last executing test programs:

6.365773685s ago: executing program 1 (id=5902):
pipe(&(0x7f00000001c0))
prlimit64(0x0, 0xe, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={0x0}, 0x18)
sysinfo(0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], &(0x7f00000015c0)=""/4096, 0x26, 0x1000, 0x1, 0x0, 0x0, @void, @value}, 0x20)

6.365453665s ago: executing program 2 (id=5903):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2041, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x3)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, r3, 0x1000007, 0x2012, r4, 0x0)
syz_usb_connect(0x1, 0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f0700000000000905830300e4"], 0x0)

6.118086818s ago: executing program 4 (id=5904):
pipe2$9p(0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000440)=ANY=[])
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

5.223461432s ago: executing program 1 (id=5906):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000fbb703000000e31f008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000c00)='sys_enter\x00', r1}, 0x18)
fadvise64(0xffffffffffffffff, 0x8, 0xb098, 0x0)

5.194792482s ago: executing program 4 (id=5907):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f0000000180), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")
r0 = fsopen(0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r1}, &(0x7f0000000800), &(0x7f0000000840)=r2}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$can_raw(0x1d, 0x3, 0x1)
write$cgroup_devices(r6, 0x0, 0xffdd)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
r7 = open(&(0x7f0000000300)='.\x02\x00', 0x14927e, 0x44)
fallocate(r7, 0x0, 0x0, 0x1001f0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x100, 0x1, 0x28, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

5.125650363s ago: executing program 1 (id=5908):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f0000000180), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")
r0 = fsopen(0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r1}, &(0x7f0000000800), &(0x7f0000000840)=r2}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$can_raw(0x1d, 0x3, 0x1)
write$cgroup_devices(r6, 0x0, 0xffdd)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
