last executing test programs:

7.50196719s ago: executing program 0 (id=775):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDSKBSENT(r0, 0x4b49, 0x0)

7.5015989s ago: executing program 0 (id=776):
r0 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$int_in(r1, 0x5452, &(0x7f0000b28000)=0x3)
fcntl$setsig(r1, 0xa, 0x12)
poll(&(0x7f0000b2c000)=[{r2}], 0x2c, 0xffffffffffbffff8)
dup2(r1, r2)
fcntl$setown(r1, 0x8, r0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r4}, &(0x7f0000000800), &(0x7f0000000840)=r5}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r6}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x7}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
r7 = openat$kvm(0xffffffffffffff9c, 0x0, 0x8200, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r8 = fcntl$getown(r7, 0x9)
tkill(r8, 0x24)
tkill(r0, 0x13)

6.227439629s ago: executing program 0 (id=781):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000100)="eb", 0x1}], 0x1, 0x6)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r3, 0x4b3d, 0x0)
getsockname$inet(r2, 0x0, &(0x7f00000002c0))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xa)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'virt_wifi0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r5, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

5.880180048s ago: executing program 4 (id=783):
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000100)=@req={0x3fc, 0x0, 0x0, 0x6}, 0x10)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000080)={'hsr0\x00', &(0x7f0000000040)=@ethtool_sset_info={0x37, 0x2, 0x14, [0xfffffffc, 0xfffff60b, 0x6, 0x3, 0x5, 0x3ff]}})
r2 = socket$inet(0x2, 0x1, 0x0)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f00000000c0)='bridge_slave_1\x00', 0x10)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x0, @empty}, 0x10)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
recvmmsg(r1, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000000340)=""/179, 0xb3}], 0x1}, 0xf}], 0x1, 0x7fb10727ddab, 0x0)
close(r3)

5.802847918s ago: executing program 1 (id=784):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prlimit64(0x0, 0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYBLOB='\x00\x00\x00\x00\x00\b\x00\x00\x00\x00\b\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
r5 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f00000000c0)={'ip6gre0\x00', &(0x7f00000009c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r5, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000180)={'ip6_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @empty}})
mkdir(0x0, 0x92)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r6 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000080)={'bridge0\x00', &(0x7f0000000000)=@ethtool_ringparam={0x10, 0x2, 0x800, 0x100, 0x4, 0x2, 0x6, 0x10001, 0x1}})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r9, 0x4004ae99, &(0x7f0000000040)=0x3)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)

5.405266117s ago: executing program 0 (id=785):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="00800000000000000b02b8cce9669b9d00000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x80180, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0xc208ae62, &(0x7f0000000600)={0x2, 0x0, @pic={0x7, 0x8, 0x1, 0x1, 0x1, 0x2, 0x4, 0x77, 0x2, 0x0, 0x3, 0x3, 0xfb, 0x1, 0xf9, 0xf}})
r3 = socket(0x1e, 0x4, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000000)={0x2, 0x2000}, 0x4)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000500)=@delchain={0x24, 0x66, 0x7da43c62733c9955}, 0x24}}, 0x0)
r8 = syz_open_dev$usbfs(&(0x7f0000000040), 0x80000000003, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r8, 0x802c550a, &(0x7f0000000280)=ANY=[@ANYBLOB="0200a006002a17006000000002000020d3"])

5.330586397s ago: executing program 1 (id=786):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xf}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
sendfile(r0, r0, 0x0, 0x40a2)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000140)={{{@in=@loopback, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}}, {{@in, 0x0, 0x32}, 0x0, @in=@broadcast}}, 0x13d)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, 0x0}, 0x40fd)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r3, &(0x7f0000000e80)=[{{&(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10, 0x0}}], 0x1, 0xc044)
write$binfmt_misc(r3, &(0x7f0000000300), 0xfdef)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[], 0x48)

5.312016867s ago: executing program 4 (id=787):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010005000900000001"], 0x48)
r1 = accept4$inet6(r0, &(0x7f0000000380)={0xa, 0x0, 0x0, @private2}, &(0x7f00000003c0)=0x1c, 0x0)
bind$inet6(r1, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @mcast2, 0x3}, 0x1c)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x1, 0x7ffc1ffb}]})
renameat2(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000200)='.\x02\x00', 0x4)

5.264706747s ago: executing program 1 (id=788):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="00800000000000000b02b8cce9669b9d00000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x80180, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0xc208ae62, &(0x7f0000000600)={0x2, 0x0, @pic={0x7, 0x8, 0x1, 0x1, 0x1, 0x2, 0x4, 0x77, 0x2, 0x0, 0x3, 0x3, 0xfb, 0x1, 0xf9, 0xf}})
r4 = socket(0x1e, 0x4, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000000)={0x2, 0x2000}, 0x4)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x2d)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r10 = syz_open_dev$usbfs(&(0x7f0000000040), 0x80000000003, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r10, 0x802c550a, &(0x7f0000000280)=ANY=[@ANYBLOB="0200a006002a17006000000002000020d3"])

5.241322917s ago: executing program 4 (id=790):
socket$igmp6(0xa, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDSKBSENT(r1, 0x4b49, &(0x7f0000002600)={0xa9, "5b4e58f992cbe76c0ba015b91578b36d892c37f16f7f0c00ca4a070694f46e8b201eb8cabac6d674d63fd377045d945e8148819f9101be1dc5fa236cff26fbc160786c774af71b12076e858a394c1cb39b040f4f7d2db5256acb9d57eda82c60b00db4bff0f6f3cb143f5d6cfd06686a47463fd23430c8e24baa7b71d845595105ff27f75a8d969273b11c4cb4d749d279f0967457deeaab5e20761c1005a468acfe4ad613da04fb62c5db49c22154c3dc52692cc80310fc581bc963d7b33c1ac20dd1d39cb178ae6a99e36a19efe9c6bd448d8de29fec24689a18d7c944b97dcd9f562c0873b8f9ac77f015c97b6981c90bcc5c86ba44c851442cf0cb6b5ec2c390e9028a7f758264f3af43a55b813d01c78c39ffce681e626cd9883c9a1a80703be70156dfdc4b4bd1e21c0cc192caf72634ddab3258d901bbeb0aa1de3fb122990b82c2b4bef5c62b91ddae15a8a9ce0a41df28767212a053950434c537ec61238a30df001d24c4a26774ecc2fe03f4ae2ac0a03dc983bbf0b1a3cd3c2bd2098278348c9a6f7fd859fc9d69a3b3fee766848f4d845be1485949a7d69f182af1e13174be366fe37f2d7b589b28845c700a71bc9825d819ea7892d994411c679760d55f0ffc052fa9deded6d2c39f24d6d0d147537a6c46b5b94154abd90e772090f6d41b8c3f6b9639b5885d94a8bac558935b256da90cfbc544e5afe66c10"})
pwritev(r1, &(0x7f0000003d00), 0x0, 0x1, 0x9)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file1\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c00a3a2a4e7417e941910c27d130b55ac2d5f7a61e59ec6d5de07239091924c32eeb367d16409d6d3ec1fb755f9a7989ebc4e96918e268f0b7acebf67c07bc4731250f87d27b5e9e61000e70f0c6a4e2432073d0d3e18f864e9ef64637d14e5485f36e53c821cb5898685c055a367ea51b653eff6581710f6c3824bc667bd24219163c60803099f985567be0d978e301b4f6603628606afadb04eee58f42f1853f2e8598a5e250e0f4c9a"], 0x1, 0x14fe, &(0x7f0000002ac0)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==")
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)

4.209851275s ago: executing program 4 (id=792):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)

4.172912876s ago: executing program 4 (id=793):
socket$nl_route(0x10, 0x3, 0x0)
socket(0x1c, 0x80000, 0xfd09)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00fcffffffffffff0c0000000080000000000040", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000100"/28], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES8=r1, @ANYBLOB="6f1300000085000000988600000095789d8d6135d2b9c3442e37b6a6a7a0e97116cd44da0923897f7290a1570081ef8b3a9263be09e6fd8ab2295fcfb9453a034aa140b9eb81fd62"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
rt_sigaction(0x19, 0x0, 0x0, 0x8, &(0x7f0000000440))
memfd_create(0x0, 0x0)
mkdir(0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='\v\x00\x00\x00', @ANYRES32, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000100000000000000000000be4d7a32c17151e70ed60e7a"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket(0x10, 0x80002, 0x4)
sendmsg$nl_route_sched(r5, &(0x7f0000002980)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtaction={0x80, 0x13, 0x53b, 0x0, 0x25dfdbff, {}, [{0x6c, 0x1, [@m_sample={0x68, 0x0, 0x0, 0x0, {{0xb}, {0x3c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_RATE={0x8, 0x3, 0x1000010}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0xa1, 0x0, 0x3, 0x5, 0xfffffff9}}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0x80000000, 0x5, 0xa, 0x8000}}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}]}]}, 0x80}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
process_mrelease(0xffffffffffffffff, 0x0)

4.162082545s ago: executing program 0 (id=794):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x200100, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="3800000069000b1d28bd7000fcdb0000000008000100020000000800010000000000080001000200000008000100000000002913ad83c8bfb26ae85e9ad12c7efc064d38e82d06d02500d1f011e484ea7c25df3c293c700be87ec26fd4898efae217f9866a47f69e470676ae782cd510d523cce2b670be9fd6dfa46c12cbd3b4b22691fdef3a28b002d5e453bd304f36e272f1"], 0x38}, 0x1, 0x0, 0x0, 0x400}, 0x8004)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r3)
sendmsg$TIPC_NL_PUBL_GET(r3, &(0x7f00000014c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000814}, 0x14)
r4 = syz_clone(0x100400, &(0x7f0000000140)="959c151fd3fa379f2123ee3404fa3d911240af30f8dff717124ef2b01639fde9025f3578ffa00f3118b7aa7a11fd4e0e879a40252e6b8e2ab4598c0db0a17af8e3ce868b0530e429a1", 0x49, &(0x7f0000000080), &(0x7f00000001c0), &(0x7f00000003c0)="93c741d9053b871235b647fd177a10c0bdad460d7c744b19ee814d90035f82abfcd3de1c52756aad19056da178c861669e86c1af7c53669e133ff17df6952265b50dc32d387c0f873821ffa7b3c51d56ef80317c908b089f7f21ba39d1ce93c02e6373f55bcbd1788ecaa590fe876ceb82aa307c0847c2d8c9666cc747501ef9fea970c0393cd4bcb9dd37db76238255f854183b285d7bcecf8f9a51508d1d80b35c7beb7f020caf251f412f067246de60824459dce3d9544feb53b0d740c7ff296ad5466fd3441cf60a02b3ba4cb0cf551c1699d4f26fe64db0cb2d1f7b23e467cdf850")
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x5, 0x104810, r2, 0x3b27a000)
pipe2(&(0x7f0000000340)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x84000)
getsockopt$CAN_RAW_FILTER(r6, 0x65, 0x1, &(0x7f00000004c0)=[{}, {}], &(0x7f0000000500)=0x10)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ptrace(0x4207, r4)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.effective_mems\x00', 0x275a, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r8, 0x0)
r9 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109022400010000002009040000fd0301000009210000000122010009058103"], 0x0)
syz_usb_control_io$hid(r9, 0x0, 0x0)
syz_usb_control_io$hid(r9, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0)
r10 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0)
ioctl$HIDIOCSREPORT(r10, 0x81044804, &(0x7f0000000400)={0x1})
syz_usb_control_io$hid(r9, 0x0, 0x0)
syz_usb_control_io(r9, &(0x7f0000000680)={0x2c, 0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0003020000000203fc78679e680a38afc86aae44ef0000000000000009f616"], 0x0, 0x0, 0x0}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000540)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="7472616e733d66642c7266d381e60d82669e2f6efb383653c2edd6a056801273962fb94016dd9339e20e816775912ad144a75099522913e6d5cb44833045a068d346ee365a6278b227705ee50a35a8dbf9d5a3661be1e849db1cf0022ed286b7f39075ed6398e5a493f5b40709a12e370367fe104ee11b147a7094a317cb3bdb075e59de49452f59304327bfe01bc65ca4f0a60d6a8e7da515c8a1f41875621570a473e9539393a1d012b4c47ba5e78fb77bacc088841d0f23a984dfa865cc2a8e99f4d90135c32f381d0c849a1b3f30565b90a586ab34bae32aa2a97ed65430", @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r8, @ANYBLOB=',\x00'])
syz_mount_image$vfat(&(0x7f0000003880), &(0x7f0000000000)='./file1\x00', 0x40, &(0x7f0000000ac0)=ANY=[@ANYBLOB='uni_xlate=0,shortname=win95,shortname=winnt,iocharset=macromanian,shortname=lower,shortname=lower,utf8=0,utf8=0,nfs=nostale_ro,uid=', @ANYRESDEC=r5, @ANYBLOB="2c726f6469722c73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c696f636861669365743d61736369692c7569643d", @ANYRESHEX, @ANYBLOB="c204ec5d4c8e2398215a777fae6c509f190a9c9eea3500c553a78fc83652b8c4c6c912c25d3475cdf39a4df7d5a72cb10b9077c313039800c86ed739dc74b52e6350ca08f987bf38fecf7cfc35508e8fef5b70a7026c3e7a69d3fe593862750672d97b011356d155df27e910facb4c3a3d6c8832edcc92cf20639d93e89002ac946f0bf11b10f120ff73c7"], 0x0, 0x2a9, &(0x7f0000000480)="$eJzs3c9KM1cYB+B3YkzSdpGsS6Gz6FrUbTdxoVDqqsVFu2mlKogJBQXBUhpdddsb6BUUCt2V3kM3vYNCt4UuhQpTJpkxxiRT82H0+/B5Nh7PnN+cP45kIfP65Xv9k4M0jq6+/TNarSRq3ejGdRKdqEXpMiZ0fwgA4E12nWXxTzaySC6JiNbylgUALNHU53+SVAd+eZp1AQDL8+lnn3+8tbu7/UmatmKn//35Xv75n38dXd86iuPoxWGsRztuIrJbo/ZOlmWDeprrxAf9wflenux/8Xtx/62/I4b5jWhHZ9g1mf9od3sjHbmTH+TreLuYv5vnN6Md/07MX/6BYntzKh8R9c7k+teiHX98FV9HLw6GixjP/91Gmh7/Vp5Ink8G53vN4bixbOUJfhwAAAAAAAAAAAAAAAAAAAAAALwQa0XtnGYM6/fkXUX9nZWb/JvVSEudyfo8o/xttcB79YEGWfxY1tdZT9M0KwaO8/V4tx7159k1AAAAAAAAAAAAAAAAAAAAvF7OLr452e/1Dk8fpVFWAyhf63/V+3Tv9Lwfcwfn0+w3x3PVimbFnWOlHJNEVC4j38QjHUt14/LirXlr/unninhrVqr1/5OuVp3P4zTKp+tkPxmdYXJvTDPGuygav969TyNOz7KHzNWYdylb6PFrzLzUXnjvjXeGjUHFmEiqFvbhX6OTK3qS+7toDE91Zny1aBTx2tTT28p7GvPiU78pUxLVOgAAAAAAAAAAAAAAAAAAYKnGL/3OuHhVGa1lzaUtCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACe1Pj//y/QGBThBwxuxOnZM28RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAF+C/AAAA//+zK1UG")
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r8, 0x6, 0x14, &(0x7f0000000300)=0x2, 0x4)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000040)=@x86={0x3, 0x9e, 0xd5, 0x0, 0x4, 0x4, 0x8, 0x0, 0x6, 0x7, 0x0, 0x6, 0x0, 0x3, 0x1, 0x7, 0xff, 0x6, 0x3, '\x00', 0x6, 0x5})

3.681391405s ago: executing program 1 (id=795):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001d40)={0x0}, 0x18)
socket$inet6_udp(0xa, 0x2, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x1c1341, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r3, &(0x7f0000000380), 0x20000000}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000005c0), 0x0, 0x0, 0x0})
dup3(r5, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00'}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

3.263219574s ago: executing program 4 (id=797):
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000280)='./mnt\x00', 0x2080c16, &(0x7f0000000140)={[], [{@euid_eq}, {@fscontext={'fscontext', 0x3d, 'unconfined_u'}}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08")
syz_usb_connect$hid(0x2, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000000000100b060a5000000000000109022400010000500009040002010300000009210000000122f80409058103"], 0x0)
request_key(&(0x7f0000000000)='ceph\x00', &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000180)='a\x00', 0xffffffffffffffff)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
io_setup(0x81, &(0x7f0000000240)=<r1=>0x0)
r2 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0)
io_submit(r1, 0x1, &(0x7f00000000c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0xffff, r2, 0x0, 0x0, 0x4}])
fcntl$setlease(r0, 0x400, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000780)=ANY=[@ANYBLOB="61154c000000000061138c0000000000bfa00000000000001503000008004e002d3501000000000095004100000000006916720000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffbd4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b33e0f32f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3cd3cedd01fdc59589ea6bacde1e40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7a7216f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684e62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961cf4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fd0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bbff4bbe00000000000000000000000000fdba1133066c4a21a7149f32"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
r3 = socket$inet6(0x10, 0x3, 0x0)
recvfrom$inet6(r3, 0x0, 0x0, 0x12000, 0x0, 0x0)
sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca", 0x15, 0x0, 0x0, 0x0)
recvfrom$inet6(r3, &(0x7f0000000000)=""/45, 0x44, 0x0, 0x0, 0xffffffffffffffc3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x4, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de00000000000000001801000020a0702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
readlink(&(0x7f0000000040)='./file0\x00', &(0x7f0000000340)=""/200, 0xc8)

