last executing test programs:

16.122783946s ago: executing program 0:
timer_create(0x0, &(0x7f0000000080)={0x0, 0x12}, &(0x7f0000000200))
r0 = memfd_create(&(0x7f0000000480)='\xc0\x87:*\x18\xc1k\xa7\x87[\xa0o8\xaaK\xa5\xd3\v\x86\xca<\x7f\xfd6\x8d}\xd8\xf2G\x82E6\x8f\xee\x88e\x7f\b\xe0\xfa\xb1\xd8N\xb2W\xcb\x8d}3lm8\xa57\xc9\x00HOA\xc8\x80k\xde%\x00\xb1\x9aF\xe2\xba[\xc7%\x88 \xeeQR\x9f\x81\x8b\xdc\xc7\xdc\xdem\xbe\x7f2\x11)W\x9c\x82\x91\x17\xd8\xda@4\x9f\xc5\xe3\x8d.\xd1=\xcf\xbf\x81\xb5\x8d%K\x1d\xe7_\xde\x87\xdd\xc1\xf0\x91\x1a!\x9c\xd3\v\xc9\x95d\xe3*\xa9\xfa\x99\x9d\xc0\x89>\xc9\xf2/\x13{\x1a\x7f\x00\x00\x00\x00+$\xedX\xb7KV\x90\xc3D\x82`\xea\x16\xc6\xcef\xab\x05\x19\x96\xb9_6*-\xf3\x8c\x9a\x15\x9c\xf5\xb4O\x17@d\x81+\xf6\xe6+\xed\r\xd2\xb3\xaa\x9b\x7fC\'\xa2\xf6\x12\xa1\x15Punfo\x7f\x92G\x0e.\xcekh\xb9p2\xccC\xbaH\xc4\xdc\xe2\xa1%)\x85\xc7O]\'9\x92\xad\xfbJ\x02\x1d\x91-\xc99\t&\xbdq\x06`T\xc8\x9f\t5\x06\xdd\xaf\x84\xf4\"\x13\xcf\xe5\x93D\xad~F\xe5\x19\xaa\xaa\xb2\xb1\x03m\x82+\x06\x1bF^\xd3n\xc4F\xc1\xc08\x94\xe6\xe5\x1f\xa7\xf6\xcaA\x90T\x1b\xe6\xb9\xe7\xff\xc5H\x04\x8d\xca\xad\x17UlY\x9a}\r4\xac\x93\xac\v2\xc6\xf9\xbe\xfeI\x8b\xd0/`\xab\x1e\xcf\x7f\b\x94 2.{\xc1\xbe\x80th~\xcb\xb9E\x10W\xed\xed51[\xc5\xeb\xb1ux\x94\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xdem\xe3+q:3\xfa*\x98o\'f\xbcY\x8e?\xf9\x84y\x89Y\x1c]\xad$\x7fp\xf1\xa3\x99[\xff\x1f\x94\xc2\xdb\xbaG\xa6UD\x88YY\xd4\xff\x00\x9a{]\xe2\x98W\xb9\x13\x17<\x8b!?\x8e\xbc\xae\xf9\xcc\b\x90n\x15\x7f\xd5WS\xfbN\xec)B\xe7R\xa5\xd7O\x83\x80}\xcc7\x99\xdb\xd6\xbd\x9c\x05l\xfc.\xf4\xbbeF\xa3\xea}\xf1\x86z\xca\xad\x82\xd9IRV5\xa77\'\x1a\x1c\x89\xef:\xee\x10\xb2\xd6\xc8\xf4\xb5\xdd\xd8c!@JRYX\xfc\xd4D\x13\"\xb2\x06\xbd&\xf86\xddXv\xc9\x1322L\xd6\xded\x16A!\x8b#1\xf9sNG\x02\x83\xe6Bl\xd2\x02\xfb[\x82J\xca\xdf:\x8ft\xe0\xf8\a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x13\x92\xde\xd5\xe0\xde-U\xd8\xc5\x85\x9d\xb6~p;\xe3\"`\x83\x12\xc1\xa5\xa7\tf\xf2\xde\xe2\x01\xcc\xf7\x1cjq0\x90\xa9g{\x9b6\xc4cN\xcd\xc6\xfbw\x01\xe3Z\x02\xed\xab\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xb, 0x11, r0, 0x0)
fallocate(r0, 0x0, 0x0, 0x800000b)
clock_getres(0x0, &(0x7f0000000000))
socket$inet6_udp(0xa, 0x2, 0x0)

15.366065942s ago: executing program 0:
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x89}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7)
r0 = getpid()
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x8, 0x10001, 0x9, 0x1}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r4}, 0x10)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x2)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000100)={0x3, &(0x7f0000000140)=[{0x5, 0x1}, {0x35, 0x0, 0x0, 0xe12b}, {0x16, 0x3f}]})

14.419847457s ago: executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
ioprio_set$pid(0x0, 0x0, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x0, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000380)={0x1, 0x0, 0x0, &(0x7f0000000280)=""/233, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000780)={0x0, 0x1, 0x0, &(0x7f0000000700)=""/99, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000004c0))
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x20000)
write$eventfd(r2, &(0x7f00000000c0)=0xfffffffffffffffe, 0x8)

13.571066367s ago: executing program 0:
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000001740)=[{&(0x7f0000000380)="c7", 0x1}], 0x1, 0x0)

