0c849c60f7f50fe295913291188093b58b689a1638d9c1c545cd8a78fbf31afb326c2481413b1e1a9a2ceaa44852c684b5bb9deabf03d47b02bf03b782335fee9c132ce894863b55ad4fd97ff5d68fc111156e4b1ac75bcee1bf6b1dd408a605729983cd34f2ac0e26e027c8eeff78bc76900909ba3c47cb3d0aa3ff2d875417bc10ca1b572bcf7b50c8cbf2e5b20f7c6637a4db8ba58444bc61f56a7c54a3a156165b63bd3060304264b777b8dd86cb5280e2357d66df496ac3754918f1ad85f7ef9adb8cd928b70fa4caab40b8472e5d69697e8053c8c1c26090a15b4bc3fd03c48188591d98dd25a55a4a22e54c91e313fcfa67e280a66c2c1f660ecaf34fc7c2409a922f418ca7372e63fb36e65235ae1a6138c50518d10be691073465d8a64ec2fabaf0db0f170a592efb37b4b51bdec96c08a9d01944ed7123c7668666175e4048b90092157dfc6c11c7fdc397d1147be6425ebfa3639929168c3db09ed3302da54bb59fb59f8195943075ede41a740b07658b430c999678c1b3ac5dd9ab3c1ef80f50539276e58778a099a95a772aa74ac3938e0616a8e8f5897b9393cb037a61f9d96b65ef922e35d65bb6845def1dee3c93a99eb5685e8c5ca7f473f461574af40a463747aa15d0882f5d299317b31eb0714e5149987185613a3534d3ce2af13c1cc109f30e40152eee0c1b0705a9b4dd51a943545e183393330673d86180631325f00d64f9b0ec43e2b7b401ceaf0dba2287a259bf8c936a3899a03a8732afdc6602b7deaad234caa40be0aa70a2cadd1065962e9a7d21ea7703cd6b44c4bd92141d7ebd80e0f37bf9d5bf358cf856f8c444336df899c82bce69d01c6d8563db42414534a63a31971fe33c076d46667f0d7ae57329fa91875b7120503ef54c427395ed29743ab1147a3103853926ce0be3cb66518aad19bc0088357da4133bd0fef92b55e028decc094cb4a9294e953955985d155aa0024e8c51391dd1bc42d0e8a1c07edd214d7bd5546b03fd7b01874bd57331eba93367ec37094a6d330a4a8fec9f2a058b573770a6ab6c78a9a6a6c0617d6be868bc69c29f5231627956e54d81eba81bc5c10119fe6904ba96fdc9f27f5ad0da42c9edf168bfa3acaa2be6d2d98757245acd5bb166f71993f5c2f39527d5287f5c3d808ea10fa53bf8fbe875ed8b3b88e490072718f6e1583f2ca012ba89aadce6efbe7f499d8186178a864a40eb6a8c5c950f12109f8e36debe38e06b12512b4731660cf8997aca6801574a1c91efcc58e5c94c008d0f29ab0df6228cdaca9aa80217aae04861d571efde9df94952cdac75178f985959e98a659a80925cc47f06a50c8ca81fe4d6ce8a4ad90b37debaeee0883c607bad18e911ce23f53b56e79ee4e9d9af0fa722f57a61daee4c68c96459cd0136ae33e1a7f6adc895f348030b14c2db0471bed6ea93701226411f8a2e4f182056ed414f40b5fa9edc474406982269059df2ca5c059b080029b704e6bacae93b1b0bd756bb5aad2534132fc8b9cc0790e64ab5349531dfb4af1ad368847b1b8ca9a8155ee0d64d91b941e953bc77d31daae15861bb5252a0202f836bc93ad276335b6c2083d1ad1dfc9aaaf72fc6dda8b25b26b0d6ab144ba849cd236001e561fda31a2d953521bcd04b2c5cee336cdd097bc1c3d73d1203a14a5bab9e23fbfd6a25c56a3c7aa422c15741fc95c843715fb4b6df5d65b7dbd5d6f2feb09db4efb8af8d3b3d4d97b5be7e51c95c663bf96cb0aaa2653b9554011ebf81a", 0x1000}, {&(0x7f0000005040)="add3438ddf0f15e3d414fd715e3105a4546b442471d88e596f3fbd360d1d72e0f8fbdab0d7c23e9186f4babbf9c7ccb795964cefd8221ae9c5f4b14754413f7cd70a1e0356d9ce6dd835ba2ae1a12b7204455690a60f5da89c45e28bb2ff14cbe4c52c35edb3c0241321b034c24fe4daadedb0a9eb5d613df7d615daf14cd81c176af9bff6f7544c1faf109c635a72c3b35d6f8065c6aa4869543cf05c48b78349fcbff2c83ca403c20c0b92950e0909671a2df13197dbb1f481bc410fcf55a75c3eac400f0875fcc9d4c27429b4ca3459aebabece4b2b4e50e3be3ae8194da6410ddeb959d965612fe26f24a3026aabd893379e53c9497b4579e4aaabf25a24c766bea45a06b5e223edbb96783b05e3f634f09babdcf9f5786940d739afa9ff29e90adccacb81987e3b87ada05ee53c62f64847997b6fcf4403e068aa014a92be5068da81f404593d7b632b35a3deda6dd17c4e5bfdf67c529ec250707e723edce883710f10ece707d0c5123cff2cc513ffb39adf25b4e388241a5318b3d1e9498202a4b44a064f016c167f5d18dc31fb430fba18a67856e790fd7b4911ee247370d3db350f99fe8a9c51c88c1cc1c6e8f4500946e638eff56f4394d947c7d4a4e96f1cfe9670f6451216f8088c002f5571c5c8f5353277fec10a7f08d6dc2d690f71c3fbe91c0a18fb92313655f4d9cbf479eb230a1d1fe5ccb5a524c2598986093610f2a5e4177ff83fb38de2bf2bbb8482fb182b26eff7c9a77478b8fbdb86538a9462551e250bec890934bde7bffa7557ffb325493ef5ee6b72b77cade1c75bc9fc1b73f7cbb72a20762f0ec0e05ec9fa8f2d3a4a456b29747db66b958cadb05f5b5e71e0cb90501020827623c6aa210df54a9e695b26c507d32faedf24c0edb08a5d1eb73bd743e0131ae46b67809571dac7cf34cb44b2b46ac19d95b33b1a476693e614508ca1badf1d7484f369ca0179ea93b735436d2703c7a1e8a68b142a3ebc060a4c10a5a305e4bd2174c154925a7960d368cc5bed0844e1a817994f30bbc0498152270f5e6dd97b9a8f8bd890d68aa632865f54ebee79eed93dd68be74128c80edf2cf15e4bb42eccc1a3b4fa68a8cd56d9983b394e82e2891b6a68c592048d28efc4b93ed12942ed548a401259df8ea46f09c9267123816328ccd92fb0d91887782165120f7522288575fef91cc564ee3c459bd4cc688a3288461c6d5495e31c6e3227bfedb9bc4f8bc09e4b0a3857675834d12749d02c754db0b4fed7c1cb36e897ad73a73115eb421a09344906ccedfb3eb8ab8b14647729b7e970f2cfcb297147a7deea0d9f770285b769a3648a6367ef4ef22b5e8fb361dbed3c118ad77abf0609806402f466fba63eae0a6371e992712af8bcb9b5a76bf6c3f947a47fafd4d5e3db4b212012a45ba909496238a069e2248aa77fc89f0e005fb3c6e623a4bc23b01d770b3bb4c13226942d2760b7034f6f8638927b0270aa12d0f9fe19c49becaf3441da8312df8d3030bac7360527b1cf3946a805705663fb040d43fc98bc6a9bfb5cc6175b2e1c46c452bbf6386d45d60b37d2cfabae8eab0eecc1aa7c6d34844f62ae28b5ee0cc9188680bcd21437da9c37a5b498d5df4b33ae60577d7245bedb5b06b7eb70c307b3b1fd0a0a2cd602202b24dff6b39de30550bcfd98a4265f2eda99d545d6f3b1799d2d1910949abb259555a22c25b3e413c7144455f4b7ff6f74a181565d82e8e386aff432a0850dddaf13e21826e856c90b281aadc1d5513d13a0241d2700689ec016d84bf4878a4d9ce8b7d44ebfa3109d2f77892c0a9d04a71b04bb09d901d89e599e58e82a4ab3e418f3e240d55d64513431adc7a9f3746af5b4f0c4c53c6c4959d28191f7dab87823839bab2ebeebf10449882c360f3c12c24295fc2ff4d28eb47583f711558a754ba05531ba0487ec1bc9d6645ea421bf659e904e628913b6ba188315a96ed2d14538442057d15c1d14a8ac96ce75abc57a92082216f1a5133c04c6863c6b2ffedd69dfb849f2b88cca85832b92e912964d4c646cb19700cab5aa3ade40fb2b9764cc5d8bf361060e80498842bc5aa8df52a42eedc4ffee4c1e7b9d8ac5de483fa017ce071181c0a451e6dcc94ef8b40fc5fe24332f1da0cfd81616eb7a81dc5177174ed410705b6d8c3f4a929c66745b3b60b959062946742793df787bfdc86237cf6597f715136375d45d5ff1aaaeb5d97fee887f8367c7c31ec41ef1a2af2d209c1fe788be8311c909a75774d225d9993528f65538074e29a5b26b51c0b6bcdb6251965be2bab8b15832a6a82ecd95b1ff6187574f31af4dd2cd26d4e4dcb33b680e3a61338212cf7eb470c4ddafad555717d250888c235319d05d6507bc53cbebe96c1e1affe80fd5c0312137c8f6163898fcfe0e44738302f2c8019d20e465f8faf317c083c27431186f628f5dd9bf1aba6a540be786cb535ebf1c58914e94ea7a0d38f7ad4fa39bede348a03a4ef68b87910fc532beae5b13b3cc6e23d8eebcb1c217356e5dcc71ba3c4ba85c7627bcee4185890e88879cd4e54ec1fbc9fe67856d3d19f05ab97d889677ea7169e48d2ce780da9cc257a875e26cce5ac198f1a5d6df488f8fe270e09a702fb550523dc42050267f99ea15fd2fe1c26e0e906d84e89965d637c6b2d1bd085668d2c0976b2a97348113560a415df05b13e688934036e4bba066e0fa99771a494fd1682c2dd377cd7ddce45110ab4a7d55d231f00346903c79916ddc46066ca2197f9661e71860f1a8b35e93cdd287acad13966c6a520086fa603c5a66506d235d8682f5475d7c2b773ddaf846c1dd3561a311043a123bb029fb2f77ea2c35c81e0ce19d0d90fede0ae95369212a4e779f18b8d644d184c752fd433187a59cde0471255228635a17002307074ffb37763fc0428448e1a28c988fd20fdf903ff6a14d6e2c544a6c2c650ed657074e75c02a1281b3953d69417feea93471c3db21dd1fc0bd25d5f47f1768a5f95c5a1b4d812d68a011d591ab940bd934a89a95551daa6e4ac68a11e0d9fdcaa52b4cbad0b99fa1262e633faa97f7e8b46932079f11ec65771cbfba4c836384a5198b19ca776f6e8713b592fbdf46e68ba9847d6f56ef0859e7587f978aa3361f4798c7235ff5e1e7f742fb1ba95a0c9139750054415e13f8f3c1a2323547320a813b3549d798ef9130a891ff3d47bc8e680b9e8de3b6fa29d68a9ac8d47d1500d44f33f21ce9f7ca092caafdc71abf149b4362166eb65050d242dfc93ad6ff36fa8942bdc3696920463f24ddda75552076b28a9550ffdbfdee9ded891363e330cffce8d1443538e83a8d41197b09aac43a4feeb00f209e0845a4039cff2d4abce73e31fffaccdb72803d0b62dce4d96036a70277c3a8ea56e1975f9f331ca8ad19f65c911f1c11f3b704a4013a937a533ba2372c3a9d2dce0daf3edb6dee9f5d96d5016161aade0b4dfb074adb66d4643f89bbcf1ac9ac33a763dc1195c95ce3ba8a47ec7ee75c8c4281be55ce515508dd50ee30f5208c4d118f767d2e00644dee2ad1143bcaf2542ed87d42981642cc819b84841b3fc51c64a8760edb2298cc39b388f45f14a6fe6f66c7145a42595c0741f24d71b24bdee36a1d52b125ad8ce622ef0f2a0522baa3d3c8da297731668767ac9f43465fb17ec26b9b1bb46d9ce153e7eb386103150f2a4e168542dbcd5c04c406dd25d24678396b4c03ce72ccee88c78ec8c7f6e2dac96b5599435fd161841d36701f1e03d6da550b85e4eb295b6d1d4238052c32378423f72f052c883d58ecfddf8e48663e23300a1010ea82a1b163613ebb51c30c77f0bdc91622112072f7df81226703e1427a1fb2815f30be5bd63cfd8369be08380f711d6efd047e50e06596ec3223175361985399f680559720a8d09746bbb0513a0e7416b4ce80f5cae200a1410e13e92400a61dbb5b589b66fbf38ac6d8d2f7a35555c1ae4251b722dfe3686e8e57eefd52b79161a1f5cf645142529a4221de85c6acbdb7e601e777306e3efd167c4506fe225b82b2a1bcb1833833d790590fc1a8e2d842d6a77fe0caa1338bd9a0a9f322939b43af1d8ff7e0f0d5f0dc7223373266c2e30e0f509f35441918c924ba92a62b987a5a5aa341e0a0da3f6443fab82f80db0461dbe5036d4113021bd0250e365b1235fb84262a3033177683f4803dab13bbd424d190617282ddc496670f13f0eb13d20a505271f1ab5c94e741eca457038ce296d7c1d399e4e8d94b5567d8428dc61b17fadae10081a8e0ea27bb559c2bceec32238dc45b46fe65546aee2ca7fd14744ba482572b8ddfac8f0a1b3300677a81fbe4136b80c4a0bd6e3cae09381eb1a569cd98a4a0c740f5b00f1543cca30d993ff1e4ff5a71cea0abd1975bb4c7110ba611d2fbb2fb60922ceef9889e156428034e2541ccc3fd4f3c38cf1d9dcb7ba57c89307340df4831fa3f67bd4d65edf84af10fdc68933cb4d3478f75e858144ec930ff60ca3b67d3bc9ded94bb1e5cfe01c106438527008bbd27ae95d4e3ee77e5b5c2d13bcf452911451e3b947936df9100492d0856055defbc5fcc41798687c3ac991e293a79bf9e5fd365ac344ae4348e6d88e110ca606ac196f72a3cefb53d03f5030c9f111b11d0795f0848b94e5970e6d7c08eca0e1e0e58c566ac15508ee387ef031697c172cb5babf6be202694be9b61d84ef4e38ed1853ae682c7aa4057bb4f68032e5ec5a74b2027a61cb523b9aefe3a8df9630c0471ae9666998eeed6128ccff2b78950fc0ca5d0cb7cdf8b9bdbb5fc543c6fa51513fa2ebcd1c0809fb42035568ad62233db24735f79bdf734ac0f56a94dd789e83dba75dec68eed1956611ebb2d7ed5b2cd5622a510fa50b1a730ce08387d5002a3ecb617a00f9fbd738a7cb8fe90e5cce95777ac26c51e65958d736f5a1ecabb3841ce2fbde6fc21f72a1edd46e2cf12f39233045c9497144ccf63425343e459f27a9045aea43fd7cf4e29bc502fa46579c578054050902307634520a12ceb36deb0bb1a7db5d3809a170ad8054d029e4b03d8218139221e45fa71e0db2d2981de4b9609912a76e72f8c0d35e2db247a76dc3e72645d82022b543450dd7ab42d808eadedc233b0fd9aae7fe26de48bc7590dd96453ccb27b9b6ed2ce580bf33f29b4a2e53fc8840df30742db01cb79c1491461a83ecca5930b35e4d514f813d13d13432504e28a90d84dd7979efee79f2c0a5d82780580d118b1d3ed5bd9506d0d811d34b0b60c23ad5a2b2f9a646c498a42011b3fa45ec5ff3f4d7a083bc9b4ea8622f252a24e4fd8d56cbca1555e327985a6bc2707d70cfd60bd5a911a295f88dbeb475326c49674160aca160fe0d2edad98ed44af66451b557529470d5652fa4da8667c260553f542328a49b3710972722af2fa0fb51cada26e1036f50a626a8d7d5fa945e6bb3c6e34eba07a8dfde68b80e1eec5b8e46f119dd8954d9dba71a0182d28a261770537f3456cef4a2e8c88d6673b1ca397d55b3d49f18cf2e38dbfbaefb4e1b0396b9e846990cad74eea1f72c20bd4861f6fcb5537be8f9dfefc2f9629537f2460e374391334d9a05ff164ba5fdb289b388e13dad1fbaa02584dc371f71066dc935de8a38b76acd65c12de4d99143c52e7d9a9ae689f407a8044b9fed2dcbf4312e53496d7512a6fa4d95ee69cb049d7fb5e2f7eba932a3e9cecee646d4a14202e6d1c1bebd966ccf6b5ab81fc42a3d76cc6431f4247661184bea4c438fde36ddad0980d74ba2cda40aa", 0x1000}], 0x4, &(0x7f0000006400)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32, @ANYRES32, @ANYRES32=r3, @ANYBLOB="020000001c000000000000000100000002000085", @ANYRES32, @ANYRES32=r4, @ANYRES32=r5, @ANYBLOB="0000000028000000000000000100000001000000", @ANYRES32, @ANYRES32=r6, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES64, @ANYBLOB="18000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="1400000000000000000000ad652850237f840cbbab0dd5a148e30007000000b87ac96aa74970dc73cbe639df410977c429d3da78d3df32b24ec784c6f273baa7b4b09cc6c0c003dd5ba96d191e1215af83e1c5c7cc644c717aeb63714d2452e30745e730f1fdc9eeb0032f0c052611cf1c6591d9e1e5e400b8d7ce49956ac7", @ANYRES32=r0, @ANYBLOB='@\x00\x00\x00'], 0x98, 0x400a811}}, {{&(0x7f0000002540)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000002880)=[{&(0x7f0000006100)="4e142ab54524fc6bf80c454f559f408fb90cc62b4b7140baf76159205f3f634802c77edde3532bfe471ac8fb86072fd2f1ea548564672562c22c5cb793ba852306e897666592d9ca6fa0077640347a89ae8c46e4b5f1d7ec5e393358bdc187940a2d4dba8f465cb27ac7afccd5014028f3d83eff97117b1a01533a670c446168692f2b3e037d458c0e88e0449c1f6e7ea324d5bbc54040769dd1f88e8031429e540e6f9bb0ec5b78287852141caf1293b9975709d11fd7e7c1f62dd2cf726092525a805c7794652c8207e01bed97738e5da8f6b9a1246c4db82acc727ac043c025c7eb8f80c51c000000000000000000007777d02e862d9d885599cded073ab2177feaa6597eb9c568da4b579571572529de48a2541c0f9c3eaee0344297f485b0341802c394a6623d9f81534f48ca2a3de765e13c29d7fff533dc7e6097b94cb59a812903ed82bbb5ac7c013813e20913db3aa2fa86d5814fb517c5168de80720ed9f517c928b2536e70df648b587725b652727c4c3c2e2770130b7fc976aeb0010", 0x182}, {&(0x7f00000026c0)="e8847a3c953b333761688e46349aadb075caa5132bd1917eb610fd2292864c177b476c1b6855998ce80a2d6477bd5e6207705c509265534b641268e82d3926ef43f8bf4eaa156dfbcf1d25d9ac9bda1476cc45304f337c4467da32a98d8f97e24ea9410032fdec06d6b8456a8f6f3cacd623c6fb15670bf6a75406f50b220cfadeeebceb51c8b4534a5022bb07e596906e9464", 0x93}, {&(0x7f0000000000)="400652d586f66fcf33166a7f5a054ef3c12b97126b40482a4ae26c0fb5a67db4263fecaa12eb", 0x26}, {&(0x7f00000027c0)="0a236a9525a1f87b201750268b46f1750865e8f1b02712b1c6a69a998e8bcc2c3ff3e06394ff8a3b2bf415a924000000000000000000", 0x36}, {&(0x7f0000002800)="9e671c7510cd2e06911c891b672ba52403d966c7cde9f23976ffcba27d89a2e2000c4476645f6ccc942f26bc13f2e82012400eca6fcb784950bc2437cd0da1a42e15ebf99cbb21ec9c70cf124dd4095470954bb2a39e1dc7cfa1a04ab7e9cccc8b1c750fbcf68ffad37f85e34752", 0x6e}], 0x5, &(0x7f0000002b00)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r10, r11}}}], 0x20, 0x4045}}, {{&(0x7f0000002b40)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000002f80)=[{&(0x7f0000002bc0)="ded4c1d7f98dde073599a86690f8146403dad8b0d9450ab7cb5158ad442f2f2c416d23a19cead8764a6962e12b1db9ab26c9daa796823ec0b824d43be932d91aeb2fc63eab15a88d1f67a60047179343b96669f725143c3fb543840d888428c8fe1e2a64a75debae9e2794124dcbbabc3a15c0b4c5c140f662454d93afde353721f9ebd22b1b5e2555999f64a1874f654c697c8ad474f7f2d324653d5498c52bb5985dd039574755e5ee5e163112d3729bf4e4f15a6745bf31064b4ade3686eb212e341963aa", 0xc6}, {&(0x7f0000002d80)="3d4fc06d22b8c1912a37eec435dd5166e63f0bb2b5fec72d3f44d6f1e6fdc8938560b6e88b65499d558e7b118a9141114b3a05a1593244c37ae779720f9954ff79454925755b760ae832993e79969fcd4ab8285137f9a80617ed5bc028cd223a7990c80916363b35f935a7a39df9e3f14b5d1b2a80541fc7020ce77d48ab348a304a334a36cd187adec15412c78eb4442d052b81c951976960aa48e488581080e53fa1b0ce900fc63f7b43614c210c9855c29fcf7b753e3e6152f0cf5822723a424111f1db1d91bf4ecf83b852", 0xcd}, {&(0x7f0000002e80)="1ea659f45f3253310cd4bf324523d197a9aa59ea3c1108f9d3cf492219754bef77f81afa0e2f4701531a43250ad77acf9769e2327bbc2b8c66282836b78b1ba3bd47f19aeafeb7f9fd687ecc6bdad30216711df0dd16c3063f9a094307f20b4ae46c22bfcaf1fb39365f7645579db7514cfe0f41712dc4b8a7d631f7c39def8958b3ec56788f5653930cf91fb37d463bb5f62293e221b9f56695eeee5faf9f25674938454aba8fd59fd773840def07756dc6bf540efddab95cd1e1705f4017a57192836b85b7cac4ae60", 0xca}], 0x3, 0x0, 0x0, 0x10}}], 0x3, 0x4040801)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r0, 0x8983, &(0x7f0000000080)={0x0, 'bridge_slave_1\x00', {0x2}})