r7 = open(&(0x7f0000000300)='.\x02\x00', 0x14927e, 0x44)
fallocate(r7, 0x0, 0x0, 0x1001f0) (fail_nth: 3)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x100, 0x1, 0x28, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

4.665757629s ago: executing program 3 (id=5899):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETSW(r0, 0x5403, 0x0)
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x4, 0x0, 0x0, 0x0, "0062050000000000007f00"})
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x2, 0x0, "1f00000800"})
r2 = dup3(r1, r0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={0xffffffffffffffff, 0x0, 0x62, 0xfffffffffffffe74, &(0x7f0000000140)="cb74445b7d4c0b24676c6c71ae37efcedaf46242309766deb4e793f90000000000000000dbc856cbc664650634231454ca2d8034c4ca29e0d99c3b6615e91835a600c08f989af45438a54981be310aad92ae545b1c961e5f3762a51fe4c736edec6f", &(0x7f0000000cc0)=""/265, 0xcb95, 0x0, 0xff, 0x194, &(0x7f0000000980)="ffc4438e5c3081d0e133e812196ec0ed923733aa8b5aba32c8650e7a66d6136853773dfbc6226be13039e230d511f1ac50cc7811aac0400e4c833fedf842ae2918e6fddb550729246fcf4c0a01bc64989ea3985fb362751a83991bd56e761379caa64f6148893ff25f38d5cd6dd695bbf9ca709a9960e0e6b054d5e2239bcb7c0fb2ac66dc4c8f534e439ff20ccaf0d48a98c19c92a3b437a699350f49606d21a403f8c112c46fea5486bf367a854b0f6c1e563b656e4794f6793a08bb3656c391643f6df71d0255054368a938d38503d064da82d5dbf395ad47ed3932669168d324ed0f6de8360d499042ddc7d02b6c0772128257702bfe6d0971f00fea85da062cdc", &(0x7f00000007c0)="4c87fe555ceb79157b1e507ff4d3cc053321e42ae89f596427188b4877ab8f1776c0685784f1174c6401ecc1dd6e2a77bc79238f87ad9215a92ff203a30099e77c543e702b4a4438d358616381745f24f74e585498af129c4b173b242f445b08135f7fa40eb7ba78160ff4f0c80e1b324d0c234cb7f43a3ff9e9535dc16000c797113a039f4508a09144090000009f38a90a24f173b3e68377e4272950a80cfcd3aa6850e917bc7e57370060f5e6db941d67fc98a1e98103830b821657438325578d2af822dd4fc13ea7a7eef8d9be4e715aec8fd6cadc41c8da5ce9da2b9e1559d92a1936fc2b3a00000000000000000072200e10ba6269b634f10f7098c65ba67ba65c0e2687637e131fb8d5ba6c12c09c8356853c434a44ff0878e496dcf9a4f5ca02c293279948f37ebb28843f92c87c057a3b410e04418557d5deda7ddd3bd1d384d64ec980187e8b64a0696571a49e847db79349c9b3c3fab5f1f977bde4d802d9026ae0c11744eb1525c5195fd215d7a432497f35c2f2cfcd2b6336b26dfef0cb968c910ea2af5cdd4d58cc08535d5514", 0x2, 0x0, 0x3ff}, 0x24)