13.524589215s ago: executing program 0:
r0 = syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x40, &(0x7f0000000280)=ANY=[@ANYBLOB='nodots,nodots,dots,dots,nodots,errors=continue,time_offset=0xfffffffffffffa93,dots,showexec,nodots,dots,gid=', @ANYRESHEX=0xee00, @ANYRES32=0x0], 0x1, 0x1d3, &(0x7f0000001a00)="$eJzs3cFqE1EUBuAzsTapIHYniOCAG1dBfYKKRBAHRCULXSm0bhoRks3oxvoWPqAPIF11IyNmxsaWZGxjzJj0+zb5yTmTey+ESTY5eX3z3f7u+9Hbr9e/RKeTRGsnduIoie1oxS8HAQCsk6OiiG9FsdH0PgCA5ak+/8dmtHyvu94XBwBYPS9evnryIMt6z9O0E3F4kPfzfvlY1h89znp307HtyVWHed6/dFy/V9bTk/XLcSUitiLr3Z9a34w7t8fXf/5Ze/g0O1Vvx+6/Pz4AAAAAAAAAAAAAAAAAAAAAADSimx6bOt+n251VL9Nv84FOze/ZiBuGAwIAAAAAAAAAAAAAAAAAAMCZjD583H8zGOwNJ6EdESefmS8U12YuMS2kEfH3i543tGJ5a61aSP6PbZwzRDV1oqbn1mLe4c+u/qkn5nvlzYio79mqP+AiwuQe0W7m1gQAAAAAAAAAAAAAAAAAABdO9VvfZDhqeicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Jzy//8He8N5wqeIOENztVTS8FEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABYYz8CAAD//x8yIRo=")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='rdma.current\x00', 0x275a, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f00000003c0)='./file1\x00', 0x20421, &(0x7f0000001a40)=ANY=[@ANYBLOB="696f636861727365743d61736369692c646973636172642c646d61736b3d30303030303030303030303030303030303030303030b72c7569643d", @ANYRESDEC, @ANYRESHEX, @ANYRES64, @ANYRESHEX=r0, @ANYRESOCT, @ANYBLOB="c7f66d5a3cf83fe1ebe9"], 0x81, 0x1501, &(0x7f0000000500)="$eJzs3Au0jtX2MPA511oPm6Q3yX3NNR/e5LIISS4JuSRJkiS5JSRJjiQkt9ySkITck9xDcoud3O+33JPkSJIkJCRZ39DpfM75Ov/Tv++c/+cbZ8/fGGvsNffzzvnOZ8899vs87x57f9NxSNX61SrVZWb4l+BfPvQAgBQA6A8A1wFABAAls5TMcvl4Bo09/rUnEf9eD02/2h2Iq0nmn7bJ/NM2mX/aJvNP22T+aZvMP22T+adtMn8h0rJtM3JeLyvtLnn/Py2T1///IEeKjP1iQ5EbO/2BFJl/2ibzT9tk/mmbzD9tk/mnbTL//3wV/8kxmX/aJvMXIi272u8/y7q662p//wkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESBvOhysMAPx1f7X7EkIIIYQQQgghxL9PSH+1OxBCCCGEEEIIIcT/PAQFGgxEkA7SQwpkgIxwDWSCayEzXAcJuB6ywA2QFW6EbJAdckBOyAW5IQ9YIHDAEENeyAdJuAnyw81QAApCISgMHopAUbgFikFxKAG3Qkm4DUoBJEpDGSgL5eAOKA93QgWoCJXgLqgMVaAqVIO7oTrcAzXgXqgJ90EtuB9qwwNQBx6EuvAQ1IOHoT48Ag3gUWgIjaAxNIGm/1f5L0BXeBG6QXfoAT2hF7wEvaEP9IV+0B9ehgHwCgyEV2EQDIYh8BoMhddhGLwBw2EEjIQ3YRSMhjEwFsbBeJgAb8FEeBsmwTswGabAVJgG02EGzIR3YRbMhjnwHsyF92EezIcFsBAWwQewGJZAKnwIS+EjWAbLYQWshFWwGtbAWlgH62EDbIRNsBm2wFbYBh/DdtgBO2EX7IY9sBc+gX3wKeyHz+AAfP4H88/9H/mdEBBQoUKDBtNhOkzBFMyIGTETZsLMmBkTmMAsmAWzYlbMhtkwB+bAXJgL82AeJCRkZMyLeTGJScyP+bEAFsBCWAg9eiyKRbEYFscSWAJLYkkshaWwNJbBMlgOy2F5LI8VsAJWwkpYGStjVayKd+PdeA/WwBpYE2tiLayFtbE21sE6WBfrYj2sh/WxPjbABtgQG2JjbIxNsSk2w2bYHJtjS2yJrbAVtsbW2AbbYFtsi+2wHbbH9tgBO2BH7IidsDN2xhfwBXwRX8TuWFn1xF7YC3tjb+yL/bAfvowD8BV8BV/FQTgYh+Br+Bq+jsPwLA7HETgSR2J5NRrH4FhkNR4n4ASciBNxEk7CyTgFp+A0nI4zcCbOxFk4G2fjezgX38f3cT7Ox4W4CBfhYlyCqZiKS/EcLsPluAJX4ipcjatwLa7DtbgBN+IG3IybcStuxY/xY9yBO3AX7sI9uAc/wU/wU/wUB+EBPIAH8SAewkN4GA/jETyCR/EoHsNjeByP4wk8gSfxFJ7GU3gGz+BZPIfn8TxewAt4EZ/L9VW9PQXXDwJ1mVFGpVPpVIpKURlVRpVJZVKZVWaVUAmVRWVRWVVWlU1lUzlUDpVL5VJ5VB5FihSrWOVVeVVSJVV+lV8VUAVUIVVIeeVVUVVUFVPFVAlVQpVUt6lS6nZVWpVRLXw5VU6VVy19BVVRVVKVVGVVRVVV1VQ1VV1VVzVUDVVT1VS1VC1VWz2g6qie2BcfUpcnU18NxgZqCDZUjVRj1US9jo+pZmoYNlctVEv1hBqBw7G1aubbqKdVWzUG26k/qbH4rOqgxmNH9bzqpDqrLuoF1VU1991UdzUZe6peahr2Vn1UX9VPzcIq6vLEqqpX1SA1WA1Rr6mF+Loapt5Qw9UINVK9qUap0WqMGqvGqfFqgnpLTVRvq0nqHTVZTVFT1TQ1Xc1QM9W7apaareao99Rc9b6ap+arBWqhWqQ+UIvVEpWqPlRL1UdqmVquVqiVapVardaotWqdWq82qI1qk9qstqitapv6WG1XO9ROtUvtVnvUXvWJ2qc+VfvVZ+qA+lwdVH9Wh9QX6rD6Uh1RX6mj6mt1TH2jjqtv1Qn1nTqpTqnT6nt1Rv2gzqpz6rz6UV1QP6mL6md1SQUFGrXSWhsd6XQ6vU7RGXRGfY3OpK/VmfV1OqGv11n0DTqrvlFn09l1Dp1T59K5dR5tNWmnWcc6r86nk/omnV/frAvogrqQLqy9LqKL6lt0MV1cl9C36pL6Nl1K365L6zK6rC6n79Dl9Z26gq6oK+m7dGVdRVfV1fTdurq+R9fQ9+qa+j5dS9+va+sHdB39oK6rH9L19MO6vn5EN9CP6oa6kW6sm+im+jHdTD+um+sWuqV+QrfST+rW+indRj+t2+pndDud7tfXued0R/287qQ76y76Z31JB91Nd9c9dE/dS7+ke+s+uq/up/vrl/UA/YoeqF/Vg/RgPUS/pofq1/Uw/YYerkfokfpNPUqP1mP0WD1Oj9cT9Ft6on5bT9Lv6Ml6ip6qp+npeobu+2ulOf+N/Lf/Qf7AX559q96mP9bb9Q69U+/Su9OD3qv36n16n96v9+sD+oA+qEP3v5zfYX1EH9FH9VF9TB/Tx/VxfUKf0Cf1Kf2j/l6f0T/os/qcPqd/1Bf0BX3x168BGDTKaGNMZNKZ9CbFZDAZzTUmk7nWZDbXmYS53mQxN5is5kaTzWQ3OUxOk8vkNnmMNWScYRObvCafSZqbTH5zsylgCppCprDxpogpam75l/N/r7+mpqlpZpqZ5qa5aWlamlamlWltWps2po1pa9qadqadaW/amw6mg+loOppOppPpYrqYrqar6Wa6mR6mh+llXjK9TR/T1/Qz/c3LZoAZYAaagWaQGWSGmCFmqBlqhplhZrgZbkaakWaUGWXGmDFmnBlnJpgJZqKZaCaZSWaymWymmqlmupluZpqZZpaZZeaYOWaumWvmmXlmgVlgFplFZrFZbFJNqllqlpplZrlZblaalWa1WW3WmrVmvVlvNpqNZrPZbJaZbWab2W62m51mp9ltdpu9Zq/ZZ/aZ/Wa/OWAOmIPmoDlkDpnD5rA5Yo6Yo+aoOWaOmePmuDlhTpiT5qQ5bU6bM+aMOWvOmvPmvLlgLpiL5qK5ZC5dvuyLVKQiE5koXZQuSolSooxRxihTlCnKHGWOElEiyhJlibJGN0bZouxRjihnlCvKHeWJbESRiziKo7xRvigZ3RTlj26OCkQFo0JR4chHRaKi0S1Rsah4FAFAyei2qFR0e1Q6KhOVjcpFd0TlozujClHFqFJ0V1Q5qhJVjapFd0fVo3uiv16Z1oruj2pHD0R1ogejutFDUb3o4ah+9EjUIHo0ahg1ihpHTaKmUfGoRHRr9Efq14jujWpG90W/rR/C2eyP+262u+1he9pe9iXb2/axfW0/29++bAfYV+xA+6odZAfbIfY1O9S+bofZN+xwO8KOtG/aUXa0HWPH2nF2vJ1g37IT7dt2kn3HTrZT7FQ7zU63M+xM+66dZWfbOfY9O9e+b+fZ+XaBXWgX2Q/sYrvEptoP7VL7kV1ml9sVdqVdZVfbNXatXWfX2w12o91kN9stdqvdZj+22+0Ou9PusrvtHrvXfmL32U/tfvuZPWA/twftn+0h+4U9bL+0R+xX9qj92h6z39jj9lt7wn5nT9pT9rT93p6xP9iz9pw9b3+0F+xP9qL92V6y4fLF/eWXdzJkKB2loxRKoYyUkTJRJspMmSlBCcpCWSgrZaVslI1yUA7KRbkoD+Why5iY8lJeSlKS8lN+KkAFqBAVIk+eilJRKkbFqASVoJJUkkpRKSpNpakslaU76A66k+6kilSR7qK7qApVoWpUjapTdapBNagm1aRaVItqU22qQ3WoLtWlelSP6lN9akANqCE1pMbUmJpSU2pGzag5NaeW1JJaUStqTa2pDbWhttSW2lE7ak/tqQN1oI7UkTpRJ+pCXagrdaVu1I16UA/qRb2oN/WmvtSX+lN/GkADaCANpEE0iIbQEBpKQ2kYDaPhNIJG0ps0ikbTGBpL42g8TaAJNJEm0iSaRJNpMk2lqTSdptNMmkmzaBbNoTk0l+bSPJpHC2gBLaJFtJgWUyql0lJaSstoGa2gFbSKVtEaWkPraB1toA20iTbRFtpC22gbbafttJN20m7aTXtpL+2jfbSf9tMBOkAH6SAdokN0mA7TETpCR+koHaNjdJyO0wk6QSfpJJ2m03SGztBZOkvn6TxdoJ/oIv1MlyhQilOQ0V3jMrlrXWZ3nUtxGdzfxjlcTpfL5XZ5nHXZXPa/i8k5V8AVdIVcYeddEVfU3fKbuLQr48q6cu4OV97d6Sr8Jq7u7nE13L2uprvPVXN3/11cy93vartHXB33qKvrGrl6romr7x5xDdyjrqFr5Bq7Jq6Ve9K1dk+5Nu5p19Y985t4sVvi1rn1boPb6Pa5T91596M75r5xIf1Prpvr7vq7l90A94ob6F51g9zg38Qj3ZtulBvtxrixbpwb/5t4qpvmprsZbqZ7181ys38TL3IfuLku1c1z890Ct/CX+HJPqe5Dt9R95Ja55W6FW+lWudVujVv7v3td6Ta7LW6r2+s+cdvdDrfT7XK73Z5f4svnsd995g64z91R97U75L5wh91xd8R99Ut8+fyOu2/dCfedO+lOudPue3fG/eDOunO/nP8F95P73v3sLrnggJEVazYccTpOzymcgTPyNZyJr+XMfB0n+HrOwjdwVr6Rs3F2zsE5ORfn5jxsmdgxc8x5OR8n+SbOzzdzAS7Ihbgwey7CRfkWLsbFuQTfyiX5Ni7Ft3NpLsNluRzfweX5Tq7AFbkS38WVuQpX5Wp8N1fne7gG38s1+T6uxfdzbX6A6/CDXJcf4nr8MNfnR7gBP8oNuRE35ibclB/jZvw4N+cW3JKf4Fb8JLfmp7gNP81t+Rlux3/i9vwsd+DnuCM/z524M3fhF7grv8jduDv34J7ci1/i3tyH+3I/7s8v8wB+hQfyqzyIB/MQfo2H8us8jN/g4TyCR/KbPIpH8xgey+N4PE/gt3giv82T+B2ezFN4Kk/j6TyDZ/K7PItn8xx+j+fy+zyP5/MCXsiL+ANezEs4lT/kpfwRL+PlvIJX8ipezWt4La/j9byBN/Im3sxbeCtv4495O+/gnbyLd/Me3suf8D7+lPfzZ3yAP+eD/Gc+xF/wYf6Sj/BXfJS/5mP8DR/nb/kEf8cn+RSf5u/5DP/AZ/kcn+cf+QL/xBf5Z77EgSHGWMU6NnEUp4vTxylxhjhjfE2cKb42zhxfFyfi6+Ms8Q1x1vjGOFucPc4R54xzxbnjPLGNKXYxx3GcN84XJ+Ob4vzxzXGBuGBcKC4c+7hIXDS+JS4WF49LxLfGJePb4lLx7XHpuEz8yH3l4jvi8vGdcYW4YlwpviuuHFeJq8bV4rvj6vE9cY343rhmfF9cIr4/rh0/ENeJH4zrxg/F9eKH4/rxI3GD+NG4Ydwobhw3iZvGj8XN4sfj5nGLuGX8RNwqfjJuHT8Vt4mfjtvGz/zu8R5xz7hX/FL8UhzCvXpBcmFyUfKD5OLkkmRq8sPk0uRHyWXJ5ckVyZXJVcnVyTXJtcl1yfXJDcmNyU3Jzcktya3JEKqlB49eee2Nj3w6n96n+Aw+o7/GZ/LX+sz+Op/w1/ss/gaf1d/os/nsPofP6XP53D6Pt5688+xjn9fn80l/k8/vb/YFfEFfyBf23hfxRX0T39Q39c384765b+Fb+if8E/5J/6R/yj/ln/Zt/TO+nf+Tb++f9R38c/45/7zv5Dv7Lv4F39W/6Lv57r6H7+F7+V6+t+/t+/q+vr/v7wf4AX6gH+gH+UF+iB/ih/qhfpgf5of74X6kH+lH+VF+jB/jx/lxfoKf4Cf6iX6Sn+Qn+8l+qp/qp/vpfqaf6Wf5WX6On+PnFpjr5/l5foFf4Bf5RX6xX+xTfapf6pf6ZX6ZX+FX+FV+lV/j1/h1fp3f4Df4TX6T3+K3+G1+m9/ut/udfqff7Xf7vX6v3+f3+f1+vz/gD/iD/qA/5A/5w/5Lf8R/5Y/6r/0x/40/7r/1J/x3/qQ/5U/77/0Z/4M/68/58/5Hf8H/5C/6n/0lH/yExFuJiYm3E5MS7yQmJ6YkpiamJaYnZiRmJt5NzErMTsxJvJeYm3g/MS8xP7EgsTCxKPFBYnFiSSI18WFiaeKjxLLE8sSKxMrEqsTqRAi5t8chb8gXkuGmkD/cHAqEgqFQKBx8KBKKhltCsVA8lAi3hpLhtlAq3B5KhzKhbHg0NAyNQuPQJDQNj4Vm4fHQPLQILcMToVV4MrQOT4U24enQNjwT2oU/hfbh2dAhPBc6hudDp9A5dAkvhK7hxdAtdA89Qs/QK7wUeoc+oW/oF/qHl8OA8EoYGF4Ng8LgMCS8FoaG18Ow8EYYHkaEkeHNMCqMDmPC2DAujA8TwlthYng7TArvhMlhSpgapoXpYUaYGd4Ns8LsMCe8F+aG98O8MD8sCAvDovBBWByWhNTwYVgaPgrLwvKwIqwMq8LqsCasDevC+rAhbAybwuawJWwN28LHYXvYEXaGXWF32BP2hk/CvvBp2B8+CwfC5+Fg+HM4FL4Ih8OX4Uj4KhwNX4dj4ZtwPHwbToTvwslwKpwO34cz4YdwNpwL58OP4UL4KVwMP4dL8jdrQgghhBD/LVuy/fPjPf/B59Sv67JeAHDtjpxH/va4BoBNv9bto3K1SgDA0907PvTXVblyjx49fn3sMg1RvvkAkLiS/8tvbH6Nl0NLeBLaQAso9g/766M6X+DfqZ+8DSDj3+SkwJX4Sv3i/0X9x54YubhUfD7LP6k/H6BAvis5GeBKfKV+if+ifvZmv9N/hi8mADT/m5xMcCW+Ur8oPA7PQJu/e6QQQgghhBBCCPEXfVTZ9r93/3z5/jyXuZKTHq7Ev3d/LoQQQgghhBBCiKvv2c5dnnqsTZsW7WUjG9n8T21Cd4D/D9r4I5ur/ZNJCCGEEEII8e925aL/ancihBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKkXf8v/p3Y1T5HIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQ4mr7XwEAAP//RQ42MA==")
write$binfmt_script(r1, &(0x7f00000008c0), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)

12.170123412s ago: executing program 0:
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x20000012}, 0x0)
ptrace(0x10, 0x1)
r0 = inotify_init1(0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000380)={0x0, <r1=>0x0})
ptrace$getenv(0xd, r1, 0x0, &(0x7f0000000000))

8.33837986s ago: executing program 4:
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x8, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8c18cffb703000008000000b7040000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000011c0)=ANY=[@ANYBLOB="12010001090003206d0414c340000000000109022400010000a000090400000103010100092100080001220300090581"], 0x0)
r2 = fsopen(&(0x7f0000000040)='sockfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0x8, 0x8}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000700)={{r3}, &(0x7f0000000680), &(0x7f00000006c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
r6 = fsmount(r2, 0x0, 0x0)
fsconfig$FSCONFIG_SET_PATH(r2, 0x3, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0xffffffffffffffff, r6)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
r8 = syz_pidfd_open(0x0, 0x0)
pidfd_getfd(r8, r5, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000bc0)={0x24, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\f'], 0x0, 0x0, 0x0}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r9}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040))
r11 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000005c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000001840)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r11}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1b}}, {}, [@snprintf={{}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x5}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5, 0x1, 0xb, 0x8, 0xa, 0x4}, {0x7, 0x0, 0x0, 0x8}, {0x7, 0x1, 0xb, 0x0}, {0x7, 0x0, 0x0, 0x0}, {}, {0x18, 0x2, 0x2, 0x0, r10}, {}, {0x46, 0x0, 0x0, 0x76}}], {{}, {0x6, 0x0, 0xb, 0x8}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

5.329031912s ago: executing program 4:
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, 0x0, 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f00000000c0), 0x12)
r0 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_int(r0, &(0x7f0000000080)='cpuset.mems\x00', 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
r1 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r1, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