809.243277ms ago: executing program 0 (id=391):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x40, &(0x7f00000008c0)={[{@nobh}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@data_err_ignore}, {@resuid}, {@dioread_nolock}, {@usrjquota}, {@discard}, {@jqfmt_vfsv1}]}, 0xfc, 0x564, &(0x7f0000002bc0)="$eJzs3c9rHFUcAPDvbLL9rU2hFPUggR6s1G6axB8VPNSjaLGg97ok01Cy6ZbspjSxYHuwFy9SBBEL4h/gyYvH4j/gX1HQQpES9OAlMpvZdNPdTbbJtkm7nw9M8t7M7L757sz38WbfLhvAwBrN/hQiXo2Ib5OIwy3bhiPfOLq63/LD61PZksTKymd/J5Hk65r7J/n/g3nllYj4/euIk4X2dmuLS7PlSiWdz+tj9bkrY7XFpVOX5soz6Ux6eWJy8sw7kxPvv/du32J98/y/P3x696Mz3xxf/v6X+0duJ3E2DuXbWuPYhhutldEYzV+TYpx9bMfxPjS2myQ7fQBsyVCe58XI+oDDMZRnPfDi+yoiVoABlch/GFDNcUDz3r5P98HPjQcfrt4Atcc/vPreSOxr3BsdWE7W3Rll97sjfWg/a+O3v+7czpbo3/sQAJu6cTMiTg8Pt/d/Sd7/bd3pHvZ5vA39Hzw7d7Pxz1udxj+FtfFPdBj/HOyQu1uxef4X7vehma6y8d8HHce/a5NWI0N57aXGmK+YXLxUSbO+7eWIOBHFvVl9o/mcM8v3Vtav+XWt1Dr+y5as/eZYMD+O+8N71z96ulwvbzfupgc3I17rOP5N1s5/0uH8Z6/H+R7bOJbeeb3bts3jf7pWfo54o+P5fzSjlWw8PznWuB7GmldFu39uHfujW/s9xF/sY7htsvN/YOP4R5LW+dpat2fqPm/0077/0m7btnr970k+b5T35Ouulev1+fGIPckn7esnHj22WW/un8V/4vjG/V+n639/RHzRNeL1bh291XXXnb7+s/inn+j8P3nh3sdf/tit/d7O/9uN0ol8TS/9X68HuJ3XDgAAAAAAAHabQkQciqRQWisXCqXS6uc7jsaBQqVaq5+8WF24PB2N78qORLHQnOk+3PJ5iPH887DN+sRj9cmIOBIR3w3tb9RLU9XK9E4HDwAAAAAAAAAAAAAAAAAAALvEwYh9nb7/n/lzaKePDnjq2n66QeLDwOj+0y35ln780hOwK3XPf+BFJ/9hcMl/GFzyHwaX/IfBJf9hcMl/GFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAPrq/Llz2bKy/PD6VFafvrq4MFu9emo6rc2W5hamSlPV+SulmWp1ppKWpqpzmz1fpVq9Mj4RC9fG6mmtPlZbXLowV124XL9waa48k15Ii88kKgAAAAAAAAAAAAAAAAAAAHi+1BaXZsuVSjqvoLClwvDuOAyFPhd2umcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEf+DwAA//9MBzmC")
r0 = open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x7, 0x4, 0x8, 0xfffffffc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
fallocate(r0, 0x0, 0x0, 0x1000f8)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x6, 0x4, 0xfff, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000ec0)=ANY=[], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
preadv(r3, &(0x7f0000000080)=[{&(0x7f0000000900)=""/257, 0x101}, {&(0x7f0000001d80)=""/164, 0xa4}], 0x2, 0x0, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='smaps\x00')
bind$inet6(r0, &(0x7f0000000500)={0xa, 0x4e23, 0x1, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, 0x8}, 0x1c)
lseek(r4, 0x0, 0x3)
lsetxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014d5c31c643f000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000afcc26f6b8e79d3c8c18a6181938d220c3a965b568dc7d1094ed3e29da29f47689e162c7ba966fb1de3365fd6a0000457151eeeb1888e3b71094d3c1c63fd54e2a5d25705019b7b6f36c6c13a66407d354cd73ff08dc5d4e4217c1c71d9ef88e60a387b5cf2c0b832dd99b6f08848c40d25d2929ee05590ea65732a4209d67abdcc7d2c712e5f4866c"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
pipe2$9p(&(0x7f0000000540)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x80000)
write$P9_RSTATFS(r6, &(0x7f0000000700)={0x43, 0x9, 0x1, {0xd, 0x6, 0x3, 0x9, 0x40, 0x9, 0x8, 0x401, 0x8}}, 0x43)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x40, &(0x7f0000000340), 0x1, 0x55b, &(0x7f0000000940)="$eJzs3U9oHNUfAPDvzGZ//ZefqaCg0kNRoULpJukfrZ7aq1go9CB4qctmG0I22ZDdaBNySO9F7EFUeqk3PXhUPHgQLx69elE8C6JBoelBVvZf2iabuK1JtnY+H5jd9+Zt9vvezH7f7gwzJIDMOtp8SCOejYiLScTIPW1D0Wk82n7d2upy6c7qcimJRuPSb0kkEXF7dbnUfX3SeT4UESsR8UxEfJuPOJ5ujltbXJouVirl+U59tD4zN1pbXDoxNVOcLE+WZ0+98uqZs6fPjJ8c37GxXv/pxnvXv3/91o3PPj+yUvqgmMS5GO603TuOndTeJvk4t2H96d0INkDJoDvAQ8l18jwfEU/HSOQ6WQ88/hr7IhpARiXyHzKq+zugefzbXfby98ev59sHIM24a52l3TLUPjcR+1vHJgf/SO47Mmkebx7ey47yWFq5FhFjQ0ObP/9J5/P38MZ2ooPsqm/Ot3fU5v2frs8/0WP+Ge6eO/2XuvPf2qb572783Bbz38U+Y/z11s8fbxn/WsRzPeMn6/GTHvHTiHi7z/g33/zq7FZtjU8ijkXv+F3J9ueHR69MVcpj7ceeMb4+duS17cZ/cIv47XO2+1tfM722/1yf4//yuy+eX9km/ksvbL//e23/AxHxfp/xn7z96RtbtTXjT2wx/u3iN9fd6jP+y+eO/tjnSwEAAAAAAAAAgAeQtq5lS9LCejlNC4X2PbxPxcG0Uq3Vj1+pLsxOtK95Oxz5tHul1Ui7njTr453rcbv1kxvqp3KdgLkDrXqhVK1MDHjsAAAAAAAAAAAAAAAAAAAA8Kg4tOH+/z9z7fv/gYzwL78hu+Q/ZNf9+Z8MrB/A3vP9D5nVkP+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/AAAAAAAAAAAAAAAAAAAAAAAAAADsiosXLjSXxp3V5VKzPjG0uDBdfefERLk2XZhZKBVK1fm5wmS1OlkpF0rVmX96v0q1OjcWswtXR+vlWn20trh0eaa6MFu/PDVTnCxfLuf3ZFQAAAAAAAAAAAAAAAAAAADw3zLcWpK0EBFpq5ymhULE/yPicOSTK1OV8lhEPBERP+Ty+5r18UF3GgAAAAAAAAAAAAAAAAAAAB4ztcWl6WKlUp5X2FyIiJWdfefmOz7wX+U7++pR2SwKWSgMeGICAAAAAAAAAAAAAAAAAIAMunvT76B7AgAAAAAAAAAAAAAAAAAAAFmW/pJERHM5NvLi8MbW/yVrudZzRLx789KHV4v1+vx4c/3v6+vrH3XWnxxE/4F+dfO0m8cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAXbXFpelipVKe38XCoMcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DD+DgAA//+H69Sv")
r7 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x1)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r7, 0x0)
accept$unix(0xffffffffffffffff, 0x0, &(0x7f0000000000))
sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000380)={&(0x7f0000000180), 0xc, &(0x7f0000000300)={&(0x7f0000000ec0)={0xec, 0x0, 0x1, 0x1c376686a233a916, 0x0, 0x0, {0x1, 0x0, 0x7}, [@CTA_NAT_DST={0x20, 0xd, 0x0, 0x1, [@CTA_NAT_PROTO={0x1c, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e24}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e24}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e24}]}]}, @CTA_ZONE={0x6}, @CTA_NAT_DST={0x28, 0xd, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @local}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x2e}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x8}, @CTA_TUPLE_REPLY={0x4}, @CTA_SEQ_ADJ_ORIG={0x1c, 0xf, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x5}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0xc04e}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x9f5}]}, @CTA_PROTOINFO={0x58, 0x4, 0x0, 0x1, @CTA_PROTOINFO_TCP={0x54, 0x1, 0x0, 0x1, [@CTA_PROTOINFO_TCP_FLAGS_ORIGINAL={0x6, 0x4, {0x3, 0x3}}, @CTA_PROTOINFO_TCP_WSCALE_ORIGINAL={0x5, 0x2, 0xf}, @CTA_PROTOINFO_TCP_WSCALE_ORIGINAL={0x5, 0x2, 0x8}, @CTA_PROTOINFO_TCP_WSCALE_REPLY={0x5, 0x3, 0x4}, @CTA_PROTOINFO_TCP_FLAGS_ORIGINAL={0x6, 0x4, {0x8, 0xfc}}, @CTA_PROTOINFO_TCP_STATE={0x5, 0x1, 0x3}, @CTA_PROTOINFO_TCP_FLAGS_REPLY={0x6, 0x5, {0x6, 0x4}}, @CTA_PROTOINFO_TCP_STATE={0x5, 0x1, 0xd}, @CTA_PROTOINFO_TCP_WSCALE_REPLY={0x5, 0x3, 0x8}, @CTA_PROTOINFO_TCP_FLAGS_REPLY={0x6, 0x5, {0x1e, 0x3}}]}}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0xe271}]}, 0xec}, 0x1, 0x0, 0x0, 0x20024804}, 0x20000000)
ioctl$EXT4_IOC_SWAP_BOOT(r7, 0x6611)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
sendfile(r0, r0, 0x0, 0x100000008)

622.335247ms ago: executing program 0 (id=392):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xa, 0x4, 0xf1, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000023000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r1}, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})

569.140308ms ago: executing program 0 (id=393):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x2cf6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000400)={0x2c, &(0x7f0000000280)={0x0, 0x21, 0x7, {0x7, 0x0, "3d7da32915"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000480)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="292243eba1c6fb56ca634775fae570ae18d8781a2de46d1e34638391a393b1ef960136fc05bbbc8ddb51e39137e1c80f801c8255f42b26a15fcc0e39d7509090c1540ca6ccfbf09fe3e9765323d4486cd032c032e188cfd50d1bae6bf65aa77fc7d802fe24e7794ce30f2adc6bfeed965c4860904bb98dddc1c6ccd4e0f5d80c7d8a44e12c8035a2a275cdad8ce3705144cd943b065b529cd533e0b447a2d806cb113051e86adafda8f467946644389c669624baca36473f5164dd5bab25de4be0a2f97001cfd2d79f29c645a77d9d2154a7d108f3838131a7f8cd16"], 0x0})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0a000000050000000200f5ff0700000000000000775ed2bcde3dce6af37b4ee4ae0dfeff31a459b4757e5301ab51bb40cd1446c524edbf26305aff9f5f623e4d5031c2891945dc2e63f9e68c9ff381e12fea3f50f3fad8f3ee83b9db85c938b8471f5ed906620e8542cf28e60678700e037e0fbead1f41064dba08f75431bb6108b6a7ed94a731475047f680911f4c27e61bc8fdd4146779852e5c608bee807ecdce20d6d6e3206913aa1ed3f6a45c66e497a3248323121b2ad46a0a79868f449dc8ee9663a1f200d381da2d84a56378fdb0462e13b116b3328b0fee54a1f6be96092fbe8eaa26a3c72d8f810fc2778a", @ANYRES32=r1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=r1], 0x48)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000180), 0x40080, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAPCLR(r2, 0x4b68, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
ptrace$ARCH_SET_GS(0x1e, 0x0, 0x0, 0x1001)
socket$inet6(0xa, 0x802, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000040000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0xfc}}, 0x0)
r6 = socket$inet6(0xa, 0x3, 0x1)
connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r6, &(0x7f0000000480), 0x21, 0x0)

408.807368ms ago: executing program 4 (id=394):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000018c0)=ANY=[@ANYBLOB="0b00000007000000020000000400000005"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000800)={{r1, <r2=>0xffffffffffffffff}, &(0x7f00000001c0), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000004000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffff6c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001a40)=ANY=[@ANYBLOB="0900000004000000163c000001", @ANYRES32=0x0], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280), 0x0, 0xffffffff, r4}, 0x38)

392.536468ms ago: executing program 4 (id=395):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000001200000000000000009500"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
syz_clone3(&(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffeb3}, 0x58)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r3, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x2)
accept4$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000380)=0x1c, 0x80800)
dup(r4)
r5 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x80001, 0x0)
fcntl$setstatus(r5, 0x4, 0x2800)
io_setup(0x7, &(0x7f0000000000))
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000240)={0x8, 0x0, &(0x7f0000000340)=[@acquire={0x40046305, 0x3}], 0x0, 0x0, 0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="2000000010000000000000000000000000000000a3ffb01a12ff5b3c778e46ea8da1721c45c724444d47960d9831114bbd0017", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000280)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x1000, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x7, 0x4, &(0x7f0000000080)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x9e, 0x6a, 0xa, 0xff00}, [@call={0x79, 0x0, 0x7c}, @exit, @map_fd, @jmp]}, &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2d)

0s ago: executing program 3 (id=396):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40841, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
setsockopt$MRT6_DEL_MIF(0xffffffffffffffff, 0x29, 0xc8, 0x0, 0xc000000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000340)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@resgid}, {@nobarrier}, {@usrjquota}]}, 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O")
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x64)
r2 = openat$binfmt_register(0xffffff9c, &(0x7f0000001240), 0x1, 0x0)
write$binfmt_register(r2, &(0x7f0000000200)={0x3a, 'syz0', 0x3a, 'E', 0x3a, 0xf0, 0x3a, 'Jat\xd6\xd0\xa7\xea\xf9\xd8j\xf1\xd7cow', 0x3a, '\\-%#!\\\\\'', 0x3a, './file0', 0x3a, [0x4f, 0x46]}, 0x40)
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000003000)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0xfffffcc8, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r5}, 0x10)
execve(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
mount$incfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000340), 0x0, 0x0)
syz_mount_image$fuse(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x8a024, &(0x7f00000004c0)={{}, 0x2c, {}, 0x2c, {'user_id', 0x3d, 0xee00}}, 0x0, 0x0, 0x0)
r7 = socket$packet(0x11, 0x2, 0x300)
r8 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000280)={'syz_tun\x00', <r9=>0x0})
setsockopt$packet_add_memb(r7, 0x107, 0x1, &(0x7f0000000640)={r9, 0x1, 0x6, @random="e6f7b1a258c5"}, 0x10)
getdents(r1, 0x0, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file1\x00', 0x0)
getdents64(r1, &(0x7f0000000f80)=""/4096, 0x1000)

kernel console output (not intermixed with test programs):

 type=1326 audit(1732865373.135:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=915 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f259db80809 code=0x7ffc0000
[  110.650104][   T28] audit: type=1326 audit(1732865373.135:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=915 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f259db80809 code=0x7ffc0000
[  110.674168][   T40] usb 2-1: selecting invalid altsetting 0
[  110.683000][   T40] usb 2-1: USB disconnect, device number 7
[  110.688928][   T28] audit: type=1326 audit(1732865373.165:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=915 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f259db80809 code=0x7ffc0000
[  110.713916][   T28] audit: type=1326 audit(1732865373.165:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=915 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f259db80809 code=0x7ffc0000
[  110.738049][   T28] audit: type=1326 audit(1732865373.165:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=915 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f259db80809 code=0x7ffc0000
[  110.770137][  T603] udevd[603]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:156.243/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  110.786251][  T511] pyra 0003:1E7D:2CF6.0007: couldn't init struct pyra_device
[  110.793596][   T28] audit: type=1326 audit(1732865373.165:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=915 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f259db80809 code=0x7ffc0000
[  110.817465][  T511] pyra 0003:1E7D:2CF6.0007: couldn't install mouse
[  110.837260][  T511] pyra: probe of 0003:1E7D:2CF6.0007 failed with error -32
[  110.990001][  T940] netlink: 68 bytes leftover after parsing attributes in process `syz.2.122'.