read$rfkill(r2, &(0x7f00000002c0), 0x8)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000180))
read(r1, &(0x7f0000000e00)=""/4096, 0x1000)

4.501857282s ago: executing program 3 (id=5909):
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_mount_image$exfat(&(0x7f0000006c00), &(0x7f0000000040)='./file0\x00', 0x208008de, &(0x7f00000004c0)=ANY=[], 0x82, 0x1503, &(0x7f0000000580)="$eJzs3AuYj1XXMPC99t43Y5L+TXIY9trr5p8G2yRJDgk5JEmSJDklJCZJEhJDTklDEnKcJIchJIdpTBrn8yHnpMkjTZKE5BT2d+np/Tzv0/O+fe9X3+e93lm/69qXvdz/tf7rnjXX3Pf9v66Z73uOqtu8Xq2mRCT+FPj7P8lCiBghxDAhxA1CiEAIUTGuYtyV4/kUJP+5N2F/rUfTrnUH7Fri+eduPP/cjeefu/H8czeef+7G88/deP65G8+fsdxs+5yiN/LKvYs//8/N+Pr/P0hOuclfbyx3c6//QgrPP3fj+eduPP/cjeefu/H8czee//98Nf+TYzz/3I3nz1hudq0/f+Z1bde1/v5jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZY7nPNXaSHEv+2vdV+MMcYYY4wxxhj76/i817oDxhhjjDHGGGOM/b8HQgoltAhEHpFXxIh8IlZcJ/KL60UBcYOIiBtFnLhJFBQ3i0KisCgiiop4UUwUF0agsIJEKEqIkiIqbhGlxK0iQZQWZURZ4UQ5kShuE+XF7aKCuENUFHeKSuIuUVlUEVVFNXG3qC7uETVETVFL3Ctqizqirqgn7hP1xf2igXhANBQPikbiIdFYPCyaiEdEU/GoaCYeE83F46KFeEK0FK1Ea9FGtP2/yn9Z9BWviH6iv0gWA8RA8aoYJAaLIWKoGCZeE8PF62KEeEOkiJFilHhTjBZviTHibTFWjBPjxTtigpgoJonJYoqYKlLFu2KaeE9MF++LGWKmmCVmizQxR8wVH4h5Yr5YID4UC8VHYpFYLJaIpSJdfCwyxDKRKT4Ry8WnIkusECvFKrFarBFrxTqxXmwQG8UmsVlsEVvFNrFdfCZ2iJ1il9gt9oi9Yp/4XOwXX4gD4kuRLb76L+af/af8XiBAgAQJGjTkgTwQAzEQC7GQH/JDASgAEYhAHMRBQSgIhaAQFIEiEA/xUByKAwICAUEJKAFRiEIpKAUJkABloAw4cJAIiVAebocKUAEqQkWoBJWgMlSBKlANqkF1qA41oAbUglpQG2pDXagL98F9cD80gAbQEBpCI2gEjaExNIEm0BSaQjNoBs2hObSAFtASWkJraA1toS20g3bQHtpDR+gInaATdIbOkARJ0BW6QjfoBt2hO/SAHtATekIv6A294WV4GV6BV6A/1JYDYCAMhEEwCIbAUBgKr8FweB1ehzcgBUbCKHgT3oS3YAycgbEwDsbDeKguJ8IkmAwkp0IqpMI0mAbTYTrMgJkwE2ZDGsyBuTAX5sF8mA8fwkL4CD6CxbAYlkI6pEMGLINMyITlcBayYAWshFWwGtbAalgH62EdbIRNsBG2wBbYBtvgM/gMdsJO2A27YS/shc/hc/gCvoAUyIZsOAgH4RAcgsNwGHIgB47AETgKR+EYHIPjcBxOwEk4BSfhNJyGM3AWzsE5uAAX4CK8GP9ts72lN6QIeYWWWuaReWSMjJGxMlbml/llAVlARmRExsk4WVAWlIVkIVlEFpHxMl4Wl8UlSpQkQ1lClogRQshSspRMkAmyjCwjnXQyUSbK8rK8rCAryIryTllJ3iUryyqyg6smq8nqsqOrIWvKWrKWrC3ryLqynqwn68v6soFsIBvKhrKRbCQby4dlEzkAhsCj8spkmsuR0EKOgpaylWwt28i34EnZTo6B9rKD7CifluNgLHSW7VySfFZ2lZOgm3xeToYXZA85FXrKl2Qv2Vv2kS/LvrK96yf7yxkwQA6Us2