4.111640309s ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r1=>r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
open(&(0x7f00009e1000)='./file0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x1, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x44)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f0000001800)=[{{&(0x7f00000004c0)=@sco={0x1f, @fixed}, 0x80, &(0x7f00000007c0)=[{&(0x7f0000000540)=""/229, 0xe5}, {&(0x7f00000006c0)=""/195, 0xc3}, {&(0x7f0000000400)=""/2, 0x2}], 0x3, &(0x7f0000000800)=""/102, 0x66}, 0x2}, {{&(0x7f0000000880)=@l2, 0x80, &(0x7f0000000bc0)=[{0x0}, {&(0x7f0000000a00)=""/57, 0x39}, {&(0x7f0000000b00)=""/184, 0xb8}], 0x3, &(0x7f0000000c00)=""/188, 0xbc}, 0x2}, {{0x0, 0x0, &(0x7f0000000ec0)=[{&(0x7f0000000cc0)=""/236, 0xec}, {&(0x7f0000000dc0)=""/53, 0x35}, {&(0x7f0000000e00)=""/41, 0x29}, {&(0x7f0000000e40)=""/101, 0x65}], 0x4}, 0x8}, {{&(0x7f0000000f00)=@tipc=@id, 0x80, &(0x7f00000010c0)=[{&(0x7f0000000f80)=""/156, 0x9c}, {&(0x7f0000001040)=""/100, 0x64}], 0x2, &(0x7f0000001100)=""/232, 0xe8}, 0x2}, {{&(0x7f0000001200)=@caif=@dbg, 0x80, &(0x7f0000001340)=[{&(0x7f0000001280)=""/187, 0xbb}], 0x1, &(0x7f0000002100)=""/4096, 0x1000}, 0xffff8001}, {{&(0x7f0000001380)=@pptp={0x18, 0x2, {0x0, @loopback}}, 0x80, &(0x7f00000015c0)=[{&(0x7f0000001400)=""/145, 0x91}, {&(0x7f00000014c0)=""/16, 0x10}, {&(0x7f0000001500)=""/176, 0xb0}], 0x3, &(0x7f0000001600)=""/68, 0x44}, 0x40}, {{0x0, 0x0, &(0x7f0000001700)=[{&(0x7f0000001680)=""/114, 0x72}], 0x1, &(0x7f0000001740)=""/132, 0x84}, 0x101}], 0x7, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000000d32a2eff000040"])
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x1d, &(0x7f00000001c0)=ANY=[@ANYRES16=r4, @ANYRES64=r0], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x3b}, 0x90)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(0xffffffffffffffff, 0xc0406619, &(0x7f0000000240)={@desc={0x1, 0x0, @desc2}})
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@index_on}]})
socket(0xa, 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000280)=ANY=[@ANYRESOCT=r1])

3.523584879s ago: executing program 1:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
ioctl$sock_SIOCSIFBR(0xffffffffffffffff, 0x8941, &(0x7f0000000240)=@add_del={0x2, &(0x7f00000000c0)='wg2\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syncfs(r1)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0x0, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdir(&(0x7f00000002c0)='./bus\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)

3.148051257s ago: executing program 2:
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000000600)=[{{&(0x7f0000000340)=@nfc_llcp={0x27, 0x0, 0xffffffffffffffff, 0x0, 0x8, 0x0, "2c638dddfd0e7ad0f5601ffc03bd06088d58c1167b4b070bd671d1435fd561de44c7305e54c8f08a6ae0e1eec4e3c513cc242e82cfa473ceb163cf9a74cdb9", 0x1c}, 0x80, 0x0}}], 0x1, 0x0)
r0 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r0, &(0x7f0000000000)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x2c}}}, 0x1e)
connect$pptp(r0, &(0x7f0000000040)={0x18, 0x2, {0x0, @multicast1}}, 0x1e)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
socket$key(0xf, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0}, 0x90)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r3, 0x40047438, &(0x7f0000000180)=""/246)
writev(r3, &(0x7f0000000440)=[{&(0x7f0000000280)="c021", 0x2}], 0x1)

3.100990364s ago: executing program 2:
mknod(&(0x7f0000000480)='./file0\x00', 0x8000, 0x1733)
r0 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x13000)=nil, 0x13000, 0x0, 0x10, r0, 0x0)

3.086072206s ago: executing program 2:
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
fallocate(r0, 0x0, 0x0, 0x801ffff)
chmod(&(0x7f0000000040)='./file0\x00', 0x0)
clock_nanosleep(0x0, 0x0, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0/file0\x00', 0x0, 0x0)

3.069015389s ago: executing program 2:
futex(&(0x7f0000000700)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0)
rt_sigreturn()
timer_create(0x0, &(0x7f0000004040)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000004080))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
syz_read_part_table(0x401f, &(0x7f0000000000)="$eJzs0DEOAUEUBuB/NqKgUbuERk2UjrKNTqLRuIrKMSQaB3EBJ9CMZElIVuv7mvlnMjMv741vp1WSMttu2l1eNJ28bJKSZF73Jf/nvedrsjgnGfX5pDvUtPcvNycfzveHGoZ96j4N6ro+Ti+/vAcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAwAAACDM3zqP9gMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEsBAAD//4IoCls=")
memfd_create(&(0x7f00000023c0)='\xff-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa2Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xbb\x8d\xac\xacva}knh#\x01)\x0f\xc8\xc0:\x9cc\x02d\xee\xa9\x8bcc\xad\x89\x9ck\xde\x05\x00\x00\x00UE\xc98M\xcd\xfb\xcc\x97\xb4\v\xa9=\xcd\xf7\xe5\x99\t~\xb90a\xa9\xb2\x04K\x98\x93=\x88\x00\xf7\xd6\x1d\xa1\xce\x8b\x19\xea\xef\xe3\xab\x00\xa5\xc24\xd6\xfe7\x0f', 0x0)
pipe2$9p(&(0x7f0000004100)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RSETATTR(r0, &(0x7f0000000000)={0x7}, 0x69ff9a93bfc25838)
r1 = dup(r0)
write$cgroup_int(r1, 0x0, 0x0)

3.008807318s ago: executing program 2:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000640)=ANY=[@ANYBLOB="1201000000000010c41090ea400000000001090224000100000000090400000103010000092100000001220500090581"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000380)={0x24, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="002205"], 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000340)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="200125"], 0x0})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000001780)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095000000000000002d55710c64e30cd8655910b3eb2d1451a6bf4b04dc0af703f4c87963ba1424815f140290fb3f659193ae297fdcd50b6dc8d41d9568a55e58cc6514e272e53a081168e74d7189f0e655f66e08f0e108968d80ea3cac636aa60bea16f5e27d5761f66d99ca89ad8cf4e13a2013988c4222d7cf1ff8682043d3d6f16b20de6f1ea6691dcee8e86fa2109aa7898fe15f2c973463c482db5da9926d158ee55592221796e273ccf22a74e8dd3674739087015098b80e9842e82aa484b0247773b358f02338ba5950707984fb201d101bfd1f78b0ea4f397c22d94b5a34491cf3f671af9dac07000000f8d960358d99d506f9b3f52ce15d0cf72083819b4a3a6dfe62b510150dfe25ef1caf21e26954118b0c2dea8b744bed8de035a056fa2d0f7370b9df062c204e99c715c5c544f5c74625ea73c563000000c1fcb5a25271"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x22}, 0x44)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000440)={0x2c, 0x0, 0x0, 0x0, &(0x7f00000003c0), 0x0})

2.642200764s ago: executing program 1:
pwritev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000140)="2ab5e89383d9845a9848bcb0101f056aaa7f08c7168a49c717c2e2e1b1e01263e235c7290ff1a29a9c36368640a2308bf50ae9d405c1793f1352d1070fdff42cd5a63ca56b17ebdafb626e622ae508b80e305d75c795eaeb0891bc5b16a77ee2e7115a93d0f9f8681ff5f1f1d961a75a6544498aea62dfc07fb14efbcb6b214af360db736d2073e865763495c0c6e894167c25718707a40cd824cd93d990e478e2e0dfa809bfefb815004243a8178e94256841c31298a2520dc8e463783d7cdebb5b3de9fdd2c88b20662330d72b", 0xce}], 0x1, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
getpeername(r0, &(0x7f0000000200)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r1=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, &(0x7f0000008540)=0x80)
close(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0xb, 0x4, @tid=r2}, &(0x7f0000000240))
openat$tun(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000100)={{}, {0x0, 0x989680}}, 0x0)

2.633224896s ago: executing program 1:
gettid()
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000080), 0x8)
readv(r0, 0x0, 0x0)
close(r0)
open$dir(0x0, 0x0, 0x0)
rt_sigreturn()
futex(&(0x7f0000000700)=0x2, 0x0, 0x2, &(0x7f0000000740)={0x0, 0x3938700}, 0x0, 0x0)
rt_sigreturn()
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
syz_open_pts(0xffffffffffffffff, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x541b, 0x0)

2.573985415s ago: executing program 1:
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x63b3}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

2.563250216s ago: executing program 1:
r0 = syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000102f17370000000000000109022d00010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000e80)={0x24, 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB="002205"], 0x0}, 0x0)

2.319103703s ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r1=>r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
open(&(0x7f00009e1000)='./file0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x1, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x44)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f0000001800)=[{{&(0x7f00000004c0)=@sco={0x1f, @fixed}, 0x80, &(0x7f00000007c0)=[{&(0x7f0000000540)=""/229, 0xe5}, {&(0x7f00000006c0)=""/195, 0xc3}, {&(0x7f0000000400)=""/2, 0x2}], 0x3, &(0x7f0000000800)=""/102, 0x66}, 0x2}, {{&(0x7f0000000880)=@l2, 0x80, &(0x7f0000000bc0)=[{0x0}, {&(0x7f0000000a00)=""/57, 0x39}, {&(0x7f0000000b00)=""/184, 0xb8}], 0x3, &(0x7f0000000c00)=""/188, 0xbc}, 0x2}, {{0x0, 0x0, &(0x7f0000000ec0)=[{&(0x7f0000000cc0)=""/236, 0xec}, {&(0x7f0000000dc0)=""/53, 0x35}, {&(0x7f0000000e00)=""/41, 0x29}, {&(0x7f0000000e40)=""/101, 0x65}], 0x4}, 0x8}, {{&(0x7f0000000f00)=@tipc=@id, 0x80, &(0x7f00000010c0)=[{&(0x7f0000000f80)=""/156, 0x9c}, {&(0x7f0000001040)=""/100, 0x64}], 0x2, &(0x7f0000001100)=""/232, 0xe8}, 0x2}, {{&(0x7f0000001200)=@caif=@dbg, 0x80, &(0x7f0000001340)=[{&(0x7f0000001280)=""/187, 0xbb}], 0x1, &(0x7f0000002100)=""/4096, 0x1000}, 0xffff8001}, {{&(0x7f0000001380)=@pptp={0x18, 0x2, {0x0, @loopback}}, 0x80, &(0x7f00000015c0)=[{&(0x7f0000001400)=""/145, 0x91}, {&(0x7f00000014c0)=""/16, 0x10}, {&(0x7f0000001500)=""/176, 0xb0}], 0x3, &(0x7f0000001600)=""/68, 0x44}, 0x40}, {{0x0, 0x0, &(0x7f0000001700)=[{&(0x7f0000001680)=""/114, 0x72}], 0x1, &(0x7f0000001740)=""/132, 0x84}, 0x101}], 0x7, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000000d32a2eff000040"])
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x1d, &(0x7f00000001c0)=ANY=[@ANYRES16=r4, @ANYRES64=r0], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x3b}, 0x90)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(0xffffffffffffffff, 0xc0406619, &(0x7f0000000240)={@desc={0x1, 0x0, @desc2}})
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@index_on}]})
socket(0xa, 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000280)=ANY=[@ANYRESOCT=r1])

1.405821354s ago: executing program 4:
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x89}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7)
r0 = getpid()
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x8, 0x10001, 0x9, 0x1}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r3}, 0x10)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x2)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000100)={0x3, &(0x7f0000000140)=[{0x5, 0x1}, {0x35, 0x0, 0x0, 0xe12b}, {0x16, 0x3f}]})

1.249460148s ago: executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r2, &(0x7f0000000180), 0x40010)

1.186527708s ago: executing program 3:
socket$nl_route(0x10, 0x3, 0x0)
listen(0xffffffffffffffff, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
listen(0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
close(0xffffffffffffffff)
tkill(0x0, 0x0)
rt_tgsigqueueinfo(0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r0, 0xffffffffffffffff, 0x1, 0x0, @void}, 0x10)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x4}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000048500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x20040, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r3, &(0x7f0000003700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000020000008100000008000300", @ANYRES32=r5, @ANYBLOB="060066008e88000020003300088100000802110000000802110000010802110000010000000000000a000600"], 0x50}}, 0x0)

1.176032319s ago: executing program 3:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
ioctl$sock_SIOCSIFBR(0xffffffffffffffff, 0x8941, &(0x7f0000000240)=@add_del={0x2, &(0x7f00000000c0)='wg2\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syncfs(r1)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0x0, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdir(&(0x7f00000002c0)='./bus\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)

548.481436ms ago: executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000090000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_dev$evdev(&(0x7f0000000700), 0x0, 0x0)
ioctl$EVIOCGRAB(r4, 0x40044590, &(0x7f0000000040))

521.53622ms ago: executing program 4:
socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000400)={{{@in6=@loopback, @in=@empty}}, {{@in6=@private2}, 0x0, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4}}, 0xe8)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[@ANYBLOB="3401000016008502000000000000000020010000000000000000000000000002e000000200"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000032"], 0x134}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="a4010000160001000000000000000000fe8000000000000000000000000000bbfc0100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000aa0000000033"], 0x1a4}}, 0x0)