[  111.128447][   T28] audit: type=1326 audit(1732865373.165:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=915 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7f259db80809 code=0x7ffc0000
[  111.171829][   T28] audit: type=1326 audit(1732865373.165:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=915 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f259db80809 code=0x7ffc0000
[  111.259072][  T400] pyra 0003:1E7D:2CF6.0008: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.3-1/input0
[  111.487058][  T943] netlink: 68 bytes leftover after parsing attributes in process `syz.3.124'.
[  111.733830][  T291] EXT4-fs (loop1): unmounting filesystem.
[  111.768028][  T948] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  111.808247][  T948] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  112.055215][  T953] netlink: 68 bytes leftover after parsing attributes in process `syz.0.128'.
[  112.271441][  T483] usb 1-1: USB disconnect, device number 8
[  112.518649][    T6] usb 3-1: USB disconnect, device number 6
[  112.524830][  T400] pyra 0003:1E7D:2CF6.0008: couldn't init struct pyra_device
[  112.532984][  T400] pyra 0003:1E7D:2CF6.0008: couldn't install mouse
[  112.541522][  T400] pyra: probe of 0003:1E7D:2CF6.0008 failed with error -32
[  112.551789][  T400] usb 4-1: USB disconnect, device number 6
[  112.894537][  T966] loop2: detected capacity change from 0 to 512
[  113.081711][  T966] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.127: casefold flag without casefold feature
[  113.095142][  T966] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.127: couldn't read orphan inode 15 (err -117)
[  113.107933][  T966] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  115.002762][  T293] EXT4-fs (loop2): unmounting filesystem.
[  115.058050][  T400] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  115.569091][  T987] loop1: detected capacity change from 0 to 512
[  116.863959][  T988] loop2: detected capacity change from 0 to 512
[  118.779051][  T987] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.133: casefold flag without casefold feature
[  118.792265][  T988] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.135: casefold flag without casefold feature
[  118.805758][  T988] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.135: couldn't read orphan inode 15 (err -117)
[  118.818308][  T987] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.133: couldn't read orphan inode 15 (err -117)
[  118.830773][  T987] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  119.149008][  T988] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  119.547192][  T291] EXT4-fs (loop1): unmounting filesystem.
[  121.020478][ T1002] loop3: detected capacity change from 0 to 512
[  121.077827][  T293] EXT4-fs (loop2): unmounting filesystem.
[  121.124100][ T1002] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz.3.138: casefold flag without casefold feature
[  121.137542][ T1002] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.138: couldn't read orphan inode 15 (err -117)
[  121.150578][ T1002] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  121.795176][  T301] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  123.180121][ T1013] loop2: detected capacity change from 0 to 512
[  123.214603][  T292] EXT4-fs (loop3): unmounting filesystem.
[  123.292498][ T1013] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.139: casefold flag without casefold feature
[  123.306448][ T1013] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.139: couldn't read orphan inode 15 (err -117)
[  123.319046][ T1013] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  123.527936][   T19] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  123.623948][  T293] EXT4-fs (loop2): unmounting filesystem.
[  124.826202][ T1031] loop2: detected capacity change from 0 to 512
[  126.135687][  T301] usb 5-1: device descriptor read/64, error -71
[  126.158940][ T1031] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.144: casefold flag without casefold feature
[  126.172086][ T1031] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.144: couldn't read orphan inode 15 (err -117)
[  126.183809][ T1031] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  127.667793][ T1047] loop4: detected capacity change from 0 to 512
[  127.677733][ T1053] loop0: detected capacity change from 0 to 512
[  127.707559][  T293] EXT4-fs (loop2): unmounting filesystem.
[  127.818039][ T1053] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.148: casefold flag without casefold feature
[  127.831619][ T1053] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.148: couldn't read orphan inode 15 (err -117)
[  127.845453][ T1053] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  128.573006][ T1047] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz.4.146: casefold flag without casefold feature
[  128.586503][ T1047] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.146: couldn't read orphan inode 15 (err -117)
[  128.600144][ T1047] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  128.934267][  T290] EXT4-fs (loop0): unmounting filesystem.
[  129.047011][  T429] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  129.052051][  T294] EXT4-fs (loop4): unmounting filesystem.
[  129.578595][ T1076] loop0: detected capacity change from 0 to 512
[  129.591005][  T400] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  129.607019][ T1076] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.151: casefold flag without casefold feature
[  129.621279][ T1076] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.151: couldn't read orphan inode 15 (err -117)
[  129.635294][ T1076] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  129.884464][  T429] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  130.079540][  T429] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  130.089191][  T429] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  130.098106][  T429] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.118681][  T429] usb 3-1: config 0 descriptor??
[  130.248047][  T400] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  130.269912][  T400] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  130.280145][  T400] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  130.297981][  T400] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.314309][  T400] usb 4-1: config 0 descriptor??
[  130.416714][  T290] EXT4-fs (loop0): unmounting filesystem.
[  130.591787][  T429] pyra 0003:1E7D:2CF6.0009: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.2-1/input0
[  130.762408][ T1090] loop4: detected capacity change from 0 to 512
[  130.905170][ T1090] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz.4.155: casefold flag without casefold feature
[  130.918896][ T1090] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.155: couldn't read orphan inode 15 (err -117)
[  130.932247][ T1090] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  131.779361][  T429] pyra 0003:1E7D:2CF6.0009: couldn't init struct pyra_device
[  131.786592][  T429] pyra 0003:1E7D:2CF6.0009: couldn't install mouse
[  131.850598][  T400] pyra 0003:1E7D:2CF6.000A: hidraw1: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.3-1/input0
[  131.899426][  T429] pyra: probe of 0003:1E7D:2CF6.0009 failed with error -32
[  131.948002][  T400] pyra 0003:1E7D:2CF6.000A: couldn't init struct pyra_device
[  132.141146][  T294] EXT4-fs (loop4): unmounting filesystem.
[  132.157339][ T1096] netlink: 68 bytes leftover after parsing attributes in process `syz.3.150'.
[  132.246161][  T400] pyra 0003:1E7D:2CF6.000A: couldn't install mouse
[  132.254211][  T400] pyra: probe of 0003:1E7D:2CF6.000A failed with error -32
[  132.657675][   T40] usb 4-1: USB disconnect, device number 8
[  132.778486][ T1102] netlink: 68 bytes leftover after parsing attributes in process `syz.2.149'.
[  133.105570][  T613] usb 3-1: USB disconnect, device number 7
[  133.458364][ T1110] loop1: detected capacity change from 0 to 512
[  133.676386][ T1110] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.159: casefold flag without casefold feature
[  133.689897][ T1110] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.159: couldn't read orphan inode 15 (err -117)
[  133.702918][ T1110] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  134.704703][  T291] EXT4-fs (loop1): unmounting filesystem.
[  135.477352][ T1130] loop2: detected capacity change from 0 to 512
[  135.570490][  T400] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  135.602589][ T1130] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.157: casefold flag without casefold feature
[  135.628455][ T1130] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.157: couldn't read orphan inode 15 (err -117)
[  135.641395][ T1130] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  136.697495][  T293] EXT4-fs (loop2): unmounting filesystem.
[  136.783899][ T1138] loop0: detected capacity change from 0 to 512
[  136.845833][ T1138] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.163: casefold flag without casefold feature
[  136.860148][ T1138] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.163: couldn't read orphan inode 15 (err -117)
[  136.873802][ T1138] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  138.011205][  T290] EXT4-fs (loop0): unmounting filesystem.
[  138.038080][  T400] usb 2-1: device descriptor read/all, error -71
[  138.058158][ T1152] loop4: detected capacity change from 0 to 512
[  138.140167][ T1152] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz.4.165: casefold flag without casefold feature
[  138.152895][ T1152] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.165: couldn't read orphan inode 15 (err -117)
[  138.164770][ T1152] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  138.269440][ T1155] loop0: detected capacity change from 0 to 512
[  138.434899][ T1155] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.167: casefold flag without casefold feature
[  138.450342][ T1155] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.167: couldn't read orphan inode 15 (err -117)
[  138.463202][ T1155] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  139.295518][  T294] EXT4-fs (loop4): unmounting filesystem.
[  139.361157][  T400] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  140.440253][  T290] EXT4-fs (loop0): unmounting filesystem.
[  140.943303][ T1177] loop2: detected capacity change from 0 to 512
[  142.010894][  T400] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  142.028358][  T400] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  142.037993][  T400] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  142.046775][  T400] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.055418][  T400] usb 2-1: config 0 descriptor??
[  142.077524][ T1184] loop4: detected capacity change from 0 to 512
[  143.264982][ T1179] loop0: detected capacity change from 0 to 512
[  144.720615][ T1177] EXT4-fs: failed to create workqueue
[  144.725944][ T1177] EXT4-fs (loop2): mount failed
[  145.428935][ T1184] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz.4.172: casefold flag without casefold feature
[  145.442943][ T1184] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.172: couldn't read orphan inode 15 (err -117)
[  145.456318][ T1184] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  145.534197][ T1179] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.171: casefold flag without casefold feature
[  145.547797][ T1179] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.171: couldn't read orphan inode 15 (err -117)
[  145.560515][ T1179] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  146.331361][  T294] EXT4-fs (loop4): unmounting filesystem.
[  146.417784][  T400] usb 2-1: can't set config #0, error -71
[  146.427083][  T400] usb 2-1: USB disconnect, device number 10
[  146.435394][  T290] EXT4-fs (loop0): unmounting filesystem.
[  147.760378][ T1218] loop3: detected capacity change from 0 to 512
[  147.860116][ T1218] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz.3.179: casefold flag without casefold feature
[  147.874095][ T1218] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.179: couldn't read orphan inode 15 (err -117)
[  147.886717][ T1218] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  148.887937][  T400] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  150.200444][ T1230] loop4: detected capacity change from 0 to 512
[  150.403615][  T292] EXT4-fs (loop3): unmounting filesystem.
[  150.474854][ T1230] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz.4.180: casefold flag without casefold feature
[  150.489304][ T1230] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.180: couldn't read orphan inode 15 (err -117)
[  150.502403][ T1230] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  152.216792][  T294] EXT4-fs (loop4): unmounting filesystem.
[  152.428035][  T400] usb 2-1: device not accepting address 11, error -71
[  152.775304][ T1255] loop3: detected capacity change from 0 to 512
[  152.805610][   T40] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  152.982401][ T1255] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz.3.186: casefold flag without casefold feature
[  152.996277][ T1255] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.186: couldn't read orphan inode 15 (err -117)
[  153.011248][ T1255] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  153.592586][   T40] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  153.607831][   T40] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  153.621756][  T292] EXT4-fs (loop3): unmounting filesystem.
[  153.627642][   T40] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  153.637255][   T40] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  153.658125][   T40] usb 5-1: config 0 descriptor??
[  153.966411][    T6] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  154.117972][  T400] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  154.176127][   T40] pyra 0003:1E7D:2CF6.000B: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.4-1/input0
[  154.368110][    T6] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.379705][   T40] pyra 0003:1E7D:2CF6.000B: couldn't init struct pyra_device
[  154.386935][   T40] pyra 0003:1E7D:2CF6.000B: couldn't install mouse
[  154.395438][    T6] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  154.396079][   T40] pyra: probe of 0003:1E7D:2CF6.000B failed with error -32
[  154.523652][ T1275] netlink: 68 bytes leftover after parsing attributes in process `syz.4.184'.
[  154.579051][  T400] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.610362][  T400] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  154.638007][  T400] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  154.667228][  T400] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.675648][    T6] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  154.686111][    T6] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  154.695569][  T400] usb 3-1: config 0 descriptor??
[  154.700782][    T6] usb 4-1: Product: syz
[  154.704879][    T6] usb 4-1: Manufacturer: syz
[  154.710300][    T6] usb 4-1: SerialNumber: syz
[  154.969833][ T1268] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  154.986343][   T40] usb 5-1: USB disconnect, device number 8
[  155.179607][  T400] pyra 0003:1E7D:2CF6.000C: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.2-1/input0
[  155.443486][  T400] pyra 0003:1E7D:2CF6.000C: couldn't init struct pyra_device
[  155.450953][  T400] pyra 0003:1E7D:2CF6.000C: couldn't install mouse
[  155.466088][  T400] pyra: probe of 0003:1E7D:2CF6.000C failed with error -32
[  155.618318][ T1268] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  157.539288][ T1295] loop1: detected capacity change from 0 to 512
[  158.549881][    T6] cdc_mbim 4-1:1.0: failed to get mac address
[  158.577512][    T6] cdc_mbim 4-1:1.0: bind() failure
[  158.583067][  T613] usb 3-1: USB disconnect, device number 8
[  158.589886][ T1295] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.195: casefold flag without casefold feature
[  158.602700][ T1295] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.195: couldn't read orphan inode 15 (err -117)
[  158.607987][    T6] cdc_ncm: probe of 4-1:1.1 failed with error -71
[  158.615969][ T1300] loop0: detected capacity change from 0 to 2048
[  158.626745][ T1295] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  158.672575][    T6] cdc_mbim: probe of 4-1:1.1 failed with error -71
[  158.672621][ T1300] EXT4-fs (loop0): cluster size (2048) smaller than block size (4096)
[  158.684122][    T6] usb 4-1: USB disconnect, device number 9
[  158.868012][  T400] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  159.093797][  T291] EXT4-fs (loop1): unmounting filesystem.
[  159.157974][    T6] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  159.217933][  T400] usb 5-1: Using ep0 maxpacket: 16
[  159.358026][  T400] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  159.377542][  T400] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  159.416635][  T400] usb 5-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  159.443410][  T400] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.471857][  T400] usb 5-1: config 0 descriptor??
[  159.548066][    T6] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  159.565545][    T6] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  159.584282][    T6] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  159.601913][    T6] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.620268][    T6] usb 4-1: config 0 descriptor??
[  159.941598][ T1321] loop0: detected capacity change from 0 to 512
[  160.071569][ T1321] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.203: casefold flag without casefold feature
[  160.085037][ T1321] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.203: couldn't read orphan inode 15 (err -117)
[  160.098531][ T1321] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  160.948263][  T400] hid-multitouch 0003:1FD2:6007.000D: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.4-1/input0
[  161.009397][  T400] usb 5-1: USB disconnect, device number 9
[  161.512267][  T290] EXT4-fs (loop0): unmounting filesystem.
[  161.529705][    T6] pyra 0003:1E7D:2CF6.000E: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.3-1/input0
[  161.665407][ T1337] loop0: detected capacity change from 0 to 512
[  161.693923][ T1337] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.206: casefold flag without casefold feature
[  161.707042][ T1337] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.206: couldn't read orphan inode 15 (err -117)
[  161.720205][ T1337] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  161.771295][    T6] pyra 0003:1E7D:2CF6.000E: couldn't init struct pyra_device
[  162.584021][ T1342] netlink: 68 bytes leftover after parsing attributes in process `syz.3.197'.
[  162.820916][    T6] pyra 0003:1E7D:2CF6.000E: couldn't install mouse
[  162.821924][  T290] EXT4-fs (loop0): unmounting filesystem.
[  162.827829][    T6] pyra: probe of 0003:1E7D:2CF6.000E failed with error -32
[  162.852700][  T613] usb 4-1: USB disconnect, device number 10
[  163.025424][ T1355] loop2: detected capacity change from 0 to 512
[  163.135884][ T1356] loop0: detected capacity change from 0 to 512
[  163.238072][ T1356] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.210: casefold flag without casefold feature
[  163.251815][ T1356] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.210: couldn't read orphan inode 15 (err -117)
[  163.265110][ T1356] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  164.262964][ T1355] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.209: casefold flag without casefold feature
[  164.288432][ T1355] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.209: couldn't read orphan inode 15 (err -117)
[  164.348443][ T1355] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  164.475525][   T28] kauditd_printk_skb: 7 callbacks suppressed
[  164.475540][   T28] audit: type=1400 audit(1732865427.055:199): avc:  denied  { create } for  pid=1363 comm="syz.3.211" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  164.511949][ T1366] loop1: detected capacity change from 0 to 2048
[  164.518861][ T1366] EXT4-fs (loop1): cluster size (2048) smaller than block size (4096)
[  164.527130][   T28] audit: type=1400 audit(1732865427.105:200): avc:  denied  { append } for  pid=84 comm="syslogd" name="messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  164.549911][   T28] audit: type=1400 audit(1732865427.105:201): avc:  denied  { open } for  pid=84 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  164.551516][  T290] EXT4-fs (loop0): unmounting filesystem.
[  164.572184][   T28] audit: type=1400 audit(1732865427.105:202): avc:  denied  { getattr } for  pid=84 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  164.600018][   T28] audit: type=1400 audit(1732865427.105:203): avc:  denied  { setopt } for  pid=1363 comm="syz.3.211" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  164.619332][   T28] audit: type=1400 audit(1732865427.185:204): avc:  denied  { write } for  pid=1363 comm="syz.3.211" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  164.641221][   T28] audit: type=1400 audit(1732865427.185:205): avc:  denied  { create } for  pid=1363 comm="syz.3.211" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  164.660904][   T28] audit: type=1400 audit(1732865427.185:206): avc:  denied  { read write } for  pid=1363 comm="syz.3.211" name="fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  164.695858][   T28] audit: type=1400 audit(1732865427.185:207): avc:  denied  { open } for  pid=1363 comm="syz.3.211" path="/dev/fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  164.852029][   T28] audit: type=1400 audit(1732865427.185:208): avc:  denied  { mounton } for  pid=1363 comm="syz.3.211" path="/45/file0" dev="tmpfs" ino=267 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  168.082737][  T293] EXT4-fs (loop2): unmounting filesystem.
[  168.221146][  T613] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  168.382788][ T1413] loop1: detected capacity change from 0 to 512
[  168.828561][ T1413] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.223: casefold flag without casefold feature
[  168.841972][ T1413] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.223: couldn't read orphan inode 15 (err -117)
[  168.854269][ T1413] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  168.998203][  T613] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  169.267333][  T613] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  169.546029][  T613] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  169.547818][  T291] EXT4-fs (loop1): unmounting filesystem.
[  169.555873][  T613] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.576489][  T613] usb 4-1: config 0 descriptor??