GQHCyHyKFyHtSRVyZWV74hU+RIOUq+KZfCW3KMfFuOlePkePmOnCAnyklyspwip8pU+a6cJt+T0+X7coacKWfJ2TJNzpFz5QdynpwvF8gP5UL5kVwkF8slcqlMlx/LDLlMZspP5HL5qcySK+RKuUqulmvkWrlOrpcb5Ea5SW6WW+RWuU1ul5/JHXKn3CV3yz1yr9wnP5f75RfygPxSZsuv5EH5N3lIfi0Py29kjvxWHpHfyaPye3lM/iCPyx/lCXlSnpI/ydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaDyqLwqRuVTseo6lV9drwqoG1RE3aji1E2qoLpZFVKFVRFVVMWrYqq4MgqVVaRCVUKVVFF1iyqlblUJqrQqo8oqp8qpRHWbKq9uVxXUHaqiulNVUnepyqqKqqqqqbtVdXWPqqFqqlrqXlVb1VF1VT11n6qv7lcN1AOqoXpQNVIPqcbqYdVEPaKaqkdVM/WYaq4eVy3UE6qlaqVaqzaqrXpStVNPqfaqg+qonlad1DOqs+qiktSzqqt6TnVTz6vu6gXVQ72oeqqXVC/VW/VRl9Rl5VU/1V8lqwFqoHpVDVKD1RA1VA1Tr6nh6nU1Qr2hUtRINUq9qUart9QY9bYaq8ap8eodNUFNVJPUZDVFTVWp6l01Tb2npqv31Qw1U81Ss1WamqOG/FZpwT/lD/jtqvuP+e/9i/wRv777NrVdfaZ2qJ1ql9qt9qi9ap/ap/ar/eqAOqCyVbY6qA6qQ+qQOqwOqxyVo46oI+qoOqqOqWPquDquTqiT6rz6SZ1WP6sz6qw6q86rC+qCuvjb10Bo0FIrrXWg8+i8Okbn07H6Op1fX68L6Bt0RN+o4/RNuqC+WRfShXURXVTH62K6uDYatdWkQ11Cl9RRfYsupW/VCbq0LqPLaqfL6UR925/O/6P+2uq2up1up9vr9rqj7qg76U66s+6sk3SS7qq76m66m+6uu+seuofuqXvqXrqX7qP76L66r+6n++lknawH6lf1ID1YD9FD9TD9mh6uh+sReoRO0Sl6lB6lR+vReoweo8fqsXq8Hq8n6Al6kp6kp+gpOlWn6ml6mp6up+sZeoaepWfpNJ2m5+q5ep6epxfoBXqhXqgX6UV6iV6i03W6ztAZOlNn6uV6uc7SK/QKvUqv0mv0Gr1Or9Mb9Aa9SW/SW/QWnaW36+16h96hd+ldeo/eo/fpfXq/3q8P6AM6W2frg/qgPqQP6cP6sM7ROfqIPqKP6qP6mD424Lg+rk/oE/qUPqVP69P6jD6jz+lz+oK+oC/qi/qyvnzlti+QgQx0oIM8QZ4gJogJYoPYIH+QPygQFAgiQSSIC+KCgsHNQaGgcFAkKBrEB8WC4oEJMLABBWFQIigZRINbglLBrUFCUDooE5QNXFAuSAxuC8oHtwcVgjuCisGdQaXgrqByUCWoGlQL7g6qB/cENYKaQa3g3qB2UCeoG9QL7gvqB/cHDYIHgobBg0Gj4KGgcfBw0CR4JGgaPBo0Cx4LmgePBy2CJ4KWQaugddAmaPuX1vf+TOGnXD/T3ySbAWagedUMMoPNEDPUDDOvmeHmdTPCvGFSzEgzyrxpRpu3zBjzthlrxpnx5h0zwUw0k8xkM8VMNanmXTPNvGemm/fNDDPTzDKzTZqZY+aaD8w8M98sMB+aheYjs8gsNkvMUpNuPjYZZpnJNJ+Y5eZTk2VWmJVmlVlt1py/UQiz3mwwG80ms9lsMVvNNrPdfGZ2mJ1ml9lt9pi9Zp/53Ow3X5gD5kuTbb4yB83fzCHztTlsvjE55ltzxHxnjprvzTHzgzlufjQnzElzyvxkTpufzRlz1pwz580F84u5aC6Zy8Zfubm/cnlHjRrzYB6MwRiMxVjMj/mxABbACEYwDuOwIBbEQlgIi2ARjMd4LI7F8QpCwhJYAqMYxVJYChMwActgGXToMBETsTyWxwpYAStiRayElbAyVsaqWBXvxrvxHrwHa2JNvBfvxTpYB+thPayP9bEBNsCG2BAbYSNsjI2xCTbBptgUm2EzbI7NsQW2wJbYEltja2yLbbEdtsP22B47YkfshJ2wM3bGJEzCrtgVu2E37I7dsQf2wJ7YE3thL+yDfbAv9sV+2A+TMRkH4kAchINwCA7BYTgMh+NwHIEjMAVTcBSOwtE4GsfgGByL43A8voMTcCJOwsk4BadiKqbiNJyG03E6zsAZOAtnYRqm4Vyci/NwHi7ABbgQF+IiXIRLcAmmYzpmYAZmYiYux+WYhVm4ElfialyNa3Etrsf1uBE34mbcjFtxK27H7bgDd+Au3IV7cA/uw324H/fjATyA2ZiNB/EgHsJDeBgPYw7m4BE8gkfxKB7DY3gcj+MJPIGn8BSextN4Bs/gOTyHF/AXvIiX8DJ6jLFSxNrrbH57vS1gb7AxNp/9x7iILWrjbTFb3BpbyBb+dzFaaxNsaVvGlrXOlrOJ9rbfxZVtFVvVVrN32+r2Hlvjd3F9e79tYB+wDe2Dtp6977c4769xI/uQbWwft03sE7apbWWb2Ta2uX3ctrBP2Ja2lW1t29hO9hnb2XaxSfZZ29U+97s4wy6z6+0Gu9FusvvtF/acPW+P2u/tBfuL7Wf722H2NTvcvm5H2Ddsih35u3i8fcdOsBPtJDvZTrFTfxfPsrNtmp1j59oP7Dw7/3dxuv3YLrSZdpFdbJfYpb/GV3rKtJ/Y5fZTm2VX2JV2lV1t19i1dt3/7nWV3WK32m12n/3c7rA77S672+6xe3+Nr5zHAfulzbZf2SP2O3vIfm0P22M2x377a3zl/I7ZH+xx+6M9YU/aU/Yne9r+bM/Ys7+e/5Vz/8lespett4KAJCnSFFAeyksxlI9i6TrKT9dTAbqBInQjxdFNVJBupkJUmIpQUYqnYlScDCFZIgqpBJWkKN1CpehWSqDSVIbKkqNylEi3UXm6nSrQHVSR7qRKdBdVpipUlarR3VSd7qEaVJNq0b1Um+pQXapH91F9up8a0APUkB6kRvQQNaaHqQk9Qk3pUWpGj1Fzepxa0BPUklpRa2pDbelJakdPUXvqQB3paepEz1Bn6kJJ9Cx1peeoGz1P3ekF6kEvUk96iXpRb+pDL1NfeoX6UX9KpgE0kF6lQTSYhtBQGkav0XB6nUbQG5RCI2kUvUmj6S0aQ2/TWBpH4+kdmkATaRJNpik0lVLpXTqb3qXIlXu9GTSTZtFsSqM5NJc+oHk0nxbQh7SQPqJFtJiW0FJKp48pg5ZRJn1Cy+lTyqIVtJJW0WpaQ2tpHa2nDbSRNtFm2kJbaRttp89oB+2kXbSb9tBe2kef0376gg7Ql5RNX9FB+hsdoq/pMH1DOfQtHaHv6Ch9T8foBzpOP9IJOkmn6Cc6TT/TGTpL5+g8XaBf6CJdosvkSYQQylCFOgzCPGHeMCbMF8aG14X5w+vDAuENYSS8MYwLbwoLhjeHhcLCYZGwaBgfFguLhybE0IYUhmGJsGQYDW8JS4W3hglh6bBMWDZ0YbkwMbwtLB/eHlYI7wgrhneGlcK7wsphlfDxB6uFd4fVw3vCGmHNsFZ4b1g7rBPWDeuF94X1w/vDBuEDYcPwwbBC+FDYOHw4bBI+EjYNHw2bhY+FzcPHwxbhE2HLsFXYOmwTtg2fDNuFT4Xtww5hx/DpsFP4TNg57BImhc+GXcPn/vB4cjggHBi+Gr4aev+AWhJdGk2PfhzNiC6LZkY/iS6PfhrNiq6Iroyuiq6Oromuja6Lro9uiG6Mbopujm6Jbo1ui3pfL69w4KRTTrvA5XF5XYzL52LddS6/u94VcDe4iLvRxbmbXEF3syvkCrsirqiLd8VccWccOuvIha6EK+mi7hZXyt3qElxpV8aVdc6Vc4mujWvr2rp27inX3nVwHd3T7mn3jHvGdXFd3LOuq3vOdXPPu+7uBdfDvehedC+5Xq636+Nedn3dK66f6++SXbIb6Aa6QW6QG+KGuGFumBvuhrsRboRLcSlulBvlRrvRbowb48a6sW68G+8muAlukpvkprgpLtWlumlumpvuprsZboab5Wa5NJfm5rq5bp6b5xa4BW5hwkK3yC1yS9wSl+7SXYbLcJku0y13y12Wy3Ir3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt8vtcnvcHrfP7XP73X53wB1w2S7bHXQH3SF3yB1237gc96074r5zR9337pj7wR13P7oT7qQ75X5yp93P7ow768658+6C+8VddJfcZeddauTdyLTIe5HpkfcjMyIzI7MisyNpkTmRuZEPIvMi8yMLIh9GFkY+iiyKLI4siSyNpEc+jmRElkUyI59Elkc+jWRFVkRWRlZFVkfWRLwvtiP0JXxJH/W3+FL+Vp/gS/syvqx3vpxP9Lf58v52X8Hf4Sv6O30lf5ev7Kv4qv4J39K38q19G9/WP+nb+ad8e9/Bd/RP+07+Gd/