484.211705ms ago: executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000300)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000300))
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x7, &(0x7f0000000240)=ANY=[@ANYRES32=r5], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='itimer_state\x00', r6}, 0xf)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
socket$packet(0x11, 0x0, 0x300)
sendmsg$nl_xfrm(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000500)=@delpolicy={0x5c, 0x14, 0x1, 0x0, 0x0, {{@in=@dev, @in=@local}}, [@sec_ctx={0xc, 0x8, {0x8}}]}, 0x5c}}, 0x0)
r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
dup(r8)
r9 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$setperm(0x5, r9, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

191.43874ms ago: executing program 3:
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f00000001c0)=ANY=[@ANYRESDEC=0x0], 0x97, 0x2a9, &(0x7f0000000500)="$eJzs3T9ra2UYAPDnpGkSdEgEJxE8oINTabu6pEgLxUxKBnXQYluQJggtFPyDsZOri6OriyC4+SVc/AaCq+BmwcKRk5xjkt40N+m9ae+f32/p2/c8z3ue9/QtpcN58vGr/ZPDNI4vvvojGo0kKu1ox2USrahE6ZuY0v4uAICn2WWWxd/ZyDJ5SUQ0VlcWALBCS//9/2XlJQEAK/be+x+8s9Pp7L6bpo3Y63973s3/s8+/jq7vHMen0Yuj2IxmXEVk/xuN97IsG1TTXCve6A/Ou3lm/6PfivV3/ooY5m9FM1rDqen8/c7uVjoykT/I63ihuH87z9+OZrw84/77nd3tGfnRrcWbr0/UvxHN+P2T+Cx6cTgsYpQflYivt9L07ez7f778MC8vz08G5936MG4sW7vjHw0AAAAAAAAAAAAAAAAAAAAAAM+wjaJ3Tj2G/XvyqaL/ztpV/s16pKXWdH+eUX5SLnStP9Agix/K/jybaZpmReA4vxqvVKN6P7sGAAAAAAAAAAAAAAAAAACAJ8vZ51+cHPR6R6ePZVB2Ayhf67/tOu2JmddifnB9fK9KMZyzcqyVMUnE3DLyTSxc879F24PbPbqXbqr5p58XXufHh++9GKwvEPOIg/J0nRwks59hPcqZRnlIfp2MqcWC96rddClb6vjVZl5qLr332ovDwWBOTCTzCnvrz9GTK2aS67uoDZ/qzPT1YjCRPh3TWPw8578pD0h06wAAAAAAAAAAAAAAAAAAgJUav/Q74+LF3NRKVl9ZWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwp8af/7/EYFAkLxBci9Oze94iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz4H/AgAA///uD2MO")
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
open(0x0, 0x0, 0x0)
creat(0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x24, 0x24, 0xf1d, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0x6}, {0xfff1, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@gettfilter={0x24, 0x25, 0x6ce324a938346939, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xf}, {0x0, 0xffff}}}, 0x24}}, 0x0)
r4 = socket$inet6(0xa, 0x0, 0x0)
setsockopt$sock_linger(r4, 0x1, 0x3c, 0x0, 0x0)
write$P9_RREAD(0xffffffffffffffff, 0x0, 0xb)

25.941455ms ago: executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000000000)={@empty}, 0x20)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
r1 = socket(0xa, 0x2, 0x3a)
sendmsg$NL80211_CMD_SET_STATION(r1, &(0x7f0000000240)={&(0x7f0000000000)={0xa}, 0x1c, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="80000000", @ANYRES16=0x0, @ANYBLOB="cdcf06960000000000001200000008000300", @ANYRES32=0x0, @ANYBLOB="0c00990000000000000000000500e40000000000060014010000000006001200000000000a000600ffffffffffff00001c001180040004000400040004000600040001000400020004000500060014010000000006003600000000000500c20000000000"], 0x5dc}, 0x5}, 0x0)