2.533805263s ago: executing program 3 (id=798):
mkdir(&(0x7f0000000200)='./bus\x00', 0x10)
mount$incfs(&(0x7f0000000000)='./bus\x00', &(0x7f0000000040)='./bus\x00', &(0x7f0000000640), 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
pipe2$9p(&(0x7f0000000340), 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x2000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000005600)='sys_enter\x00', r6}, 0x10)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCGSOFTCAR(r7, 0x5414, &(0x7f0000000000))
ioctl$FS_IOC_ENABLE_VERITY(r7, 0x40806685, &(0x7f00000003c0)={0x1, 0x1, 0x1000, 0x4f, &(0x7f0000000280)="7a6a95584d403afffd9fd3d9066ba13d765aa3271574b6c76af6a0a7ac9796c143a9a804bfc2115b361bea0701015d28408a8c82d17513a0435f4a41161940906def6d78c943c4bb5590101ce7595d", 0xe6, 0x0, &(0x7f00000008c0)="ebc23f2a795afa830efae082db0113113e17e001e23bf3762cc00af0c49abe0e325371c8b1bc50ef618911260e792dfd747ad7074417eb0f84c670fa0059b9d9c991d8200db1a492bcbebce563e57d6acabc09795a8ec1c9f5338869eb51bc9b5291c3260f78a7a631c3a4ca980ee7bb925463065232bfb4e069171515588e9a5ebb4e2eea620600648166bb3f6f60635be4846259e315a891f0dc09cc7a1f61590ffa74d993c676eda1d2fb90f0a70ca06a0e71857cc82456e1d189558afb2e2f7c3f02c1d5a1ada0b022feba8aae260b3fdbe6d232596bb1f10e4683a5db960a11b258364a"})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, 0x0, 0x0)
userfaultfd(0x1)

2.505295353s ago: executing program 1 (id=799):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0xf)
accept(r4, &(0x7f0000000380)=@caif=@dbg, &(0x7f0000000040)=0x80)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)

2.207129163s ago: executing program 2 (id=800):
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000240)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000040))
unshare(0x20000400)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001880)=ANY=[@ANYBLOB="0a00000004000000fd0f", @ANYRES32, @ANYRES32=0x0, @ANYBLOB], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r3}, &(0x7f0000000280), &(0x7f0000000080)=r4}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00'}, 0x10)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r5, 0x400455c8, 0x0)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000040)={0x36, &(0x7f00000000c0)=[{0x7}, {0x3, 0x5, 0x2c, 0x4}, {0xfac3, 0x2, 0x4, 0x2}, {0x77cf, 0x7f, 0x1, 0x80000001}, {0x7, 0x11, 0xcf, 0x7}]})
write$bt_hci(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x6)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000e40)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x0, 0x18c, 0x203, 0x8000000, 0x19030000, 0x3f0, 0x2e0, 0x2e0, 0x3f0, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x300, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xe}, {}, {0x0, 0x0, 0x3}, {0x2}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {0x16}, {}, {}, {0x7}, {}, {0x0, 0x0, 0x0, 0x101}, {}, {}, {}, {}, {}, {}, {0xfffe}, {}, {}, {}, {0x0, 0xfd}, {}, {0x7a04}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {0xb84, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}]}}]}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz1\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd88, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

1.132053651s ago: executing program 3 (id=801):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x9}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='dctcp\x00', 0x6)
sendto$inet6(r0, &(0x7f00000000c0)="04", 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='scalable\x00', 0x9)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
timerfd_create(0x0, 0x0)
shutdown(r0, 0x1)

982.629041ms ago: executing program 3 (id=802):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x10000, &(0x7f0000000180)=ANY=[@ANYBLOB="73686f72746e616d653d6c6f7765722c696f636861727365743d69736f383835392d312c646d61736b3d30303030303030303030303030303030303030303033332c757466383d302c756e695f786c6174653d312c646d61736b3d30303030303030303030303030303030303337363334302c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c696f636861727365743d63703835352c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030312c757466383d302c757466383d302c757466383d302c73686f77657865632c757466383d312c6572726f72733d72656d6f756e742d726f2c6572726f72733d636f6e74696e75652c00a38995e5a91dfe67f441d57148f407b13d9bed804a57ec446ce22203cd3935c8f37536625d0f08c3f337dd636f0f493c9bf7d2e82fc0cadd34e4aea09f3f8b71f818b2713817546e50c9698385719df30f9d463630888b40fd20f83edc2fd9944a7f6a59e0a97244154f81"], 0x6, 0x2dc, &(0x7f0000000700)="$eJzs3b9rJFUcAPDvJJvZUYtNYSWCA1pYHZdrbTbIBcRUHinUQoN3B5JdhAQCp+J6la2NhYV/gSD4h9j4FyjYCnaecPhkZmf2x93u3kazEb3Pp7k3732/731n7rE7KfLy/ovDk9tl3L3/6c9RFFls9aMfD7LYja1ofR5z+l8GAPBf9iCl+C2llDqLx9OSvCwiik0WBgBszOT7P6VlX/URMfNy8P2VlAUAbNCtt995c//w8OZbZVnEwfCL86PqJ/vq3/H4/t34MAZxJ65HLx5G1C8KO1G/LVTNg5TSqFNWduOV4ej8qMocvvdDM//+rxF1/l70Yrfumrxt1PlvHN7cK8dm8kdVHc826/er/BvRi+cnyXP5Nxbkx1Eer748U/+16MWPH8RHMYjbdRHT/M/2yvL19NXvn7xblVflZ6Pzo24dN5W2r/i/BgAAAAAAAAAAAAAAAAAAAACA/7Frzdk53ajP76m6mvN3th9WFztRtnbnz+cZ52ftRLPnA6WURim+ac/XuV6WZWoCp/mdeKETS04dBgAAAAAAAAAAAAAAAAAAgKfL2b2UjgeDO6dn9z4++ceN9jSATkT8cSvi787Tn+l5KVYHd5s1jweDraY5H9OZ7YntNiaLWFlGdROX9Fie1HjmsZrrRpx++90FJ/yzeHLMzqK1LrOxPdldJ8fZ4mfYjbanaDbJ13nENCaPNdfKlw2lWHP71RXmC4d6F773/Lm6MVoRE9mqwl77Zfzkmp7s0bvI66e6MH2n3TYRcfDTeJq5mGKt/RzFePXHPyuy6Wkd+aV/EAEAAAAAAAAAAAAAAAAAADH97d8Fg/cfuc6y2aut1N1sbQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwVaZ///8CjVGTvEZwHqdn//ItAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8BT4KwAA//8MAFf2")

968.017091ms ago: executing program 3 (id=803):
syz_open_dev$tty1(0xc, 0x4, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_PUBL_GET(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="18000000", @ANYRES16=r4, @ANYBLOB="130f000000000000f6ff06"], 0x18}}, 0x0)

830.039551ms ago: executing program 2 (id=804):
connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
ioctl$TIOCL_SETSEL(r1, 0x4b68, 0x0)
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000001900)={0x2, {0xe, 0x300, 0x0, 0x101}})

827.657351ms ago: executing program 1 (id=805):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000580)=ANY=[@ANYBLOB="12010000459bb2405804035000000000000109021b000111000000090400000195699b0009058b"], 0x0)

774.29437ms ago: executing program 2 (id=806):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x5, 0xf300, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
syz_mount_image$ext4(&(0x7f00000006c0)='ext4\x00', &(0x7f0000000640)='./file2\x00', 0x3800010, &(0x7f0000000100), 0x3f, 0x540, &(0x7f00000020c0)="$eJzs3d9rZFcdAPDvvclks7upk6pILViLrewW3ZlNY9sgovVFnwpqfV9jMhvCzmSWzKRuQrEp/Q9EUPDJJ18E/wBB+uAfIIWCvogPoqKIbhURqr3l3rlDt/MjCd3JTDf5fODunHN/fc+5Q86ce+/ZewM4tx6PiOcjYi4inoqIajk/Lacbeeawt95bd1/eyKcksuzFfySRlPP6+8rz8xFxubdJLEbEt74e8d1kOG5n/+DWerPZ2C3z9W7rdr2zf3Btu7W+1dhq7Kyurjy79tzaM2vXs9J91XO5n/jZ1778q89/7483/nb1+3mxvvSJqMRAPSapV/VKcSz68mO0exrBZmCurE9l1gUBAOBE8j7+RyPiM0X/vxpzRW9uwNwsSgYAAABMSvaVpfhfEpEBAAAAZ1YaEUuRpLVyLMBSpOlCeW3g43EpbbY73c/dbO/tbObLIpajkt7cbjaul2OFl6OS5PmVcoxtP//0QH41Ih6OiB9WLxb52ka7uTnjax8AAABwXlweOP//dzUt0scr/p9AetrlAwAAACZkeWwGAAAAOCuc8gMAAMDZN3j+73n/AAAAcKZ844UX8inrv/9686X9vVvtl65tNjq3aq29jdpGe/d2bavd3iqe2dc6bn/Ndvv2F2Jn70692+h06539gxut9t5O98b2+16BDQAAAEzRw59+/XdJRBx+8WIxhYf6AaP8edYFACbpPof66SrAA2x+1gUAZqYy6wIAM5ccs9zgHQAAePBd+eTw/f/++/9dG4CzzQ08ADh/3P+H86syOALwP7MqCTBt8+U1gI/0shfGrTf2/v9vThopyyLeqN47x/VFAACYrqViStJaeR6wFGlaq0U8FJEuRyW5ud1sXC/PD35brVzI8yvFlsmxY4YBAAAAAAAAAAAAAAAAAAAAAAAAgJ4sSyIDAAAAzrSI9K/J21E8y/9K9cmlwesDC8l/q/GXMvOTF390Z73b3V3J5/+zeJfXQkR0f1zOf3rs68MAAACASUsOxy7qnaeXnytTLRUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA58Bbd1/e6E/TjPv3r0bE8qj487FYfC5GJSIu/SuJ+Xu2SyJibgLxD1+NiEdGxU/inSx7JcpSjIp/8ZTjLxeHZnT8NCIuTyA+nGev5+3P86P+/tJ4vPgc/fc3X073a3z7l5aRH4nqmPbnoaG9tUbGePTNX9R7qcpw/FcjHp0f3f70299kTPwnhvb2dpZlw/G/8+2Dg3H1z34acWXk70/yvlj1but2vbN/cG27tb7V2GrsrK6uPLv23Noza9frN7ebjfLfkTF+8KlfvjMufl7/SyPi/+H3vfb3qPo/OXKPw79K/3/zzt2P9ZJDX0Ae/+oTI39/F2NM/LSM8tkynS+/0k8f9tL3euznbzx2VP03xxz/477/q+N2OuCpb772pxOuCgBMQWf/4NZ6s9nYPSKxeIJ1jkjk/Yj72Px0EpVo7P56cebF+ACJ7JXeN/dhKc8HTeS91ffm9Gv1ISjYPYlsKrEuFP35k261MNnoAy3Aa2W7sN48SeuxcFrNEgAAcAre6/3PuiQAAAAAAAAAAAAAAAAAAABwfk3jUWqDMQ9nU1UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCO9GwAA///rlNhr")
r2 = open(&(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$EXT4_IOC_GROUP_ADD(r2, 0xc0185879, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_ADDRFORM(r6, 0x29, 0x1, 0x0, 0x0)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c)
sendto$inet6(r6, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r6, 0x0, 0x0, 0x1, 0x0, 0x0)
splice(r6, 0x0, r5, 0x0, 0x406f413, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x17, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x8000000004)
chmod(0x0, 0x9c32f69e6caa24ef)

717.81176ms ago: executing program 0 (id=807):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
syz_open_procfs(r0, &(0x7f00000001c0)='limits\x00')
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0x0, 0xf}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x5, 0x1, 0x8005, 0x401}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x0)

98.12123ms ago: executing program 2 (id=808):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
symlinkat(&(0x7f0000000140)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', r0, &(0x7f0000000000)='./file0\x00')
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='./bus\x00')
open(&(0x7f00000003c0)='./bus\x00', 0x2282, 0x80)

42.64006ms ago: executing program 2 (id=809):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6(0xa, 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0)
syz_extract_tcp_res$synack(0x0, 0x1, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@remote, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in6=@mcast2, 0x0, 0x2b}, 0x0, @in=@empty}}, 0xe8)
r1 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
close(0xffffffffffffffff)
r2 = socket$netlink(0x10, 0x3, 0x6)
writev(r2, &(0x7f00000001c0)=[{&(0x7f0000000000)="480000001500190a20ffff7fffffff5602113e850e1de0974881030491720000de213ee23ffbf510040041feff5aff2b0000000000000700"/68, 0x44}, {&(0x7f0000000080)="c1130389", 0x4}], 0x2)

40.632789ms ago: executing program 2 (id=810):
r0 = socket(0x8000000010, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="18000000160001"], 0x78}}, 0x0)
write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x13}}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}})

31.510519ms ago: executing program 3 (id=811):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x4}, 0x6)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_aout(r1, &(0x7f00000008c0)=ANY=[], 0x5b)
sendfile(r0, r1, &(0x7f0000000000)=0x3, 0x5)

0s ago: executing program 3 (id=812):
r0 = syz_usb_connect(0x2, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000062d14406d0470084761000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000840)={0x44, &(0x7f0000000600)={0x40, 0x16}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

kernel console output (not intermixed with test programs):