Zd/FJ/lnf1T/nu/nnfXf/gu/hX/Q9/Uu+l+/t+/iXfV//iu/n+/tkP8AP9K/6QX6wH+KH+mH+NT/cv+5H+Dd8ih/pR/k3/Wj/lh/j3/Zj/Tg/3r/jJ/iJfpKf7Kf4qT7Vv+un+ff8dP++n+Fn+ll+tk/zc/xc/4Gf5+f7Bf5Dv9B/5Bf5xX6JX+rT/cc+wy/zmf4Tv9x/6rP8Cr/Sr/Kr/Rq/1q/z6/0Gv9Fv8pv9Fr/Vb/Pb/Wd+h9/pd/ndfo/f6/f5z/1+/4U/4L/02f4rf9D/zR/yX/vD/huf47/1R/x3/qj/3h/zP/jj/kd/wp/0p/xP/rT/2Z/xZ/05f95f8L/4i/6Sv8y/s8YYY4wx9n9E/cHxAf/i/+Rv64qBQojrdxbN+eeamwv9fT9YxneKCCGe7d/z0X9btWsnJyf/9tosJYKSi4UQkav5ecTVeIXoKJ4RSaKDKP8v+xsse1+gP6gfvVOI2KuVfxUr/rn+7f9B/SefHp9RKTwX95/UXyxEQsmrOfnE1fhq/Qr/Qf3C7f6g/3xfpwrR/h9y8our8dX6ieIp8ZxI+nevZIwxxhhjjDHG/m6wrNr9j56frzyfx+urOXnF1fiPns8ZY4wxxhhjjDF27b3Qu0+XJ5OSOnTnzZ/Y1Pjv0QZvePOXba71TybGGGOMMcbYX+3qTf+17oQxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMu9/n/8ObFrfY6MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbYtfa/AgAA///mJjhh")
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f0000000000)=0x13)
ioctl$TCSETA(r0, 0x5406, &(0x7f0000000100)={0xfefd, 0xd15, 0x3925, 0x8, 0x9, "8bdffb70f0ffffff"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x21408, 0x0, 0x1, 0x0, &(0x7f0000006380))
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f00000006c0)=0x16)
unshare(0x22020600) (fail_nth: 3)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x80000000000)
syz_usb_connect(0x1, 0x6b, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000040)=@lang_id={0x4, 0x3, 0x44c}}]})

4.369480654s ago: executing program 0 (id=5910):
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000740)="a4b91b65e332755b1847783e8fdab1640f1c24721aa8ab62ebe31eeedc2d056e67c0b9686689513f91185de1a7c2f58a9a249b4f15415d22fa65c53ac596b474c0d3b538ca46bd97fa2bc1ab07bc81321d468cd2333e12dac55020dc4419a2703ee50f7086ee970bd8946f46afd6e6e8a2463b3541f359f0e72d42c4c80a685a3b087edbae8315508e5041da1ad81605128357919a5081145437346328989e4a29fe807f7af44d578ae7ce027b1eb31ca92c0f5fcd44c08508433e164be2989b957714cf0234509b0c482f20f9cddb1c2985e75539c2127877bcca6a986ecf1be016e2a99d47ad00d954bba015b29046daf1aad7471177bf190362e0229aba30")
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1], 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000140)='.\x00', 0x0, 0x0)
utimensat(r2, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x12, 0x2, 0x8, 0xd0eb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, 0x0)