0s ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0xa, 0x4, 0x4, 0x4, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008230000b7040000000000008500000001000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000060ff850000000400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='ext4_ext_remove_space_done\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.current\x00', 0x7a05, 0x1700)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.80' (ED25519) to the list of known hosts.
2024/06/09 11:06:18 fuzzer started
2024/06/09 11:06:18 dialing manager at 10.128.0.163:30008
[   21.196315][   T30] audit: type=1400 audit(1717931178.601:66): avc:  denied  { node_bind } for  pid=283 comm="syz-fuzzer" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   21.216613][   T30] audit: type=1400 audit(1717931178.601:67): avc:  denied  { name_bind } for  pid=283 comm="syz-fuzzer" src=6060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   21.258680][   T30] audit: type=1400 audit(1717931178.671:68): avc:  denied  { integrity } for  pid=292 comm="syz-executor" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1
[   21.262935][  T292] cgroup: Unknown subsys name 'net'
[   21.293428][   T30] audit: type=1400 audit(1717931178.671:69): avc:  denied  { mounton } for  pid=292 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   21.316045][   T30] audit: type=1400 audit(1717931178.671:70): avc:  denied  { mount } for  pid=292 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   21.316090][  T292] cgroup: Unknown subsys name 'devices'
[   21.338522][   T30] audit: type=1400 audit(1717931178.701:71): avc:  denied  { setattr } for  pid=297 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   21.366730][   T30] audit: type=1400 audit(1717931178.701:72): avc:  denied  { mounton } for  pid=300 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   21.372970][  T296] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   21.400215][   T30] audit: type=1400 audit(1717931178.701:73): avc:  denied  { mount } for  pid=300 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   21.423342][   T30] audit: type=1400 audit(1717931178.701:74): avc:  denied  { unmount } for  pid=292 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   21.443035][   T30] audit: type=1400 audit(1717931178.811:75): avc:  denied  { relabelto } for  pid=296 comm="mkswap" name="swap-file" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   21.471515][  T293] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   21.568739][  T292] cgroup: Unknown subsys name 'hugetlb'
[   21.574181][  T292] cgroup: Unknown subsys name 'rlimit'
2024/06/09 11:06:19 starting 5 executor processes
[   23.470627][  T310] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.477504][  T310] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.484642][  T310] device bridge_slave_0 entered promiscuous mode
[   23.495403][  T311] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.502317][  T311] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.509392][  T311] device bridge_slave_0 entered promiscuous mode
[   23.515967][  T311] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.523041][  T311] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.530279][  T311] device bridge_slave_1 entered promiscuous mode
[   23.539582][  T310] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.546409][  T310] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.553654][  T310] device bridge_slave_1 entered promiscuous mode
[   23.631364][  T312] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.638235][  T312] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.645311][  T312] device bridge_slave_0 entered promiscuous mode
[   23.662406][  T312] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.669250][  T312] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.676396][  T312] device bridge_slave_1 entered promiscuous mode
[   23.682747][  T314] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.689589][  T314] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.696880][  T314] device bridge_slave_0 entered promiscuous mode
[   23.704887][  T314] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.711747][  T314] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.718919][  T314] device bridge_slave_1 entered promiscuous mode
[   23.756482][  T313] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.763365][  T313] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.770500][  T313] device bridge_slave_0 entered promiscuous mode
[   23.789254][  T313] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.796083][  T313] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.803323][  T313] device bridge_slave_1 entered promiscuous mode
[   23.909586][  T311] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.916427][  T311] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.923746][  T311] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.930586][  T311] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.943053][  T310] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.949901][  T310] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.956985][  T310] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.963796][  T310] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.989062][  T314] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.995895][  T314] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.003026][  T314] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.009794][  T314] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.034545][  T312] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.041383][  T312] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.048476][  T312] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.055256][  T312] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.075119][  T313] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.082052][  T313] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.089144][  T313] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.095924][  T313] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.117558][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[   24.124691][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[   24.131847][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.138825][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.145880][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[   24.153101][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[   24.160068][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.167111][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.174092][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[   24.181089][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.188590][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   24.195881][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   24.230263][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   24.238156][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   24.245918][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   24.253912][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.260748][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.268189][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   24.276056][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.282888][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.289950][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   24.297842][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.304665][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.311848][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   24.319542][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   24.327706][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.334534][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.341736][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   24.348962][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   24.356093][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   24.364063][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   24.371963][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.378708][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.385817][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   24.393523][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   24.401510][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.408260][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.438309][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   24.445881][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   24.454355][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   24.462129][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   24.470545][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.477389][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.484598][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   24.492476][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.499306][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.506417][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   24.514175][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   24.527565][  T311] device veth0_vlan entered promiscuous mode
[   24.543682][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   24.551495][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   24.559792][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   24.567882][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   24.575772][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.582542][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.589674][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   24.597704][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   24.605615][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.612483][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.619604][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   24.627386][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   24.645467][  T310] device veth0_vlan entered promiscuous mode
[   24.661152][  T311] device veth1_macvtap entered promiscuous mode
[   24.667701][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   24.674842][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   24.682926][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   24.690803][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   24.698470][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   24.706218][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   24.714196][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   24.722291][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   24.730316][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   24.738020][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   24.745735][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   24.753894][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   24.761974][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   24.769856][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   24.777563][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   24.785417][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   24.793548][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   24.805494][  T314] device veth0_vlan entered promiscuous mode
[   24.818631][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   24.825941][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   24.833342][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   24.841055][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   24.848780][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   24.856837][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   24.864957][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.872948][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.881187][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   24.889092][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   24.897216][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   24.904453][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   24.915612][  T312] device veth0_vlan entered promiscuous mode
[   24.922178][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.930414][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.938556][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   24.946168][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   24.966703][  T312] device veth1_macvtap entered promiscuous mode
[   24.986615][  T310] device veth1_macvtap entered promiscuous mode
[   24.993068][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   25.000933][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   25.008166][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   25.015358][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   25.023296][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   25.031220][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   25.038702][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   25.046797][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   25.060412][  T313] device veth0_vlan entered promiscuous mode
[   25.066883][  T314] device veth1_macvtap entered promiscuous mode
[   25.077709][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   25.086011][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   25.094019][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   25.101912][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   25.109678][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   25.117599][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   25.125620][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   25.133781][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   25.141893][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   25.162898][  T313] device veth1_macvtap entered promiscuous mode
[   25.179173][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   25.186339][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   25.197799][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   25.205844][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   25.227332][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   25.235401][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   25.243590][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   25.257306][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   25.267640][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   25.275666][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   25.283869][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   25.291935][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   25.325262][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   25.333772][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   25.343301][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   25.351497][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   25.524667][  T350] process 'syz-executor.4' launched './file1' with NULL argv: empty string added
[   25.526762][  T349] loop1: detected capacity change from 0 to 256
[   25.604142][  T349] FAT-fs (loop1): Directory bread(block 64) failed
[   25.610656][  T333] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   25.618081][  T349] FAT-fs (loop1): Directory bread(block 65) failed
[   25.624706][  T349] FAT-fs (loop1): Directory bread(block 66) failed
[   25.631565][  T349] FAT-fs (loop1): Directory bread(block 67) failed
[   25.642558][  T349] FAT-fs (loop1): Directory bread(block 68) failed
[   25.651250][  T349] FAT-fs (loop1): Directory bread(block 69) failed
[   25.659684][  T349] FAT-fs (loop1): Directory bread(block 70) failed
[   25.666243][  T349] FAT-fs (loop1): Directory bread(block 71) failed
[   25.673046][  T349] FAT-fs (loop1): Directory bread(block 72) failed
[   25.680778][  T349] FAT-fs (loop1): Directory bread(block 73) failed
[   25.807087][   T20] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   25.877060][  T333] usb 3-1: Using ep0 maxpacket: 16
[   25.907105][  T342] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   26.079386][  T333] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   26.091654][  T333] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   26.110236][  T333] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[   26.119893][  T333] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   26.130150][  T333] usb 3-1: config 0 descriptor??
[   26.167962][  T333] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[   26.177084][   T20] usb 5-1: Using ep0 maxpacket: 16
[   26.214947][   T30] kauditd_printk_skb: 66 callbacks suppressed
[   26.214958][   T30] audit: type=1326 audit(1717931183.621:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=347 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39204cdf69 code=0x7fc00000
[   26.246215][   T30] audit: type=1400 audit(1717931183.621:143): avc:  denied  { unmount } for  pid=313 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   26.305026][   T30] audit: type=1400 audit(1717931183.711:144): avc:  denied  { create } for  pid=362 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   26.332436][   T30] audit: type=1400 audit(1717931183.711:145): avc:  denied  { bind } for  pid=362 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   26.352007][   T30] audit: type=1400 audit(1717931183.711:146): avc:  denied  { setopt } for  pid=362 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   26.467113][  T342] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   26.478016][  T342] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   26.547070][   T30] audit: type=1400 audit(1717931183.941:147): avc:  denied  { create } for  pid=364 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   26.567927][   T30] audit: type=1400 audit(1717931183.941:148): avc:  denied  { connect } for  pid=364 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   26.588110][   T30] audit: type=1400 audit(1717931184.001:149): avc:  denied  { read } for  pid=82 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   26.598102][   T20] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[   26.619897][  T342] usb 1-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[   26.628770][  T342] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   26.636567][   T20] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   26.644740][   T20] usb 5-1: Product: syz
[   26.648986][  T342] usb 1-1: config 0 descriptor??
[   26.654080][   T20] usb 5-1: Manufacturer: syz
[   26.658627][   T20] usb 5-1: SerialNumber: syz
[   26.669591][   T20] usb 5-1: config 0 descriptor??