[  169.848014][  T400] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  169.880278][  T483] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  170.050180][ T1434] loop0: detected capacity change from 0 to 512
[  170.129062][  T613] pyra 0003:1E7D:2CF6.000F: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.3-1/input0
[  170.187378][ T1434] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.227: casefold flag without casefold feature
[  170.201228][ T1434] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.227: couldn't read orphan inode 15 (err -117)
[  170.214440][ T1434] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  170.278433][  T483] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  170.348089][  T483] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  171.041512][  T613] pyra 0003:1E7D:2CF6.000F: couldn't init struct pyra_device
[  171.048838][  T613] pyra 0003:1E7D:2CF6.000F: couldn't install mouse
[  171.055281][  T483] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  171.065715][  T613] pyra: probe of 0003:1E7D:2CF6.000F failed with error -32
[  171.191355][  T483] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.240522][  T290] EXT4-fs (loop0): unmounting filesystem.
[  171.254244][ T1438] netlink: 68 bytes leftover after parsing attributes in process `syz.3.219'.
[  171.397353][  T483] usb 2-1: config 0 descriptor??
[  171.587966][   T19] usb 4-1: USB disconnect, device number 11
[  171.627983][  T400] usb 5-1: Using ep0 maxpacket: 16
[  171.721090][ T1442] loop0: detected capacity change from 0 to 512
[  171.739274][ T1442] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.228: casefold flag without casefold feature
[  171.752442][ T1442] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.228: couldn't read orphan inode 15 (err -117)
[  171.765653][ T1442] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  171.925931][  T483] pyra 0003:1E7D:2CF6.0010: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.1-1/input0
[  172.828379][  T290] EXT4-fs (loop0): unmounting filesystem.
[  172.865785][ T1446] netlink: 68 bytes leftover after parsing attributes in process `syz.1.225'.
[  172.951513][  T483] pyra 0003:1E7D:2CF6.0010: couldn't init struct pyra_device
[  173.076858][  T483] pyra 0003:1E7D:2CF6.0010: couldn't install mouse
[  173.110131][  T483] pyra: probe of 0003:1E7D:2CF6.0010 failed with error -32
[  173.158037][  T400] usb 5-1: unable to read config index 0 descriptor/all
[  173.165149][  T400] usb 5-1: can't read configurations, error -71
[  173.191959][  T483] usb 2-1: USB disconnect, device number 13
[  174.094380][ T1452] loop4: detected capacity change from 0 to 512
[  175.758843][ T1454] loop0: detected capacity change from 0 to 512
[  176.259386][ T1454] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.230: casefold flag without casefold feature
[  176.272338][ T1452] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz.4.231: casefold flag without casefold feature
[  176.286568][ T1454] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.230: couldn't read orphan inode 15 (err -117)
[  176.298915][ T1452] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.231: couldn't read orphan inode 15 (err -117)
[  176.311406][ T1454] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  176.334918][ T1452] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  177.541096][  T290] EXT4-fs (loop0): unmounting filesystem.
[  177.578090][ T1468] FAULT_INJECTION: forcing a failure.
[  177.578090][ T1468] name failslab, interval 1, probability 0, space 0, times 1
[  177.590785][ T1468] CPU: 0 PID: 1468 Comm: syz.1.232 Not tainted 6.1.112-syzkaller-00038-g93460febf9b8 #0
[  177.600331][ T1468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  177.610332][ T1468] Call Trace:
[  177.613433][ T1468]  <TASK>
[  177.616211][ T1468]  dump_stack_lvl+0x151/0x1b7
[  177.620722][ T1468]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  177.626024][ T1468]  ? __stack_depot_save+0x36/0x480
[  177.630966][ T1468]  dump_stack+0x15/0x1e
[  177.634959][ T1468]  should_fail_ex+0x3d0/0x520
[  177.639471][ T1468]  __should_failslab+0xaf/0xf0
[  177.644070][ T1468]  should_failslab+0x9/0x20
[  177.648406][ T1468]  kmem_cache_alloc_node+0x42/0x330
[  177.653446][ T1468]  ? dup_task_struct+0x5a/0x7d0
[  177.658134][ T1468]  dup_task_struct+0x5a/0x7d0
[  177.662651][ T1468]  ? __kasan_check_write+0x14/0x20
[  177.667593][ T1468]  copy_process+0x5c3/0x3530
[  177.672033][ T1468]  ? __kasan_check_write+0x14/0x20
[  177.676963][ T1468]  ? proc_fail_nth_write+0x20b/0x290
[  177.682085][ T1468]  ? selinux_file_permission+0x2bb/0x560
[  177.687551][ T1468]  ? proc_fail_nth_read+0x210/0x210
[  177.692583][ T1468]  ? fsnotify_perm+0x6a/0x5b0
[  177.697103][ T1468]  ? idle_dummy+0x10/0x10
[  177.701266][ T1468]  ? vfs_write+0x952/0xed0
[  177.705517][ T1468]  ? __kasan_slab_free+0x11/0x20
[  177.710294][ T1468]  kernel_clone+0x229/0x890
[  177.714630][ T1468]  ? __kasan_check_write+0x14/0x20
[  177.719577][ T1468]  ? mutex_unlock+0xb2/0x260
[  177.724004][ T1468]  ? create_io_thread+0x180/0x180
[  177.728869][ T1468]  __x64_sys_clone+0x231/0x280
[  177.733466][ T1468]  ? __do_sys_vfork+0x110/0x110
[  177.738156][ T1468]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  177.744053][ T1468]  ? exit_to_user_mode_prepare+0x39/0xa0
[  177.749524][ T1468]  x64_sys_call+0x1b0/0x9a0
[  177.753860][ T1468]  do_syscall_64+0x3b/0xb0
[  177.758115][ T1468]  ? clear_bhb_loop+0x55/0xb0
[  177.762629][ T1468]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  177.768359][ T1468] RIP: 0033:0x7f259db80809
[  177.772619][ T1468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  177.792051][ T1468] RSP: 002b:00007f259e9ae008 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  177.800295][ T1468] RAX: ffffffffffffffda RBX: 00007f259dd45fa0 RCX: 00007f259db80809
[  177.808105][ T1468] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000042164000
[  177.815916][ T1468] RBP: 00007f259e9ae0a0 R08: 0000000000000000 R09: 0000000000000000
[  177.823730][ T1468] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  177.831544][ T1468] R13: 0000000000000000 R14: 00007f259dd45fa0 R15: 00007ffffcd53748
[  177.839359][ T1468]  </TASK>
[  177.856922][  T294] EXT4-fs (loop4): unmounting filesystem.
[  177.883063][ T1474] FAULT_INJECTION: forcing a failure.
[  177.883063][ T1474] name failslab, interval 1, probability 0, space 0, times 0
[  177.895779][ T1474] CPU: 0 PID: 1474 Comm: syz.4.235 Not tainted 6.1.112-syzkaller-00038-g93460febf9b8 #0
[  177.905341][ T1474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  177.915221][ T1474] Call Trace:
[  177.918338][ T1474]  <TASK>
[  177.921122][ T1474]  dump_stack_lvl+0x151/0x1b7
[  177.925637][ T1474]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  177.930935][ T1474]  dump_stack+0x15/0x1e
[  177.934919][ T1474]  should_fail_ex+0x3d0/0x520
[  177.939435][ T1474]  ? getname_flags+0xba/0x520
[  177.943946][ T1474]  __should_failslab+0xaf/0xf0
[  177.948543][ T1474]  should_failslab+0x9/0x20
[  177.952881][ T1474]  kmem_cache_alloc+0x3b/0x320
[  177.957488][ T1474]  getname_flags+0xba/0x520
[  177.961823][ T1474]  user_path_at_empty+0x2d/0x1a0
[  177.966596][ T1474]  do_fchownat+0xec/0x240
[  177.970761][ T1474]  ? chown_common+0x8b0/0x8b0
[  177.975286][ T1474]  ? debug_smp_processor_id+0x17/0x20
[  177.980491][ T1474]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  177.986388][ T1474]  __x64_sys_lchown+0x85/0x90
[  177.990898][ T1474]  x64_sys_call+0x2ba/0x9a0
[  177.995241][ T1474]  do_syscall_64+0x3b/0xb0
[  177.999495][ T1474]  ? clear_bhb_loop+0x55/0xb0
[  178.004004][ T1474]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  178.010079][ T1474] RIP: 0033:0x7fbafff80809
[  178.014326][ T1474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  178.033950][ T1474] RSP: 002b:00007fbb00e2b058 EFLAGS: 00000246 ORIG_RAX: 000000000000005e
[  178.042195][ T1474] RAX: ffffffffffffffda RBX: 00007fbb00145fa0 RCX: 00007fbafff80809
[  178.050005][ T1474] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000040
[  178.057824][ T1474] RBP: 00007fbb00e2b0a0 R08: 0000000000000000 R09: 0000000000000000
[  178.065680][ T1474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  178.073443][ T1474] R13: 0000000000000000 R14: 00007fbb00145fa0 R15: 00007ffee3ce6228
[  178.081263][ T1474]  </TASK>
[  178.084284][   T28] kauditd_printk_skb: 2 callbacks suppressed
[  178.084307][   T28] audit: type=1400 audit(1732865440.485:211): avc:  denied  { create } for  pid=1471 comm="syz.1.236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  178.090278][  T301] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  178.143699][   T28] audit: type=1400 audit(1732865440.725:212): avc:  denied  { unmount } for  pid=294 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  178.226446][   T28] audit: type=1400 audit(1732865440.805:213): avc:  denied  { write } for  pid=1471 comm="syz.1.236" path="socket:[19129]" dev="sockfs" ino=19129 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  178.487989][   T19] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  178.498017][  T301] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  178.508770][  T301] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  178.518611][  T301] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  178.527473][  T301] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.536214][  T301] usb 4-1: config 0 descriptor??
[  178.607992][  T400] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  178.738034][   T19] usb 3-1: Using ep0 maxpacket: 16
[  178.933367][   T19] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  178.951862][   T19] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  178.953083][ T1493] loop1: detected capacity change from 0 to 512
[  179.021029][ T1493] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.240: casefold flag without casefold feature
[  179.034585][ T1493] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.240: couldn't read orphan inode 15 (err -117)
[  179.047559][ T1493] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  180.094554][ T1497] tipc: Enabling <eth:lo> not permitted
[  180.108652][ T1497] tipc: Enabling of bearer <eth:lo> rejected, failed to enable media
[  180.131158][  T291] EXT4-fs (loop1): unmounting filesystem.
[  180.144529][ T1503] netlink: 68 bytes leftover after parsing attributes in process `syz.3.229'.
[  180.308328][   T28] audit: type=1400 audit(1732865442.835:214): avc:  denied  { setattr } for  pid=1496 comm="syz.0.241" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  180.415798][  T301] pyra 0003:1E7D:2CF6.0011: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.3-1/input0
[  180.426745][   T19] usb 3-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  180.435672][   T19] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.444082][   T19] usb 3-1: config 0 descriptor??
[  180.449005][  T400] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  180.459850][  T400] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  180.469796][  T301] pyra 0003:1E7D:2CF6.0011: couldn't init struct pyra_device
[  180.477024][  T301] pyra 0003:1E7D:2CF6.0011: couldn't install mouse
[  180.484605][  T301] pyra: probe of 0003:1E7D:2CF6.0011 failed with error -71
[  180.493030][  T301] usb 4-1: USB disconnect, device number 12
[  180.648070][  T400] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  180.657106][  T400] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  180.657953][  T483] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  180.665103][  T400] usb 5-1: Product: syz
[  180.676130][  T400] usb 5-1: Manufacturer: syz
[  180.680650][  T400] usb 5-1: SerialNumber: syz
[  180.767977][   T40] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  180.919565][ T1478] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  180.929776][   T19] hid-multitouch 0003:1FD2:6007.0012: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.2-1/input0
[  181.028054][  T483] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  181.038903][  T483] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  181.049122][  T483] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  181.058465][  T483] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.076719][  T483] usb 1-1: config 0 descriptor??
[  181.128001][   T40] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  181.144219][   T40] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  181.154521][   T40] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  181.211602][   T40] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.220495][  T376] usb 3-1: USB disconnect, device number 9
[  181.226747][   T40] usb 2-1: config 0 descriptor??
[  181.342657][ T1513] loop3: detected capacity change from 0 to 512
[  181.424751][ T1513] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz.3.244: casefold flag without casefold feature
[  181.439338][ T1513] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.244: couldn't read orphan inode 15 (err -117)
[  181.453070][ T1513] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  182.259538][  T483] pyra 0003:1E7D:2CF6.0013: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.0-1/input0
[  182.409018][  T292] EXT4-fs (loop3): unmounting filesystem.
[  182.418134][ T1518] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  182.500356][   T28] audit: type=1400 audit(1732865445.065:215): avc:  denied  { setopt } for  pid=1519 comm="syz.3.245" laddr=fe80::a8aa:aaff:feaa:aa16 lport=58 faddr=ff02::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  182.502249][  T483] pyra 0003:1E7D:2CF6.0013: couldn't init struct pyra_device
[  182.533198][   T40] pyra 0003:1E7D:2CF6.0014: hidraw1: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.1-1/input0
[  182.572660][  T400] cdc_mbim 5-1:1.0: bind() failure
[  182.575212][  T483] pyra 0003:1E7D:2CF6.0013: couldn't install mouse
[  182.599568][  T400] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  182.606271][  T400] cdc_ncm 5-1:1.1: bind() failure
[  182.617561][ T1517] netlink: 68 bytes leftover after parsing attributes in process `syz.0.243'.
[  182.636388][  T400] usb 5-1: USB disconnect, device number 12
[  182.748654][   T40] pyra 0003:1E7D:2CF6.0014: couldn't init struct pyra_device
[  182.933193][   T40] pyra 0003:1E7D:2CF6.0014: couldn't install mouse
[  183.470389][ T1529] loop2: detected capacity change from 0 to 512
[  183.545258][  T483] pyra: probe of 0003:1E7D:2CF6.0013 failed with error -32
[  183.571662][   T40] pyra: probe of 0003:1E7D:2CF6.0014 failed with error -32
[  183.972863][ T1529] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.246: casefold flag without casefold feature
[  183.986079][ T1529] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.246: couldn't read orphan inode 15 (err -117)
[  183.998696][ T1529] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  184.568897][   T40] usb 2-1: USB disconnect, device number 14
[  184.839253][  T293] EXT4-fs (loop2): unmounting filesystem.
[  184.890360][   T28] audit: type=1400 audit(1732865447.475:216): avc:  denied  { ioctl } for  pid=1546 comm="syz.1.248" path="socket:[19247]" dev="sockfs" ino=19247 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  184.917435][ T1547] loop1: detected capacity change from 0 to 256
[  184.925156][ T1547] FAT-fs (loop1): Unrecognized mount option "iocharset" or missing value
[  184.969331][  T603] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  185.176407][ T1558] loop1: detected capacity change from 0 to 512
[  185.412136][ T1558] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.253: casefold flag without casefold feature
[  185.426150][ T1558] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.253: couldn't read orphan inode 15 (err -117)
[  185.438507][ T1558] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  186.278337][ T1567] loop3: detected capacity change from 0 to 512
[  186.302508][  T291] EXT4-fs (loop1): unmounting filesystem.
[  186.404400][ T1567] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz.3.254: casefold flag without casefold feature
[  186.417691][ T1567] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.254: couldn't read orphan inode 15 (err -117)
[  186.431089][ T1567] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  187.168066][   T28] audit: type=1400 audit(1732865449.725:217): avc:  denied  { write } for  pid=1571 comm="syz.1.255" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  187.346391][  T292] EXT4-fs (loop3): unmounting filesystem.
[  187.411355][ T1579] netlink: 60 bytes leftover after parsing attributes in process `syz.1.255'.
[  187.743723][   T28] audit: type=1400 audit(1732865450.325:218): avc:  denied  { ioctl } for  pid=1580 comm="syz.3.257" path="/dev/ppp" dev="devtmpfs" ino=154 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  187.856236][ T1583] loop4: detected capacity change from 0 to 512
[  187.981260][ T1583] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz.4.256: casefold flag without casefold feature
[  187.994986][ T1583] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.256: couldn't read orphan inode 15 (err -117)
[  188.008679][ T1583] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  189.139980][  T294] EXT4-fs (loop4): unmounting filesystem.
[  189.176963][ T1590] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  189.219048][ T1590] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  189.282027][  T301] usb 1-1: USB disconnect, device number 9
[  189.288109][    T6] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  189.463080][ T1596] loop1: detected capacity change from 0 to 2048
[  189.471810][  T483] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  189.660686][ T1596] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  189.858274][  T483] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  189.911355][  T483] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  189.994655][  T483] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  190.103152][  T483] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.141606][  T483] usb 5-1: config 0 descriptor??
[  190.155527][ T1603] FAULT_INJECTION: forcing a failure.
[  190.155527][ T1603] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  190.188042][ T1603] CPU: 1 PID: 1603 Comm: syz.0.262 Not tainted 6.1.112-syzkaller-00038-g93460febf9b8 #0
[  190.197605][ T1603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  190.207499][ T1603] Call Trace:
[  190.210621][ T1603]  <TASK>
[  190.213398][ T1603]  dump_stack_lvl+0x151/0x1b7
[  190.217914][ T1603]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  190.223206][ T1603]  ? vfs_write+0x952/0xed0
[  190.227461][ T1603]  ? __kasan_slab_free+0x11/0x20
[  190.232234][ T1603]  dump_stack+0x15/0x1e
[  190.236225][ T1603]  should_fail_ex+0x3d0/0x520
[  190.240751][ T1603]  should_fail+0xb/0x10
[  190.244732][ T1603]  should_fail_usercopy+0x1a/0x20
[  190.249598][ T1603]  _copy_from_user+0x1e/0xc0
[  190.254019][ T1603]  __sys_bpf+0x23b/0x7f0
[  190.258095][ T1603]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  190.263310][ T1603]  ? __ia32_sys_read+0x90/0x90
[  190.267904][ T1603]  ? debug_smp_processor_id+0x17/0x20
[  190.273110][ T1603]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  190.279017][ T1603]  __x64_sys_bpf+0x7c/0x90
[  190.283267][ T1603]  x64_sys_call+0x87f/0x9a0
[  190.287795][ T1603]  do_syscall_64+0x3b/0xb0
[  190.292704][ T1603]  ? clear_bhb_loop+0x55/0xb0
[  190.297240][ T1603]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  190.303052][ T1603] RIP: 0033:0x7efde4d80809
[  190.307308][ T1603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.326750][ T1603] RSP: 002b:00007efde5b7e058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  190.334993][ T1603] RAX: ffffffffffffffda RBX: 00007efde4f45fa0 RCX: 00007efde4d80809
[  190.342805][ T1603] RDX: 0000000000000028 RSI: 0000000020000440 RDI: 000000000000000a
[  190.350618][ T1603] RBP: 00007efde5b7e0a0 R08: 0000000000000000 R09: 0000000000000000
[  190.358429][ T1603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.366257][ T1603] R13: 0000000000000000 R14: 00007efde4f45fa0 R15: 00007ffc2edd1d08
[  190.374067][ T1603]  </TASK>
[  190.446232][  T291] EXT4-fs (loop1): unmounting filesystem.
[  190.667969][    T6] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  190.687915][    T6] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  190.819727][  T483] pyra 0003:1E7D:2CF6.0015: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.4-1/input0
[  190.867957][    T6] usb 4-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  190.876911][    T6] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  190.884925][  T301] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  190.898143][    T6] usb 4-1: config 0 descriptor??