 T24] audit: type=1326 audit(1737498633.909:1256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1686 comm="syz.2.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bb8eed29 code=0x7ffc0000
[   98.048438][ T1689] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[   98.086369][   T24] audit: type=1326 audit(1737498633.909:1257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1686 comm="syz.2.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bb8eed29 code=0x7ffc0000
[   98.109615][  T305] usb 1-1: Using ep0 maxpacket: 32
[   98.114632][   T24] audit: type=1326 audit(1737498633.909:1258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1686 comm="syz.2.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f73bb8eed29 code=0x7ffc0000
[   98.137855][   T24] audit: type=1326 audit(1737498633.909:1259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1686 comm="syz.2.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bb8eed29 code=0x7ffc0000
[   98.235985][  T305] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   98.420184][  T305] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 1024
[   98.430134][  T305] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[   98.457445][  T385] holtek_mouse 0003:04D9:A067.0008: item fetching failed at offset 2/5
[   98.466325][  T385] holtek_mouse 0003:04D9:A067.0008: hid parse failed: -22
[   98.473620][  T385] holtek_mouse: probe of 0003:04D9:A067.0008 failed with error -22
[   98.516068][  T305] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   98.527013][  T305] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   98.538080][  T305] usb 1-1: SerialNumber: syz
[   98.565973][ T1666] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[   98.626410][  T305] cdc_acm 1-1:1.0: Control and data interfaces are not separated!
[   98.634903][  T305] cdc_acm 1-1:1.0: ttyACM0: USB ACM device
[   98.729571][ T1644] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   98.737405][ T1644] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[   98.745296][ T1644] System zones: 0-1, 15-15, 18-18, 34-34
[   98.750962][ T1644] EXT4-fs (loop3): orphan cleanup on readonly fs
[   98.757472][ T1644] EXT4-fs warning (device loop3): ext4_enable_quotas:6467: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   98.771819][ T1644] EXT4-fs (loop3): Cannot turn on quotas: error -22
[   98.778468][ T1644] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.339: bg 0: block 40: padding at end of block bitmap is not set
[   98.792767][ T1644] EXT4-fs error (device loop3) in ext4_mb_clear_bb:5645: Corrupt filesystem
[   98.801510][ T1644] EXT4-fs (loop3): 1 truncate cleaned up
[   98.807018][ T1644] EXT4-fs (loop3): mounted filesystem without journal. Opts: nojournal_checksum,data=writeback,,errors=continue
[   98.837928][  T305] usb 1-1: USB disconnect, device number 12
[   98.908115][  T329] usb 4-1: USB disconnect, device number 9
[   99.866931][ T1730] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[   99.966961][ T1727] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  100.799872][ T1738] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[  100.814948][ T1738] ext4 filesystem being mounted at /61/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  100.890578][ T1738] EXT4-fs error (device loop1): ext4_map_blocks:629: inode #2: block 18: comm syz.1.362: lblock 23 mapped to illegal pblock 18 (length 1)
[  100.909253][ T1752] EXT4-fs error (device loop1): ext4_map_blocks:629: inode #2: block 18: comm syz.1.362: lblock 23 mapped to illegal pblock 18 (length 1)
[  100.920168][ T1751] netlink: 'syz.0.365': attribute type 1 has an invalid length.
[  100.931675][ T1752] EXT4-fs error (device loop1): ext4_map_blocks:629: inode #2: block 18: comm syz.1.362: lblock 23 mapped to illegal pblock 18 (length 1)
[  101.037123][ T1754] EXT4-fs error (device loop1): ext4_map_blocks:629: inode #2: block 18: comm syz.1.362: lblock 23 mapped to illegal pblock 18 (length 1)
[  101.182493][ T1757] netlink: 44 bytes leftover after parsing attributes in process `syz.2.367'.
[  101.216042][ T1758] EXT4-fs error (device loop1): ext4_map_blocks:629: inode #2: block 18: comm syz.1.362: lblock 23 mapped to illegal pblock 18 (length 1)
[  101.326478][  T387] print_req_error: 71 callbacks suppressed
[  101.326495][  T387] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  101.347191][  T444] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  101.351279][  T387] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  101.359875][  T444] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  101.371594][  T308] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  101.381009][  T444] buffer_io_error: 68 callbacks suppressed
[  101.381019][  T444] Buffer I/O error on dev loop3p3, logical block 8, async page read
[  101.405608][  T387] Buffer I/O error on dev loop3p2, logical block 8, async page read
[  101.405923][  T444] blk_update_request: I/O error, dev loop3, sector 209 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  101.414123][  T308] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  101.424716][  T387] blk_update_request: I/O error, dev loop3, sector 609 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  101.435396][  T308] Buffer I/O error on dev loop3p7, logical block 8, async page read
[  101.446428][  T444] Buffer I/O error on dev loop3p3, logical block 9, async page read
[  101.454715][  T308] blk_update_request: I/O error, dev loop3, sector 409 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  101.462149][  T444] blk_update_request: I/O error, dev loop3, sector 210 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  101.485248][  T387] Buffer I/O error on dev loop3p2, logical block 9, async page read
[  101.494243][  T387] Buffer I/O error on dev loop3p2, logical block 10, async page read
[  101.503096][  T444] Buffer I/O error on dev loop3p3, logical block 10, async page read
[  101.617199][  T387] Buffer I/O error on dev loop3p2, logical block 11, async page read
[  101.625704][  T444] Buffer I/O error on dev loop3p3, logical block 11, async page read
[  101.635531][  T387] Buffer I/O error on dev loop3p2, logical block 12, async page read
[  101.915941][   T15] usb 2-1: new full-speed USB device number 10 using dummy_hcd
[  102.221802][ T1788] F2FS-fs (loop0): Invalid log blocks per segment (4278190089)
[  102.235075][ T1788] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  102.244077][ T1788] F2FS-fs (loop0): invalid crc value
[  102.250778][ T1788] F2FS-fs (loop0): Found nat_bits in checkpoint
[  102.476932][   T15] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  102.483205][ T1788] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  102.487760][   T15] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  102.501738][ T1788] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  102.504149][   T15] usb 2-1: config 0 interface 0 has no altsetting 0
[  102.524191][   T15] usb 2-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00
[  102.535538][   T15] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  102.545231][   T15] usb 2-1: config 0 descriptor??
[  103.638799][   T15] usbhid 2-1:0.0: can't add hid device: -71
[  103.644912][   T15] usbhid: probe of 2-1:0.0 failed with error -71
[  103.687780][   T15] usb 2-1: USB disconnect, device number 10
[  104.056526][   T24] kauditd_printk_skb: 73 callbacks suppressed
[  104.056539][   T24] audit: type=1326 audit(1737498640.149:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1813 comm="syz.2.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bb8eed29 code=0x7ffc0000
[  104.086004][   T24] audit: type=1326 audit(1737498640.149:1333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1813 comm="syz.2.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bb8eed29 code=0x7ffc0000
[  104.112040][   T24] audit: type=1326 audit(1737498640.149:1334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1813 comm="syz.2.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73bb8eed29 code=0x7ffc0000
[  104.135501][   T24] audit: type=1326 audit(1737498640.149:1335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1813 comm="syz.2.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bb8eed29 code=0x7ffc0000
[  104.163214][   T24] audit: type=1326 audit(1737498640.149:1336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1813 comm="syz.2.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bb8eed29 code=0x7ffc0000
[  104.189382][   T24] audit: type=1326 audit(1737498640.149:1337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1813 comm="syz.2.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73bb8eed29 code=0x7ffc0000
[  104.213021][   T24] audit: type=1326 audit(1737498640.149:1338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1813 comm="syz.2.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bb8eed29 code=0x7ffc0000
[  104.236484][   T24] audit: type=1326 audit(1737498640.149:1339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1813 comm="syz.2.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bb8eed29 code=0x7ffc0000
[  104.260807][   T24] audit: type=1326 audit(1737498640.149:1340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1813 comm="syz.2.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73bb8eed29 code=0x7ffc0000
[  104.284388][   T24] audit: type=1326 audit(1737498640.149:1341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1813 comm="syz.2.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bb8eed29 code=0x7ffc0000
[  104.504175][ T1822] FAULT_INJECTION: forcing a failure.
[  104.504175][ T1822] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  104.517270][ T1822] CPU: 1 PID: 1822 Comm: syz.3.381 Not tainted 5.10.233-syzkaller-00881-gfbe98d68b6b3 #0
[  104.526822][ T1822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  104.536723][ T1822] Call Trace:
[  104.539849][ T1822]  dump_stack_lvl+0x1e2/0x24b
[  104.544357][ T1822]  ? bfq_pos_tree_add_move+0x43b/0x43b
[  104.549651][ T1822]  dump_stack+0x15/0x17
[  104.553645][ T1822]  should_fail+0x3c6/0x510
[  104.557896][ T1822]  should_fail_alloc_page+0x52/0x60
[  104.562927][ T1822]  __alloc_pages_nodemask+0x1b3/0xaf0
[  104.568139][ T1822]  ? _raw_spin_unlock_irqrestore+0x5b/0x80
[  104.573780][ T1822]  ? gfp_pfmemalloc_allowed+0x120/0x120
[  104.579162][ T1822]  ? __schedule+0xcc9/0x1330
[  104.583592][ T1822]  shmem_alloc_page+0x257/0x420
[  104.588274][ T1822]  ? put_page+0xd0/0xd0
[  104.592267][ T1822]  ? preempt_schedule_irq+0xe7/0x140
[  104.597397][ T1822]  shmem_alloc_and_acct_page+0x395/0x8e0
[  104.602858][ T1822]  ? shmem_swapin_page+0x1950/0x1950
[  104.607981][ T1822]  ? __kasan_check_read+0x11/0x20
[  104.612836][ T1822]  ? preempt_schedule_irq+0xe7/0x140
[  104.617957][ T1822]  ? preempt_schedule_notrace+0x140/0x140
[  104.623511][ T1822]  ? find_get_entry+0x44c/0x4c0
[  104.628200][ T1822]  ? irqentry_exit+0x4f/0x60
[  104.632626][ T1822]  ? sysvec_reschedule_ipi+0x83/0x160
[  104.637833][ T1822]  ? asm_sysvec_reschedule_ipi+0x12/0x20
[  104.643305][ T1822]  shmem_getpage_gfp+0x891/0x2480
[  104.648159][ T1822]  ? __balance_callback+0x75/0xe0
[  104.653022][ T1822]  ? irqentry_exit+0x4f/0x60
[  104.657452][ T1822]  ? shmem_getpage+0xa0/0xa0
[  104.661874][ T1822]  ? __kasan_check_write+0x14/0x20
[  104.666825][ T1822]  shmem_write_begin+0xca/0x1b0
[  104.671510][ T1822]  generic_perform_write+0x2cd/0x570
[  104.676633][ T1822]  ? grab_cache_page_write_begin+0xa0/0xa0
[  104.682273][ T1822]  ? file_remove_privs+0x570/0x570
[  104.687217][ T1822]  ? __schedule+0xcc9/0x1330
[  104.691644][ T1822]  ? __kasan_check_write+0x14/0x20
[  104.696593][ T1822]  __generic_file_write_iter+0x23c/0x560
[  104.702059][ T1822]  ? generic_write_checks+0x3b9/0x470
[  104.707272][ T1822]  generic_file_write_iter+0xaf/0x1c0
[  104.712481][ T1822]  do_iter_readv_writev+0x58e/0x790
[  104.717510][ T1822]  ? avc_policy_seqno+0x1b/0x70
[  104.722196][ T1822]  ? generic_file_rw_checks+0x270/0x270
[  104.727579][ T1822]  ? fsnotify_perm+0x67/0x4e0
[  104.732091][ T1822]  ? security_file_permission+0x86/0xb0
[  104.737470][ T1822]  ? rw_verify_area+0x1c3/0x360
[  104.742155][ T1822]  do_iter_write+0x183/0x640
[  104.746585][ T1822]  ? __kasan_check_read+0x11/0x20
[  104.751442][ T1822]  ? splice_from_pipe_next+0x5e9/0x640
[  104.756741][ T1822]  vfs_iter_write+0x7c/0xa0
[  104.761075][ T1822]  iter_file_splice_write+0x7f8/0xf90
[  104.766285][ T1822]  ? splice_from_pipe+0x230/0x230
[  104.771143][ T1822]  ? generic_file_splice_read+0x547/0x780
[  104.776698][ T1822]  ? splice_shrink_spd+0xb0/0xb0
[  104.781471][ T1822]  ? sysvec_reschedule_ipi+0x83/0x160
[  104.786679][ T1822]  ? splice_from_pipe+0x230/0x230
[  104.791541][ T1822]  direct_splice_actor+0xff/0x130
[  104.796401][ T1822]  splice_direct_to_actor+0x4d1/0xba0
[  104.801611][ T1822]  ? do_splice_direct+0x3c0/0x3c0
[  104.806470][ T1822]  ? pipe_to_sendpage+0x340/0x340
[  104.811334][ T1822]  ? security_file_permission+0x86/0xb0
[  104.816711][ T1822]  ? rw_verify_area+0x1c3/0x360
[  104.821398][ T1822]  do_splice_direct+0x27f/0x3c0
[  104.826086][ T1822]  ? do_splice_to+0x170/0x170
[  104.830602][ T1822]  ? do_sendfile+0x8c0/0x10e0
[  104.835113][ T1822]  do_sendfile+0x8f4/0x10e0
[  104.839454][ T1822]  ? do_preadv+0x350/0x350
[  104.843706][ T1822]  __x64_sys_sendfile64+0x1ce/0x230
[  104.848743][ T1822]  ? __ia32_sys_sendfile+0x240/0x240
[  104.853860][ T1822]  ? __kasan_check_read+0x11/0x20
[  104.858725][ T1822]  do_syscall_64+0x34/0x70
[  104.862975][ T1822]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  104.868705][ T1822] RIP: 0033:0x7fdfc7472d29
[  104.872952][ T1822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.892485][ T1822] RSP: 002b:00007fdfc5aa2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  104.900724][ T1822] RAX: ffffffffffffffda RBX: 00007fdfc7663160 RCX: 00007fdfc7472d29
[  104.908533][ T1822] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000006
[  104.916347][ T1822] RBP: 00007fdfc5aa2090 R08: 0000000000000000 R09: 0000000000000000
[  104.924158][ T1822] R10: 4000000000010046 R11: 0000000000000246 R12: 0000000000000001
[  104.931971][ T1822] R13: 0000000000000000 R14: 00007fdfc7663160 R15: 00007ffd12086088
[  105.319859][ T1835] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  105.337327][ T1835] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  105.360876][ T1835] EXT4-fs: failed to create workqueue
[  105.399461][ T1835] EXT4-fs (loop1): mount failed
[  105.492468][ T1841] F2FS-fs (loop0): Invalid log blocks per segment (4278190089)
[  105.615962][ T1841] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  105.626147][  T385] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  105.634354][ T1841] F2FS-fs (loop0): invalid crc value
[  105.721821][ T1841] F2FS-fs (loop0): Found nat_bits in checkpoint
[  105.758880][ T1841] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  105.827300][ T1841] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  106.045951][  T385] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  106.111853][  T385] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 37, changing to 9
[  106.123002][  T385] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 16538, setting to 1024
[  106.145912][  T385] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  106.255977][  T385] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  106.276187][  T385] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  106.288151][  T385] usb 4-1: Manufacturer: syz
[  106.432995][  T385] usb 4-1: config 0 descriptor??
[  106.782291][  T384] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  106.867028][ T1885] FAULT_INJECTION: forcing a failure.
[  106.867028][ T1885] name failslab, interval 1, probability 0, space 0, times 0
[  106.879469][ T1885] CPU: 1 PID: 1885 Comm: syz.1.397 Not tainted 5.10.233-syzkaller-00881-gfbe98d68b6b3 #0
[  106.889069][ T1885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  106.898951][ T1885] Call Trace:
[  106.902098][ T1885]  dump_stack_lvl+0x1e2/0x24b
[  106.906599][ T1885]  ? bfq_pos_tree_add_move+0x43b/0x43b
[  106.911893][ T1885]  dump_stack+0x15/0x17
[  106.915883][ T1885]  should_fail+0x3c6/0x510
[  106.920141][ T1885]  ? fdb_create+0x37/0xcf0
[  106.924402][ T1885]  __should_failslab+0xa4/0xe0
[  106.928990][ T1885]  should_failslab+0x9/0x20
[  106.933330][ T1885]  kmem_cache_alloc+0x3d/0x2e0
[  106.937928][ T1885]  fdb_create+0x37/0xcf0
[  106.942008][ T1885]  ? br_fdb_find_rcu+0x30/0x30
[  106.946614][ T1885]  fdb_insert+0x142/0x270
[  106.950782][ T1885]  br_fdb_changeaddr+0x18f/0x1c0
[  106.955549][ T1885]  br_device_event+0x3c6/0x7c0
[  106.960150][ T1885]  ? br_boolopt_multi_get+0xc0/0xc0
[  106.965184][ T1885]  ? packet_notifier+0x8af/0x8c0
[  106.970393][ T1885]  ? ipv6_mc_netdev_event+0x91/0x2f0
[  106.975531][ T1885]  raw_notifier_call_chain+0x8c/0xf0
[  106.980634][ T1885]  dev_set_mac_address+0x325/0x470
[  106.985580][ T1885]  ? dev_pre_changeaddr_notify+0x220/0x220
[  106.991222][ T1885]  dev_set_mac_address_user+0x31/0x50
[  106.996425][ T1885]  dev_ifsioc+0x657/0xae0
[  107.000593][ T1885]  ? dev_ioctl+0xb40/0xb40
[  107.004845][ T1885]  ? dev_get_by_name_rcu+0xc5/0xf0
[  107.009792][ T1885]  dev_ioctl+0x526/0xb40
[  107.013877][ T1885]  sock_do_ioctl+0x295/0x3a0
[  107.018301][ T1885]  ? sock_show_fdinfo+0xa0/0xa0
[  107.022981][ T1885]  ? kernel_write+0x3d0/0x3d0
[  107.027502][ T1885]  ? selinux_file_ioctl+0x3cc/0x540
[  107.032534][ T1885]  sock_ioctl+0x4a6/0x760
[  107.036696][ T1885]  ? sock_poll+0x340/0x340
[  107.040956][ T1885]  ? security_file_ioctl+0x84/0xb0
[  107.045985][ T1885]  ? sock_poll+0x340/0x340
[  107.050237][ T1885]  __se_sys_ioctl+0x114/0x190
[  107.054760][ T1885]  __x64_sys_ioctl+0x7b/0x90
[  107.059182][ T1885]  do_syscall_64+0x34/0x70
[  107.063428][ T1885]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  107.069155][ T1885] RIP: 0033:0x7f62efaced29
[  107.073404][ T1885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.092856][ T1885] RSP: 002b:00007f62ee140038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  107.101097][ T1885] RAX: ffffffffffffffda RBX: 00007f62efcbefa0 RCX: 00007f62efaced29
[  107.108905][ T1885] RDX: 0000000020000000 RSI: 0000000000008924 RDI: 000000000000000a
[  107.116715][ T1885] RBP: 00007f62ee140090 R08: 0000000000000000 R09: 0000000000000000
[  107.124526][ T1885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  107.132375][ T1885] R13: 0000000000000000 R14: 00007f62efcbefa0 R15: 00007ffd566d04d8
[  107.156709][  T385] appleir 0003:05AC:8243.0009: unknown main item tag 0x0
[  107.166203][  T385] appleir 0003:05AC:8243.0009: No inputs registered, leaving
[  107.223250][  T385] appleir 0003:05AC:8243.0009: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[  107.265923][  T384] usb 1-1: Using ep0 maxpacket: 32
[  107.425990][  T307] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  108.957895][ T1832] FAT-fs (loop3): Unrecognized mount option "iochaf“et=ascii" or missing value
[  109.006002][  T307] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11
[  109.025934][  T307] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024
[  109.045939][  T307] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  109.075140][  T307] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.098636][ T1905] usb 4-1: USB disconnect, device number 10
[  109.116034][ T1890] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[  109.141417][  T308] print_req_error: 71 callbacks suppressed
[  109.141433][  T308] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  109.159724][  T445] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  109.173604][  T387] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  109.195267][  T445] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  109.216056][  T387] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  109.227276][  T308] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  109.238373][  T445] buffer_io_error: 62 callbacks suppressed