[   26.727737][   T20] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[   26.737371][   T20] usb 5-1: Detected FT232H
[   26.825318][  T369] loop3: detected capacity change from 0 to 40427
[   26.918856][  T369] F2FS-fs (loop3): Found nat_bits in checkpoint
[   26.937194][   T20] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[   26.951742][  T369] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2
[   26.958878][  T369] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   26.966378][   T30] audit: type=1400 audit(1717931184.371:150): avc:  denied  { mount } for  pid=368 comm="syz-executor.3" name="/" dev="loop3" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   26.988805][   T30] audit: type=1400 audit(1717931184.391:151): avc:  denied  { write } for  pid=368 comm="syz-executor.3" name="/" dev="loop3" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   27.011110][  T311] attempt to access beyond end of device
[   27.011110][  T311] loop3: rw=2049, want=45104, limit=40427
[   27.149673][  T342] isku 0003:1E7D:319C.0001: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.0-1/input0
[   27.227114][   T20] ftdi_sio 5-1:0.0: GPIO initialisation failed: -5
[   27.247316][   T20] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[   27.298274][  T378] loop3: detected capacity change from 0 to 40427
[   27.358122][  T342] isku 0003:1E7D:319C.0001: couldn't init struct isku_device
[   27.365336][  T342] isku 0003:1E7D:319C.0001: couldn't install keyboard
[   27.372560][  T342] isku: probe of 0003:1E7D:319C.0001 failed with error -5
[   27.420145][  T378] F2FS-fs (loop3): Found nat_bits in checkpoint
[   27.457320][  T378] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2
[   27.463977][  T378] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   27.485718][  T311] attempt to access beyond end of device
[   27.485718][  T311] loop3: rw=2049, want=45104, limit=40427
[   27.496799][    T6] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   27.574427][   T20] usb 1-1: USB disconnect, device number 2
[   27.605951][  T390] input: syz1 as /devices/virtual/input/input4
[   27.618190][  T390] syz-executor.3 (pid 390) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[   27.631589][  T390] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   27.737086][    T6] usb 2-1: Using ep0 maxpacket: 16
[   27.947066][  T333] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   28.067129][    T6] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=d8.08
[   28.078373][    T6] usb 2-1: New USB device strings: Mfr=40, Product=98, SerialNumber=3
[   28.091351][    T6] usb 2-1: Product: syz
[   28.095437][    T6] usb 2-1: Manufacturer: syz
[   28.100487][    T6] usb 2-1: SerialNumber: syz
[   28.105607][    T6] usb 2-1: config 0 descriptor??
[   28.147822][    T6] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[   28.155437][    T6] usb 2-1: Detected FT-X
[   28.187053][  T333] usb 4-1: Using ep0 maxpacket: 16
[   28.307137][  T333] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   28.317865][  T333] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   28.327547][  T333] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   28.340260][  T333] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[   28.349134][  T333] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   28.357268][    T6] ftdi_sio ttyUSB1: Unable to read latency timer: -32
[   28.364366][  T333] usb 4-1: config 0 descriptor??
[   28.435019][  T315] usb 5-1: USB disconnect, device number 2
[   28.443545][  T315] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[   28.447131][   T60] usb 3-1: USB disconnect, device number 2
[   28.482705][  T315] ftdi_sio 5-1:0.0: device disconnected
[   28.880771][  T401] loop4: detected capacity change from 0 to 40427
[   28.886271][    T6] ftdi_sio 2-1:0.0: GPIO initialisation failed: -5
[   28.896761][    T6] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB1
[   28.900075][  T401] F2FS-fs (loop4): Invalid log blocks per segment (5)
[   28.911385][  T333] usbhid 4-1:0.0: can't add hid device: -71
[   28.919562][  T401] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   28.927617][  T333] usbhid: probe of 4-1:0.0 failed with error -71
[   28.949302][  T401] F2FS-fs (loop4): Unrecognized mount option "resgid=/©â“Üû¯¿·™Â×וÓÌEâ!¶Nò‚nåˆÓr‹æŸ€Ø„ZµP¼ßqo³ìø;¸IÛe‡ßCüUOoŽ”|÷ŽÅÒRÑÄZÔðASÃH‡æMï'é!“RŠëȃ%`©^" or missing value
[   28.951601][  T333] usb 4-1: USB disconnect, device number 2
[   28.974826][  T399] usb 2-1: USB disconnect, device number 2
[   28.981808][  T399] ftdi_sio ttyUSB1: FTDI USB Serial Device converter now disconnected from ttyUSB1
[   28.992760][  T399] ftdi_sio 2-1:0.0: device disconnected
[   29.054369][  T401] =======================================================
[   29.054369][  T401] WARNING: The mand mount option has been deprecated and
[   29.054369][  T401]          and is ignored by this kernel. Remove the mand
[   29.054369][  T401]          option from the mount to silence this warning.
[   29.054369][  T401] =======================================================
[   29.247052][    T6] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   29.607084][   T20] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   29.617063][  T333] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   29.637132][    T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   29.647965][    T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   29.657673][    T6] usb 1-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[   29.666590][    T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   29.674952][    T6] usb 1-1: config 0 descriptor??
[   29.787093][  T342] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   29.857062][  T333] usb 4-1: Using ep0 maxpacket: 32
[   29.977106][  T333] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   29.988272][  T333] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   29.998000][  T333] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   30.006833][  T333] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   30.007158][   T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   30.025386][   T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   30.034897][   T20] usb 5-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[   30.043750][   T20] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   30.051497][  T333] hub 4-1:4.0: USB hub found
[   30.053645][   T20] usb 5-1: config 0 descriptor??
[   30.147868][    T6] sony 0003:054C:0268.0002: unknown main item tag 0x0
[   30.154461][    T6] sony 0003:054C:0268.0002: item fetching failed at offset 1/5
[   30.162326][    T6] sony 0003:054C:0268.0002: parse failed
[   30.167824][    T6] sony: probe of 0003:054C:0268.0002 failed with error -22
[   30.197109][  T342] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   30.207880][  T342] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   30.217420][  T342] usb 2-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[   30.226195][  T342] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   30.235119][  T342] usb 2-1: config 0 descriptor??
[   30.257220][  T333] hub 4-1:4.0: 2 ports detected
[   30.355141][    T6] usb 1-1: USB disconnect, device number 3
[   30.558250][   T20] sony 0003:054C:0268.0003: unknown main item tag 0x0
[   30.564933][   T20] sony 0003:054C:0268.0003: item fetching failed at offset 1/5
[   30.572633][   T20] sony 0003:054C:0268.0003: parse failed
[   30.578141][   T20] sony: probe of 0003:054C:0268.0003 failed with error -22
[   30.697074][  T333] hub 4-1:4.0: set hub depth failed
[   30.728161][  T342] sony 0003:054C:0268.0004: unknown main item tag 0x0
[   30.734883][  T342] sony 0003:054C:0268.0004: item fetching failed at offset 1/5
[   30.738445][  T333] usb 4-1: USB disconnect, device number 3
[   30.742556][  T342] sony 0003:054C:0268.0004: parse failed
[   30.753568][  T342] sony: probe of 0003:054C:0268.0004 failed with error -22
[   30.766441][  T342] usb 5-1: USB disconnect, device number 3
[   30.928508][   T20] usb 2-1: USB disconnect, device number 3
[   31.305063][  T437] loop4: detected capacity change from 0 to 1024
[   31.327157][    T6] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   31.340630][  T437] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   31.351134][  T437] ext4 filesystem being mounted at /root/syzkaller-testdir659321020/syzkaller.aHd52B/4/file1 supports timestamps until 2038 (0x7fffffff)
[   31.370282][   T30] kauditd_printk_skb: 245 callbacks suppressed
[   31.370295][   T30] audit: type=1400 audit(1717931188.781:397): avc:  denied  { read write } for  pid=436 comm="syz-executor.4" name="file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   31.400171][   T30] audit: type=1400 audit(1717931188.781:398): avc:  denied  { open } for  pid=436 comm="syz-executor.4" path="/root/syzkaller-testdir659321020/syzkaller.aHd52B/4/file1/file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   31.503137][   T20] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   31.617697][   T30] audit: type=1400 audit(1717931189.021:399): avc:  denied  { mount } for  pid=441 comm="syz-executor.1" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[   31.640568][   T30] audit: type=1400 audit(1717931189.021:400): avc:  denied  { remount } for  pid=441 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[   31.660531][   T30] audit: type=1400 audit(1717931189.021:401): avc:  denied  { mounton } for  pid=441 comm="syz-executor.1" path="/root/syzkaller-testdir1395411691/syzkaller.xU8L29/7/file0" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:devpts_t tclass=dir permissive=1
[   31.668678][  T444] loop4: detected capacity change from 0 to 40427
[   31.730535][   T30] audit: type=1326 audit(1717931189.141:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=426 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae55e27f69 code=0x7fc00000
[   31.754533][   T30] audit: type=1326 audit(1717931189.141:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=426 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fae55e27f69 code=0x7fc00000
[   31.778936][   T30] audit: type=1326 audit(1717931189.141:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=426 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae55e27f69 code=0x7fc00000
[   31.802996][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   31.816318][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   31.817566][  T444] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   31.834994][   T30] audit: type=1326 audit(1717931189.141:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=426 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae55e27f69 code=0x7fc00000
[   31.859345][   T30] audit: type=1326 audit(1717931189.141:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=426 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae55e27f69 code=0x7fc00000
[   31.859886][  T444] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   31.891572][    T6] usb 3-1: New USB device found, idVendor=258a, idProduct=6a88, bcdDevice= 0.00
[   31.901212][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   31.933380][    T6] usb 3-1: config 0 descriptor??
[   31.938084][  T444] F2FS-fs (loop4): Found nat_bits in checkpoint
[   31.938332][   T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   31.960037][   T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   31.969897][   T20] usb 4-1: New USB device found, idVendor=258a, idProduct=6a88, bcdDevice= 0.00
[   31.979127][   T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   31.993430][   T20] usb 4-1: config 0 descriptor??
[   31.997859][  T444] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   32.021489][  T444] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   32.028591][  T444] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   32.197165][   T60] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   32.451360][    T6] itetech 0003:258A:6A88.0005: hidraw0: USB HID v0.00 Device [HID 258a:6a88] on usb-dummy_hcd.2-1/input0
[   32.489271][   T20] itetech 0003:258A:6A88.0006: hidraw1: USB HID v0.00 Device [HID 258a:6a88] on usb-dummy_hcd.3-1/input0
[   32.517053][   T60] usb 1-1: Using ep0 maxpacket: 32
[   32.551216][  T455] loop4: detected capacity change from 0 to 40427
[   32.637462][   T60] usb 1-1: config 0 has no interfaces?
[   32.642804][   T60] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   32.651944][   T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   32.657530][    T6] usb 3-1: USB disconnect, device number 3
[   32.666231][   T60] usb 1-1: config 0 descriptor??
[   32.680280][  T455] F2FS-fs (loop4): Found nat_bits in checkpoint
[   32.689421][  T315] usb 4-1: USB disconnect, device number 4
[   32.717335][  T455] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2
[   32.724188][  T455] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   32.747058][  T333] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   32.909949][  T451] loop0: detected capacity change from 0 to 256
[   33.253922][  T333] usb 2-1: Using ep0 maxpacket: 32
[   33.304011][   T39] usb 1-1: USB disconnect, device number 4
[   33.377342][  T333] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   33.396200][  T333] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   33.406070][  T333] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   33.415160][  T333] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   33.458687][  T333] hub 2-1:4.0: USB hub found
[   33.737058][  T333] hub 2-1:4.0: 2 ports detected
[   33.741891][   T60] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   33.773512][  T487] loop4: detected capacity change from 0 to 256
[   33.857413][  T487] loop4: detected capacity change from 256 to 0
[   33.874292][    C1] blk_update_request: I/O error, dev loop4, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   33.885172][  T487] FAT-fs (loop4): Directory bread(block 3) failed
[   33.898522][    C1] blk_update_request: I/O error, dev loop4, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   33.909330][  T312] FAT-fs (loop4): Directory bread(block 3) failed
[   33.923049][    C1] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   33.923137][  T497] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   33.933845][  T312] FAT-fs (loop4): unable to read boot sector to mark fs as dirty
[   34.008371][  T312] syz-executor.4 (312) used greatest stack depth: 20912 bytes left
[   34.074943][  T501] loop3: detected capacity change from 0 to 40427
[   34.097076][  T333] hub 2-1:4.0: set hub depth failed
[   34.127075][   T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   34.138851][  T333] usb 2-1: USB disconnect, device number 4
[   34.144616][   T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   34.157923][   T60] usb 3-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[   34.171398][  T501] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[   34.183945][  T501] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   34.192812][   T60] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   34.205079][   T60] usb 3-1: config 0 descriptor??
[   34.215562][  T501] F2FS-fs (loop3): Found nat_bits in checkpoint
[   34.249204][  T501] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   34.261347][  T501] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[   34.268371][  T501] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   34.282707][  T503] bridge0: port 1(bridge_slave_0) entered blocking state
[   34.290061][  T503] bridge0: port 1(bridge_slave_0) entered disabled state
[   34.297394][  T503] device bridge_slave_0 entered promiscuous mode
[   34.306415][  T503] bridge0: port 2(bridge_slave_1) entered blocking state
[   34.313475][  T503] bridge0: port 2(bridge_slave_1) entered disabled state
[   34.322204][  T503] device bridge_slave_1 entered promiscuous mode
[   34.389518][  T503] bridge0: port 2(bridge_slave_1) entered blocking state
[   34.396466][  T503] bridge0: port 2(bridge_slave_1) entered forwarding state
[   34.403603][  T503] bridge0: port 1(bridge_slave_0) entered blocking state
[   34.410359][  T503] bridge0: port 1(bridge_slave_0) entered forwarding state
[   34.436737][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   34.444483][  T333] bridge0: port 1(bridge_slave_0) entered disabled state
[   34.452560][  T333] bridge0: port 2(bridge_slave_1) entered disabled state
[   34.456964][  T514] loop3: detected capacity change from 0 to 256
[   34.467896][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   34.475798][  T315] bridge0: port 1(bridge_slave_0) entered blocking state
[   34.482558][  T315] bridge0: port 1(bridge_slave_0) entered forwarding state
[   34.492677][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   34.500676][  T333] bridge0: port 2(bridge_slave_1) entered blocking state
[   34.507515][  T333] bridge0: port 2(bridge_slave_1) entered forwarding state
[   34.521852][  T514] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d)
[   34.534705][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   34.544300][   T45] device bridge_slave_1 left promiscuous mode
[   34.550829][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[   34.558883][   T45] device bridge_slave_0 left promiscuous mode
[   34.564792][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[   34.572501][   T45] device veth1_macvtap left promiscuous mode
[   34.578313][   T45] device veth0_vlan left promiscuous mode
[   34.678054][   T60] sony 0003:054C:0268.0007: unknown main item tag 0x0
[   34.684664][   T60] sony 0003:054C:0268.0007: item fetching failed at offset 1/5
[   34.692217][   T60] sony 0003:054C:0268.0007: parse failed
[   34.701765][   T60] sony: probe of 0003:054C:0268.0007 failed with error -22
[   34.727280][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   34.740190][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   34.752033][  T503] device veth0_vlan entered promiscuous mode
[   34.758728][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   34.766681][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   34.775181][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   34.789172][  T503] device veth1_macvtap entered promiscuous mode
[   34.796380][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   34.817455][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   34.838091][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   34.878039][   T60] usb 3-1: USB disconnect, device number 4
[   34.905400][  T535] loop4: detected capacity change from 0 to 16
[   34.967458][  T535] erofs: (device loop4): mounted with root inode @ nid 36.
[   35.169560][  T544] loop4: detected capacity change from 0 to 2048
[   35.187590][  T544]  loop4: p3 < > p4 < >
[   35.191629][  T544] loop4: partition table partially beyond EOD, truncated