[  190.917971][    T6] usb 4-1: can't set config #0, error -71
[  190.926763][    T6] usb 4-1: USB disconnect, device number 13
[  191.066267][  T483] pyra 0003:1E7D:2CF6.0015: couldn't init struct pyra_device
[  191.078589][  T483] pyra 0003:1E7D:2CF6.0015: couldn't install mouse
[  191.089646][  T483] pyra: probe of 0003:1E7D:2CF6.0015 failed with error -32
[  191.426387][ T1618] loop2: detected capacity change from 0 to 512
[  191.551295][   T28] audit: type=1400 audit(1732865454.135:219): avc:  denied  { mount } for  pid=1617 comm="syz.2.267" name="/" dev="loop2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  191.580907][ T1618] FAULT_INJECTION: forcing a failure.
[  191.580907][ T1618] name failslab, interval 1, probability 0, space 0, times 0
[  191.643244][ T1618] CPU: 1 PID: 1618 Comm: syz.2.267 Not tainted 6.1.112-syzkaller-00038-g93460febf9b8 #0
[  191.652803][ T1618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  191.662700][ T1618] Call Trace:
[  191.665820][ T1618]  <TASK>
[  191.668597][ T1618]  dump_stack_lvl+0x151/0x1b7
[  191.673116][ T1618]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  191.678404][ T1618]  ? mutex_unlock+0xb2/0x260
[  191.682832][ T1618]  ? __mutex_lock_slowpath+0x10/0x10
[  191.687953][ T1618]  dump_stack+0x15/0x1e
[  191.691945][ T1618]  should_fail_ex+0x3d0/0x520
[  191.696462][ T1618]  ? getname_flags+0xba/0x520
[  191.700972][ T1618]  __should_failslab+0xaf/0xf0
[  191.705573][ T1618]  should_failslab+0x9/0x20
[  191.709910][ T1618]  kmem_cache_alloc+0x3b/0x320
[  191.714516][ T1618]  getname_flags+0xba/0x520
[  191.718854][ T1618]  __x64_sys_rmdir+0x3c/0x50
[  191.723278][ T1618]  x64_sys_call+0x274/0x9a0
[  191.727617][ T1618]  do_syscall_64+0x3b/0xb0
[  191.731868][ T1618]  ? clear_bhb_loop+0x55/0xb0
[  191.736418][ T1618]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  191.742111][ T1618] RIP: 0033:0x7f6d37f80809
[  191.746365][ T1618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  191.765808][ T1618] RSP: 002b:00007f6d38e60058 EFLAGS: 00000246 ORIG_RAX: 0000000000000054
[  191.774055][ T1618] RAX: ffffffffffffffda RBX: 00007f6d38145fa0 RCX: 00007f6d37f80809
[  191.779346][   T19] usb 5-1: USB disconnect, device number 13
[  191.781869][ T1618] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000000
[  191.795407][ T1618] RBP: 00007f6d38e600a0 R08: 0000000000000000 R09: 0000000000000000
[  191.803219][ T1618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  191.811024][ T1618] R13: 0000000000000000 R14: 00007f6d38145fa0 R15: 00007ffc5224b1e8
[  191.818840][ T1618]  </TASK>
[  191.829562][   T28] audit: type=1400 audit(1732865454.415:220): avc:  denied  { unmount } for  pid=293 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  191.853988][  T301] usb 1-1: Using ep0 maxpacket: 16
[  191.948021][    T6] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  191.988278][  T301] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  192.028316][  T301] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  192.045132][  T301] usb 1-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  192.081652][ T1626] loop2: detected capacity change from 0 to 512
[  192.168385][ T1626] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.268: casefold flag without casefold feature
[  192.181602][ T1626] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.268: couldn't read orphan inode 15 (err -117)
[  192.194268][ T1626] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  193.049374][  T301] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.064275][  T301] usb 1-1: config 0 descriptor??
[  193.348221][ T1634] loop1: detected capacity change from 0 to 512
[  193.374135][  T293] EXT4-fs (loop2): unmounting filesystem.
[  193.470064][ T1634] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.270: casefold flag without casefold feature
[  193.483597][ T1634] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.270: couldn't read orphan inode 15 (err -117)
[  193.497170][ T1634] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  194.321900][ T1648] FAULT_INJECTION: forcing a failure.
[  194.321900][ T1648] name failslab, interval 1, probability 0, space 0, times 0
[  194.366388][ T1648] CPU: 1 PID: 1648 Comm: syz.0.272 Not tainted 6.1.112-syzkaller-00038-g93460febf9b8 #0
[  194.375949][ T1648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  194.385936][ T1648] Call Trace:
[  194.389055][ T1648]  <TASK>
[  194.391844][ T1648]  dump_stack_lvl+0x151/0x1b7
[  194.396348][ T1648]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  194.401643][ T1648]  ? mutex_unlock+0xb2/0x260
[  194.406076][ T1648]  ? bit_wait_io_timeout+0x120/0x120
[  194.411191][ T1648]  ? __mutex_lock_slowpath+0x10/0x10
[  194.416319][ T1648]  dump_stack+0x15/0x1e
[  194.420310][ T1648]  should_fail_ex+0x3d0/0x520
[  194.424818][ T1648]  ? getname_flags+0xba/0x520
[  194.429329][ T1648]  __should_failslab+0xaf/0xf0
[  194.433932][ T1648]  should_failslab+0x9/0x20
[  194.438271][ T1648]  kmem_cache_alloc+0x3b/0x320
[  194.442872][ T1648]  ? __ia32_sys_read+0x90/0x90
[  194.447473][ T1648]  getname_flags+0xba/0x520
[  194.451809][ T1648]  __x64_sys_mkdirat+0x7c/0xa0
[  194.456529][ T1648]  x64_sys_call+0x6c6/0x9a0
[  194.460866][ T1648]  do_syscall_64+0x3b/0xb0
[  194.465120][ T1648]  ? clear_bhb_loop+0x55/0xb0
[  194.469631][ T1648]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  194.475365][ T1648] RIP: 0033:0x7efde4d7f077
[  194.479697][ T1648] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.499138][ T1648] RSP: 002b:00007efde5b7de88 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  194.507380][ T1648] RAX: ffffffffffffffda RBX: 00007efde5b7df10 RCX: 00007efde4d7f077
[  194.515196][ T1648] RDX: 00000000000001ff RSI: 0000000020006340 RDI: 00000000ffffff9c
[  194.523006][ T1648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  194.530816][ T1648] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000020006340
[  194.538627][ T1648] R13: 00007efde5b7ded0 R14: 0000000000000000 R15: 0000000000000000
[  194.546447][ T1648]  </TASK>
[  194.551262][  T291] EXT4-fs (loop1): unmounting filesystem.
[  194.558134][    T6] usb 4-1: unable to read config index 0 descriptor/start: -71
[  194.565654][    T6] usb 4-1: can't read configurations, error -71
[  194.587978][  T301] usbhid 1-1:0.0: can't add hid device: -71
[  194.593756][  T301] usbhid: probe of 1-1:0.0 failed with error -71
[  194.609660][  T301] usb 1-1: USB disconnect, device number 10
[  194.858047][  T376] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  194.898259][  T483] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  195.148000][    T6] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  195.228013][  T376] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  195.238883][  T376] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  195.248985][  T376] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  195.257937][  T376] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.266336][  T376] usb 2-1: config 0 descriptor??
[  195.288084][  T483] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  195.298896][  T483] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  195.309441][  T483] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  195.318378][  T483] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.326776][  T483] usb 5-1: config 0 descriptor??
[  195.398024][    T6] usb 4-1: Using ep0 maxpacket: 8
[  195.471271][ T1647] 9pnet_fd: Insufficient options for proto=fd
[  195.538159][    T6] usb 4-1: unable to get BOS descriptor or descriptor too short
[  195.545729][    T6] usb 4-1: too many configurations: 215, using maximum allowed: 8
[  195.608091][    T6] usb 4-1: unable to read config index 0 descriptor/start: -71
[  195.615469][    T6] usb 4-1: can't read configurations, error -71
[  195.621718][    T6] usb usb4-port1: attempt power cycle
[  195.673966][   T28] audit: type=1400 audit(1732865458.255:221): avc:  denied  { unlink } for  pid=1661 comm="syz.2.277" name="#1" dev="tmpfs" ino=298 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  195.749426][  T376] pyra 0003:1E7D:2CF6.0016: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.1-1/input0
[  195.809498][  T483] pyra 0003:1E7D:2CF6.0017: hidraw1: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.4-1/input0
[  195.958037][  T376] pyra 0003:1E7D:2CF6.0016: couldn't init struct pyra_device
[  195.965496][  T376] pyra 0003:1E7D:2CF6.0016: couldn't install mouse
[  195.972836][  T376] pyra: probe of 0003:1E7D:2CF6.0016 failed with error -32
[  195.980057][  T613] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  196.038838][  T483] pyra 0003:1E7D:2CF6.0017: couldn't init struct pyra_device
[  196.046070][  T483] pyra 0003:1E7D:2CF6.0017: couldn't install mouse
[  196.719126][  T483] pyra: probe of 0003:1E7D:2CF6.0017 failed with error -32
[  196.727392][ T1650] netlink: 68 bytes leftover after parsing attributes in process `syz.1.274'.
[  196.760041][  T483] usb 2-1: USB disconnect, device number 15
[  196.790528][  T429] usb 5-1: USB disconnect, device number 14
[  196.938007][  T613] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  196.948835][  T613] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  196.958815][  T613] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  196.967665][  T613] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.979602][  T613] usb 3-1: config 0 descriptor??
[  197.037303][ T1672] loop0: detected capacity change from 0 to 40427
[  197.044294][ T1672] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  197.051945][ T1672] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  197.059971][ T1672] F2FS-fs (loop0): Unrecognized mount option "./file0" or missing value
[  197.174116][   T28] audit: type=1400 audit(1732865459.755:222): avc:  denied  { validate_trans } for  pid=1678 comm="syz.0.281" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  197.283877][ T1682] loop0: detected capacity change from 0 to 1024
[  197.329671][ T1682] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  197.348480][ T1682] EXT4-fs (loop0): unmounting filesystem.
[  197.481878][  T613] pyra 0003:1E7D:2CF6.0018: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.2-1/input0
[  197.567253][ T1690] loop1: detected capacity change from 0 to 256
[  197.615914][ T1691] loop0: detected capacity change from 0 to 512
[  197.630657][   T28] audit: type=1400 audit(1732865460.215:223): avc:  denied  { write } for  pid=1689 comm="syz.1.284" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  197.687991][  T613] pyra 0003:1E7D:2CF6.0018: couldn't init struct pyra_device
[  197.696418][  T613] pyra 0003:1E7D:2CF6.0018: couldn't install mouse
[  197.711121][  T613] pyra: probe of 0003:1E7D:2CF6.0018 failed with error -32
[  197.761510][ T1691] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.285: casefold flag without casefold feature
[  197.762546][ T1695] loop1: detected capacity change from 0 to 256
[  197.782806][ T1691] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.285: couldn't read orphan inode 15 (err -117)
[  197.852067][ T1665] netlink: 68 bytes leftover after parsing attributes in process `syz.2.278'.
[  197.865284][ T1695] exfat: Unknown parameter 'discar‡'
[  197.898109][ T1691] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  198.034441][ T1703] loop4: detected capacity change from 0 to 512
[  198.178000][  T613] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  198.199575][ T1703] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz.4.282: casefold flag without casefold feature
[  198.241152][    T6] usb 3-1: USB disconnect, device number 10
[  198.242953][  T603] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  198.308631][ T1703] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.282: couldn't read orphan inode 15 (err -117)
[  198.360814][ T1703] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  198.458115][  T613] usb 2-1: device descriptor read/64, error -71
[  198.847950][  T613] usb 2-1: device descriptor read/64, error -71
[  199.118018][  T613] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  199.397937][  T613] usb 2-1: device descriptor read/64, error -71
[  199.641958][ T1716] FAULT_INJECTION: forcing a failure.
[  199.641958][ T1716] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  199.664924][ T1716] CPU: 0 PID: 1716 Comm: syz.3.290 Not tainted 6.1.112-syzkaller-00038-g93460febf9b8 #0
[  199.674488][ T1716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  199.684377][ T1716] Call Trace:
[  199.687499][ T1716]  <TASK>
[  199.690278][ T1716]  dump_stack_lvl+0x151/0x1b7
[  199.694797][ T1716]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  199.700091][ T1716]  ? __local_bh_enable_ip+0x58/0x80
[  199.705131][ T1716]  dump_stack+0x15/0x1e
[  199.709116][ T1716]  should_fail_ex+0x3d0/0x520
[  199.713628][ T1716]  should_fail+0xb/0x10
[  199.717616][ T1716]  should_fail_usercopy+0x1a/0x20
[  199.722478][ T1716]  _copy_from_user+0x1e/0xc0
[  199.726905][ T1716]  copy_from_sockptr+0x67/0xa0
[  199.731511][ T1716]  packet_setsockopt+0xaa4/0x1760
[  199.736397][ T1716]  ? packet_ioctl+0x230/0x230
[  199.740880][ T1716]  ? selinux_socket_setsockopt+0x260/0x360
[  199.746524][ T1716]  ? selinux_socket_getsockopt+0x340/0x340
[  199.752165][ T1716]  ? __fget_files+0x2cb/0x330
[  199.756678][ T1716]  ? security_socket_setsockopt+0x82/0xb0
[  199.762232][ T1716]  ? packet_ioctl+0x230/0x230
[  199.766746][ T1716]  __sys_setsockopt+0x4dc/0x8b0
[  199.771429][ T1716]  ? fput+0x15b/0x1b0
[  199.775254][ T1716]  ? __ia32_sys_recv+0xb0/0xb0
[  199.779852][ T1716]  ? debug_smp_processor_id+0x17/0x20
[  199.785061][ T1716]  __x64_sys_setsockopt+0xbf/0xd0
[  199.787920][  T613] usb 2-1: device descriptor read/64, error -71
[  199.789916][ T1716]  x64_sys_call+0x1a2/0x9a0
[  199.800333][ T1716]  do_syscall_64+0x3b/0xb0
[  199.804590][ T1716]  ? clear_bhb_loop+0x55/0xb0
[  199.809098][ T1716]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  199.814826][ T1716] RIP: 0033:0x7f20c9d80809
[  199.819079][ T1716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.838521][ T1716] RSP: 002b:00007f20caaa3058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  199.846774][ T1716] RAX: ffffffffffffffda RBX: 00007f20c9f45fa0 RCX: 00007f20c9d80809
[  199.854579][ T1716] RDX: 0000000000000005 RSI: 0000000000000107 RDI: 0000000000000003
[  199.862400][ T1716] RBP: 00007f20caaa30a0 R08: 0000000000000010 R09: 0000000000000000
[  199.870204][ T1716] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000001
[  199.878016][ T1716] R13: 0000000000000000 R14: 00007f20c9f45fa0 R15: 00007ffdf61412c8
[  199.885833][ T1716]  </TASK>
[  199.908055][  T613] usb usb2-port1: attempt power cycle
[  199.922869][  T290] EXT4-fs (loop0): unmounting filesystem.
[  199.940924][  T294] EXT4-fs (loop4): unmounting filesystem.
[  200.317969][  T613] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  200.437974][    T6] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  200.445498][   T19] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  200.515015][  T613] usb 2-1: device descriptor read/8, error -71
[  200.652973][ T1736] loop2: detected capacity change from 0 to 512
[  200.707831][ T1736] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.296: casefold flag without casefold feature
[  200.721830][ T1736] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.296: couldn't read orphan inode 15 (err -117)
[  200.734466][ T1736] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  201.578385][  T613] usb 2-1: device descriptor read/8, error -71
[  202.512344][   T28] audit: type=1400 audit(1732865464.845:224): avc:  denied  { create } for  pid=1741 comm="syz.0.297" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  202.537604][  T293] EXT4-fs (loop2): unmounting filesystem.
[  202.799098][ T1752] loop1: detected capacity change from 0 to 512
[  202.908256][ T1752] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.298: casefold flag without casefold feature
[  202.923080][ T1752] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.298: couldn't read orphan inode 15 (err -117)
[  202.938489][ T1752] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  203.862310][   T28] audit: type=1400 audit(1732865464.905:225): avc:  denied  { sys_admin } for  pid=1741 comm="syz.0.297" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  203.967962][   T19] usb 5-1: device descriptor read/all, error -71
[  203.974203][    T6] usb 4-1: device descriptor read/all, error -71
[  203.992305][  T291] EXT4-fs (loop1): unmounting filesystem.
[  204.016228][ T1766] FAULT_INJECTION: forcing a failure.
[  204.016228][ T1766] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  204.038300][ T1766] CPU: 0 PID: 1766 Comm: syz.3.303 Not tainted 6.1.112-syzkaller-00038-g93460febf9b8 #0
[  204.047868][ T1766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  204.057770][ T1766] Call Trace:
[  204.060875][ T1766]  <TASK>
[  204.063652][ T1766]  dump_stack_lvl+0x151/0x1b7
[  204.068166][ T1766]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  204.073549][ T1766]  ? is_bpf_text_address+0x172/0x190
[  204.078802][ T1766]  dump_stack+0x15/0x1e
[  204.082788][ T1766]  should_fail_ex+0x3d0/0x520
[  204.087304][ T1766]  should_fail+0xb/0x10
[  204.091293][ T1766]  should_fail_usercopy+0x1a/0x20
[  204.096160][ T1766]  _copy_from_user+0x1e/0xc0
[  204.100588][ T1766]  copy_msghdr_from_user+0xaa/0x670
[  204.105710][ T1766]  ? _parse_integer+0x2a/0x40
[  204.110225][ T1766]  ? sendmsg_copy_msghdr+0x70/0x70
[  204.115262][ T1766]  __sys_sendmmsg+0x375/0x6f0
[  204.119769][ T1766]  ? kasan_set_track+0x4b/0x70
[  204.124373][ T1766]  ? __ia32_sys_sendmsg+0x90/0x90
[  204.129232][ T1766]  ? __kasan_check_write+0x14/0x20
[  204.134183][ T1766]  ? __kasan_check_write+0x14/0x20
[  204.139126][ T1766]  ? proc_fail_nth_write+0x20b/0x290
[  204.144257][ T1766]  ? selinux_file_permission+0x2bb/0x560
[  204.149716][ T1766]  ? proc_fail_nth_read+0x210/0x210
[  204.154750][ T1766]  ? fsnotify_perm+0x6a/0x5b0
[  204.159283][ T1766]  ? vfs_write+0x952/0xed0
[  204.163525][ T1766]  ? __kasan_slab_free+0x11/0x20
[  204.168302][ T1766]  ? __kasan_check_write+0x14/0x20
[  204.173241][ T1766]  ? mutex_unlock+0xb2/0x260
[  204.177674][ T1766]  ? __ia32_sys_read+0x90/0x90
[  204.182273][ T1766]  ? debug_smp_processor_id+0x17/0x20
[  204.187483][ T1766]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  204.193378][ T1766]  __x64_sys_sendmmsg+0xa0/0xb0
[  204.198065][ T1766]  x64_sys_call+0x81d/0x9a0
[  204.202513][ T1766]  do_syscall_64+0x3b/0xb0
[  204.206762][ T1766]  ? clear_bhb_loop+0x55/0xb0
[  204.211289][ T1766]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  204.217004][ T1766] RIP: 0033:0x7f20c9d80809
[  204.221256][ T1766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  204.240712][ T1766] RSP: 002b:00007f20caaa3058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  204.248947][ T1766] RAX: ffffffffffffffda RBX: 00007f20c9f45fa0 RCX: 00007f20c9d80809
[  204.256842][ T1766] RDX: 0000000000000002 RSI: 0000000020004640 RDI: 0000000000000005
[  204.264654][ T1766] RBP: 00007f20caaa30a0 R08: 0000000000000000 R09: 0000000000000000
[  204.272461][ T1766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  204.280277][ T1766] R13: 0000000000000000 R14: 00007f20c9f45fa0 R15: 00007ffdf61412c8
[  204.288092][ T1766]  </TASK>
[  204.376717][ T1777] FAULT_INJECTION: forcing a failure.