[  109.238383][  T445] Buffer I/O error on dev loop3p7, logical block 8, async page read
[  109.255899][  T387] Buffer I/O error on dev loop3p2, logical block 8, async page read
[  109.266150][  T308] Buffer I/O error on dev loop3p3, logical block 8, async page read
[  109.267764][  T384] usb 1-1: New USB device found, idVendor=0458, idProduct=706e, bcdDevice=35.64
[  109.283237][  T384] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.284552][  T387] blk_update_request: I/O error, dev loop3, sector 609 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  109.291992][  T445] blk_update_request: I/O error, dev loop3, sector 409 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  109.312934][  T308] blk_update_request: I/O error, dev loop3, sector 209 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  109.313105][  T384] usb 1-1: config 0 descriptor??
[  109.330722][  T445] Buffer I/O error on dev loop3p7, logical block 9, async page read
[  109.338616][  T445] blk_update_request: I/O error, dev loop3, sector 410 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  109.345582][  T308] Buffer I/O error on dev loop3p3, logical block 9, async page read
[  109.349389][  T445] Buffer I/O error on dev loop3p7, logical block 10, async page read
[  109.349435][  T445] Buffer I/O error on dev loop3p7, logical block 11, async page read
[  109.349457][  T445] Buffer I/O error on dev loop3p7, logical block 12, async page read
[  109.357754][  T387] Buffer I/O error on dev loop3p2, logical block 9, async page read
[  109.365110][  T445] Buffer I/O error on dev loop3p7, logical block 13, async page read
[  109.484687][  T385] usb 1-1: USB disconnect, device number 13
[  109.496134][   T24] kauditd_printk_skb: 37 callbacks suppressed
[  109.496144][   T24] audit: type=1400 audit(1737498645.589:1379): avc:  denied  { mounton } for  pid=1919 comm="syz.4.407" path="/68/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  109.524263][   T24] audit: type=1400 audit(1737498645.589:1380): avc:  denied  { remount } for  pid=1919 comm="syz.4.407" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  109.555122][   T24] audit: type=1326 audit(1737498645.639:1381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1924 comm="syz.4.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c56864d29 code=0x7ffc0000
[  109.580657][   T24] audit: type=1326 audit(1737498645.639:1382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1924 comm="syz.4.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7c56864d29 code=0x7ffc0000
[  109.639895][   T24] audit: type=1326 audit(1737498645.639:1383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1924 comm="syz.4.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c56864d29 code=0x7ffc0000
[  109.689724][   T24] audit: type=1326 audit(1737498645.639:1384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1924 comm="syz.4.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f7c56864d29 code=0x7ffc0000
[  109.736402][   T24] audit: type=1326 audit(1737498645.639:1385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1924 comm="syz.4.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c56864d29 code=0x7ffc0000
[  109.784136][   T24] audit: type=1326 audit(1737498645.639:1386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1924 comm="syz.4.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7c56864d29 code=0x7ffc0000
[  109.865913][   T24] audit: type=1326 audit(1737498645.639:1387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1924 comm="syz.4.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c56864d29 code=0x7ffc0000
[  109.928910][   T24] audit: type=1326 audit(1737498645.639:1388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1924 comm="syz.4.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7c56864d29 code=0x7ffc0000
[  110.276477][  T307] aiptek 2-1:17.0: Aiptek using 400 ms programming speed
[  110.322123][  T307] input: Aiptek as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:17.0/input/input8
[  110.490314][  T307] usb 2-1: USB disconnect, device number 11
[  110.505917][    C0] aiptek 2-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[  110.898159][ T1966] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  110.942987][ T1966] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  111.065556][ T1966] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  111.655930][  T385] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  111.895927][  T385] usb 4-1: Using ep0 maxpacket: 32
[  111.917663][   T25] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  111.928570][ T1998] fuse: Bad value for 'group_id'
[  112.064805][ T2006] SELinux:  Context system_u:object_r:event_device_t:s0 is not valid (left unmapped).
[  112.136017][  T385] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  112.147020][  T385] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  112.156229][  T385] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  112.202421][ T2011] netlink: 4 bytes leftover after parsing attributes in process `syz.1.434'.
[  112.216087][ T2011] netlink: 12 bytes leftover after parsing attributes in process `syz.1.434'.
[  112.229656][ T2011] netlink: 8 bytes leftover after parsing attributes in process `syz.1.434'.
[  112.356628][   T25] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11
[  112.367864][  T385] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  112.376831][  T385] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  112.384811][   T25] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024
[  112.406346][  T385] usb 4-1: Product: ﰄ츼짖孀�ꠀ忕埘鞓䫖���Ꜭ⛃墽軒�ک碶㣚幗潤Ꜣ딉飨澿�ः诂ẑ〲簻罼脚�㙯䳀魢뤕걋›ૅ▇ᚷ�ۻ説糦ᗩ툃鲓Ზ煲雋ﮚ䪫ꙇ㹀��ҷ煤馀Ҡ�뒄愌៟க䷂ꬎ쥪⢀唺⌣䕷㦳냃剕㖑�룦얡椨帮퓄䥋઄ķꗣ�樼꺿㒤熶칯ꗾ侘᰽ᱞ育�䋼円웣�
[  112.439955][   T25] usb 5-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  112.449068][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.457503][  T385] usb 4-1: Manufacturer: Й
[  112.462595][  T385] usb 4-1: SerialNumber: ⻗죥输㹥嬡䞣巓⸪ᾴ�먳ⴇꅦ�䮻鸉骴堿洊ᣘ�剒㹾᭔j冴繓ꃇ㑇䫜晇ꆀ�㷾밦걌蘅ؓ줺��敚懠䭶뫘Ꟍ鄢죢燶险ᔺ拉ü抧┵�庠ڈ��켆䩫ꢴ죶䳔켈᪩�㻋耳៹襼�伞㶩爈棆侵辀㮖䷓庩﯋ᰋ䟿�㵆
[  112.516187][ T1994] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  113.785957][   T25] aiptek 5-1:17.0: Aiptek using 400 ms programming speed
[  113.797652][   T25] input: Aiptek as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:17.0/input/input9
[  113.836362][   T25] usb 5-1: USB disconnect, device number 9
[  113.845912][    C1] aiptek 5-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[  114.117150][  T385] cdc_ncm 4-1:1.0: bind() failure
[  114.128527][  T385] usb 4-1: USB disconnect, device number 11
[  114.153765][  T387] print_req_error: 116 callbacks suppressed
[  114.153781][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  114.173053][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  114.187420][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  114.202115][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  114.213282][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  114.221545][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  114.224236][  T444] blk_update_request: I/O error, dev loop3, sector 409 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  114.276508][  T387] buffer_io_error: 103 callbacks suppressed
[  114.276574][  T387] Buffer I/O error on dev loop3p3, logical block 8, async page read
[  114.924445][ T1910] Buffer I/O error on dev loop3p2, logical block 8, async page read
[  115.003951][ T2058] F2FS-fs (loop3): invalid crc value
[  115.158240][ T2058] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  115.268272][ T2058] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  115.352877][  T444] Buffer I/O error on dev loop3p7, logical block 9, async page read
[  115.613980][ T2081] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.637540][ T2081] device pim6reg1 entered promiscuous mode
[  115.721262][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  115.721272][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  115.721335][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  115.757628][ T1910] Buffer I/O error on dev loop3p2, logical block 8, async page read
[  115.758734][  T444] Buffer I/O error on dev loop3p7, logical block 8, async page read
[  115.765751][ T1910] Buffer I/O error on dev loop3p2, logical block 9, async page read
[  115.781881][ T1910] Buffer I/O error on dev loop3p2, logical block 10, async page read
[  115.790090][ T1910] Buffer I/O error on dev loop3p2, logical block 11, async page read
[  115.798583][ T1910] Buffer I/O error on dev loop3p2, logical block 12, async page read
[  115.801423][  T444] Buffer I/O error on dev loop3p7, logical block 9, async page read
[  116.005291][   T24] kauditd_printk_skb: 39 callbacks suppressed
[  116.005303][   T24] audit: type=1326 audit(1737498652.089:1428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2091 comm="syz.1.460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  116.078787][   T24] audit: type=1326 audit(1737498652.109:1429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2091 comm="syz.1.460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  116.137985][   T24] audit: type=1326 audit(1737498652.129:1430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2091 comm="syz.1.460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  116.205760][   T24] audit: type=1326 audit(1737498652.129:1431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2091 comm="syz.1.460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  116.323522][   T24] audit: type=1326 audit(1737498652.129:1432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2091 comm="syz.1.460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  116.347329][   T24] audit: type=1326 audit(1737498652.129:1433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2091 comm="syz.1.460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  116.380282][   T24] audit: type=1326 audit(1737498652.129:1434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2091 comm="syz.1.460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  116.426391][   T24] audit: type=1326 audit(1737498652.129:1435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2091 comm="syz.1.460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  116.462646][   T24] audit: type=1326 audit(1737498652.129:1436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2091 comm="syz.1.460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  116.498818][   T24] audit: type=1326 audit(1737498652.129:1437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2091 comm="syz.1.460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  116.850385][ T2116] 9pnet: Insufficient options for proto=fd
[  117.163155][   T25] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  118.357622][ T2136] EXT4-fs (loop0): Test dummy encryption mode enabled
[  118.512471][   T25] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  118.523119][   T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  118.533942][   T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 16538, setting to 1024
[  118.545005][   T25] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  118.556214][ T2136] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,noblock_validity,noinit_itable,barrier=0x0000000000000005,max_batch_time=0x0000000000000004,data_err=abort,,errors=continue
[  118.645994][   T25] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  118.655241][   T25] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  118.664001][   T25] usb 4-1: Manufacturer: syz
[  118.669791][   T25] usb 4-1: config 0 descriptor??
[  119.207341][ T2151] syz.0.475[2151] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  119.207379][ T2151] syz.0.475[2151] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  119.225968][   T25] usbhid 4-1:0.0: can't add hid device: -71
[  119.242833][   T25] usbhid: probe of 4-1:0.0 failed with error -71
[  119.249863][   T25] usb 4-1: USB disconnect, device number 12
[  119.293799][ T2156] 9pnet: Insufficient options for proto=fd
[  119.474512][ T2161] netlink: 4 bytes leftover after parsing attributes in process `syz.2.476'.
[  119.487834][ T2161] netlink: 16 bytes leftover after parsing attributes in process `syz.2.476'.
[  119.505815][ T2161] netlink: 8 bytes leftover after parsing attributes in process `syz.2.476'.
[  119.692623][ T2164] EXT4-fs (loop4): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  119.788699][ T1910] print_req_error: 132 callbacks suppressed
[  119.788716][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  119.795952][ T1905] usb 2-1: new full-speed USB device number 12 using dummy_hcd
[  119.808191][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  119.832286][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  120.290644][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  120.426229][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  120.489132][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  120.519799][  T444] buffer_io_error: 113 callbacks suppressed
[  120.520569][  T444] Buffer I/O error on dev loop3p7, logical block 8, async page read
[  120.537178][  T444] blk_update_request: I/O error, dev loop3, sector 409 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  120.548287][  T444] Buffer I/O error on dev loop3p7, logical block 9, async page read
[  120.560846][  T444] blk_update_request: I/O error, dev loop3, sector 410 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  120.575937][  T444] Buffer I/O error on dev loop3p7, logical block 10, async page read
[  120.590506][  T444] blk_update_request: I/O error, dev loop3, sector 411 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  120.605673][  T444] Buffer I/O error on dev loop3p7, logical block 11, async page read
[  120.771648][  T444] blk_update_request: I/O error, dev loop3, sector 412 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  120.785955][   T15] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  120.800183][  T444] Buffer I/O error on dev loop3p7, logical block 12, async page read
[  120.858559][  T387] Buffer I/O error on dev loop3p3, logical block 8, async page read
[  120.872005][ T1910] Buffer I/O error on dev loop3p2, logical block 8, async page read
[  120.883469][  T444] Buffer I/O error on dev loop3p7, logical block 13, async page read
[  120.909746][ T1910] Buffer I/O error on dev loop3p2, logical block 9, async page read
[  120.910277][  T387] Buffer I/O error on dev loop3p3, logical block 9, async page read
[  121.006252][ T1905] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  121.033022][ T2173] F2FS-fs (loop4): invalid crc value
[  121.225034][ T1905] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  121.235076][   T15] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  121.298114][ T2173] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  121.339405][   T15] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  121.356006][ T2173] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  121.356015][ T1905] usb 2-1: config 0 interface 0 has no altsetting 0
[  121.356035][ T1905] usb 2-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00
[  121.785191][   T15] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 16538, setting to 1024
[  122.602853][   T15] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  122.625174][ T1905] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.660758][ T1905] usb 2-1: config 0 descriptor??
[  122.725597][ T2198] 9pnet: Insufficient options for proto=fd
[  122.725996][   T15] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  122.755944][   T15] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  122.766915][   T15] usb 4-1: Manufacturer: syz
[  122.775126][   T15] usb 4-1: config 0 descriptor??
[  122.806007][   T15] usb 4-1: can't set config #0, error -71
[  122.813673][   T15] usb 4-1: USB disconnect, device number 13
[  123.943437][ T2212] EXT4-fs (loop0): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  124.063052][ T1905] usbhid 2-1:0.0: can't add hid device: -71
[  124.073957][ T1905] usbhid: probe of 2-1:0.0 failed with error -71
[  124.093400][ T1905] usb 2-1: USB disconnect, device number 12
[  124.154928][ T2225] syz.4.493[2225] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  124.155160][ T2225] syz.4.493[2225] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.471464][   T24] kauditd_printk_skb: 13 callbacks suppressed
[  125.471477][   T24] audit: type=1326 audit(1737498661.559:1451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2234 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44b5029d29 code=0x7ffc0000
[  125.517505][   T24] audit: type=1326 audit(1737498661.609:1452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2234 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f44b5029d29 code=0x7ffc0000
[  125.540786][   T24] audit: type=1326 audit(1737498661.609:1453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2234 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44b5029d29 code=0x7ffc0000
[  125.563966][   T24] audit: type=1326 audit(1737498661.609:1454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2234 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44b5029d29 code=0x7ffc0000
[  125.587014][   T24] audit: type=1326 audit(1737498661.609:1455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2234 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f44b5029d29 code=0x7ffc0000
[  125.610102][   T24] audit: type=1326 audit(1737498661.609:1456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2234 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44b5029d29 code=0x7ffc0000
[  125.704724][   T24] audit: type=1326 audit(1737498661.609:1457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2234 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44b5029d29 code=0x7ffc0000
[  125.728429][   T24] audit: type=1326 audit(1737498661.609:1458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2234 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f44b5029d29 code=0x7ffc0000
[  125.752391][ T2232] EXT4-fs (loop4): Unrecognized mount option "hash" or missing value
[  125.760799][   T24] audit: type=1326 audit(1737498661.609:1459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2234 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44b5029d29 code=0x7ffc0000
[  125.780600][ T2219] F2FS-fs (loop1): Invalid log blocks per segment (4278190089)
[  125.784426][   T24] audit: type=1326 audit(1737498661.609:1460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2234 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44b5029d29 code=0x7ffc0000
[  125.805925][ T2219] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  126.061714][ T2219] F2FS-fs (loop1): invalid crc value
[  126.077721][ T2219] F2FS-fs (loop1): Found nat_bits in checkpoint
[  126.128619][ T2248] 9pnet: Insufficient options for proto=fd
[  126.227421][ T2253] 9pnet: Insufficient options for proto=fd
[  126.233374][ T2219] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  126.240570][ T2219] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  126.326339][ T1910] print_req_error: 44 callbacks suppressed
[  126.326354][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  126.347523][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  126.361500][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  126.389373][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  126.400861][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  126.406006][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  126.424656][  T387] buffer_io_error: 38 callbacks suppressed