[   35.198855][  T544] loop4: p3 start 4284289 is beyond EOD, truncated
[   35.273562][  T544] kvm: emulating exchange as write
[   35.363715][  T398] udevd[398]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   35.667627][  T315] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   35.870765][  T605] syz-executor.3[605] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   35.870833][  T605] syz-executor.3[605] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   35.937071][  T315] usb 5-1: Using ep0 maxpacket: 32
[   35.957190][    T6] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   36.087170][  T315] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   36.108962][  T315] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   36.126303][  T315] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   36.142792][  T315] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   36.197638][  T315] hub 5-1:4.0: USB hub found
[   36.347098][    T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   36.367053][    T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   36.376599][    T6] usb 2-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[   36.385882][    T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   36.397058][    T6] usb 2-1: config 0 descriptor??
[   36.407333][  T315] hub 5-1:4.0: 2 ports detected
[   36.660542][   T30] kauditd_printk_skb: 89 callbacks suppressed
[   36.660556][   T30] audit: type=1400 audit(1717931194.071:496): avc:  denied  { create } for  pid=627 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   36.686944][   T30] audit: type=1400 audit(1717931194.071:497): avc:  denied  { connect } for  pid=627 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   36.827090][  T315] hub 5-1:4.0: set hub depth failed
[   36.879005][    T6] sony 0003:054C:0268.0008: unknown main item tag 0x0
[   36.885953][    T6] sony 0003:054C:0268.0008: item fetching failed at offset 1/5
[   36.894667][  T315] usb 5-1: USB disconnect, device number 4
[   36.909731][    T6] sony 0003:054C:0268.0008: parse failed
[   36.920762][    T6] sony: probe of 0003:054C:0268.0008 failed with error -22
[   37.078965][  T333] usb 2-1: USB disconnect, device number 5
[   37.432046][   T30] audit: type=1326 audit(1717931194.841:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=657 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f260f93df69 code=0x0
[   38.083377][   T30] audit: type=1326 audit(1717931195.491:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=667 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fae55e27f69 code=0x0
[   38.306930][  T690] Zero length message leads to an empty skb
[   38.393492][   T30] audit: type=1400 audit(1717931195.801:500): avc:  denied  { create } for  pid=697 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   38.459235][   T30] audit: type=1400 audit(1717931195.821:501): avc:  denied  { bind } for  pid=697 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   38.523138][   T30] audit: type=1400 audit(1717931195.831:502): avc:  denied  { setopt } for  pid=697 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   38.571942][   T30] audit: type=1400 audit(1717931195.831:503): avc:  denied  { write } for  pid=697 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   38.620416][   T30] audit: type=1400 audit(1717931195.861:504): avc:  denied  { create } for  pid=701 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   38.688480][   T30] audit: type=1400 audit(1717931195.861:505): avc:  denied  { write } for  pid=701 comm="syz-executor.4" path="socket:[15614]" dev="sockfs" ino=15614 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   38.797464][   T20] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   39.077627][   T20] usb 5-1: too many configurations: 9, using maximum allowed: 8
[   39.187070][   T20] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[   39.206140][   T20] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   39.225061][  T722] loop2: detected capacity change from 0 to 256
[   39.229194][   T20] usb 5-1: config 0 interface 0 has no altsetting 0
[   39.297194][  T722] loop2: detected capacity change from 256 to 0
[   39.306332][    C0] blk_update_request: I/O error, dev loop2, sector 80 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   39.317575][    C0] blk_update_request: I/O error, dev loop2, sector 84 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   39.328719][    C0] blk_update_request: I/O error, dev loop2, sector 88 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   39.339813][    C0] blk_update_request: I/O error, dev loop2, sector 92 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   39.350917][    C0] blk_update_request: I/O error, dev loop2, sector 96 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   39.362033][    C0] blk_update_request: I/O error, dev loop2, sector 100 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   39.373312][    C0] blk_update_request: I/O error, dev loop2, sector 104 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   39.384506][    C0] blk_update_request: I/O error, dev loop2, sector 108 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   39.396208][    C0] blk_update_request: I/O error, dev loop2, sector 80 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   39.407064][  T722] FAT-fs (loop2): Directory bread(block 20) failed
[   39.407097][   T20] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[   39.422215][   T20] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   39.432928][    C0] blk_update_request: I/O error, dev loop2, sector 84 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   39.433210][  T722] FAT-fs (loop2): Directory bread(block 21) failed
[   39.443735][   T20] usb 5-1: config 0 interface 0 has no altsetting 0
[   39.479462][  T722] FAT-fs (loop2): Directory bread(block 22) failed
[   39.499332][  T722] FAT-fs (loop2): Directory bread(block 23) failed
[   39.519402][  T722] FAT-fs (loop2): Directory bread(block 24) failed
[   39.527096][   T20] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[   39.535946][  T722] FAT-fs (loop2): Directory bread(block 25) failed
[   39.544549][   T20] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   39.555373][  T722] FAT-fs (loop2): Directory bread(block 26) failed
[   39.568334][  T722] FAT-fs (loop2): Directory bread(block 27) failed
[   39.579901][   T20] usb 5-1: config 0 interface 0 has no altsetting 0
[   39.607982][  T314] FAT-fs (loop2): Directory bread(block 3) failed
[   39.641208][  T730] loop0: detected capacity change from 0 to 256
[   40.946999][    C0] sched: RT throttling activated
[   40.958411][   T20] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[   40.971143][   T20] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   40.984168][   T20] usb 5-1: config 0 interface 0 has no altsetting 0
[   41.998611][  T314] FAT-fs (loop2): unable to read boot sector to mark fs as dirty
[   42.007613][   T20] usb 5-1: unable to read config index 4 descriptor/start: -71
[   42.015076][   T20] usb 5-1: can't read configurations, error -71
[   42.029212][   T30] kauditd_printk_skb: 5 callbacks suppressed
[   42.029237][   T30] audit: type=1400 audit(1717931199.441:511): avc:  denied  { mount } for  pid=742 comm="syz-executor.3" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[   42.095090][   T30] audit: type=1400 audit(1717931199.481:512): avc:  denied  { unmount } for  pid=311 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[   42.188228][   T30] audit: type=1400 audit(1717931199.601:513): avc:  denied  { ioctl } for  pid=746 comm="syz-executor.3" path="socket:[15704]" dev="sockfs" ino=15704 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   42.307699][   T30] audit: type=1326 audit(1717931199.631:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=738 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f39204cdf69 code=0x0
[   42.364776][  T752] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.372723][  T752] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.384038][  T757] loop1: detected capacity change from 0 to 512
[   42.390685][  T752] device bridge_slave_0 entered promiscuous mode
[   42.413448][  T752] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.420529][  T752] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.427926][  T752] device bridge_slave_1 entered promiscuous mode
[   42.449179][  T757] EXT4-fs (loop1): Test dummy encryption mode enabled
[   42.466126][  T757] EXT4-fs error (device loop1): __ext4_iget:4892: inode #11: block 1: comm syz-executor.1: invalid block
[   42.479214][  T757] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz-executor.1: couldn't read orphan inode 11 (err -117)
[   42.495659][  T757] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none.
[   42.582053][  T762] loop1: detected capacity change from 0 to 256
[   42.593600][  T752] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.600483][  T752] bridge0: port 2(bridge_slave_1) entered forwarding state
[   42.607566][  T752] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.614341][  T752] bridge0: port 1(bridge_slave_0) entered forwarding state
[   42.627650][  T762] loop1: detected capacity change from 256 to 0
[   42.639708][  T762] FAT-fs (loop1): Directory bread(block 20) failed
[   42.647187][  T762] FAT-fs (loop1): Directory bread(block 21) failed
[   42.658117][  T762] FAT-fs (loop1): Directory bread(block 22) failed
[   42.659252][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   42.671812][  T762] FAT-fs (loop1): Directory bread(block 23) failed
[   42.678415][    T6] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.684737][  T762] FAT-fs (loop1): Directory bread(block 24) failed
[   42.691989][    T6] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.697102][  T762] FAT-fs (loop1): Directory bread(block 25) failed
[   42.705549][  T762] FAT-fs (loop1): Directory bread(block 26) failed
[   42.717222][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   42.725186][  T762] FAT-fs (loop1): Directory bread(block 27) failed
[   42.725587][  T315] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.738319][  T315] bridge0: port 1(bridge_slave_0) entered forwarding state
[   42.746250][  T313] FAT-fs (loop1): Directory bread(block 3) failed
[   42.757470][  T313] FAT-fs (loop1): unable to read boot sector to mark fs as dirty
[   42.765328][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   42.774241][  T315] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.781125][  T315] bridge0: port 2(bridge_slave_1) entered forwarding state
[   42.788535][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   42.805553][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   42.820683][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   42.846849][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   42.855613][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   42.863216][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   42.871636][  T752] device veth0_vlan entered promiscuous mode
[   42.877955][  T313] syz-executor.1 (313) used greatest stack depth: 20880 bytes left
[   42.887582][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   42.896620][  T752] device veth1_macvtap entered promiscuous mode
[   42.905307][  T504] device bridge_slave_1 left promiscuous mode
[   42.911512][  T504] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.921651][  T504] device bridge_slave_0 left promiscuous mode
[   42.927726][  T504] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.942342][  T769] loop3: detected capacity change from 0 to 512
[   42.949975][  T504] device veth1_macvtap left promiscuous mode
[   42.955958][  T504] device veth0_vlan left promiscuous mode
[   42.987219][   T30] audit: type=1400 audit(1717931200.391:515): avc:  denied  { append } for  pid=774 comm="syz-executor.4" name="001" dev="devtmpfs" ino=158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   43.046246][  T769] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[   43.064828][  T769] ext4 filesystem being mounted at /root/syzkaller-testdir4268236373/syzkaller.AnTMCP/46/file0 supports timestamps until 2038 (0x7fffffff)
[   43.086893][   T30] audit: type=1400 audit(1717931200.491:516): avc:  denied  { append } for  pid=767 comm="syz-executor.3" path="/root/syzkaller-testdir4268236373/syzkaller.AnTMCP/46/file0/cgroup.controllers" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   43.142761][  T383] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   43.157299][  T784] loop3: detected capacity change from 0 to 16
[   43.168807][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   43.176787][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   43.188401][  T784] erofs: (device loop3): mounted with root inode @ nid 36.
[   43.270017][  T796] loop3: detected capacity change from 0 to 128
[   43.282140][   T30] audit: type=1326 audit(1717931200.691:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=777 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f260f93df69 code=0x0
[   43.311699][  T776] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.318753][  T776] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.326028][  T776] device bridge_slave_0 entered promiscuous mode
[   43.333356][  T776] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.340262][  T776] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.347551][  T776] device bridge_slave_1 entered promiscuous mode
[   43.431746][  T776] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.438733][  T776] bridge0: port 2(bridge_slave_1) entered forwarding state
[   43.445824][  T776] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.452622][  T776] bridge0: port 1(bridge_slave_0) entered forwarding state
[   43.472475][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   43.480159][   T20] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.487309][   T20] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.495771][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   43.503794][  T333] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.510639][  T333] bridge0: port 1(bridge_slave_0) entered forwarding state
[   43.517791][   T60] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   43.530142][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   43.538228][  T333] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.545049][  T333] bridge0: port 2(bridge_slave_1) entered forwarding state
[   43.562023][  T776] device veth0_vlan entered promiscuous mode
[   43.569109][  T482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   43.577326][  T482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   43.585008][  T482] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   43.592551][  T482] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   43.599876][  T482] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   43.607908][  T482] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   43.620013][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   43.628851][  T776] device veth1_macvtap entered promiscuous mode
[   43.638594][  T482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   43.648380][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   43.757157][   T60] usb 3-1: Using ep0 maxpacket: 8
[   43.877097][   T60] usb 3-1: config 135 has an invalid interface number: 230 but max is 0
[   43.885393][   T60] usb 3-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[   43.911332][   T60] usb 3-1: config 135 has no interface number 0
[   43.917626][   T60] usb 3-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[   44.247456][   T60] usb 3-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[   44.289441][   T60] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   44.315059][   T60] usb 3-1: Product: syz
[   44.323440][   T60] usb 3-1: Manufacturer: syz
[   44.546474][   T60] usb 3-1: SerialNumber: syz
[   44.575228][  T809] input: syz1 as /devices/virtual/input/input5
[   44.587940][   T60] usb 3-1: Found UVC 0.00 device syz (18ec:3288)
[   44.594292][   T60] usb 3-1: No valid video chain found.
[   44.607632][  T811] syz-executor.3[811] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   44.607699][  T811] syz-executor.3[811] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   44.625448][  T813] ------------[ cut here ]------------
[   44.648290][   T30] audit: type=1400 audit(1717931202.061:518): avc:  denied  { bind } for  pid=814 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   44.651935][  T813] trace type BPF program uses run-time allocation
[   44.674635][  T813] WARNING: CPU: 0 PID: 813 at kernel/bpf/verifier.c:11656 check_map_prog_compatibility+0x6f1/0x890
[   44.677608][   T30] audit: type=1400 audit(1717931202.081:519): avc:  denied  { write } for  pid=814 comm="syz-executor.3" path="socket:[16006]" dev="sockfs" ino=16006 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   44.719768][  T813] Modules linked in:
[   44.728755][  T813] CPU: 0 PID: 813 Comm: syz-executor.1 Not tainted 5.15.149-syzkaller-00131-g79bd336c7a94 #0
[   44.749910][  T813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   44.769732][  T813] RIP: 0010:check_map_prog_compatibility+0x6f1/0x890
[   44.822223][  T813] Code: db e9 f9 fc ff ff e8 fe 39 ed ff 31 db e9 ed fc ff ff e8 f2 39 ed ff c6 05 bd 7f 80 05 01 48 c7 c7 20 c1 67 85 e8 0f 7b be ff <0f> 0b e9 5a fb ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 84 f9 ff
[   44.863211][  T813] RSP: 0018:ffffc90000af7348 EFLAGS: 00010246
[   44.872621][  T813] RAX: b168eb9f62fc6700 RBX: 0000000000000001 RCX: 0000000000040000
[   44.881036][  T813] RDX: ffffc90002365000 RSI: 0000000000039465 RDI: 0000000000039466
[   44.888953][  T813] RBP: ffffc90000af7390 R08: ffffffff815760e5 R09: ffffed103ee065e8
[   44.896932][  T813] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000011
[   44.904826][  T813] R13: ffff88811219c800 R14: ffffc9000006b000 R15: dffffc0000000000
[   44.906477][  T818] loop3: detected capacity change from 0 to 40427
[   44.912826][  T813] FS:  00007f8edd8676c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   44.927709][  T813] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   44.934077][  T813] CR2: 00007fff791a5b58 CR3: 0000000111b1c000 CR4: 00000000003506b0
[   44.941947][  T813] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   44.949733][  T813] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   44.957611][  T813] Call Trace:
[   44.961420][  T813]  <TASK>
[   44.964173][  T813]  ? show_regs+0x58/0x60
[   44.968351][  T813]  ? __warn+0x160/0x2f0
[   44.973375][  T813]  ? check_map_prog_compatibility+0x6f1/0x890
[   44.979384][  T813]  ? report_bug+0x3d9/0x5b0