[  204.376717][ T1777] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  204.389895][ T1777] CPU: 0 PID: 1777 Comm: syz.2.306 Not tainted 6.1.112-syzkaller-00038-g93460febf9b8 #0
[  204.399446][ T1777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  204.409435][ T1777] Call Trace:
[  204.412544][ T1777]  <TASK>
[  204.415320][ T1777]  dump_stack_lvl+0x151/0x1b7
[  204.419836][ T1777]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  204.425132][ T1777]  dump_stack+0x15/0x1e
[  204.429124][ T1777]  should_fail_ex+0x3d0/0x520
[  204.433637][ T1777]  should_fail+0xb/0x10
[  204.437628][ T1777]  should_fail_usercopy+0x1a/0x20
[  204.442486][ T1777]  _copy_from_user+0x1e/0xc0
[  204.447087][ T1777]  usbdev_ioctl+0x10a7/0x5f90
[  204.451681][ T1777]  ? usbdev_poll+0x200/0x200
[  204.456103][ T1777]  ? stack_trace_save+0x1c0/0x1c0
[  204.460969][ T1777]  ? kernel_text_address+0xa9/0xe0
[  204.465917][ T1777]  ? __kernel_text_address+0xd/0x40
[  204.470949][ T1777]  ? unwind_get_return_address+0x4d/0x90
[  204.476414][ T1777]  ? arch_stack_walk+0xf3/0x140
[  204.481102][ T1777]  ? _parse_integer_limit+0x19b/0x1e0
[  204.486314][ T1777]  ? avc_has_extended_perms+0x90b/0x10f0
[  204.487969][  T613] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  204.491775][ T1777]  ? memcpy+0x56/0x70
[  204.491800][ T1777]  ? avc_has_extended_perms+0xad7/0x10f0
[  204.508448][ T1777]  ? avc_flush+0x290/0x290
[  204.512698][ T1777]  ? kstrtouint+0xf6/0x180
[  204.516954][ T1777]  ? _kstrtol+0x150/0x150
[  204.521114][ T1777]  ? do_vfs_ioctl+0xba7/0x29a0
[  204.525717][ T1777]  ? kstrtouint_from_user+0x124/0x180
[  204.530922][ T1777]  ? __x64_compat_sys_ioctl+0x90/0x90
[  204.536129][ T1777]  ? kstrtol_from_user+0x180/0x180
[  204.541081][ T1777]  ? __kasan_check_write+0x14/0x20
[  204.546020][ T1777]  ? ioctl_has_perm+0x1f8/0x560
[  204.550753][ T1777]  ? ioctl_has_perm+0x3f0/0x560
[  204.555400][ T1777]  ? has_cap_mac_admin+0x3c0/0x3c0
[  204.560352][ T1777]  ? vfs_write+0x952/0xed0
[  204.564601][ T1777]  ? selinux_file_ioctl+0x3cc/0x540
[  204.569632][ T1777]  ? __mutex_lock_slowpath+0x10/0x10
[  204.574750][ T1777]  ? selinux_file_alloc_security+0x120/0x120
[  204.580570][ T1777]  ? __fget_files+0x2cb/0x330
[  204.585083][ T1777]  ? security_file_ioctl+0x84/0xb0
[  204.590037][ T1777]  ? usbdev_poll+0x200/0x200
[  204.594461][ T1777]  __se_sys_ioctl+0x114/0x190
[  204.598975][ T1777]  __x64_sys_ioctl+0x7b/0x90
[  204.603402][ T1777]  x64_sys_call+0x98/0x9a0
[  204.607650][ T1777]  do_syscall_64+0x3b/0xb0
[  204.611899][ T1777]  ? clear_bhb_loop+0x55/0xb0
[  204.616410][ T1777]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  204.622139][ T1777] RIP: 0033:0x7f6d37f80809
[  204.626399][ T1777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  204.645834][ T1777] RSP: 002b:00007f6d38e60058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  204.654079][ T1777] RAX: ffffffffffffffda RBX: 00007f6d38145fa0 RCX: 00007f6d37f80809
[  204.661890][ T1777] RDX: 0000000020000000 RSI: 00000000c0185502 RDI: 0000000000000003
[  204.669700][ T1777] RBP: 00007f6d38e600a0 R08: 0000000000000000 R09: 0000000000000000
[  204.677512][ T1777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  204.685755][ T1777] R13: 0000000000000000 R14: 00007f6d38145fa0 R15: 00007ffc5224b1e8
[  204.693574][ T1777]  </TASK>
[  204.767942][   T19] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  204.810864][ T1783] loop0: detected capacity change from 0 to 1024
[  204.829451][ T1783] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  204.958095][  T613] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  204.997944][   T28] audit: type=1400 audit(1732865467.555:226): avc:  denied  { write } for  pid=1782 comm="syz.0.308" path="/67/file1/bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  205.057340][  T613] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  205.076619][   T28] audit: type=1400 audit(1732865467.565:227): avc:  denied  { map } for  pid=1782 comm="syz.0.308" path="/67/file1/bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  205.099069][  T613] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  205.099253][   T28] audit: type=1400 audit(1732865467.575:228): avc:  denied  { remove_name } for  pid=1782 comm="syz.0.308" name="file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  205.108211][  T613] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.130701][   T28] audit: type=1400 audit(1732865467.575:229): avc:  denied  { rename } for  pid=1782 comm="syz.0.308" name="file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  205.142613][  T613] usb 2-1: config 0 descriptor??
[  205.160392][   T28] audit: type=1400 audit(1732865467.575:230): avc:  denied  { unlink } for  pid=1782 comm="syz.0.308" name="bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  205.217994][   T19] usb 5-1: Using ep0 maxpacket: 16
[  205.348020][   T19] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  205.358841][   T19] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  205.368461][   T19] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  205.381073][   T19] usb 5-1: New USB device found, idVendor=258a, idProduct=6a88, bcdDevice= 0.00
[  205.389979][   T19] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.398664][   T19] usb 5-1: config 0 descriptor??
[  205.427952][  T483] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  205.694168][ T1799] loop3: detected capacity change from 0 to 512
[  205.757051][  T613] pyra 0003:1E7D:2CF6.0019: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.1-1/input0
[  205.806718][ T1799] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz.3.311: casefold flag without casefold feature
[  205.820466][ T1799] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.311: couldn't read orphan inode 15 (err -117)
[  205.833474][ T1799] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  205.880601][  T483] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  206.730091][  T483] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  206.739920][  T483] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  206.971485][ T1808] loop2: detected capacity change from 0 to 512
[  206.978703][  T613] pyra 0003:1E7D:2CF6.0019: couldn't init struct pyra_device
[  206.986273][  T613] pyra 0003:1E7D:2CF6.0019: couldn't install mouse
[  206.994848][  T483] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.012112][  T613] pyra: probe of 0003:1E7D:2CF6.0019 failed with error -32
[  207.044377][  T292] EXT4-fs (loop3): unmounting filesystem.
[  207.129741][  T483] usb 1-1: config 0 descriptor??
[  207.176119][ T1808] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.312: casefold flag without casefold feature
[  207.189935][ T1808] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.312: couldn't read orphan inode 15 (err -117)
[  207.203098][ T1808] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  207.425950][    T6] usb 2-1: USB disconnect, device number 20
[  207.443071][ T1765] loop4: detected capacity change from 0 to 128
[  207.499331][   T19] itetech 0003:258A:6A88.001A: item fetching failed at offset 2/5
[  207.510829][   T19] itetech: probe of 0003:258A:6A88.001A failed with error -22
[  207.569382][ T1815] netlink: 4 bytes leftover after parsing attributes in process `syz.3.313'.
[  207.668724][  T293] EXT4-fs (loop2): unmounting filesystem.
[  207.711440][    T6] usb 5-1: USB disconnect, device number 16
[  207.850389][ T1821] loop2: detected capacity change from 0 to 512
[  207.866548][ T1821] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.314: casefold flag without casefold feature
[  207.879873][ T1821] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.314: couldn't read orphan inode 15 (err -117)
[  207.892211][ T1821] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  207.929933][  T483] pyra 0003:1E7D:2CF6.001B: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.0-1/input0
[  208.735719][ T1834] loop3: detected capacity change from 0 to 512
[  208.803446][  T293] EXT4-fs (loop2): unmounting filesystem.
[  208.849561][ T1834] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz.3.317: casefold flag without casefold feature
[  208.863964][ T1834] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.317: couldn't read orphan inode 15 (err -117)
[  208.877708][ T1834] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  209.782151][  T290] EXT4-fs (loop0): unmounting filesystem.
[  209.792982][  T483] pyra 0003:1E7D:2CF6.001B: couldn't init struct pyra_device
[  209.800292][  T483] pyra 0003:1E7D:2CF6.001B: couldn't install mouse
[  209.807035][  T483] pyra: probe of 0003:1E7D:2CF6.001B failed with error -71
[  209.850594][  T292] EXT4-fs (loop3): unmounting filesystem.
[  209.879232][  T483] usb 1-1: USB disconnect, device number 11
[  209.917480][    T6] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  210.079626][ T1846] loop2: detected capacity change from 0 to 2048
[  210.111954][ T1846] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  210.278182][  T613] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  211.427908][    T6] usb 2-1: Using ep0 maxpacket: 16
[  211.568024][    T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  211.578915][    T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  211.589022][    T6] usb 2-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  211.598085][    T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.607738][    T6] usb 2-1: config 0 descriptor??
[  211.612077][  T293] EXT4-fs (loop2): unmounting filesystem.
[  211.648820][    T6] usb 2-1: can't set config #0, error -71
[  211.649190][   T28] audit: type=1400 audit(1732865474.235:231): avc:  denied  { read } for  pid=1859 comm="syz.1.324" name="event0" dev="devtmpfs" ino=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  211.677537][   T28] audit: type=1400 audit(1732865474.235:232): avc:  denied  { open } for  pid=1859 comm="syz.1.324" path="/dev/input/event0" dev="devtmpfs" ino=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  211.677637][    T6] usb 2-1: USB disconnect, device number 21
[  211.718025][   T28] audit: type=1400 audit(1732865474.245:233): avc:  denied  { ioctl } for  pid=1859 comm="syz.1.324" path="/dev/input/event0" dev="devtmpfs" ino=256 ioctlcmd=0x4590 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  211.752339][ T1860] loop1: detected capacity change from 0 to 512
[  211.769819][ T1860] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  211.784574][ T1860] ext4 filesystem being mounted at /62/bus supports timestamps until 2038 (0x7fffffff)
[  211.818017][  T613] usb 4-1: unable to read config index 0 descriptor/start: -61
[  211.825447][  T613] usb 4-1: can't read configurations, error -61
[  211.837027][  T291] EXT4-fs (loop1): unmounting filesystem.
[  212.007967][  T613] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  212.054412][ T1874] loop4: detected capacity change from 0 to 256
[  212.168167][   T28] audit: type=1400 audit(1732865474.655:234): avc:  denied  { read } for  pid=1865 comm="syz.4.326" name="loop-control" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  212.272554][   T28] audit: type=1400 audit(1732865474.665:235): avc:  denied  { open } for  pid=1865 comm="syz.4.326" path="/dev/loop-control" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  212.497993][  T613] usb 4-1: unable to read config index 0 descriptor/start: -61
[  212.508375][  T613] usb 4-1: can't read configurations, error -61
[  212.515001][  T613] usb usb4-port1: attempt power cycle
[  212.928046][  T613] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  212.951511][ T1889] loop3: detected capacity change from 0 to 2048
[  212.989066][ T1889] Alternate GPT is invalid, using primary GPT.
[  212.995151][ T1889]  loop3: p1 p2 p3
[  213.053170][  T602] udevd[602]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  213.065230][  T603] udevd[603]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  213.078681][  T605] udevd[605]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  213.226461][ T1895] FAULT_INJECTION: forcing a failure.
[  213.226461][ T1895] name failslab, interval 1, probability 0, space 0, times 0
[  213.238987][ T1895] CPU: 1 PID: 1895 Comm: syz.3.333 Not tainted 6.1.112-syzkaller-00038-g93460febf9b8 #0
[  213.248453][ T1895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  213.258344][ T1895] Call Trace:
[  213.261553][ T1895]  <TASK>
[  213.264421][ T1895]  dump_stack_lvl+0x151/0x1b7
[  213.268941][ T1895]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  213.274237][ T1895]  ? __kasan_check_read+0x11/0x20
[  213.279089][ T1895]  dump_stack+0x15/0x1e
[  213.283114][ T1895]  should_fail_ex+0x3d0/0x520
[  213.287606][ T1895]  __should_failslab+0xaf/0xf0
[  213.292540][ T1895]  should_failslab+0x9/0x20
[  213.296881][ T1895]  kmem_cache_alloc_node+0x42/0x330
[  213.301914][ T1895]  ? dup_task_struct+0x5a/0x7d0
[  213.306603][ T1895]  dup_task_struct+0x5a/0x7d0
[  213.311114][ T1895]  ? __kasan_check_write+0x14/0x20
[  213.316058][ T1895]  copy_process+0x5c3/0x3530
[  213.320485][ T1895]  ? find_lowest_rq+0x196/0x730
[  213.325177][ T1895]  ? __switch_to+0x62c/0x1190
[  213.329686][ T1895]  ? bpf_ringbuf_output+0x19a/0x1f0
[  213.334720][ T1895]  ? find_lock_lowest_rq+0x75/0x480
[  213.339752][ T1895]  ? idle_dummy+0x10/0x10
[  213.344035][ T1895]  ? __kasan_check_write+0x14/0x20
[  213.348967][ T1895]  kernel_clone+0x229/0x890
[  213.353307][ T1895]  ? _raw_spin_unlock+0x4c/0x70
[  213.357991][ T1895]  ? finish_task_switch+0x167/0x7b0
[  213.363029][ T1895]  ? requeue_task_rt+0x410/0x410
[  213.367802][ T1895]  ? create_io_thread+0x180/0x180
[  213.372666][ T1895]  __x64_sys_clone+0x231/0x280
[  213.377264][ T1895]  ? __do_sys_vfork+0x110/0x110
[  213.381952][ T1895]  ? switch_fpu_return+0xe/0x10
[  213.386637][ T1895]  ? exit_to_user_mode_prepare+0x7e/0xa0
[  213.392117][ T1895]  x64_sys_call+0x1b0/0x9a0
[  213.396443][ T1895]  do_syscall_64+0x3b/0xb0
[  213.400873][ T1895]  ? clear_bhb_loop+0x55/0xb0
[  213.405384][ T1895]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  213.411115][ T1895] RIP: 0033:0x7f20c9d80809
[  213.415368][ T1895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.434819][ T1895] RSP: 002b:00007f20c9bde008 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  213.443050][ T1895] RAX: ffffffffffffffda RBX: 00007f20c9f46160 RCX: 00007f20c9d80809
[  213.450881][ T1895] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  213.458673][ T1895] RBP: 00007f20c9bde0a0 R08: 0000000000000000 R09: 0000000000000000
[  213.466488][ T1895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.474381][ T1895] R13: 0000000000000000 R14: 00007f20c9f46160 R15: 00007ffdf61412c8
[  213.482205][ T1895]  </TASK>
[  213.486953][  T613] usb 4-1: device not accepting address 21, error -71
[  214.237796][ T1905] loop0: detected capacity change from 0 to 512
[  217.432068][ T1905] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.335: casefold flag without casefold feature
[  217.445607][ T1905] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.335: couldn't read orphan inode 15 (err -117)
[  217.457565][ T1905] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  217.746553][ T1916] loop3: detected capacity change from 0 to 1024
[  217.753628][ T1916] ext4: Unknown parameter 'noacl'
[  219.535365][  T290] EXT4-fs (loop0): unmounting filesystem.
[  219.589669][ T1926] FAULT_INJECTION: forcing a failure.
[  219.589669][ T1926] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  219.602768][ T1926] CPU: 1 PID: 1926 Comm: syz.1.341 Not tainted 6.1.112-syzkaller-00038-g93460febf9b8 #0
[  219.612492][ T1926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  219.622556][ T1926] Call Trace:
[  219.625679][ T1926]  <TASK>
[  219.628459][ T1926]  dump_stack_lvl+0x151/0x1b7
[  219.632993][ T1926]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  219.638332][ T1926]  ? vfs_write+0x952/0xed0
[  219.642623][ T1926]  ? __kasan_slab_free+0x11/0x20
[  219.647384][ T1926]  dump_stack+0x15/0x1e
[  219.651458][ T1926]  should_fail_ex+0x3d0/0x520
[  219.655987][ T1926]  should_fail+0xb/0x10
[  219.659962][ T1926]  should_fail_usercopy+0x1a/0x20
[  219.664846][ T1926]  _copy_from_user+0x1e/0xc0
[  219.669260][ T1926]  __sys_bpf+0x23b/0x7f0
[  219.673333][ T1926]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  219.678540][ T1926]  ? __ia32_sys_read+0x90/0x90
[  219.683140][ T1926]  ? debug_smp_processor_id+0x17/0x20
[  219.688343][ T1926]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  219.694255][ T1926]  __x64_sys_bpf+0x7c/0x90
[  219.698510][ T1926]  x64_sys_call+0x87f/0x9a0
[  219.702838][ T1926]  do_syscall_64+0x3b/0xb0
[  219.707092][ T1926]  ? clear_bhb_loop+0x55/0xb0
[  219.711606][ T1926]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  219.717337][ T1926] RIP: 0033:0x7f259db80809
[  219.721589][ T1926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.741119][ T1926] RSP: 002b:00007f259e9ae058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  219.749362][ T1926] RAX: ffffffffffffffda RBX: 00007f259dd45fa0 RCX: 00007f259db80809
[  219.757173][ T1926] RDX: 0000000000000050 RSI: 00000000200002c0 RDI: 000000000000000a
[  219.765159][ T1926] RBP: 00007f259e9ae0a0 R08: 0000000000000000 R09: 0000000000000000
[  219.772967][ T1926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  219.780812][ T1926] R13: 0000000000000000 R14: 00007f259dd45fa0 R15: 00007ffffcd53748
[  219.788598][ T1926]  </TASK>
[  219.908362][ T1936] netlink: 40 bytes leftover after parsing attributes in process `syz.0.338'.