[  126.424667][  T387] Buffer I/O error on dev loop3p3, logical block 8, async page read
[  126.438477][  T444] Buffer I/O error on dev loop3p7, logical block 8, async page read
[  126.447349][ T1910] Buffer I/O error on dev loop3p2, logical block 8, async page read
[  126.461403][  T444] blk_update_request: I/O error, dev loop3, sector 409 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  126.466560][ T1910] blk_update_request: I/O error, dev loop3, sector 609 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  126.485911][ T1905] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  126.488828][  T387] blk_update_request: I/O error, dev loop3, sector 209 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  126.510466][  T444] Buffer I/O error on dev loop3p7, logical block 9, async page read
[  126.522561][ T1910] Buffer I/O error on dev loop3p2, logical block 9, async page read
[  126.534715][  T444] blk_update_request: I/O error, dev loop3, sector 410 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  126.545981][  T387] Buffer I/O error on dev loop3p3, logical block 9, async page read
[  126.550897][ T1910] Buffer I/O error on dev loop3p2, logical block 10, async page read
[  126.553879][  T387] Buffer I/O error on dev loop3p3, logical block 10, async page read
[  126.570528][  T444] Buffer I/O error on dev loop3p7, logical block 10, async page read
[  126.579363][ T1910] Buffer I/O error on dev loop3p2, logical block 11, async page read
[  127.034401][ T2268] F2FS-fs (loop4): invalid crc value
[  127.086093][ T1905] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  127.160673][ T2268] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  127.285659][ T1905] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  127.317659][ T2268] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  127.530865][ T1905] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 16538, setting to 1024
[  127.615927][ T1905] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  127.756037][ T1905] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  127.765050][ T1905] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  127.789241][ T1905] usb 1-1: Manufacturer: syz
[  127.870578][ T1905] usb 1-1: config 0 descriptor??
[  128.046025][  T305] usb 4-1: new full-speed USB device number 14 using dummy_hcd
[  128.086467][ T2289] 9pnet: Insufficient options for proto=fd
[  128.416756][  T305] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  128.456061][ T1905] usbhid 1-1:0.0: can't add hid device: -71
[  128.464234][ T1905] usbhid: probe of 1-1:0.0 failed with error -71
[  128.483814][  T305] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  128.916004][ T1905] usb 1-1: USB disconnect, device number 14
[  128.922786][  T305] usb 4-1: config 0 interface 0 has no altsetting 0
[  128.945970][  T305] usb 4-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00
[  128.971801][  T305] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.989030][  T305] usb 4-1: config 0 descriptor??
[  129.093330][ T2291] F2FS-fs (loop4): Invalid log blocks per segment (4278190089)
[  129.100893][ T2291] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  129.110020][ T2291] F2FS-fs (loop4): invalid crc value
[  129.116459][ T2291] F2FS-fs (loop4): Found nat_bits in checkpoint
[  129.139582][ T2291] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  129.146554][ T2291] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  129.366579][ T2310] netlink: 4 bytes leftover after parsing attributes in process `syz.1.516'.
[  129.385776][ T2310] netlink: 8 bytes leftover after parsing attributes in process `syz.1.516'.
[  129.636504][ T2314] EXT4-fs (loop0): Journaled quota options ignored when QUOTA feature is enabled
[  129.645668][ T2314] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  129.655775][ T2314] jbd2_journal_init_inode: Cannot locate journal superblock
[  129.663040][  T305] usbhid 4-1:0.0: can't add hid device: -71
[  129.667741][ T2314] EXT4-fs (loop0): Could not load journal inode
[  129.671918][  T305] usbhid: probe of 4-1:0.0 failed with error -71
[  129.685410][  T305] usb 4-1: USB disconnect, device number 14
[  130.686689][ T2339] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  131.410230][ T2340] F2FS-fs (loop1): invalid crc value
[  131.594588][ T2340] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  131.712517][ T2340] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  132.313628][ T1910] print_req_error: 98 callbacks suppressed
[  132.313644][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  132.332355][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  132.332632][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  132.343219][ T1910] buffer_io_error: 86 callbacks suppressed
[  132.343227][ T1910] Buffer I/O error on dev loop3p2, logical block 8, async page read
[  132.343265][ T1910] blk_update_request: I/O error, dev loop3, sector 609 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  132.343273][ T1910] Buffer I/O error on dev loop3p2, logical block 9, async page read
[  132.343296][ T1910] blk_update_request: I/O error, dev loop3, sector 610 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  132.343304][ T1910] Buffer I/O error on dev loop3p2, logical block 10, async page read
[  132.343333][ T1910] blk_update_request: I/O error, dev loop3, sector 611 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  132.362459][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  132.368144][ T1910] Buffer I/O error on dev loop3p2, logical block 11, async page read
[  132.427843][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  132.427855][  T444] Buffer I/O error on dev loop3p7, logical block 8, async page read
[  132.427884][  T444] blk_update_request: I/O error, dev loop3, sector 409 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  132.427891][  T444] Buffer I/O error on dev loop3p7, logical block 9, async page read
[  132.427917][  T444] blk_update_request: I/O error, dev loop3, sector 410 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  132.427924][  T444] Buffer I/O error on dev loop3p7, logical block 10, async page read
[  132.427946][  T444] Buffer I/O error on dev loop3p7, logical block 11, async page read
[  132.438010][ T1910] Buffer I/O error on dev loop3p2, logical block 12, async page read
[  132.508338][ T1910] Buffer I/O error on dev loop3p2, logical block 13, async page read
[  132.640964][  T385] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  132.675738][ T2365] syz.2.529[2365] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  132.676525][ T2365] syz.2.529[2365] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  134.847138][ T2372] netlink: 4 bytes leftover after parsing attributes in process `syz.2.530'.
[  134.883440][ T2372] netlink: 8 bytes leftover after parsing attributes in process `syz.2.530'.
[  134.935447][ T2366] F2FS-fs (loop3): invalid crc value
[  135.416566][ T2366] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  135.589136][ T2366] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  136.416479][ T2390] netlink: 4 bytes leftover after parsing attributes in process `syz.1.528'.
[  136.426034][ T2390] netlink: 12 bytes leftover after parsing attributes in process `syz.1.528'.
[  136.439083][ T2390] netlink: 8 bytes leftover after parsing attributes in process `syz.1.528'.
[  136.463878][ T2397] FAULT_INJECTION: forcing a failure.
[  136.463878][ T2397] name failslab, interval 1, probability 0, space 0, times 0
[  136.476376][ T2397] CPU: 0 PID: 2397 Comm: syz.3.532 Not tainted 5.10.233-syzkaller-00881-gfbe98d68b6b3 #0
[  136.485911][ T2397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  136.495893][ T2397] Call Trace:
[  136.499020][ T2397]  dump_stack_lvl+0x1e2/0x24b
[  136.503525][ T2397]  ? panic+0x812/0x812
[  136.507432][ T2397]  ? bfq_pos_tree_add_move+0x43b/0x43b
[  136.512729][ T2397]  dump_stack+0x15/0x17
[  136.516718][ T2397]  should_fail+0x3c6/0x510
[  136.520970][ T2397]  ? fdb_notify+0x77/0x120
[  136.525225][ T2397]  __should_failslab+0xa4/0xe0
[  136.529913][ T2397]  should_failslab+0x9/0x20
[  136.534258][ T2397]  __kmalloc_track_caller+0x5f/0x320
[  136.539374][ T2397]  ? kmem_cache_alloc+0x168/0x2e0
[  136.544231][ T2397]  ? __alloc_skb+0x80/0x510
[  136.548576][ T2397]  ? fdb_notify+0x77/0x120
[  136.552834][ T2397]  __alloc_skb+0xbc/0x510
[  136.556992][ T2397]  fdb_notify+0x77/0x120
[  136.561072][ T2397]  fdb_delete+0x839/0xac0
[  136.565252][ T2397]  fdb_delete_local+0x3ce/0x470
[  136.569928][ T2397]  br_fdb_changeaddr+0x1bb/0x1c0
[  136.574699][ T2397]  br_device_event+0x3c6/0x7c0
[  136.579300][ T2397]  ? br_boolopt_multi_get+0xc0/0xc0
[  136.584331][ T2397]  ? packet_notifier+0x8af/0x8c0
[  136.589107][ T2397]  ? ipv6_mc_netdev_event+0x91/0x2f0
[  136.594231][ T2397]  raw_notifier_call_chain+0x8c/0xf0
[  136.599351][ T2397]  dev_set_mac_address+0x325/0x470
[  136.604295][ T2397]  ? dev_pre_changeaddr_notify+0x220/0x220
[  136.609936][ T2397]  dev_set_mac_address_user+0x31/0x50
[  136.615143][ T2397]  dev_ifsioc+0x657/0xae0
[  136.619309][ T2397]  ? dev_ioctl+0xb40/0xb40
[  136.623566][ T2397]  ? dev_get_by_name_rcu+0xc5/0xf0
[  136.628511][ T2397]  dev_ioctl+0x526/0xb40
[  136.632592][ T2397]  sock_do_ioctl+0x295/0x3a0
[  136.637020][ T2397]  ? sock_show_fdinfo+0xa0/0xa0
[  136.641705][ T2397]  ? kernel_write+0x3d0/0x3d0
[  136.646216][ T2397]  ? selinux_file_ioctl+0x3cc/0x540
[  136.651257][ T2397]  sock_ioctl+0x4a6/0x760
[  136.655413][ T2397]  ? sock_poll+0x340/0x340
[  136.659669][ T2397]  ? security_file_ioctl+0x84/0xb0
[  136.664618][ T2397]  ? sock_poll+0x340/0x340
[  136.668871][ T2397]  __se_sys_ioctl+0x114/0x190
[  136.673384][ T2397]  __x64_sys_ioctl+0x7b/0x90
[  136.677809][ T2397]  do_syscall_64+0x34/0x70
[  136.682062][ T2397]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  136.687790][ T2397] RIP: 0033:0x7fdfc7472d29
[  136.692053][ T2397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  136.711489][ T2397] RSP: 002b:00007fdfc5ae4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  136.719730][ T2397] RAX: ffffffffffffffda RBX: 00007fdfc7662fa0 RCX: 00007fdfc7472d29
[  136.727549][ T2397] RDX: 0000000020000000 RSI: 0000000000008924 RDI: 0000000000000009
[  136.735360][ T2397] RBP: 00007fdfc5ae4090 R08: 0000000000000000 R09: 0000000000000000
[  136.743164][ T2397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  136.750971][ T2397] R13: 0000000000000000 R14: 00007fdfc7662fa0 R15: 00007ffd12086088
[  136.843100][ T2399] netlink: 4 bytes leftover after parsing attributes in process `syz.4.536'.
[  136.868766][ T2399] netlink: 8 bytes leftover after parsing attributes in process `syz.4.536'.
[  138.312801][ T2415] netlink: 4 bytes leftover after parsing attributes in process `syz.4.541'.
[  138.321938][ T2415] netlink: 8 bytes leftover after parsing attributes in process `syz.4.541'.
[  138.355687][ T1910] print_req_error: 71 callbacks suppressed
[  138.355702][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  138.357002][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  138.361963][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  138.373238][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  138.385827][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  138.395466][  T444] buffer_io_error: 62 callbacks suppressed
[  138.395475][  T444] Buffer I/O error on dev loop3p7, logical block 8, async page read
[  138.431923][  T444] blk_update_request: I/O error, dev loop3, sector 409 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  138.505838][  T444] Buffer I/O error on dev loop3p7, logical block 9, async page read
[  138.728170][  T444] blk_update_request: I/O error, dev loop3, sector 410 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  138.772419][ T1910] Buffer I/O error on dev loop3p2, logical block 8, async page read
[  138.890817][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  138.939995][  T444] Buffer I/O error on dev loop3p7, logical block 10, async page read
[  138.951442][ T1910] blk_update_request: I/O error, dev loop3, sector 609 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  139.036865][  T387] Buffer I/O error on dev loop3p3, logical block 8, async page read
[  139.061034][  T444] blk_update_request: I/O error, dev loop3, sector 411 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  139.105730][ T1910] Buffer I/O error on dev loop3p2, logical block 9, async page read
[  139.156749][  T387] Buffer I/O error on dev loop3p3, logical block 9, async page read
[  139.565913][  T444] Buffer I/O error on dev loop3p7, logical block 11, async page read
[  139.573847][  T444] Buffer I/O error on dev loop3p7, logical block 12, async page read
[  139.582397][ T1910] Buffer I/O error on dev loop3p2, logical block 10, async page read
[  139.615943][   T15] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  139.631516][ T2432] 9pnet: Insufficient options for proto=fd
[  139.751060][ T2435] EXT4-fs (loop3): Unrecognized mount option "hash" or missing value
[  140.964895][   T15] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  140.986644][   T15] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  140.999433][   T24] kauditd_printk_skb: 62 callbacks suppressed
[  140.999452][   T24] audit: type=1400 audit(1737498677.089:1523): avc:  denied  { unlink } for  pid=77 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  141.226170][   T15] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 16538, setting to 1024
[  141.310237][   T15] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  141.416207][   T15] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  141.437081][   T15] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  141.930333][   T15] usb 2-1: Manufacturer: syz
[  141.944305][   T15] usb 2-1: config 0 descriptor??
[  141.961346][ T2456] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  141.987291][   T15] usb 2-1: can't set config #0, error -71
[  141.993334][   T15] usb 2-1: USB disconnect, device number 13
[  143.075120][ T2473] EXT4-fs (loop0): Journaled quota options ignored when QUOTA feature is enabled
[  143.114784][ T2473] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  143.127372][ T2477] 9pnet: Insufficient options for proto=fd
[  143.151054][ T2473] jbd2_journal_init_inode: Cannot locate journal superblock
[  143.186944][ T2473] EXT4-fs (loop0): Could not load journal inode
[  143.495942][  T543] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  143.510095][  T387] print_req_error: 125 callbacks suppressed
[  143.510110][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  143.517732][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  143.528669][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  143.569281][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  143.581914][  T387] buffer_io_error: 110 callbacks suppressed
[  143.581925][  T387] Buffer I/O error on dev loop3p3, logical block 8, async page read
[  143.589890][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  143.607010][  T387] blk_update_request: I/O error, dev loop3, sector 209 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  143.610752][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  143.628823][  T387] Buffer I/O error on dev loop3p3, logical block 9, async page read
[  143.635368][  T444] Buffer I/O error on dev loop3p7, logical block 8, async page read
[  143.648782][ T1910] Buffer I/O error on dev loop3p2, logical block 8, async page read
[  143.652771][  T387] blk_update_request: I/O error, dev loop3, sector 210 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  143.657770][  T444] blk_update_request: I/O error, dev loop3, sector 409 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  143.668058][  T387] Buffer I/O error on dev loop3p3, logical block 10, async page read
[  143.682670][ T1910] blk_update_request: I/O error, dev loop3, sector 609 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  143.686739][  T387] Buffer I/O error on dev loop3p3, logical block 11, async page read
[  143.705747][  T444] Buffer I/O error on dev loop3p7, logical block 9, async page read
[  143.706378][  T387] Buffer I/O error on dev loop3p3, logical block 12, async page read
[  143.722696][ T1910] Buffer I/O error on dev loop3p2, logical block 9, async page read
[  143.722951][  T387] Buffer I/O error on dev loop3p3, logical block 13, async page read
[  143.815926][   T20] usb 4-1: new full-speed USB device number 15 using dummy_hcd
[  143.915998][  T543] usb 2-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  143.925066][  T543] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.933983][  T543] usb 2-1: config 0 descriptor??
[  144.206018][   T20] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  144.217021][   T20] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  144.226722][   T20] usb 4-1: config 0 interface 0 has no altsetting 0
[  144.233094][   T20] usb 4-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00
[  144.242125][   T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.250943][   T20] usb 4-1: config 0 descriptor??
[  144.620576][ T2509] Zero length message leads to an empty skb
[  144.631212][  T543] usb 2-1: Cannot set MAC address
[  144.636411][  T543] MOSCHIP usb-ethernet driver: probe of 2-1:0.0 failed with error -71
[  144.645237][  T543] usb 2-1: USB disconnect, device number 14
[  145.902742][   T24] audit: type=1400 audit(1737498681.869:1524): avc:  denied  { getopt } for  pid=2540 comm="syz.0.576" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  145.929919][ T2542] EXT4-fs (loop0): corrupt root inode, run e2fsck
[  145.938499][ T2542] EXT4-fs (loop0): mount failed
[  146.277315][   T24] audit: type=1326 audit(1737498682.369:1525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2551 comm="syz.1.578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  146.314634][   T24] audit: type=1326 audit(1737498682.369:1526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2551 comm="syz.1.578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  146.357422][   T24] audit: type=1326 audit(1737498682.399:1527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2551 comm="syz.1.578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  146.385478][   T24] audit: type=1326 audit(1737498682.399:1528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2551 comm="syz.1.578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  146.416272][   T24] audit: type=1326 audit(1737498682.399:1529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2551 comm="syz.1.578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  146.471421][   T24] audit: type=1326 audit(1737498682.399:1530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2551 comm="syz.1.578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  146.495458][   T24] audit: type=1326 audit(1737498682.399:1531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2551 comm="syz.1.578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  146.520802][   T24] audit: type=1326 audit(1737498682.399:1532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2551 comm="syz.1.578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  146.567528][   T24] audit: type=1326 audit(1737498682.399:1533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2551 comm="syz.1.578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  146.591503][   T24] audit: type=1326 audit(1737498682.399:1534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2551 comm="syz.1.578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  146.676085][   T20] usbhid 4-1:0.0: can't add hid device: -71
[  146.682041][   T20] usbhid: probe of 4-1:0.0 failed with error -71