[   44.983978][  T813]  ? check_map_prog_compatibility+0x6f1/0x890
[   44.990077][  T813]  ? handle_bug+0x41/0x70
[   44.990706][  T818] F2FS-fs (loop3): invalid crc value
[   45.004041][  T818] F2FS-fs (loop3): Found nat_bits in checkpoint
[   45.008588][  T813]  ? exc_invalid_op+0x1b/0x50
[   45.022896][  T813]  ? asm_exc_invalid_op+0x1b/0x20
[   45.038379][  T813]  ? __wake_up_klogd+0xd5/0x110
[   45.057081][  T813]  ? check_map_prog_compatibility+0x6f1/0x890
[   45.057107][  T818] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   45.087021][  T813]  ? check_map_prog_compatibility+0x6f1/0x890
[   45.087049][   T60] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[   45.093102][  T813]  resolve_pseudo_ldimm64+0x671/0x1240
[   45.093143][  T813]  ? check_attach_btf_id+0xef0/0xef0
[   45.140358][   T30] audit: type=1400 audit(1717931202.551:520): avc:  denied  { create } for  pid=790 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   45.142913][  T813]  ? __mark_reg_known+0x1b0/0x1b0
[   45.187030][  T813]  ? security_capable+0x87/0xb0
[   45.191850][  T813]  bpf_check+0x3174/0x12bf0
[   45.196212][  T813]  ? 0xffffffffa0018000
[   45.200305][  T813]  ? is_bpf_text_address+0x172/0x190
[   45.205510][  T813]  ? stack_trace_save+0x1c0/0x1c0
[   45.210415][  T813]  ? __kernel_text_address+0x9b/0x110
[   45.215699][  T813]  ? unwind_get_return_address+0x4d/0x90
[   45.221201][  T813]  ? bpf_get_btf_vmlinux+0x60/0x60
[   45.226232][  T813]  ? arch_stack_walk+0xf3/0x140
[   45.230996][  T813]  ? stack_trace_save+0x113/0x1c0
[   45.235921][  T813]  ? stack_trace_snprint+0xf0/0xf0
[   45.241034][  T813]  ? stack_trace_snprint+0xf0/0xf0
[   45.246057][  T813]  ? __stack_depot_save+0x34/0x470
[   45.251046][  T813]  ? ____kasan_kmalloc+0xed/0x110
[   45.255962][  T813]  ? ____kasan_kmalloc+0xdb/0x110
[   45.260850][  T813]  ? __kasan_kmalloc+0x9/0x10
[   45.265362][  T813]  ? kmem_cache_alloc_trace+0x115/0x210
[   45.271245][  T813]  ? selinux_bpf_prog_alloc+0x51/0x140
[   45.277935][  T813]  ? security_bpf_prog_alloc+0x62/0x90
[   45.283370][  T813]  ? bpf_prog_load+0x9ee/0x1b50
[   45.288361][  T813]  ? __sys_bpf+0x4bc/0x760
[   45.292702][  T813]  ? __x64_sys_bpf+0x7c/0x90
[   45.297123][  T813]  ? do_syscall_64+0x3d/0xb0
[   45.301557][  T813]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   45.307526][  T813]  ? __kasan_kmalloc+0x9/0x10
[   45.312102][  T813]  ? memset+0x35/0x40
[   45.315921][  T813]  ? bpf_obj_name_cpy+0x196/0x1e0
[   45.320875][  T813]  bpf_prog_load+0x12ac/0x1b50
[   45.325561][  T813]  ? map_freeze+0x370/0x370
[   45.329993][  T813]  ? selinux_bpf+0xcb/0x100
[   45.334425][  T813]  ? security_bpf+0x82/0xb0
[   45.338797][  T813]  __sys_bpf+0x4bc/0x760
[   45.342971][  T813]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[   45.348269][  T813]  ? __kasan_check_read+0x11/0x20
[   45.353120][  T813]  __x64_sys_bpf+0x7c/0x90
[   45.359863][   T60] usb 5-1: Using ep0 maxpacket: 32
[   45.368155][  T813]  do_syscall_64+0x3d/0xb0
[   45.380133][  T813]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   45.395831][  T813] RIP: 0033:0x7f8ede4ecf69
[   45.407055][  T813] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   45.440540][  T813] RSP: 002b:00007f8edd8670c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   45.448998][  T813] RAX: ffffffffffffffda RBX: 00007f8ede623f80 RCX: 00007f8ede4ecf69
[   45.456892][  T813] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005
[   45.471190][  T813] RBP: 00007f8ede54a6fe R08: 0000000000000000 R09: 0000000000000000
[   45.479191][  T813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   45.487149][   T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   45.496762][  T813] R13: 000000000000000b R14: 00007f8ede623f80 R15: 00007ffe55d38328
[   45.504619][   T60] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   45.507737][  T813]  </TASK>
[   45.513584][   T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   45.521773][  T813] ---[ end trace 1a5148a21f0ceddd ]---
[   45.529964][   T60] usb 5-1: config 0 descriptor??
[   45.567593][   T60] hub 5-1:0.0: bad descriptor, ignoring hub
[   45.574503][   T60] hub: probe of 5-1:0.0 failed with error -5
[   45.587879][   T60] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[   45.877098][  T836] loop3: detected capacity change from 0 to 40427
[   45.987738][  T836] F2FS-fs (loop3): Found nat_bits in checkpoint
[   46.077665][  T836] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   46.251284][   T60] usb 3-1: USB disconnect, device number 5
[   46.472428][  T858] syz-executor.4[858] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   46.472497][  T858] syz-executor.4[858] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   46.492645][  T858] capability: warning: `syz-executor.4' uses deprecated v2 capabilities in a way that may be insecure
[   46.559877][  T863] loop1: detected capacity change from 0 to 512
[   46.587548][  T863] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities
[   46.799202][  T311] attempt to access beyond end of device
[   46.799202][  T311] loop3: rw=2049, want=45104, limit=40427
[   46.867105][   T60] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[   47.117073][   T60] usb 2-1: Using ep0 maxpacket: 8
[   47.257209][   T60] usb 2-1: config 0 has an invalid interface number: 52 but max is 0
[   47.265216][   T60] usb 2-1: config 0 has an invalid descriptor of length 88, skipping remainder of the config
[   47.280448][   T60] usb 2-1: config 0 has no interface number 0
[   47.286471][   T60] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 82, changing to 10
[   47.345652][   T60] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid maxpacket 1703, setting to 1024
[   47.356641][   T60] usb 2-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   47.371406][   T60] usb 2-1: config 0 interface 52 has no altsetting 0
[   47.497091][   T60] usb 2-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00
[   47.506792][   T60] usb 2-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35
[   47.527026][   T60] usb 2-1: Product: syz
[   47.531005][   T60] usb 2-1: SerialNumber: syz
[   47.535974][   T60] usb 2-1: config 0 descriptor??
[   47.727060][   T39] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   47.797040][  T383] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[   47.967189][   T39] usb 3-1: Using ep0 maxpacket: 16
[   48.057053][  T383] usb 4-1: Using ep0 maxpacket: 16
[   48.117253][   T60] usb 5-1: reset high-speed USB device number 7 using dummy_hcd
[   48.128677][   T30] kauditd_printk_skb: 15 callbacks suppressed
[   48.128689][   T30] audit: type=1326 audit(1717931205.541:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=862 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8ede4ecf69 code=0x0
[   48.157691][   T60] usb 5-1: device reset changed ep0 maxpacket size!
[   48.157892][   T60] usb 5-1: USB disconnect, device number 7
[   48.197083][  T383] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   48.206648][  T383] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[   48.215688][  T383] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   48.224114][  T383] usb 4-1: config 0 descriptor??
[   48.247253][   T39] usb 3-1: New USB device found, idVendor=14aa, idProduct=022b, bcdDevice=8e.53
[   48.256219][   T39] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   48.264159][   T39] usb 3-1: Product: syz
[   48.268208][   T39] usb 3-1: Manufacturer: syz
[   48.272553][   T39] usb 3-1: SerialNumber: syz
[   48.277805][  T383] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[   48.281393][   T39] usb 3-1: config 0 descriptor??
[   48.517061][   T60] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[   48.528629][   T39] usb 3-1: USB disconnect, device number 6
[   48.757038][   T60] usb 5-1: Using ep0 maxpacket: 8
[   48.877205][   T60] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   48.886774][   T60] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   48.896329][   T60] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   48.906038][   T60] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   48.918807][   T60] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   48.927656][   T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   49.160835][   T30] audit: type=1400 audit(1717931206.571:537): avc:  denied  { unlink } for  pid=895 comm="syz-executor.2" name="#1" dev="sda1" ino=1970 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=chr_file permissive=1
[   49.185995][  T897] fuse: Unknown parameter '01777777777777777777777'
[   49.541999][  T315] usb 4-1: USB disconnect, device number 5
[   49.576248][  T383] usb 2-1: USB disconnect, device number 6
[   50.183845][  T928] loop3: detected capacity change from 0 to 32768
[   50.427033][   T39] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[   50.667061][   T39] usb 3-1: Using ep0 maxpacket: 16
[   50.787078][   T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   50.796655][   T39] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[   50.805540][   T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   50.814191][   T39] usb 3-1: config 0 descriptor??
[   50.828129][  T399] usb 5-1: USB disconnect, device number 8
[   50.837303][   T30] audit: type=1400 audit(1717931208.251:538): avc:  denied  { remove_name } for  pid=82 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   50.859523][   T20] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[   50.861140][   T39] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[   50.866784][   T30] audit: type=1400 audit(1717931208.251:539): avc:  denied  { rename } for  pid=82 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   50.895687][   T30] audit: type=1400 audit(1717931208.251:540): avc:  denied  { create } for  pid=82 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   51.041550][  T947] fuse: Unknown parameter '01777777777777777777777'
[   51.137074][   T20] usb 2-1: Using ep0 maxpacket: 16
[   51.277087][   T20] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   51.287053][   T20] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   51.297807][   T20] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   51.307334][   T20] usb 2-1: New USB device found, idVendor=172f, idProduct=0037, bcdDevice= 0.00
[   51.316319][   T20] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   51.324767][   T20] usb 2-1: config 0 descriptor??
[   51.808220][   T20] waltop 0003:172F:0037.0009: unknown main item tag 0x0
[   51.815547][   T20] waltop 0003:172F:0037.0009: unknown main item tag 0x0
[   51.822336][   T20] waltop 0003:172F:0037.0009: unknown main item tag 0x0
[   51.829078][   T20] waltop 0003:172F:0037.0009: unknown main item tag 0x0
[   51.835844][   T20] waltop 0003:172F:0037.0009: unknown main item tag 0x0
[   51.843266][   T20] waltop 0003:172F:0037.0009: hidraw0: USB HID v0.00 Device [HID 172f:0037] on usb-dummy_hcd.1-1/input0
[   51.867937][   T30] audit: type=1326 audit(1717931209.281:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=954 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f260f93df69 code=0x0
[   52.033213][   T39] usb 2-1: USB disconnect, device number 7
[   52.637572][  T973] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.4'.
[   52.647680][  T973] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.4'.
[   52.968121][  T980] loop3: detected capacity change from 0 to 256
[   53.057144][  T980] FAT-fs (loop3): Unrecognized mount option "00000000000000000000" or missing value
[   53.133280][   T30] audit: type=1400 audit(1717931210.541:542): avc:  denied  { write } for  pid=982 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   53.157250][  T985] BUG: unable to handle page fault for address: ffffffffff600000
[   53.164771][  T985] #PF: supervisor read access in kernel mode
[   53.170583][  T985] #PF: error_code(0x0001) - permissions violation
[   53.176833][  T985] PGD 6812067 P4D 6812067 PUD 6814067 PMD 6816067 PTE 8000000006809165
[   53.184903][  T985] Oops: 0001 [#1] PREEMPT SMP KASAN
[   53.189941][  T985] CPU: 0 PID: 985 Comm: syz-executor.3 Tainted: G        W         5.15.149-syzkaller-00131-g79bd336c7a94 #0
[   53.201309][  T985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   53.211206][  T985] RIP: 0010:copy_from_kernel_nofault+0x86/0x2e0
[   53.217278][  T985] Code: 48 89 55 d0 0f 85 ea 01 00 00 ff 02 bf 07 00 00 00 4c 89 ee e8 cb 92 d6 ff 49 83 fd 07 76 5c 4d 89 fe 49 83 c5 f8 49 83 c7 08 <49> 8b 1c 24 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 80
[   53.236719][  T985] RSP: 0018:ffffc9000167f030 EFLAGS: 00010292
[   53.242626][  T985] RAX: 0000000000000002 RBX: 00007ffffffff000 RCX: ffff88810dc1a780
[   53.250433][  T985] RDX: ffff88810dc1b310 RSI: 0000000000000008 RDI: 0000000000000007
[   53.258243][  T985] RBP: ffffc9000167f068 R08: ffffffff8199a795 R09: ffffed1021b834f1
[   53.266054][  T985] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffffffff600000
[   53.273870][  T985] R13: 0000000000000000 R14: ffffc9000167f0c8 R15: ffffc9000167f0d0
[   53.281681][  T985] FS:  00007fe9f39f66c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   53.290444][  T985] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   53.296866][  T985] CR2: ffffffffff600000 CR3: 000000011167e000 CR4: 00000000003506b0
[   53.304681][  T985] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   53.312489][  T985] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   53.320302][  T985] Call Trace:
[   53.323430][  T985]  <TASK>
[   53.326207][  T985]  ? __die_body+0x62/0xb0
[   53.330372][  T985]  ? __die+0x7e/0x90
[   53.334110][  T985]  ? page_fault_oops+0x7f9/0xa90
[   53.338877][  T985]  ? kernelmode_fixup_or_oops+0x270/0x270
[   53.344437][  T985]  ? 0xffffffffa0016ea4
[   53.348422][  T985]  ? is_bpf_text_address+0x172/0x190
[   53.353547][  T985]  ? __kernel_text_address+0x9b/0x110
[   53.358752][  T985]  ? exc_page_fault+0x521/0x830
[   53.363449][  T985]  ? asm_exc_page_fault+0x27/0x30
[   53.368306][  T985]  ? copy_from_kernel_nofault+0x75/0x2e0
[   53.373779][  T985]  ? copy_from_kernel_nofault+0x86/0x2e0
[   53.379237][  T985]  bpf_probe_read_compat+0x112/0x180
[   53.384356][  T985]  bpf_prog_baa065642a502c00+0x64/0x4b0
[   53.389826][  T985]  bpf_trace_run6+0x18d/0x2c0
[   53.394338][  T985]  ? bpf_trace_run5+0x290/0x290
[   53.399037][  T985]  ? ext4_ext_check_inode+0x80/0x80
[   53.404059][  T985]  __bpf_trace_ext4_ext_remove_space_done+0x4a/0x60
[   53.410482][  T985]  ext4_ext_remove_space+0x48b4/0x4a60
[   53.415777][  T985]  ? __kasan_check_write+0x14/0x20
[   53.420724][  T985]  ? ext4_es_insert_extent+0x2ff0/0x2ff0
[   53.426313][  T985]  ? _raw_write_lock+0xa4/0x170
[   53.430991][  T985]  ? __ext4_mark_inode_dirty+0x53c/0x7a0
[   53.436463][  T985]  ? ext4_ext_index_trans_blocks+0x120/0x120
[   53.442279][  T985]  ? ext4_es_remove_extent+0x297/0x460
[   53.447572][  T985]  ? ext4_es_lookup_extent+0x940/0x940
[   53.452882][  T985]  ext4_ext_truncate+0x19a/0x240
[   53.457638][  T985]  ext4_truncate+0x96c/0xfa0
[   53.462063][  T985]  ? __ext4_mark_inode_dirty+0x7a0/0x7a0
[   53.467533][  T985]  ext4_setattr+0xf84/0x1940
[   53.471957][  T985]  ? current_time+0x1af/0x2f0
[   53.476475][  T985]  ? ext4_write_inode+0x730/0x730
[   53.481331][  T985]  notify_change+0xc7a/0xf30
[   53.485758][  T985]  ? cap_inode_need_killpriv+0x51/0x60
[   53.491052][  T985]  do_truncate+0x21c/0x300
[   53.495304][  T985]  ? put_page_bootmem+0x190/0x190
[   53.500177][  T985]  path_openat+0x28ed/0x2f40
[   53.504595][  T985]  ? __kasan_slab_alloc+0xb1/0xe0
[   53.509453][  T985]  ? kmem_cache_alloc+0xf5/0x200
[   53.514228][  T985]  ? getname_flags+0xba/0x520
[   53.518740][  T985]  ? __x64_sys_openat+0x243/0x290
[   53.523605][  T985]  ? do_filp_open+0x460/0x460
[   53.528116][  T985]  do_filp_open+0x21c/0x460
[   53.532453][  T985]  ? vfs_tmpfile+0x2c0/0x2c0
[   53.536886][  T985]  do_sys_openat2+0x13f/0x830
[   53.541478][  T985]  ? _raw_spin_unlock+0x4d/0x70
[   53.546166][  T985]  ? finish_task_switch+0x167/0x7b0
[   53.551201][  T985]  ? do_sys_open+0x220/0x220
[   53.555624][  T985]  ? __schedule+0xcd4/0x1590
[   53.560054][  T985]  __x64_sys_openat+0x243/0x290
[   53.564740][  T985]  ? __ia32_sys_open+0x270/0x270
[   53.569512][  T985]  ? __kasan_check_read+0x11/0x20
[   53.574372][  T985]  ? exit_to_user_mode_prepare+0x7e/0xa0
[   53.579843][  T985]  do_syscall_64+0x3d/0xb0
[   53.584104][  T985]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[   53.589737][  T985]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   53.595494][  T985] RIP: 0033:0x7fe9f467bf69
[   53.599720][  T985] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   53.619161][  T985] RSP: 002b:00007fe9f39f60c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   53.627402][  T985] RAX: ffffffffffffffda RBX: 00007fe9f47b2f80 RCX: 00007fe9f467bf69
[   53.635214][  T985] RDX: 0000000000007a05 RSI: 0000000020000180 RDI: ffffffffffffff9c
[   53.643030][  T985] RBP: 00007fe9f46d96fe R08: 0000000000000000 R09: 0000000000000000
[   53.650840][  T985] R10: 0000000000001700 R11: 0000000000000246 R12: 0000000000000000
[   53.658648][  T985] R13: 000000000000000b R14: 00007fe9f47b2f80 R15: 00007fff791a5998
[   53.666464][  T985]  </TASK>
[   53.669326][  T985] Modules linked in:
[   53.673074][  T985] CR2: ffffffffff600000
[   53.677064][  T985] ---[ end trace 1a5148a21f0cedde ]---
[   53.682345][  T985] RIP: 0010:copy_from_kernel_nofault+0x86/0x2e0
[   53.688419][  T985] Code: 48 89 55 d0 0f 85 ea 01 00 00 ff 02 bf 07 00 00 00 4c 89 ee e8 cb 92 d6 ff 49 83 fd 07 76 5c 4d 89 fe 49 83 c5 f8 49 83 c7 08 <49> 8b 1c 24 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 80
[   53.707861][  T985] RSP: 0018:ffffc9000167f030 EFLAGS: 00010292
[   53.713764][  T985] RAX: 0000000000000002 RBX: 00007ffffffff000 RCX: ffff88810dc1a780
[   53.721575][  T985] RDX: ffff88810dc1b310 RSI: 0000000000000008 RDI: 0000000000000007
[   53.729387][  T985] RBP: ffffc9000167f068 R08: ffffffff8199a795 R09: ffffed1021b834f1
[   53.737196][  T985] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffffffff600000
[   53.745008][  T985] R13: 0000000000000000 R14: ffffc9000167f0c8 R15: ffffc9000167f0d0
[   53.752820][  T985] FS:  00007fe9f39f66c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   53.761588][  T985] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   53.768008][  T985] CR2: ffffffffff600000 CR3: 000000011167e000 CR4: 00000000003506b0
[   53.775821][  T985] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   53.783633][  T985] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   53.791451][  T985] Kernel panic - not syncing: Fatal exception
[   53.797624][  T985] Kernel Offset: disabled
[   53.801752][  T985] Rebooting in 86400 seconds..