[  219.918645][   T28] audit: type=1400 audit(1732865482.505:236): avc:  denied  { set_context_mgr } for  pid=1935 comm="syz.0.338" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  219.920687][ T1937] loop3: detected capacity change from 0 to 256
[  219.939982][ T1936] binder: BINDER_SET_CONTEXT_MGR already set
[  219.947956][  T511] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  219.950369][ T1936] binder: 1935:1936 ioctl 4018620d 20000040 returned -16
[  219.960627][ T1938] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  219.964406][   T28] audit: type=1400 audit(1732865482.525:237): avc:  denied  { map } for  pid=1935 comm="syz.0.338" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  220.003738][   T28] audit: type=1400 audit(1732865482.585:238): avc:  denied  { create } for  pid=1932 comm="syz.1.343" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1
[  220.025714][   T28] audit: type=1400 audit(1732865482.585:239): avc:  denied  { create } for  pid=1932 comm="syz.1.343" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  220.058652][   T28] audit: type=1400 audit(1732865482.585:240): avc:  denied  { read } for  pid=1932 comm="syz.1.343" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  220.347961][  T400] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  220.367945][  T511] usb 5-1: device descriptor read/64, error -71
[  220.587948][  T400] usb 1-1: Using ep0 maxpacket: 16
[  220.708080][  T400] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  220.719077][  T400] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  220.730747][  T400] usb 1-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  220.735905][ T1949] loop1: detected capacity change from 0 to 256
[  220.739686][  T400] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.750278][ T1949] exfat: Deprecated parameter 'utf8'
[  220.761914][ T1949] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  220.762634][  T400] usb 1-1: config 0 descriptor??
[  220.788007][  T511] usb 5-1: device descriptor read/64, error -71
[  220.992307][ T1953] loop1: detected capacity change from 0 to 512
[  221.068235][  T511] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  221.134128][ T1953] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.349: casefold flag without casefold feature
[  221.148169][ T1953] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.349: couldn't read orphan inode 15 (err -117)
[  221.162193][ T1953] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  221.959697][  T400] hid-multitouch 0003:1FD2:6007.001C: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.0-1/input0
[  222.019582][  T291] EXT4-fs (loop1): unmounting filesystem.
[  222.178466][  T511] usb 5-1: device descriptor read/64, error -71
[  222.289481][  T613] usb 1-1: USB disconnect, device number 12
[  222.597993][  T511] usb 5-1: device descriptor read/64, error -71
[  222.728035][  T511] usb usb5-port1: attempt power cycle
[  222.817844][ T1969] loop0: detected capacity change from 0 to 256
[  222.826988][ T1969] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  222.847094][   T28] audit: type=1400 audit(1732865485.425:241): avc:  denied  { write } for  pid=1968 comm="syz.0.353" name="file1" dev="loop0" ino=1048601 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  222.848263][ T1969] exFAT-fs (loop0): hint_cluster is invalid (17)
[  222.875832][   T28] audit: type=1400 audit(1732865485.425:242): avc:  denied  { open } for  pid=1968 comm="syz.0.353" name="file1" dev="loop0" ino=1048601 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  222.898167][   T28] audit: type=1400 audit(1732865485.455:243): avc:  denied  { write } for  pid=1968 comm="syz.0.353" name="/" dev="loop0" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  222.920060][   T28] audit: type=1400 audit(1732865485.455:244): avc:  denied  { add_name } for  pid=1968 comm="syz.0.353" name="hugetlb.2MB.usage_in_bytes" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  222.942595][   T28] audit: type=1400 audit(1732865485.455:245): avc:  denied  { associate } for  pid=1968 comm="syz.0.353" name="hugetlb.2MB.usage_in_bytes" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  222.952351][ T1972] loop0: detected capacity change from 0 to 256
[  222.979394][ T1972] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  222.995780][ T1972] exFAT-fs (loop0): hint_cluster is invalid (17)
[  223.003739][ T1972] FAULT_INJECTION: forcing a failure.
[  223.003739][ T1972] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  223.016686][ T1972] CPU: 0 PID: 1972 Comm: syz.0.354 Not tainted 6.1.112-syzkaller-00038-g93460febf9b8 #0
[  223.026134][ T1972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  223.036153][ T1972] Call Trace:
[  223.039262][ T1972]  <TASK>
[  223.042041][ T1972]  dump_stack_lvl+0x151/0x1b7
[  223.046550][ T1972]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  223.051862][ T1972]  ? kstrtouint+0xf6/0x180
[  223.056103][ T1972]  ? kasan_save_free_info+0x2b/0x40
[  223.061129][ T1972]  dump_stack+0x15/0x1e
[  223.065119][ T1972]  should_fail_ex+0x3d0/0x520
[  223.069638][ T1972]  should_fail+0xb/0x10
[  223.073625][ T1972]  should_fail_usercopy+0x1a/0x20
[  223.078492][ T1972]  _copy_from_user+0x1e/0xc0
[  223.082916][ T1972]  iovec_from_user+0xc7/0x320
[  223.087428][ T1972]  __import_iovec+0x70/0x430
[  223.091856][ T1972]  ? proc_fail_nth_write+0x20b/0x290
[  223.096983][ T1972]  import_iovec+0xe5/0x120
[  223.101240][ T1972]  vfs_writev+0x114/0x590
[  223.105404][ T1972]  ? do_writev+0x340/0x340
[  223.109663][ T1972]  ? __fdget+0x1b7/0x240
[  223.113733][ T1972]  __se_sys_pwritev2+0x1c6/0x2c0
[  223.118508][ T1972]  ? __x64_sys_pwritev2+0x100/0x100
[  223.123538][ T1972]  ? debug_smp_processor_id+0x17/0x20
[  223.128754][ T1972]  __x64_sys_pwritev2+0xe5/0x100
[  223.133542][ T1972]  x64_sys_call+0x8b0/0x9a0
[  223.137867][ T1972]  do_syscall_64+0x3b/0xb0
[  223.142110][ T1972]  ? clear_bhb_loop+0x55/0xb0
[  223.146625][ T1972]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  223.152353][ T1972] RIP: 0033:0x7efde4d80809
[  223.156609][ T1972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.176046][ T1972] RSP: 002b:00007efde5b7e058 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  223.184292][ T1972] RAX: ffffffffffffffda RBX: 00007efde4f45fa0 RCX: 00007efde4d80809
[  223.192105][ T1972] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000005
[  223.199921][ T1972] RBP: 00007efde5b7e0a0 R08: 0000000000000000 R09: 0000000000000000
[  223.207730][ T1972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  223.215628][ T1972] R13: 0000000000000000 R14: 00007efde4f45fa0 R15: 00007ffc2edd1d08
[  223.223444][ T1972]  </TASK>
[  223.248064][ T1978] loop0: detected capacity change from 0 to 256
[  223.256869][ T1978] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  223.272062][ T1978] exFAT-fs (loop0): hint_cluster is invalid (17)
[  223.297925][  T511] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  223.328236][ T1984] device lo entered promiscuous mode
[  223.333586][ T1983] device lo left promiscuous mode
[  223.360862][ T1980] raw_sendmsg: syz.0.357 forgot to set AF_INET. Fix it!
[  223.408037][  T511] usb 5-1: Using ep0 maxpacket: 16
[  223.578079][  T511] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  223.592533][  T511] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  223.604558][  T511] usb 5-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  223.651625][  T409] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  223.668258][  T511] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.676782][  T511] usb 5-1: config 0 descriptor??
[  223.972811][    T6] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  224.048008][ T1759] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  224.088041][  T409] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  224.099161][  T409] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  224.108786][  T409] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  224.117618][  T409] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  224.126031][  T409] usb 4-1: config 0 descriptor??
[  224.159685][  T511] hid-multitouch 0003:1FD2:6007.001D: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.4-1/input0
[  224.307999][ T1759] usb 2-1: Using ep0 maxpacket: 16
[  224.362547][  T511] usb 5-1: USB disconnect, device number 19
[  224.378017][    T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  224.388829][    T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  224.398560][    T6] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  224.411330][    T6] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  224.420533][    T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  224.431725][    T6] usb 1-1: config 0 descriptor??
[  224.438013][ T1759] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  224.449445][ T1759] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  224.459125][ T1759] usb 2-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  224.469266][ T1759] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  224.478037][ T1759] usb 2-1: config 0 descriptor??
[  224.609668][  T409] pyra 0003:1E7D:2CF6.001E: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.3-1/input0
[  224.818011][  T409] pyra 0003:1E7D:2CF6.001E: couldn't init struct pyra_device
[  224.825355][  T409] pyra 0003:1E7D:2CF6.001E: couldn't install mouse
[  224.832826][  T409] pyra: probe of 0003:1E7D:2CF6.001E failed with error -32
[  224.969579][ T2002] netlink: 68 bytes leftover after parsing attributes in process `syz.3.360'.
[  225.372401][    T6] plantronics 0003:047F:FFFF.001F: unknown main item tag 0x0
[  225.381514][ T1759] hid-multitouch 0003:1FD2:6007.0020: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.1-1/input0
[  225.393266][    T6] plantronics 0003:047F:FFFF.001F: No inputs registered, leaving
[  225.402057][ T1759] usb 2-1: USB disconnect, device number 22
[  225.408182][   T19] usb 4-1: USB disconnect, device number 23
[  225.416528][    T6] plantronics 0003:047F:FFFF.001F: hiddev96,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  225.433146][    T6] usb 1-1: USB disconnect, device number 13
[  225.952158][   T28] kauditd_printk_skb: 3 callbacks suppressed
[  225.952176][   T28] audit: type=1400 audit(1732865488.535:249): avc:  denied  { map } for  pid=2020 comm="syz.3.367" path="socket:[20293]" dev="sockfs" ino=20293 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  225.981513][   T28] audit: type=1400 audit(1732865488.535:250): avc:  denied  { read } for  pid=2020 comm="syz.3.367" path="socket:[20293]" dev="sockfs" ino=20293 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  226.681166][ T2027] FAULT_INJECTION: forcing a failure.
[  226.681166][ T2027] name failslab, interval 1, probability 0, space 0, times 0
[  226.716941][ T2027] CPU: 0 PID: 2027 Comm: syz.1.370 Not tainted 6.1.112-syzkaller-00038-g93460febf9b8 #0
[  226.726449][ T2027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  226.736343][ T2027] Call Trace:
[  226.739460][ T2027]  <TASK>
[  226.742245][ T2027]  dump_stack_lvl+0x151/0x1b7
[  226.746761][ T2027]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  226.752080][ T2027]  dump_stack+0x15/0x1e
[  226.756048][ T2027]  should_fail_ex+0x3d0/0x520
[  226.760556][ T2027]  ? getname_flags+0xba/0x520
[  226.765063][ T2027]  __should_failslab+0xaf/0xf0
[  226.769668][ T2027]  should_failslab+0x9/0x20
[  226.774112][ T2027]  kmem_cache_alloc+0x3b/0x320
[  226.778705][ T2027]  ? vfs_write+0x952/0xed0
[  226.782958][ T2027]  getname_flags+0xba/0x520
[  226.787301][ T2027]  getname+0x19/0x20
[  226.791028][ T2027]  do_sys_openat2+0xe0/0x870
[  226.795463][ T2027]  ? bit_wait_io_timeout+0x120/0x120
[  226.800580][ T2027]  ? __mutex_lock_slowpath+0x10/0x10
[  226.805698][ T2027]  ? do_sys_open+0x220/0x220
[  226.810128][ T2027]  ? fput+0x15b/0x1b0
[  226.813945][ T2027]  ? ksys_write+0x260/0x2c0
[  226.818278][ T2027]  ? __this_cpu_preempt_check+0x13/0x20
[  226.823664][ T2027]  __x64_sys_openat+0x243/0x290
[  226.828351][ T2027]  ? __ia32_sys_open+0x270/0x270
[  226.833126][ T2027]  ? debug_smp_processor_id+0x17/0x20
[  226.838333][ T2027]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  226.844234][ T2027]  ? exit_to_user_mode_prepare+0x39/0xa0
[  226.849705][ T2027]  x64_sys_call+0x6bf/0x9a0
[  226.854043][ T2027]  do_syscall_64+0x3b/0xb0
[  226.858474][ T2027]  ? clear_bhb_loop+0x55/0xb0
[  226.862977][ T2027]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  226.868710][ T2027] RIP: 0033:0x7f259db80809
[  226.872963][ T2027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.892405][ T2027] RSP: 002b:00007f259e96c058 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  226.900660][ T2027] RAX: ffffffffffffffda RBX: 00007f259dd46160 RCX: 00007f259db80809
[  226.908457][ T2027] RDX: 0000000000000001 RSI: 0000000020000040 RDI: ffffffffffffff9c
[  226.916356][ T2027] RBP: 00007f259e96c0a0 R08: 0000000000000000 R09: 0000000000000000
[  226.924168][ T2027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.931989][ T2027] R13: 0000000000000000 R14: 00007f259dd46160 R15: 00007ffffcd53748
[  226.939802][ T2027]  </TASK>
[  227.052620][   T28] audit: type=1400 audit(1732865489.605:251): avc:  denied  { create } for  pid=2015 comm="syz.0.369" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  227.077682][ T2029] netlink: 'syz.4.371': attribute type 4 has an invalid length.
[  227.168640][ T2032] capability: warning: `syz.4.371' uses deprecated v2 capabilities in a way that may be insecure
[  227.182528][   T28] audit: type=1400 audit(1732865489.765:252): avc:  denied  { ioctl } for  pid=2023 comm="syz.4.371" path="socket:[21509]" dev="sockfs" ino=21509 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  227.437849][    T6] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  227.566264][ T2042] loop0: detected capacity change from 0 to 512
[  227.993469][ T2042] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.373: casefold flag without casefold feature
[  228.007162][ T2042] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.373: couldn't read orphan inode 15 (err -117)
[  228.020441][ T2042] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  228.969945][   T28] audit: type=1400 audit(1732865491.555:253): avc:  denied  { mount } for  pid=2050 comm="syz.1.375" name="/" dev="ramfs" ino=21563 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  229.007949][    T6] usb 3-1: device descriptor read/64, error -71
[  229.058928][ T2056] binder: 2051:2056 ioctl c018620c 200005c0 returned -1
[  229.066985][ T2052] capability: warning: `syz.1.375' uses 32-bit capabilities (legacy support in use)
[  229.144120][  T290] EXT4-fs (loop0): unmounting filesystem.
[  229.210978][   T28] audit: type=1400 audit(1732865491.795:254): avc:  denied  { block_suspend } for  pid=2055 comm="syz.2.377" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  229.240880][   T28] audit: type=1400 audit(1732865491.825:255): avc:  denied  { unmount } for  pid=291 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  229.517956][ T1759] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  229.547936][  T483] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  229.667924][    T6] usb 3-1: device descriptor read/64, error -71
[  229.858022][  T400] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  229.898059][ T1759] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  229.907984][  T483] usb 2-1: config 220 has an invalid interface number: 76 but max is 2
[  229.908956][ T1759] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  229.917008][  T483] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  229.926501][ T1759] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  229.937125][  T483] usb 2-1: config 220 has no interface number 2
[  229.945516][    T6] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  229.953205][  T483] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  229.958938][ T1759] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  229.972340][  T483] usb 2-1: config 220 interface 0 has no altsetting 0
[  229.980535][ T1759] usb 1-1: config 0 descriptor??
[  229.988461][  T483] usb 2-1: config 220 interface 76 has no altsetting 0
[  229.994148][   T28] audit: type=1400 audit(1732865492.565:256): avc:  denied  { rename } for  pid=84 comm="syslogd" name="messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  229.998435][  T483] usb 2-1: config 220 interface 1 has no altsetting 0
[  230.026478][   T28] audit: type=1400 audit(1732865492.565:257): avc:  denied  { unlink } for  pid=84 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  230.048549][   T28] audit: type=1400 audit(1732865492.575:258): avc:  denied  { create } for  pid=84 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  230.187991][  T483] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  230.196968][  T483] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.204845][  T483] usb 2-1: Product: syz
[  230.208926][  T483] usb 2-1: Manufacturer: syz
[  230.213366][  T483] usb 2-1: SerialNumber: syz
[  230.267989][  T400] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  230.278748][    T6] usb 3-1: Using ep0 maxpacket: 8
[  230.285100][  T400] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  230.295259][  T400] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  230.304687][  T400] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  230.318597][  T400] usb 4-1: config 0 descriptor??
[  230.408034][    T6] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  230.466683][ T2064] loop1: detected capacity change from 0 to 2048
[  230.499611][ T1759] pyra 0003:1E7D:2CF6.0021: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.0-1/input0
[  230.518951][ T2064] Alternate GPT is invalid, using primary GPT.
[  230.525099][ T2064]  loop1: p1 p2 p3
[  230.598126][    T6] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  230.607210][    T6] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.614984][    T6] usb 3-1: Product: syz
[  230.618979][    T6] usb 3-1: Manufacturer: syz
[  230.623354][    T6] usb 3-1: SerialNumber: syz
[  230.698095][  T483] usb 2-1: selecting invalid altsetting 0
[  230.703872][  T483] usb 2-1: Found UVC 7.01 device syz (8086:0b07)
[  230.708055][ T1759] pyra 0003:1E7D:2CF6.0021: couldn't init struct pyra_device
[  230.710581][  T483] usb 2-1: No valid video chain found.
[  230.717396][ T1759] pyra 0003:1E7D:2CF6.0021: couldn't install mouse
[  230.776894][ T1759] pyra: probe of 0003:1E7D:2CF6.0021 failed with error -32
[  230.799822][  T400] pyra 0003:1E7D:2CF6.0022: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.3-1/input0
[  230.820600][  T483] usb 2-1: USB disconnect, device number 23
[  231.003235][ T2081] netlink: 68 bytes leftover after parsing attributes in process `syz.0.378'.
[  231.017556][   T28] kauditd_printk_skb: 2 callbacks suppressed
[  231.017586][   T28] audit: type=1400 audit(1732865493.595:261): avc:  denied  { connect } for  pid=2055 comm="syz.2.377" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  231.490710][ T2083] netlink: 68 bytes leftover after parsing attributes in process `syz.3.380'.
[  231.737542][  T483] usb 1-1: USB disconnect, device number 14
[  231.782990][  T400] pyra 0003:1E7D:2CF6.0022: couldn't init struct pyra_device
[  231.791345][  T400] pyra 0003:1E7D:2CF6.0022: couldn't install mouse
[  231.798476][  T400] pyra: probe of 0003:1E7D:2CF6.0022 failed with error -32
[  231.807066][  T400] usb 4-1: USB disconnect, device number 24
[  232.187807][  T483] usb 3-1: USB disconnect, device number 12
[  232.307992][ T1759] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  232.408987][ T2097] FAULT_INJECTION: forcing a failure.