[  146.690107][   T20] usb 4-1: USB disconnect, device number 15
[  148.776790][ T2583] 9pnet: Insufficient options for proto=fd
[  149.374876][ T2593] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  149.405120][ T1910] print_req_error: 152 callbacks suppressed
[  149.405136][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  149.429919][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  149.448126][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  149.463257][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  149.886029][ T1910] buffer_io_error: 134 callbacks suppressed
[  149.886040][ T1910] Buffer I/O error on dev loop3p2, logical block 8, async page read
[  149.915558][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  149.927430][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  149.938538][  T444] Buffer I/O error on dev loop3p7, logical block 8, async page read
[  149.957447][  T444] blk_update_request: I/O error, dev loop3, sector 409 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  150.012463][ T1910] blk_update_request: I/O error, dev loop3, sector 609 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  150.014685][  T387] Buffer I/O error on dev loop3p3, logical block 8, async page read
[  150.031714][  T387] blk_update_request: I/O error, dev loop3, sector 209 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  150.040872][  T444] Buffer I/O error on dev loop3p7, logical block 9, async page read
[  150.044219][  T387] Buffer I/O error on dev loop3p3, logical block 9, async page read
[  150.058271][  T387] blk_update_request: I/O error, dev loop3, sector 210 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  150.069099][  T387] Buffer I/O error on dev loop3p3, logical block 10, async page read
[  150.077036][  T387] Buffer I/O error on dev loop3p3, logical block 11, async page read
[  150.084912][  T387] Buffer I/O error on dev loop3p3, logical block 12, async page read
[  150.093248][  T387] Buffer I/O error on dev loop3p3, logical block 13, async page read
[  150.096256][ T1910] Buffer I/O error on dev loop3p2, logical block 9, async page read
[  150.169065][ T2612] FAULT_INJECTION: forcing a failure.
[  150.169065][ T2612] name failslab, interval 1, probability 0, space 0, times 0
[  150.181541][ T2612] CPU: 1 PID: 2612 Comm: syz.0.593 Not tainted 5.10.233-syzkaller-00881-gfbe98d68b6b3 #0
[  150.191117][ T2612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  150.201014][ T2612] Call Trace:
[  150.204131][ T2612]  dump_stack_lvl+0x1e2/0x24b
[  150.208762][ T2612]  ? bfq_pos_tree_add_move+0x43b/0x43b
[  150.214129][ T2612]  dump_stack+0x15/0x17
[  150.218202][ T2612]  should_fail+0x3c6/0x510
[  150.222451][ T2612]  ? fdb_create+0x37/0xcf0
[  150.226789][ T2612]  __should_failslab+0xa4/0xe0
[  150.231388][ T2612]  should_failslab+0x9/0x20
[  150.235732][ T2612]  kmem_cache_alloc+0x3d/0x2e0
[  150.240334][ T2612]  fdb_create+0x37/0xcf0
[  150.244582][ T2612]  ? br_fdb_find_rcu+0x30/0x30
[  150.249272][ T2612]  fdb_insert+0x142/0x270
[  150.253524][ T2612]  br_fdb_changeaddr+0x18f/0x1c0
[  150.258379][ T2612]  br_device_event+0x3c6/0x7c0
[  150.262980][ T2612]  ? br_boolopt_multi_get+0xc0/0xc0
[  150.268100][ T2612]  ? packet_notifier+0x8af/0x8c0
[  150.273048][ T2612]  ? ipv6_mc_netdev_event+0x91/0x2f0
[  150.278161][ T2612]  raw_notifier_call_chain+0x8c/0xf0
[  150.283278][ T2612]  dev_set_mac_address+0x325/0x470
[  150.288233][ T2612]  ? dev_pre_changeaddr_notify+0x220/0x220
[  150.293888][ T2612]  dev_set_mac_address_user+0x31/0x50
[  150.299164][ T2612]  dev_ifsioc+0x657/0xae0
[  150.303329][ T2612]  ? dev_ioctl+0xb40/0xb40
[  150.307690][ T2612]  ? dev_get_by_name_rcu+0xc5/0xf0
[  150.312634][ T2612]  dev_ioctl+0x526/0xb40
[  150.316792][ T2612]  sock_do_ioctl+0x295/0x3a0
[  150.321310][ T2612]  ? sock_show_fdinfo+0xa0/0xa0
[  150.325985][ T2612]  ? kernel_write+0x3d0/0x3d0
[  150.330510][ T2612]  ? selinux_file_ioctl+0x3cc/0x540
[  150.335543][ T2612]  sock_ioctl+0x4a6/0x760
[  150.339698][ T2612]  ? sock_poll+0x340/0x340
[  150.343955][ T2612]  ? security_file_ioctl+0x84/0xb0
[  150.348901][ T2612]  ? sock_poll+0x340/0x340
[  150.353153][ T2612]  __se_sys_ioctl+0x114/0x190
[  150.357843][ T2612]  __x64_sys_ioctl+0x7b/0x90
[  150.362533][ T2612]  do_syscall_64+0x34/0x70
[  150.366786][ T2612]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  150.372520][ T2612] RIP: 0033:0x7f44b5029d29
[  150.376775][ T2612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.396213][ T2612] RSP: 002b:00007f44b369b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  150.404558][ T2612] RAX: ffffffffffffffda RBX: 00007f44b5219fa0 RCX: 00007f44b5029d29
[  150.412371][ T2612] RDX: 0000000020000000 RSI: 0000000000008924 RDI: 0000000000000008
[  150.420163][ T2612] RBP: 00007f44b369b090 R08: 0000000000000000 R09: 0000000000000000
[  150.427978][ T2612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  150.435786][ T2612] R13: 0000000000000000 R14: 00007f44b5219fa0 R15: 00007ffccc965738
[  150.537323][  T384] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  151.732118][ T2624] F2FS-fs (loop0): invalid crc value
[  151.847221][ T2628] 9pnet: Insufficient options for proto=fd
[  151.881680][ T2624] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  151.980133][ T2624] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  152.961679][ T2649] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  153.028437][  T384] usb 4-1: unable to read config index 0 descriptor/all
[  153.035288][  T384] usb 4-1: can't read configurations, error -71
[  153.097876][   T24] kauditd_printk_skb: 47 callbacks suppressed
[  153.097887][   T24] audit: type=1400 audit(1737498689.189:1582): avc:  denied  { remove_name } for  pid=2648 comm="syz.1.602" name="bus" dev="loop1" ino=1048617 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  153.229928][ T2652] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  153.445300][   T24] audit: type=1400 audit(1737498689.229:1583): avc:  denied  { rename } for  pid=2648 comm="syz.1.602" name="bus" dev="loop1" ino=1048617 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  153.468227][   T24] audit: type=1400 audit(1737498689.229:1584): avc:  denied  { unlink } for  pid=2648 comm="syz.1.602" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop1" ino=1048621 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  155.301535][ T1910] print_req_error: 71 callbacks suppressed
[  155.301552][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  155.321112][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  155.334554][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  155.379081][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  155.395907][ T1910] buffer_io_error: 62 callbacks suppressed
[  155.395919][ T1910] Buffer I/O error on dev loop3p2, logical block 8, async page read
[  155.409604][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  155.420839][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  155.442336][ T1910] blk_update_request: I/O error, dev loop3, sector 609 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  155.463596][  T387] Buffer I/O error on dev loop3p3, logical block 8, async page read
[  155.471680][  T444] Buffer I/O error on dev loop3p7, logical block 8, async page read
[  155.481669][  T387] blk_update_request: I/O error, dev loop3, sector 209 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  155.492891][ T2673] 9pnet: Insufficient options for proto=fd
[  155.499092][  T444] blk_update_request: I/O error, dev loop3, sector 409 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  155.520157][ T1910] Buffer I/O error on dev loop3p2, logical block 9, async page read
[  155.555985][ T1910] blk_update_request: I/O error, dev loop3, sector 610 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  155.561153][  T387] Buffer I/O error on dev loop3p3, logical block 9, async page read
[  155.575924][  T444] Buffer I/O error on dev loop3p7, logical block 9, async page read
[  155.585191][  T387] Buffer I/O error on dev loop3p3, logical block 10, async page read
[  155.594716][  T387] Buffer I/O error on dev loop3p3, logical block 11, async page read
[  155.603159][  T387] Buffer I/O error on dev loop3p3, logical block 12, async page read
[  155.611312][  T387] Buffer I/O error on dev loop3p3, logical block 13, async page read
[  156.263640][   T54] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  156.337308][ T2698] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  156.516011][   T54] usb 2-1: Using ep0 maxpacket: 8
[  157.519343][ T2712] F2FS-fs (loop0): invalid crc value
[  158.530108][ T2712] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  158.761016][   T54] usb 2-1: unable to get BOS descriptor or descriptor too short
[  159.565285][ T2712] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  160.695019][ T2738] 9pnet: Insufficient options for proto=fd
[  160.755986][   T54] usb 2-1: unable to read config index 0 descriptor/start: -71
[  160.771383][   T54] usb 2-1: can't read configurations, error -71
[  160.796935][   T24] audit: type=1326 audit(1737498696.889:1585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2742 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  160.864569][   T24] audit: type=1326 audit(1737498696.889:1586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2742 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  160.903873][   T24] audit: type=1326 audit(1737498696.889:1587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2742 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  160.928968][   T24] audit: type=1326 audit(1737498696.889:1588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2742 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  161.001533][   T24] audit: type=1326 audit(1737498696.889:1589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2742 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  161.060664][   T24] audit: type=1326 audit(1737498696.889:1590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2742 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  163.141573][ T2763] F2FS-fs (loop4): invalid crc value
[  163.199110][ T2768] F2FS-fs (loop1): invalid crc value
[  163.292151][ T2763] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  163.316730][   T24] audit: type=1326 audit(1737498696.889:1591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2742 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  163.339999][   T24] audit: type=1326 audit(1737498696.889:1592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2742 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  163.349750][ T2763] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  163.487758][ T2768] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  163.853685][ T2768] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  163.983809][   T24] audit: type=1326 audit(1737498696.889:1593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2742 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  164.029717][   T24] audit: type=1326 audit(1737498696.979:1594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2742 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  164.047318][ T1910] print_req_error: 71 callbacks suppressed
[  164.047334][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  164.055901][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  164.059093][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  164.077397][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  164.094075][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  164.123534][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  164.125905][ T1910] buffer_io_error: 62 callbacks suppressed
[  164.125915][ T1910] Buffer I/O error on dev loop3p2, logical block 8, async page read
[  164.158575][  T387] Buffer I/O error on dev loop3p3, logical block 8, async page read
[  164.175961][  T387] blk_update_request: I/O error, dev loop3, sector 209 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  164.187988][ T1910] blk_update_request: I/O error, dev loop3, sector 609 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  164.199031][  T444] Buffer I/O error on dev loop3p7, logical block 8, async page read
[  164.207360][  T444] blk_update_request: I/O error, dev loop3, sector 409 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  164.218599][  T444] Buffer I/O error on dev loop3p7, logical block 9, async page read
[  164.226507][  T444] blk_update_request: I/O error, dev loop3, sector 410 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  164.235931][  T387] Buffer I/O error on dev loop3p3, logical block 9, async page read
[  164.237387][  T444] Buffer I/O error on dev loop3p7, logical block 10, async page read
[  164.253237][  T444] Buffer I/O error on dev loop3p7, logical block 11, async page read
[  164.261259][ T1910] Buffer I/O error on dev loop3p2, logical block 9, async page read
[  164.269148][  T444] Buffer I/O error on dev loop3p7, logical block 12, async page read
[  164.269333][  T387] Buffer I/O error on dev loop3p3, logical block 10, async page read
[  164.424860][ T2792] 9pnet: Insufficient options for proto=fd
[  165.516551][ T2799] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  165.525472][ T2799] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  165.742165][ T2799] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended
[  165.751200][ T2799] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  165.759068][ T2799] System zones: 0-2, 18-18, 34-34
[  165.764958][ T2799] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1047: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  165.781445][ T2799] EXT4-fs (loop4): 1 truncate cleaned up
[  165.786954][ T2799] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  165.825171][   T24] kauditd_printk_skb: 71 callbacks suppressed
[  165.825181][   T24] audit: type=1400 audit(1737498701.909:1666): avc:  denied  { append } for  pid=2796 comm="syz.4.633" name="file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  165.858794][   T24] audit: type=1400 audit(1737498701.909:1667): avc:  denied  { open } for  pid=2796 comm="syz.4.633" path="/112/file1/file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  165.881803][  T543] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  166.959483][  T543] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11
[  166.970599][  T543] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024
[  166.992973][  T543] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  167.015348][  T543] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.045983][ T2795] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  167.172824][   T24] audit: type=1400 audit(1737498703.259:1668): avc:  denied  { ioctl } for  pid=2826 comm="syz.3.644" path="/dev/uinput" dev="devtmpfs" ino=253 ioctlcmd=0x5567 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  167.543145][  T543] aiptek 1-1:17.0: Aiptek using 400 ms programming speed
[  167.550847][  T543] input: Aiptek as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:17.0/input/input10
[  167.580221][  T543] usb 1-1: USB disconnect, device number 15
[  168.068582][ T2851] F2FS-fs (loop4): Invalid SB checksum offset: 0
[  168.097265][ T2851] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  168.130001][ T2861] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  169.836710][ T2851] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  169.954993][ T1910] print_req_error: 125 callbacks suppressed
[  169.955010][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  169.963926][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  169.985190][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  169.993890][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  170.006016][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  170.018336][ T1910] buffer_io_error: 110 callbacks suppressed
[  170.018355][ T1910] Buffer I/O error on dev loop3p2, logical block 8, async page read
[  170.082420][ T1910] blk_update_request: I/O error, dev loop3, sector 609 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  170.126084][ T2851] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  170.135488][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  170.150814][ T2851] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  170.174966][ T1910] Buffer I/O error on dev loop3p2, logical block 9, async page read
[  170.184556][  T444] Buffer I/O error on dev loop3p7, logical block 8, async page read
[  170.212314][  T387] Buffer I/O error on dev loop3p3, logical block 8, async page read
[  170.220303][  T387] blk_update_request: I/O error, dev loop3, sector 209 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  170.231225][  T387] Buffer I/O error on dev loop3p3, logical block 9, async page read
[  170.254941][ T1910] blk_update_request: I/O error, dev loop3, sector 610 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  170.266313][  T444] blk_update_request: I/O error, dev loop3, sector 409 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  170.287976][  T387] Buffer I/O error on dev loop3p3, logical block 10, async page read
[  170.300153][  T387] Buffer I/O error on dev loop3p3, logical block 11, async page read
[  170.312395][  T387] Buffer I/O error on dev loop3p3, logical block 12, async page read
[  170.323519][  T387] Buffer I/O error on dev loop3p3, logical block 13, async page read
[  170.334352][  T387] Buffer I/O error on dev loop3p3, logical block 14, async page read
[  171.206613][   T24] audit: type=1400 audit(1737498706.739:1669): avc:  denied  { setattr } for  pid=2850 comm="syz.4.651" name="/" dev="loop4" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  171.241584][ T2904] FAULT_INJECTION: forcing a failure.
[  171.241584][ T2904] name failslab, interval 1, probability 0, space 0, times 0
[  171.266444][ T2904] CPU: 0 PID: 2904 Comm: syz.1.665 Not tainted 5.10.233-syzkaller-00881-gfbe98d68b6b3 #0
[  171.276334][ T2904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  171.286303][ T2904] Call Trace:
[  171.289441][ T2904]  dump_stack_lvl+0x1e2/0x24b
[  171.294055][ T2904]  ? bfq_pos_tree_add_move+0x43b/0x43b
[  171.299334][ T2904]  dump_stack+0x15/0x17
[  171.303358][ T2904]  should_fail+0x3c6/0x510
[  171.307577][ T2904]  ? dst_alloc+0x17d/0x590
[  171.311833][ T2904]  __should_failslab+0xa4/0xe0
[  171.316428][ T2904]  should_failslab+0x9/0x20
[  171.320772][ T2904]  kmem_cache_alloc+0x3d/0x2e0
[  171.325454][ T2904]  ? slab_post_alloc_hook+0x80/0x2f0
[  171.330661][ T2904]  dst_alloc+0x17d/0x590
[  171.334740][ T2904]  ? inet_rtm_getroute+0x7ef/0x2920
[  171.339782][ T2904]  ip_route_output_key_hash_rcu+0x129a/0x20b0
[  171.345775][ T2904]  inet_rtm_getroute+0x1083/0x2920
[  171.350727][ T2904]  ? ip_rt_multicast_event+0x80/0x80
[  171.355834][ T2904]  ? 0xffffffffa0028bb0
[  171.359832][ T2904]  ? ip_rt_multicast_event+0x80/0x80
[  171.364947][ T2904]  rtnetlink_rcv_msg+0x77a/0xc50
[  171.369741][ T2904]  ? is_bpf_text_address+0x172/0x190
[  171.374886][ T2904]  ? rtnetlink_bind+0x80/0x80
[  171.379360][ T2904]  ? arch_stack_walk+0xf3/0x140
[  171.384050][ T2904]  ? stack_trace_save+0x113/0x1c0
[  171.388900][ T2904]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  171.394807][ T2904]  ? stack_trace_snprint+0xf0/0xf0
[  171.399899][ T2904]  ? avc_has_perm+0x14d/0x400
[  171.404394][ T2904]  ? memcpy+0x56/0x70
[  171.408214][ T2904]  ? avc_has_perm+0x275/0x400
[  171.412731][ T2904]  ? __kasan_slab_alloc+0xb1/0xe0
[  171.417591][ T2904]  ? slab_post_alloc_hook+0x61/0x2f0
[  171.422712][ T2904]  ? kmem_cache_alloc+0x168/0x2e0
[  171.427579][ T2904]  ? avc_has_perm_noaudit+0x240/0x240
[  171.432915][ T2904]  ? iov_iter_advance+0x258/0xb20