[  232.408987][ T2097] name failslab, interval 1, probability 0, space 0, times 0
[  232.422031][ T2097] CPU: 1 PID: 2097 Comm: syz.3.387 Not tainted 6.1.112-syzkaller-00038-g93460febf9b8 #0
[  232.431569][ T2097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  232.441467][ T2097] Call Trace:
[  232.444586][ T2097]  <TASK>
[  232.447364][ T2097]  dump_stack_lvl+0x151/0x1b7
[  232.451882][ T2097]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  232.457172][ T2097]  ? __kernel_text_address+0xd/0x40
[  232.462210][ T2097]  ? arch_stack_walk+0xf3/0x140
[  232.466929][ T2097]  dump_stack+0x15/0x1e
[  232.470970][ T2097]  should_fail_ex+0x3d0/0x520
[  232.475501][ T2097]  __should_failslab+0xaf/0xf0
[  232.480084][ T2097]  ? kvmalloc_node+0x221/0x640
[  232.484684][ T2097]  should_failslab+0x9/0x20
[  232.489023][ T2097]  __kmem_cache_alloc_node+0x3d/0x2a0
[  232.494235][ T2097]  ? kvmalloc_node+0x221/0x640
[  232.498832][ T2097]  __kmalloc_node+0xa3/0x1e0
[  232.503259][ T2097]  kvmalloc_node+0x221/0x640
[  232.507690][ T2097]  ? vm_mmap+0xb0/0xb0
[  232.511595][ T2097]  ? timer_update_keys+0x80/0xb0
[  232.516371][ T2097]  ? debug_smp_processor_id+0x17/0x20
[  232.521573][ T2097]  __kvm_mmu_topup_memory_cache+0x317/0x4a0
[  232.527300][ T2097]  ? __kasan_check_write+0x14/0x20
[  232.532253][ T2097]  kvm_mmu_topup_memory_cache+0x22/0x30
[  232.537628][ T2097]  kvm_mmu_load+0x111/0x2970
[  232.542060][ T2097]  ? __kasan_check_write+0x14/0x20
[  232.547004][ T2097]  ? mutex_unlock+0xb2/0x260
[  232.551428][ T2097]  ? kvm_mmu_unload+0x120/0x120
[  232.556112][ T2097]  ? xa_find+0x2e0/0x2e0
[  232.560195][ T2097]  ? memset+0x35/0x40
[  232.564012][ T2097]  ? vmx_flush_tlb_all+0xc2/0x380
[  232.568872][ T2097]  ? vmx_get_if_flag+0x40/0x40
[  232.573474][ T2097]  ? queue_delayed_work_on+0x13f/0x180
[  232.578767][ T2097]  ? kvm_apic_has_interrupt+0x9d0/0xa70
[  232.584150][ T2097]  ? kvm_hv_activate_synic+0x100/0x100
[  232.589445][ T2097]  vcpu_enter_guest+0x6c7d/0x9490
[  232.594308][ T2097]  ? avc_has_perm+0x16f/0x260
[  232.598820][ T2097]  ? pvclock_gtod_update_fn+0x2b0/0x2b0
[  232.604212][ T2097]  ? 0xffffffffa0001f98
[  232.608191][ T2097]  ? is_bpf_text_address+0x172/0x190
[  232.613312][ T2097]  ? stack_trace_save+0x1c0/0x1c0
[  232.618172][ T2097]  ? kernel_text_address+0xa9/0xe0
[  232.623118][ T2097]  ? __kernel_text_address+0xd/0x40
[  232.628154][ T2097]  ? unwind_get_return_address+0x4d/0x90
[  232.633619][ T2097]  ? arch_stack_walk+0xf3/0x140
[  232.638317][ T2097]  ? _parse_integer_limit+0x19b/0x1e0
[  232.643516][ T2097]  ? memset+0x35/0x40
[  232.647341][ T2097]  ? vmx_vcpu_pi_load+0x12b/0x7f0
[  232.652195][ T2097]  ? _parse_integer+0x40/0x40
[  232.656709][ T2097]  ? nested_vmx_inject_exception_vmexit+0x4d0/0x4d0
[  232.663145][ T2097]  ? __stack_depot_save+0x36/0x480
[  232.668098][ T2097]  ? do_vfs_ioctl+0xba7/0x29a0
[  232.672679][ T2097]  ? bpf_trace_run1+0x10b/0x240
[  232.677368][ T2097]  ? bpf_put_raw_tracepoint+0x60/0x60
[  232.682576][ T2097]  ? fpu_swap_kvm_fpstate+0x4e2/0x5d0
[  232.687778][ T2097]  ? fpu_swap_kvm_fpstate+0x81/0x5d0
[  232.692907][ T2097]  ? __bpf_trace_kvm_fpu+0x1b/0x20
[  232.697852][ T2097]  kvm_arch_vcpu_ioctl_run+0x1478/0x2270
[  232.703320][ T2097]  ? __kvm_request_immediate_exit+0x70/0x70
[  232.709045][ T2097]  ? vfs_write+0x952/0xed0
[  232.713299][ T2097]  kvm_vcpu_ioctl+0x7eb/0xcf0
[  232.717813][ T2097]  ? xa_release+0x40/0x40
[  232.721976][ T2097]  ? selinux_file_ioctl+0x3cc/0x540
[  232.727011][ T2097]  ? __mutex_lock_slowpath+0x10/0x10
[  232.732144][ T2097]  ? selinux_file_alloc_security+0x120/0x120
[  232.737951][ T2097]  ? __fget_files+0x2cb/0x330
[  232.742462][ T2097]  ? security_file_ioctl+0x84/0xb0
[  232.747406][ T2097]  ? xa_release+0x40/0x40
[  232.751576][ T2097]  __se_sys_ioctl+0x114/0x190
[  232.756092][ T2097]  __x64_sys_ioctl+0x7b/0x90
[  232.760514][ T2097]  x64_sys_call+0x98/0x9a0
[  232.764766][ T2097]  do_syscall_64+0x3b/0xb0
[  232.769016][ T2097]  ? clear_bhb_loop+0x55/0xb0
[  232.773532][ T2097]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  232.779260][ T2097] RIP: 0033:0x7f20c9d80809
[  232.783517][ T2097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  232.802954][ T2097] RSP: 002b:00007f20caaa3058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  232.811221][ T2097] RAX: ffffffffffffffda RBX: 00007f20c9f45fa0 RCX: 00007f20c9d80809
[  232.819015][ T2097] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000009
[  232.826824][ T2097] RBP: 00007f20caaa30a0 R08: 0000000000000000 R09: 0000000000000000
[  232.834632][ T2097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  232.842444][ T2097] R13: 0000000000000000 R14: 00007f20c9f45fa0 R15: 00007ffdf61412c8
[  232.850262][ T2097]  </TASK>
[  232.862667][ T2100] FAULT_INJECTION: forcing a failure.
[  232.862667][ T2100] name failslab, interval 1, probability 0, space 0, times 0
[  232.875159][ T2100] CPU: 0 PID: 2100 Comm: syz.0.388 Not tainted 6.1.112-syzkaller-00038-g93460febf9b8 #0
[  232.884618][ T2100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  232.894512][ T2100] Call Trace:
[  232.897635][ T2100]  <TASK>
[  232.900413][ T2100]  dump_stack_lvl+0x151/0x1b7
[  232.904927][ T2100]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  232.910224][ T2100]  dump_stack+0x15/0x1e
[  232.914218][ T2100]  should_fail_ex+0x3d0/0x520
[  232.918729][ T2100]  ? ioctx_alloc+0x10d/0x760
[  232.923153][ T2100]  __should_failslab+0xaf/0xf0
[  232.927755][ T2100]  should_failslab+0x9/0x20
[  232.932095][ T2100]  kmem_cache_alloc+0x3b/0x320
[  232.936693][ T2100]  ? __bitmap_weight+0xb9/0x110
[  232.941383][ T2100]  ? ksys_write+0x260/0x2c0
[  232.945726][ T2100]  ioctx_alloc+0x10d/0x760
[  232.949973][ T2100]  ? __ia32_sys_read+0x90/0x90
[  232.954577][ T2100]  __se_sys_io_setup+0x72/0x230
[  232.959262][ T2100]  __x64_sys_io_setup+0x5b/0x70
[  232.963949][ T2100]  x64_sys_call+0x576/0x9a0
[  232.968288][ T2100]  do_syscall_64+0x3b/0xb0
[  232.972540][ T2100]  ? clear_bhb_loop+0x55/0xb0
[  232.977052][ T2100]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  232.982779][ T2100] RIP: 0033:0x7efde4d80809
[  232.987033][ T2100] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.006487][ T2100] RSP: 002b:00007efde5b7e058 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[  233.014729][ T2100] RAX: ffffffffffffffda RBX: 00007efde4f45fa0 RCX: 00007efde4d80809
[  233.017945][  T483] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  233.022536][ T2100] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003
[  233.037722][ T2100] RBP: 00007efde5b7e0a0 R08: 0000000000000000 R09: 0000000000000000
[  233.045532][ T2100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  233.053346][ T2100] R13: 0000000000000000 R14: 00007efde4f45fa0 R15: 00007ffc2edd1d08
[  233.061164][ T2100]  </TASK>
[  233.087986][ T1759] usb 2-1: Using ep0 maxpacket: 16
[  233.143880][ T2108] loop0: detected capacity change from 0 to 1024
[  233.150383][ T2108] =======================================================
[  233.150383][ T2108] WARNING: The mand mount option has been deprecated and
[  233.150383][ T2108]          and is ignored by this kernel. Remove the mand
[  233.150383][ T2108]          option from the mount to silence this warning.
[  233.150383][ T2108] =======================================================
[  233.185747][ T2108] EXT4-fs: Ignoring removed nobh option
[  233.192026][ T2108] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  233.209819][ T2108] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  233.237998][ T1759] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  233.238086][   T28] audit: type=1400 audit(1732865495.815:262): avc:  denied  { map } for  pid=2107 comm="syz.0.391" path="/84/file1/file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  233.247833][ T1759] usb 2-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  233.278261][   T28] audit: type=1400 audit(1732865495.855:263): avc:  denied  { execute } for  pid=2107 comm="syz.0.391" path="/84/file1/file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  233.279873][ T1759] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  233.310898][ T1759] usb 2-1: config 0 descriptor??
[  233.324023][  T290] EXT4-fs (loop0): unmounting filesystem.
[  233.397986][  T483] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  233.409390][  T483] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  233.419143][  T483] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  233.428120][  T483] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  233.436537][  T483] usb 3-1: config 0 descriptor??
[  233.658010][  T400] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  233.798853][ T1759] hid-multitouch 0003:1FD2:6007.0023: unknown main item tag 0x0
[  233.806348][ T1759] hid-multitouch 0003:1FD2:6007.0023: unknown main item tag 0x0
[  233.815629][ T1759] hid-multitouch 0003:1FD2:6007.0023: unknown main item tag 0x0
[  233.823163][ T1759] hid-multitouch 0003:1FD2:6007.0023: unknown main item tag 0x0
[  233.830620][ T1759] hid-multitouch 0003:1FD2:6007.0023: unknown main item tag 0x0
[  233.838073][ T1759] hid-multitouch 0003:1FD2:6007.0023: unknown main item tag 0x0
[  233.845512][ T1759] hid-multitouch 0003:1FD2:6007.0023: unknown main item tag 0x0
[  233.854456][ T1759] hid-multitouch 0003:1FD2:6007.0023: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.1-1/input0
[  233.920086][  T483] pyra 0003:1E7D:2CF6.0024: hidraw1: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.2-1/input0
[  233.956847][ T2128] loop3: detected capacity change from 0 to 512
[  233.966211][ T2128] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.396: inode #1: comm syz.3.396: iget: illegal inode #
[  233.979113][ T2128] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.396: error while reading EA inode 1 err=-117
[  233.991608][ T2128] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2808: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  234.004587][ T2128] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.396: inode #1: comm syz.3.396: iget: illegal inode #
[  234.018011][  T400] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  234.029153][ T2128] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.396: error while reading EA inode 1 err=-117
[  234.029194][  T400] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  234.051128][  T400] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  234.051269][  T511] usb 2-1: USB disconnect, device number 24
[  234.060222][  T400] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.066016][ T2128] EXT4-fs (loop3): 1 orphan inode deleted
[  234.078547][  T400] usb 1-1: config 0 descriptor??
[  234.084324][ T2128] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  234.096222][ T2128] binfmt_misc: register: failed to install interpreter file ./file0
[  234.109164][   T28] audit: type=1400 audit(1732865496.695:264): avc:  denied  { mounton } for  pid=2127 comm="syz.3.396" path="/86/file0/file0" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  234.111472][ T2128] device syz_tun entered promiscuous mode
[  234.133747][   T28] audit: type=1400 audit(1732865496.695:265): avc:  denied  { create } for  pid=2127 comm="syz.3.396" name=".index" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  234.143875][ T2128] incfs: Unexpected inode type
[  234.157840][   T28] audit: type=1400 audit(1732865496.695:266): avc:  denied  { remount } for  pid=2127 comm="syz.3.396" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  234.162365][  T483] pyra 0003:1E7D:2CF6.0024: couldn't init struct pyra_device
[  234.189704][ T2127] device syz_tun left promiscuous mode
[  234.195266][  T483] pyra 0003:1E7D:2CF6.0024: couldn't install mouse
[  234.203298][  T483] pyra: probe of 0003:1E7D:2CF6.0024 failed with error -32
[  234.256741][  T292] EXT4-fs error (device loop3): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  234.278837][  T292] ------------[ cut here ]------------
[  234.284114][  T292] kernel BUG at fs/namei.c:2956!
[  234.287303][   T28] audit: type=1400 audit(1732865496.865:267): avc:  denied  { unlink } for  pid=292 comm="syz-executor" name="lost+found" dev="loop3" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=blk_file permissive=1
[  234.289338][  T292] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  234.317621][  T292] CPU: 1 PID: 292 Comm: syz-executor Not tainted 6.1.112-syzkaller-00038-g93460febf9b8 #0
[  234.324888][   T28] audit: type=1400 audit(1732865496.865:268): avc:  denied  { rmdir } for  pid=292 comm="syz-executor" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  234.327332][  T292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  234.327346][  T292] RIP: 0010:may_delete+0x6eb/0x6f0
[  234.363941][  T292] Code: 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c 7f fe ff ff 4c 89 e7 e8 c6 6b f3 ff e9 72 fe ff ff e8 2c 00 ac ff 0f 0b e8 25 00 ac ff <0f> 0b 0f 1f 00 55 48 89 e5 41 56 53 48 89 fb e8 11 00 ac ff 4c 8d
[  234.383471][  T292] RSP: 0018:ffffc90000ea7bd8 EFLAGS: 00010293
[  234.389369][  T292] RAX: ffffffff81c9a60b RBX: ffff8881005c07a0 RCX: ffff88810e978000
[  234.397402][  T292] RDX: 0000000000000000 RSI: 0000000000200000 RDI: 0000000000000000
[  234.405347][  T292] RBP: ffffc90000ea7c40 R08: ffffffff81c99f9f R09: 0000000000000003
[  234.413106][  T292] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff88810bac5ee0
[  234.420922][  T292] R13: 1ffff11021758bdc R14: ffff888100691848 R15: dffffc0000000000
[  234.428733][  T292] FS:  000055555b829500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  234.437723][  T292] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  234.445363][  T292] CR2: 000055555b854528 CR3: 000000012ea13000 CR4: 00000000003506a0
[  234.453172][  T292] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  234.460980][  T292] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  234.468983][  T292] Call Trace:
[  234.472103][  T292]  <TASK>
[  234.474882][  T292]  ? __die_body+0x62/0xb0
[  234.479046][  T292]  ? die+0x88/0xb0
[  234.482604][  T292]  ? do_trap+0x103/0x330
[  234.486685][  T292]  ? may_delete+0x6eb/0x6f0
[  234.491029][  T292]  ? handle_invalid_op+0x95/0xc0
[  234.495798][  T292]  ? may_delete+0x6eb/0x6f0
[  234.500140][  T292]  ? exc_invalid_op+0x32/0x50
[  234.504657][  T292]  ? asm_exc_invalid_op+0x1b/0x20
[  234.509522][  T292]  ? may_delete+0x7f/0x6f0
[  234.513770][  T292]  ? may_delete+0x6eb/0x6f0
[  234.518241][  T292]  ? may_delete+0x6eb/0x6f0
[  234.522565][  T292]  ? may_delete+0x6eb/0x6f0
[  234.526910][  T292]  vfs_rmdir+0x32/0x500
[  234.530902][  T292]  ? generic_shutdown_super+0x2b8/0x370
[  234.536281][  T292]  incfs_kill_sb+0x113/0x230
[  234.540713][  T292]  deactivate_locked_super+0xad/0x110
[  234.545917][  T292]  deactivate_super+0xbe/0xf0
[  234.550426][  T292]  cleanup_mnt+0x485/0x510
[  234.554677][  T292]  ? user_path_at_empty+0x14e/0x1a0
[  234.559713][  T292]  __cleanup_mnt+0x19/0x20
[  234.563967][  T292]  task_work_run+0x24d/0x2e0
[  234.568393][  T292]  ? task_work_cancel+0x2e0/0x2e0
[  234.573255][  T292]  ? __x64_sys_umount+0x122/0x170
[  234.578113][  T292]  exit_to_user_mode_loop+0x94/0xa0
[  234.583146][  T292]  exit_to_user_mode_prepare+0x5a/0xa0
[  234.588440][  T292]  syscall_exit_to_user_mode+0x26/0x130
[  234.593819][  T292]  do_syscall_64+0x47/0xb0
[  234.598080][  T292]  ? clear_bhb_loop+0x55/0xb0
[  234.602588][  T292]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  234.608314][  T292] RIP: 0033:0x7f20c9d81b37
[  234.612569][  T292] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  234.632010][  T292] RSP: 002b:00007ffdf613f468 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  234.640257][  T292] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f20c9d81b37
[  234.648068][  T292] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdf613f520
[  234.655877][  T292] RBP: 00007ffdf613f520 R08: 0000000000000000 R09: 0000000000000000
[  234.663691][  T292] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdf6140610
[  234.671517][  T292] R13: 00007f20c9df37dc R14: 00000000000391cd R15: 00007ffdf61416d0
[  234.679321][  T292]  </TASK>
[  234.682179][  T292] Modules linked in:
[  234.687125][  T292] ---[ end trace 0000000000000000 ]---
[  234.687215][ T2131] netlink: 68 bytes leftover after parsing attributes in process `syz.2.386'.
[  234.704679][  T292] RIP: 0010:may_delete+0x6eb/0x6f0
[  234.709761][  T292] Code: 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c 7f fe ff ff 4c 89 e7 e8 c6 6b f3 ff e9 72 fe ff ff e8 2c 00 ac ff 0f 0b e8 25 00 ac ff <0f> 0b 0f 1f 00 55 48 89 e5 41 56 53 48 89 fb e8 11 00 ac ff 4c 8d
[  234.729391][  T292] RSP: 0018:ffffc90000ea7bd8 EFLAGS: 00010293
[  234.735423][  T292] RAX: ffffffff81c9a60b RBX: ffff8881005c07a0 RCX: ffff88810e978000
[  234.743470][  T292] RDX: 0000000000000000 RSI: 0000000000200000 RDI: 0000000000000000
[  234.751407][  T292] RBP: ffffc90000ea7c40 R08: ffffffff81c99f9f R09: 0000000000000003
[  234.761553][  T292] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff88810bac5ee0
[  234.769561][  T292] R13: 1ffff11021758bdc R14: ffff888100691848 R15: dffffc0000000000
[  234.777491][  T292] FS:  000055555b829500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  234.786436][  T292] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  234.809353][  T292] CR2: 0000001b2de1dff8 CR3: 000000012ea13000 CR4: 00000000003506a0
[  234.821122][  T292] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  234.834938][  T292] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  234.842943][  T292] Kernel panic - not syncing: Fatal exception
[  234.848932][  T292] Kernel Offset: disabled
[  234.853017][  T292] Rebooting in 86400 seconds..