[  171.437726][ T2904]  netlink_rcv_skb+0x1cf/0x410
[  171.442330][ T2904]  ? rtnetlink_bind+0x80/0x80
[  171.446838][ T2904]  ? netlink_ack+0xb30/0xb30
[  171.451441][ T2904]  ? __netlink_lookup+0x37b/0x3a0
[  171.456298][ T2904]  rtnetlink_rcv+0x1c/0x20
[  171.460553][ T2904]  netlink_unicast+0x8df/0xac0
[  171.465154][ T2904]  ? netlink_detachskb+0x90/0x90
[  171.469927][ T2904]  ? security_netlink_send+0x7b/0xa0
[  171.475046][ T2904]  netlink_sendmsg+0xa46/0xd00
[  171.479648][ T2904]  ? netlink_getsockopt+0x5c0/0x5c0
[  171.484688][ T2904]  ? kmem_cache_free+0xa9/0x1e0
[  171.489366][ T2904]  ? security_socket_sendmsg+0x82/0xb0
[  171.494667][ T2904]  ? netlink_getsockopt+0x5c0/0x5c0
[  171.499702][ T2904]  ____sys_sendmsg+0x59e/0x8f0
[  171.504304][ T2904]  ? __sys_sendmsg_sock+0x40/0x40
[  171.509248][ T2904]  ? import_iovec+0xe5/0x120
[  171.513667][ T2904]  ___sys_sendmsg+0x252/0x2e0
[  171.518182][ T2904]  ? __sys_sendmsg+0x280/0x280
[  171.522787][ T2904]  ? rw_verify_area+0x1c3/0x360
[  171.527476][ T2904]  ? __fdget+0x1bc/0x240
[  171.531548][ T2904]  __se_sys_sendmsg+0x1b1/0x280
[  171.536236][ T2904]  ? __x64_sys_sendmsg+0x90/0x90
[  171.541004][ T2904]  ? ksys_write+0x260/0x2c0
[  171.545396][ T2904]  ? debug_smp_processor_id+0x17/0x20
[  171.550557][ T2904]  __x64_sys_sendmsg+0x7b/0x90
[  171.555173][ T2904]  do_syscall_64+0x34/0x70
[  171.559414][ T2904]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  171.565135][ T2904] RIP: 0033:0x7f62efaced29
[  171.569410][ T2904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.588831][ T2904] RSP: 002b:00007f62ee140038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  171.597078][ T2904] RAX: ffffffffffffffda RBX: 00007f62efcbefa0 RCX: 00007f62efaced29
[  171.604968][ T2904] RDX: 0000000000000000 RSI: 0000000020000500 RDI: 0000000000000005
[  171.612876][ T2904] RBP: 00007f62ee140090 R08: 0000000000000000 R09: 0000000000000000
[  171.620677][ T2904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  171.628589][ T2904] R13: 0000000000000000 R14: 00007f62efcbefa0 R15: 00007ffd566d04d8
[  171.637913][  T285] attempt to access beyond end of device
[  171.637913][  T285] loop4: rw=2049, want=45112, limit=40427
[  171.910085][   T24] audit: type=1326 audit(1737498707.979:1670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2907 comm="syz.3.668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfc7472d29 code=0x7ffc0000
[  172.070651][   T24] audit: type=1326 audit(1737498707.989:1671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2907 comm="syz.3.668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfc7472d29 code=0x7ffc0000
[  172.095551][   T24] audit: type=1326 audit(1737498707.989:1672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2907 comm="syz.3.668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7fdfc7472d29 code=0x7ffc0000
[  172.120183][   T24] audit: type=1326 audit(1737498707.989:1673): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2907 comm="syz.3.668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfc7472d29 code=0x7ffc0000
[  172.144171][   T24] audit: type=1326 audit(1737498707.989:1674): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2907 comm="syz.3.668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfc7472d29 code=0x7ffc0000
[  172.171349][  T385] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  172.175555][   T24] audit: type=1326 audit(1737498707.989:1675): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2907 comm="syz.3.668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7fdfc7472d29 code=0x7ffc0000
[  172.240479][   T24] audit: type=1326 audit(1737498707.989:1676): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2907 comm="syz.3.668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfc7472d29 code=0x7ffc0000
[  172.351286][   T24] audit: type=1326 audit(1737498707.989:1677): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2907 comm="syz.3.668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfc7472d29 code=0x7ffc0000
[  172.423960][   T24] audit: type=1326 audit(1737498707.989:1678): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2907 comm="syz.3.668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fdfc7471597 code=0x7ffc0000
[  172.626377][  T385] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11
[  172.664130][  T385] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024
[  172.684297][  T385] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  172.693522][  T385] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.735998][ T2912] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  172.925937][   T15] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  173.296186][  T385] aiptek 2-1:17.0: Aiptek using 400 ms programming speed
[  173.308417][  T385] input: Aiptek as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:17.0/input/input12
[  173.418559][  T385] usb 2-1: USB disconnect, device number 17
[  173.435915][    C1] aiptek 2-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[  173.676135][   T15] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  173.686959][   T15] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  173.696947][   T15] usb 4-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  173.705901][   T15] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.748664][   T15] usb 4-1: config 0 descriptor??
[  174.210507][ T2958]  loop0: p2 p3 p7
[  174.348138][  T308] udevd[308]: inotify_add_watch(7, /dev/loop0p7, 10) failed: No such file or directory
[  174.348174][  T444] udevd[444]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[  174.359576][  T387] udevd[387]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[  174.535974][   T15] usbhid 4-1:0.0: can't add hid device: -71
[  174.541813][   T15] usbhid: probe of 4-1:0.0 failed with error -71
[  174.702871][ T2977] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  174.815217][   T15] usb 4-1: USB disconnect, device number 18
[  174.987263][ T1910] print_req_error: 152 callbacks suppressed
[  174.987319][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  174.996901][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  175.020496][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  175.034014][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  175.089135][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  175.133223][  T387] buffer_io_error: 134 callbacks suppressed
[  175.133255][  T387] Buffer I/O error on dev loop3p3, logical block 8, async page read
[  175.203245][ T1910] Buffer I/O error on dev loop3p2, logical block 8, async page read
[  175.211248][ T1910] blk_update_request: I/O error, dev loop3, sector 609 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  175.222300][ T1910] Buffer I/O error on dev loop3p2, logical block 9, async page read
[  175.230301][ T1910] blk_update_request: I/O error, dev loop3, sector 610 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  175.248080][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  175.259658][  T444] Buffer I/O error on dev loop3p7, logical block 8, async page read
[  175.267771][  T387] blk_update_request: I/O error, dev loop3, sector 209 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  175.285913][ T1910] Buffer I/O error on dev loop3p2, logical block 10, async page read
[  175.294729][ T1910] blk_update_request: I/O error, dev loop3, sector 611 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  175.298388][  T444] Buffer I/O error on dev loop3p7, logical block 9, async page read
[  175.305972][ T1910] Buffer I/O error on dev loop3p2, logical block 11, async page read
[  175.322842][ T1910] Buffer I/O error on dev loop3p2, logical block 12, async page read
[  175.336547][  T387] Buffer I/O error on dev loop3p3, logical block 9, async page read
[  175.344434][  T387] Buffer I/O error on dev loop3p3, logical block 10, async page read
[  175.359422][ T3001] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  175.371107][ T3001] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  175.381591][ T3001] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  176.463211][ T3008] F2FS-fs (loop1): invalid crc value
[  176.547557][ T3002] EXT4-fs (loop4): Test dummy encryption mode enabled
[  176.722016][ T3002] EXT4-fs error (device loop4): ext4_fill_super:4955: inode #2: comm syz.4.699: iget: checksum invalid
[  176.789612][ T3008] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  177.015077][ T3008] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  177.544186][ T3002] EXT4-fs (loop4): get root inode failed
[  177.551774][ T3002] EXT4-fs (loop4): mount failed
[  177.628075][   T24] kauditd_printk_skb: 22 callbacks suppressed
[  177.628086][   T24] audit: type=1326 audit(1737498713.719:1701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3030 comm="syz.2.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bb8eed29 code=0x7ffc0000
[  177.658482][   T24] audit: type=1326 audit(1737498713.719:1702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3030 comm="syz.2.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bb8eed29 code=0x7ffc0000
[  177.681752][   T24] audit: type=1326 audit(1737498713.719:1703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3030 comm="syz.2.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f73bb8eed29 code=0x7ffc0000
[  177.705571][   T24] audit: type=1326 audit(1737498713.719:1704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3030 comm="syz.2.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bb8eed29 code=0x7ffc0000
[  177.734568][   T24] audit: type=1326 audit(1737498713.719:1705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3030 comm="syz.2.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bb8eed29 code=0x7ffc0000
[  177.758888][   T24] audit: type=1326 audit(1737498713.719:1706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3030 comm="syz.2.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f73bb8eed29 code=0x7ffc0000
[  177.782128][   T24] audit: type=1326 audit(1737498713.719:1707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3030 comm="syz.2.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bb8eed29 code=0x7ffc0000
[  177.805466][   T24] audit: type=1326 audit(1737498713.719:1708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3030 comm="syz.2.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bb8eed29 code=0x7ffc0000
[  177.828975][   T24] audit: type=1326 audit(1737498713.719:1709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3030 comm="syz.2.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f73bb8eed29 code=0x7ffc0000
[  177.852282][   T24] audit: type=1326 audit(1737498713.719:1710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3030 comm="syz.2.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bb8eed29 code=0x7ffc0000
[  178.233113][ T3031]  loop0: p2 p3 p7
[  178.280076][ T3037] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  178.546638][ T3049] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  178.549776][  T308] udevd[308]: inotify_add_watch(7, /dev/loop0p7, 10) failed: No such file or directory
[  178.746725][  T387] udevd[387]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[  178.746740][  T444] udevd[444]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[  179.559050][ T3077] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  179.805965][  T385] usb 5-1: new full-speed USB device number 11 using dummy_hcd
[  180.040044][ T3085] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  180.187894][  T444] print_req_error: 17 callbacks suppressed
[  180.187909][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  180.187947][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  180.195409][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  180.228086][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  180.239223][  T444] buffer_io_error: 14 callbacks suppressed
[  180.239232][  T444] Buffer I/O error on dev loop3p7, logical block 8, async page read
[  180.241000][  T387] Buffer I/O error on dev loop3p3, logical block 8, async page read
[  180.244933][  T444] blk_update_request: I/O error, dev loop3, sector 409 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  180.253092][  T385] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  180.260981][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  180.293163][  T387] blk_update_request: I/O error, dev loop3, sector 209 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  180.293304][  T444] Buffer I/O error on dev loop3p7, logical block 9, async page read
[  180.305099][  T385] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  180.312256][  T444] blk_update_request: I/O error, dev loop3, sector 410 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  180.332672][ T1910] Buffer I/O error on dev loop3p2, logical block 8, async page read
[  180.335836][  T387] Buffer I/O error on dev loop3p3, logical block 9, async page read
[  180.350851][ T1910] blk_update_request: I/O error, dev loop3, sector 609 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  180.352465][  T385] usb 5-1: config 0 interface 0 has no altsetting 0
[  180.368227][  T444] Buffer I/O error on dev loop3p7, logical block 10, async page read
[  180.373372][  T387] blk_update_request: I/O error, dev loop3, sector 210 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  180.387151][  T444] Buffer I/O error on dev loop3p7, logical block 11, async page read
[  180.388188][  T385] usb 5-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00
[  180.395611][ T1910] Buffer I/O error on dev loop3p2, logical block 9, async page read
[  180.412582][  T444] Buffer I/O error on dev loop3p7, logical block 12, async page read
[  180.412607][  T444] Buffer I/O error on dev loop3p7, logical block 13, async page read
[  180.438329][ T3090] syz.3.720[3090] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  180.443787][  T385] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.464785][  T385] usb 5-1: config 0 descriptor??
[  181.079226][   T54] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  183.575998][  T385] usbhid 5-1:0.0: can't add hid device: -71
[  183.581934][  T385] usbhid: probe of 5-1:0.0 failed with error -71
[  183.904413][ T3149] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  185.669580][  T387] print_req_error: 124 callbacks suppressed
[  185.669595][  T387] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  185.689571][  T385] usb 5-1: USB disconnect, device number 11
[  186.319976][  T387] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  186.331511][   T54] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  186.342414][   T54] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 37, changing to 9
[  186.353472][   T54] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 16538, setting to 1024
[  186.362252][  T444] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  186.385590][ T1910] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  186.410243][  T444] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  186.443767][   T54] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  186.448896][  T444] buffer_io_error: 110 callbacks suppressed
[  186.448907][  T444] Buffer I/O error on dev loop3p3, logical block 8, async page read
[  186.466112][ T1910] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  186.472580][  T387] Buffer I/O error on dev loop3p2, logical block 8, async page read
[  186.548722][  T387] blk_update_request: I/O error, dev loop3, sector 609 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  186.663871][  T444] blk_update_request: I/O error, dev loop3, sector 209 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  186.690417][  T387] Buffer I/O error on dev loop3p2, logical block 9, async page read
[  186.699240][   T54] usb 2-1: string descriptor 0 read error: -71
[  186.705414][   T54] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  186.792466][  T444] Buffer I/O error on dev loop3p3, logical block 9, async page read
[  186.803961][ T1910] Buffer I/O error on dev loop3p7, logical block 8, async page read
[  186.820804][  T387] blk_update_request: I/O error, dev loop3, sector 610 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  186.835568][   T54] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  186.876360][  T444] blk_update_request: I/O error, dev loop3, sector 210 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  186.944637][   T54] usb 2-1: config 0 descriptor??
[  186.964162][  T444] Buffer I/O error on dev loop3p3, logical block 10, async page read
[  187.012632][ T1910] Buffer I/O error on dev loop3p7, logical block 9, async page read
[  187.020501][ T1910] Buffer I/O error on dev loop3p7, logical block 10, async page read
[  187.028583][ T1910] Buffer I/O error on dev loop3p7, logical block 11, async page read
[  187.045971][ T1910] Buffer I/O error on dev loop3p7, logical block 12, async page read
[  187.079126][   T54] usb 2-1: can't set config #0, error -71
[  187.087444][   T54] usb 2-1: USB disconnect, device number 18
[  187.244694][ T3170] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  187.399868][   T20] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  187.406496][ T3170] exFAT-fs (loop1): error, exfat_alloc_cluster: invalid used clusters(t:15,u:4294967295)
[  187.406496][ T3170] 
[  187.510764][ T3170] exFAT-fs (loop1): error, failed to bmap (inode : ffff88812c468910 iblock : 0, err : -5)
[  187.896067][   T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  187.911952][   T20] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  187.933294][   T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.074609][   T20] usb 4-1: config 0 descriptor??
[  188.397528][ T3199] kvm: emulating exchange as write
[  188.415050][   T24] kauditd_printk_skb: 26 callbacks suppressed
[  188.415064][   T24] audit: type=1326 audit(1737498724.499:1737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3198 comm="syz.1.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  188.446721][   T24] audit: type=1326 audit(1737498724.509:1738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3198 comm="syz.1.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  188.470633][   T24] audit: type=1326 audit(1737498724.509:1739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3198 comm="syz.1.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  188.508145][   T24] audit: type=1326 audit(1737498724.589:1740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3198 comm="syz.1.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  188.566294][   T24] audit: type=1326 audit(1737498724.629:1741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3198 comm="syz.1.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  188.590896][   T24] audit: type=1326 audit(1737498724.649:1742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3198 comm="syz.1.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  188.621323][   T24] audit: type=1326 audit(1737498724.649:1743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3198 comm="syz.1.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  188.673909][   T24] audit: type=1326 audit(1737498724.649:1744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3198 comm="syz.1.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  188.927415][   T24] audit: type=1326 audit(1737498724.649:1745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3198 comm="syz.1.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=91 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  188.968928][   T20] keytouch 0003:0926:3333.000A: fixing up Keytouch IEC report descriptor
[  189.048205][   T20] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.000A/input/input13
[  189.067351][ T3220] exfat: Deprecated parameter 'utf8'
[  189.072810][ T3220] exfat: Deprecated parameter 'namecase'
[  189.078387][ T3220] exfat: Deprecated parameter 'utf8'
[  189.105204][ T3220] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  189.382822][   T24] audit: type=1326 audit(1737498724.649:1746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3198 comm="syz.1.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62efaced29 code=0x7ffc0000
[  190.166882][ T3243] netlink: 4 bytes leftover after parsing attributes in process `syz.1.765'.
[  190.182152][ T3243] netlink: 12 bytes leftover after parsing attributes in process `syz.1.765'.
[  190.249060][ T3243] netlink: 8 bytes leftover after parsing attributes in process `syz.1.765'.
[  190.642569][   T20] keytouch 0003:0926:3333.000A: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[  190.759046][ T3244] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  191.223787][  T543] usb 4-1: USB disconnect, device number 19
[  192.197366][ T1910] print_req_error: 71 callbacks suppressed
[  192.197383][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  192.217652][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  192.234534][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  192.266006][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  192.279681][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  192.306618][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  192.337792][  T387] buffer_io_error: 62 callbacks suppressed
[  192.337802][  T387] Buffer I/O error on dev loop3p3, logical block 8, async page read
[  192.351618][  T444] Buffer I/O error on dev loop3p7, logical block 8, async page read
[  192.365951][ T1910] Buffer I/O error on dev loop3p2, logical block 8, async page read
[  192.373809][ T1910] blk_update_request: I/O error, dev loop3, sector 609 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  192.384714][ T1910] Buffer I/O error on dev loop3p2, logical block 9, async page read
[  192.392504][ T1910] blk_update_request: I/O error, dev loop3, sector 610 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  192.396015][  T444] blk_update_request: I/O error, dev loop3, sector 409 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  192.403422][ T1910] Buffer I/O error on dev loop3p2, logical block 10, async page read
[  192.403467][ T1910] blk_update_request: I/O error, dev loop3, sector 611 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  192.403484][ T1910] Buffer I/O error on dev loop3p2, logical block 11, async page read
[  192.414998][  T387] Buffer I/O error on dev loop3p3, logical block 9, async page read
[  192.448942][  T444] Buffer I/O error on dev loop3p7, logical block 9, async page read
[  192.456866][ T1910] Buffer I/O error on dev loop3p2, logical block 12, async page read
[  192.464937][  T444] Buffer I/O error on dev loop3p7, logical block 10, async page read
[  193.547209][   T24] kauditd_printk_skb: 71 callbacks suppressed
[  193.547232][   T24] audit: type=1326 audit(1737498729.589:1818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3268 comm="syz.3.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfc7472d29 code=0x7ffc0000
[  194.060540][   T24] audit: type=1326 audit(1737498729.589:1819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3268 comm="syz.3.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfc7472d29 code=0x7ffc0000
[  194.134045][   T24] audit: type=1326 audit(1737498729.779:1820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3290 comm="syz.4.779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c56864d29 code=0x7ffc0000
[  194.212141][   T24] audit: type=1326 audit(1737498729.779:1821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3290 comm="syz.4.779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c56864d29 code=0x7ffc0000
[  194.237508][   T24] audit: type=1326 audit(1737498729.789:1822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3290 comm="syz.4.779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f7c56864d29 code=0x7ffc0000
[  194.260880][   T24] audit: type=1326 audit(1737498729.789:1823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3290 comm="syz.4.779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c56864d29 code=0x7ffc0000
[  194.289626][ T3293] FAT-fs (loop3): Directory bread(block 64) failed
[  194.300040][ T3293] FAT-fs (loop3): Directory bread(block 65) failed
[  194.307449][ T3293] FAT-fs (loop3): Directory bread(block 66) failed
[  194.317981][ T3293] FAT-fs (loop3): Directory bread(block 67) failed
[  194.324432][   T24] audit: type=1326 audit(1737498729.789:1824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3290 comm="syz.4.779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c56864d29 code=0x7ffc0000
[  194.348287][ T3293] FAT-fs (loop3): Directory bread(block 68) failed
[  194.354675][ T3293] FAT-fs (loop3): Directory bread(block 69) failed
[  194.361310][ T3293] FAT-fs (loop3): Directory bread(block 70) failed
[  194.367890][ T3293] FAT-fs (loop3): Directory bread(block 71) failed
[  194.381407][   T24] audit: type=1326 audit(1737498729.789:1825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3290 comm="syz.4.779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f7c56864d29 code=0x7ffc0000
[  194.404899][ T3293] FAT-fs (loop3): Directory bread(block 72) failed
[  194.411688][ T3293] FAT-fs (loop3): Directory bread(block 73) failed
[  194.415281][   T24] audit: type=1326 audit(1737498729.789:1826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3290 comm="syz.4.779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c56864d29 code=0x7ffc0000
[  194.640212][   T24] audit: type=1326 audit(1737498729.789:1827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3290 comm="syz.4.779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c56864d29 code=0x7ffc0000
[  194.814958][ T3327] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  195.455918][ T3325] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  195.833132][ T3336] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  196.276348][ T3344] netlink: 4 bytes leftover after parsing attributes in process `syz.2.791'.
[  196.285475][ T3344] netlink: 12 bytes leftover after parsing attributes in process `syz.2.791'.
[  196.391232][ T3333] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  197.311647][   T20] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  197.495494][  T361] usb 5-1: new full-speed USB device number 12 using dummy_hcd
[  198.003756][   T20] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  198.132140][   T20] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 37, changing to 9
[  198.143022][   T20] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 16538, setting to 1024
[  198.172307][  T361] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  198.215442][   T20] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  198.265241][  T361] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  198.310261][  T361] usb 5-1: config 0 interface 0 has no altsetting 0
[  198.340890][  T361] usb 5-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00
[  198.918584][   T24] kauditd_printk_skb: 44 callbacks suppressed
[  198.918595][   T24] audit: type=1400 audit(1737498735.009:1872): avc:  denied  { name_bind } for  pid=3376 comm="syz.3.801" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  198.949739][ T1910] print_req_error: 97 callbacks suppressed
[  198.949755][ T1910] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  198.968818][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  198.981590][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  199.019193][  T387] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  199.030743][  T444] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  199.072128][  T444] buffer_io_error: 85 callbacks suppressed
[  199.072138][  T444] Buffer I/O error on dev loop3p7, logical block 8, async page read
[  199.086982][  T387] Buffer I/O error on dev loop3p3, logical block 8, async page read
[  199.127087][  T361] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.205595][  T361] usb 5-1: config 0 descriptor??
[  199.253775][   T20] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  199.282398][  T308] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  199.296965][  T387] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  199.306775][   T20] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  199.316391][   T20] usb 1-1: Manufacturer: syz
[  199.321605][  T308] blk_update_request: I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  199.332592][  T308] Buffer I/O error on dev loop3p7, logical block 8, async page read
[  199.334356][  T387] blk_update_request: I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  199.351560][   T20] usb 1-1: config 0 descriptor??
[  199.356627][  T444] blk_update_request: I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  199.745148][   T20] usb 1-1: can't set config #0, error -71
[  199.763199][   T20] usb 1-1: USB disconnect, device number 16
[  199.860438][  T444] Buffer I/O error on dev loop3p3, logical block 8, async page read
[  199.873610][  T308] Buffer I/O error on dev loop3p7, logical block 9, async page read
[  199.887718][  T444] Buffer I/O error on dev loop3p3, logical block 9, async page read
[  199.897907][  T387] Buffer I/O error on dev loop3p2, logical block 8, async page read
[  199.907781][  T308] Buffer I/O error on dev loop3p7, logical block 10, async page read
[  199.923438][  T444] Buffer I/O error on dev loop3p3, logical block 10, async page read
[  199.926597][  T387] Buffer I/O error on dev loop3p2, logical block 9, async page read
[  199.943097][ T3399] overlayfs: failed to clone upperpath
[  199.975965][   T24] audit: type=1400 audit(1737498736.059:1873): avc:  denied  { setopt } for  pid=3400 comm="syz.2.809" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  200.065971][ T1358] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  200.305620][ T3412] ==================================================================
[  200.313545][ T3412] BUG: KASAN: slab-out-of-bounds in tc_setup_flow_action+0xbb8/0x3630
[  200.321509][ T3412] Read of size 8 at addr ffff888111d2dcc0 by task syz.0.807/3412
[  200.329040][ T3412] 
[  200.331223][ T3412] CPU: 0 PID: 3412 Comm: syz.0.807 Not tainted 5.10.233-syzkaller-00881-gfbe98d68b6b3 #0
[  200.340852][ T3412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  200.350748][ T3412] Call Trace:
[  200.353903][ T3412]  dump_stack_lvl+0x1e2/0x24b
[  200.358776][ T3412]  ? bfq_pos_tree_add_move+0x43b/0x43b
[  200.364212][ T3412]  ? panic+0x812/0x812
[  200.368555][ T3412]  ? __irq_exit_rcu+0x40/0x150
[  200.373246][ T3412]  print_address_description+0x81/0x3b0
[  200.379071][ T3412]  ? sysvec_call_function_single+0xcb/0xe0
[  200.384704][ T3412]  kasan_report+0x179/0x1c0
[  200.389041][ T3412]  ? tc_setup_flow_action+0xbb8/0x3630
[  200.394330][ T3412]  ? tc_setup_flow_action+0xbb8/0x3630
[  200.399627][ T3412]  __asan_report_load8_noabort+0x14/0x20
[  200.405096][ T3412]  tc_setup_flow_action+0xbb8/0x3630
[  200.410220][ T3412]  mall_replace_hw_filter+0x394/0xc10
[  200.415515][ T3412]  ? mall_set_parms+0x440/0x440
[  200.420194][ T3412]  ? tcf_exts_destroy+0xb0/0xb0
[  200.424884][ T3412]  ? irq_exit_rcu+0x9/0x10
[  200.429277][ T3412]  ? sysvec_call_function_single+0xcb/0xe0
[  200.434912][ T3412]  ? mall_set_parms+0x4b/0x440
[  200.439503][ T3412]  ? mall_set_parms+0x1a2/0x440
[  200.444218][ T3412]  mall_change+0x573/0x7a0
[  200.448459][ T3412]  ? __kasan_check_write+0x14/0x20
[  200.453532][ T3412]  ? mall_get+0xb0/0xb0
[  200.457502][ T3412]  ? tcf_chain_tp_insert_unique+0xa90/0xbb0
[  200.463230][ T3412]  tc_new_tfilter+0x168e/0x1dc0
[  200.468060][ T3412]  ? mall_get+0xb0/0xb0
[  200.472038][ T3412]  ? tcf_gate_entry_destructor+0x20/0x20
[  200.477485][ T3412]  ? security_capable+0x87/0xb0
[  200.482172][ T3412]  ? ns_capable+0x89/0xe0
[  200.486348][ T3412]  ? netlink_net_capable+0x125/0x160
[  200.491457][ T3412]  ? tcf_gate_entry_destructor+0x20/0x20
[  200.496933][ T3412]  rtnetlink_rcv_msg+0x77a/0xc50
[  200.501695][ T3412]  ? is_bpf_text_address+0x172/0x190
[  200.506818][ T3412]  ? rtnetlink_bind+0x80/0x80
[  200.511329][ T3412]  ? arch_stack_walk+0xf3/0x140
[  200.516020][ T3412]  ? stack_trace_save+0x113/0x1c0
[  200.520882][ T3412]  ? kvm_sched_clock_read+0x18/0x40
[  200.525911][ T3412]  ? stack_trace_snprint+0xf0/0xf0
[  200.530855][ T3412]  ? sched_clock+0x3a/0x40
[  200.535117][ T3412]  ? avc_has_perm+0x14d/0x400
[  200.539627][ T3412]  ? memcpy+0x56/0x70
[  200.543458][ T3412]  ? avc_has_perm+0x275/0x400
[  200.548041][ T3412]  ? __kasan_slab_alloc+0xb1/0xe0
[  200.552837][ T3412]  ? slab_post_alloc_hook+0x61/0x2f0
[  200.557947][ T3412]  ? avc_has_perm_noaudit+0x240/0x240
[  200.563150][ T3412]  ? iov_iter_advance+0x258/0xb20
[  200.568011][ T3412]  netlink_rcv_skb+0x1cf/0x410
[  200.573041][ T3412]  ? rtnetlink_bind+0x80/0x80
[  200.577477][ T3412]  ? netlink_ack+0xb30/0xb30
[  200.581891][ T3412]  ? __netlink_lookup+0x37b/0x3a0
[  200.586757][ T3412]  rtnetlink_rcv+0x1c/0x20
[  200.591014][ T3412]  netlink_unicast+0x8df/0xac0
[  200.595607][ T3412]  ? netlink_detachskb+0x90/0x90
[  200.600380][ T3412]  ? security_netlink_send+0x7b/0xa0
[  200.605537][ T3412]  netlink_sendmsg+0xa46/0xd00
[  200.610111][ T3412]  ? netlink_getsockopt+0x5c0/0x5c0
[  200.615137][ T3412]  ? security_socket_sendmsg+0x82/0xb0
[  200.620432][ T3412]  ? netlink_getsockopt+0x5c0/0x5c0
[  200.625465][ T3412]  ____sys_sendmsg+0x59e/0x8f0
[  200.630111][ T3412]  ? __sys_sendmsg_sock+0x40/0x40
[  200.634951][ T3412]  ? import_iovec+0xe5/0x120
[  200.639366][ T3412]  ___sys_sendmsg+0x252/0x2e0
[  200.643949][ T3412]  ? __sys_sendmsg+0x280/0x280
[  200.648493][ T3412]  ? __fdget+0x1bc/0x240
[  200.652630][ T3412]  __se_sys_sendmsg+0x1b1/0x280
[  200.657323][ T3412]  ? __irq_exit_rcu+0x40/0x150
[  200.661927][ T3412]  ? __x64_sys_sendmsg+0x90/0x90
[  200.666694][ T3412]  ? fpu__clear_all+0x20/0x20
[  200.671211][ T3412]  ? __kasan_check_read+0x11/0x20
[  200.676065][ T3412]  __x64_sys_sendmsg+0x7b/0x90
[  200.680669][ T3412]  do_syscall_64+0x34/0x70
[  200.684920][ T3412]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  200.690807][ T3412] RIP: 0033:0x7f44b5029d29
[  200.695027][ T3412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  200.714551][ T3412] RSP: 002b:00007f44b3659038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  200.722791][ T3412] RAX: ffffffffffffffda RBX: 00007f44b521a160 RCX: 00007f44b5029d29
[  200.730602][ T3412] RDX: 0000000000000000 RSI: 0000000020000580 RDI: 000000000000000a
[  200.738413][ T3412] RBP: 00007f44b50a5b08 R08: 0000000000000000 R09: 0000000000000000
[  200.746232][ T3412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  200.754128][ T3412] R13: 0000000000000000 R14: 00007f44b521a160 R15: 00007ffccc965738
[  200.761937][ T3412] 
[  200.764101][ T3412] Allocated by task 3412:
[  200.768292][ T3412]  ____kasan_kmalloc+0xdb/0x110
[  200.772960][ T3412]  __kasan_kmalloc+0x9/0x10
[  200.777304][ T3412]  __kmalloc+0x1aa/0x330
[  200.781377][ T3412]  tcf_idr_create+0x5f/0x770
[  200.785860][ T3412]  tcf_idr_create_from_flags+0x5f/0x70
[  200.791098][ T3412]  tcf_gact_init+0x373/0x6e0
[  200.795526][ T3412]  tcf_action_init_1+0x584/0x830
[  200.800300][ T3412]  tcf_action_init+0x2b5/0x800
[  200.804900][ T3412]  tcf_exts_validate+0x232/0x540
[  200.809677][ T3412]  mall_set_parms+0x4b/0x440
[  200.814103][ T3412]  mall_change+0x49e/0x7a0
[  200.818353][ T3412]  tc_new_tfilter+0x168e/0x1dc0
[  200.823040][ T3412]  rtnetlink_rcv_msg+0x77a/0xc50
[  200.827831][ T3412]  netlink_rcv_skb+0x1cf/0x410
[  200.832423][ T3412]  rtnetlink_rcv+0x1c/0x20
[  200.836666][ T3412]  netlink_unicast+0x8df/0xac0
[  200.841266][ T3412]  netlink_sendmsg+0xa46/0xd00
[  200.845878][ T3412]  ____sys_sendmsg+0x59e/0x8f0
[  200.850468][ T3412]  ___sys_sendmsg+0x252/0x2e0
[  200.854982][ T3412]  __se_sys_sendmsg+0x1b1/0x280
[  200.859667][ T3412]  __x64_sys_sendmsg+0x7b/0x90
[  200.864622][ T3412]  do_syscall_64+0x34/0x70
[  200.868870][ T3412]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  200.874587][ T3412] 
[  200.876760][ T3412] The buggy address belongs to the object at ffff888111d2dc00
[  200.876760][ T3412]  which belongs to the cache kmalloc-192 of size 192
[  200.890658][ T3412] The buggy address is located 0 bytes to the right of
[  200.890658][ T3412]  192-byte region [ffff888111d2dc00, ffff888111d2dcc0)
[  200.904101][ T3412] The buggy address belongs to the page:
[  200.909680][ T3412] page:ffffea0004474b40 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x111d2d
[  200.919734][ T3412] flags: 0x4000000000000200(slab)
[  200.924763][ T3412] raw: 4000000000000200 ffffea0004516000 0000000300000003 ffff888100043380
[  200.933192][ T3412] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[  200.941604][ T3412] page dumped because: kasan: bad access detected
[  200.948465][ T3412] page_owner tracks the page as allocated
[  200.954018][ T3412] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 107, ts 3854306009, free_ts 0
[  200.968915][ T3412]  prep_new_page+0x166/0x180
[  200.973282][ T3412]  get_page_from_freelist+0x2d8c/0x2f30
[  200.978844][ T3412]  __alloc_pages_nodemask+0x435/0xaf0
[  200.984039][ T3412]  new_slab+0x80/0x400
[  200.988047][ T3412]  ___slab_alloc+0x302/0x4b0
[  200.992457][ T3412]  __slab_alloc+0x63/0xa0
[  200.996632][ T3412]  kmem_cache_alloc_trace+0x1bd/0x2e0
[  201.002097][ T3412]  kernfs_fop_open+0x324/0xab0
[  201.006699][ T3412]  do_dentry_open+0x7c1/0x10d0
[  201.011298][ T3412]  vfs_open+0x73/0x80
[  201.015119][ T3412]  path_openat+0x2660/0x3000
[  201.019632][ T3412]  do_filp_open+0x21c/0x460
[  201.023966][ T3412]  do_sys_openat2+0x13f/0x710
[  201.028483][ T3412]  __x64_sys_openat+0x243/0x290
[  201.033165][ T3412]  do_syscall_64+0x34/0x70
[  201.037420][ T3412]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  201.043143][ T3412] page_owner free stack trace missing
[  201.048351][ T3412] 
[  201.050519][ T3412] Memory state around the buggy address:
[  201.055992][ T3412]  ffff888111d2db80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  201.063892][ T3412]  ffff888111d2dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  201.071792][ T3412] >ffff888111d2dc80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[  201.079682][ T3412]                                            ^
[  201.085677][ T3412]  ffff888111d2dd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  201.093749][ T3412]  ffff888111d2dd80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  201.101649][ T3412] ==================================================================
[  201.109539][ T3412] Disabling lock debugging due to kernel taint
[  201.198741][ T3413] netlink: 'syz.2.810': attribute type 12 has an invalid length.
[  201.586047][  T361] usbhid 5-1:0.0: can't add hid device: -71
[  201.591864][  T361] usbhid: probe of 5-1:0.0 failed with error -71
[  201.598909][  T361] usb 5-1: USB disconnect, device number 12
[  201.606080][  T543] usb 4-1: new full-speed USB device number 20 using dummy_hcd
[  201.705993][ T1358] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  201.715658][ T1358] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  201.724594][ T1358] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.776470][ T1358] aiptek 2-1:17.0: interface has no int in endpoints, but must have minimum 1
[  201.976914][ T1358] usb 2-1: USB disconnect, device number 19
[  201.986052][  T543] usb 4-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  201.994893][  T543] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.003354][  T543] usb 4-1: config 0 descriptor??
[  203.272261][  T359] usb 4-1: USB disconnect, device number 20