syz_pidfd_open(r5, 0x0)
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[], 0xc0}}, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x7, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0xff, 0xff})
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f1, &(0x7f0000010640)={'sit0\x00', &(0x7f00000001c0)=@ethtool_cmd={0x2f, 0x5, 0x0, 0x0, 0x7, 0x0, 0x3, 0xfc, 0x0, 0xfc, 0x0, 0x0, 0x0, 0xff, 0x0, 0x45}})
syz_mount_image$msdos(&(0x7f00000006c0), &(0x7f00000003c0)='./file0\x00', 0x840, &(0x7f0000000c80)=ANY=[@ANYBLOB='nfs=stale_rw,dots,nodots,dots,nodots,dots,dots,nodots,nodots,dots,dots,nodots,nodots,check=relaxed,flush,usefree,dots,dots,nodots,errors=continue,\x00'], 0x1, 0x1f3, &(0x7f0000000a80)="$eJzs3cFqE1EUANCbmiYTcdGdIAgjLnRV1C+oSAUxIFSy0J2gK7NqN6mb9jP8Bf/LD5CuspEncSadGNMYBjKj9ZxN78x9r+/dGTLJJjcpCl9vf44s68TOQRzEtBN7sRNz5wEAXCfTlOJbKrS9FwCgGRu8/39veEsAwJa9fvP25dPh8PAoz7OIi/PJaDIq/hb55y+Gh4/ynzrVrIvJZHTjMv84X/7sMMvvxs0y/6SYn1+mexEx6sXD+0V+lnv2apj/Or8f77dcOwAAAAAAAAAAAAAAAAAAAAAAtOVu5HN71dmqv8/+/nJ+UOaLo4X+QEv9e7pxp1seVu2B0lkTRQEAAAAAAAAAAAAAAAAAAMA/5uT008d34/GH4yroR8Time6KMVcHnfIfbzS4/WAn6k0flGXWWLRTXqLtFjhYfXM3CaL7t9ydukHewFqDtZc3pVmw+lUwb4tx5fReRKxf/cFR3c1PU0rjL/eOT04jrR1cPSP6jT6RAAAAAAAAAAAAAAAAAADg/7Xwre/fZG1sCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABaUP3+f43gLCJuxR8Hz9fajazdYgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALi2fgQAAP//+EUj2A==")
syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

4.288954065s ago: executing program 2 (id=5911):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000480)='./file2\x00', 0xc0ed4040, &(0x7f00000003c0), 0xf5, 0x47e, &(0x7f0000001e40)="$eJzs3M9vFFUcAPDv7G5Lyw+LiD9A0CoYiT9aWgQ5mBiNJh40mugB42ndFoIUMFATIUTRA8Z4MCTejUcT/wJPejHqycQr3g0JMVwAT2tmZ4a2293aH1u2dD+fZNj3Zmbnve++fds37+0SQM8aTv9JIjZHxJWIGIqISvMJw9nDzesXareuX6glUa+//U+SPi1uXL9Qyy/R2FKbsh31ep7f0KLcS+9FVKemJs/k+dHpkx+Onj13/tnjJ6vHJo9Nnho/fPi5A7v7D40f7EicaVw3dn5yeteO1969/EbtyOX3f/shre/m/HgRRycNZ69uS090urAu2zIrnVS6WBGWJG23vny7EkNRjsHbx4bi1c+7WjlgtVVa/X3OXawD61g6UAd6UfGHPr3/LbY7NO5YE669lE14pHHfzLfsSCVK+Tl9Tfe3nTQQEUcu/vttusUqzUMAAMz2Uzr+eaZp/Dcw/7x78jWUrRFxb0Rsi4j7ImJ7RNwfEQ9ExIMR8dASy29eIZk//ildLVKDS7z2YqTjvxfyta25479i9Bdby3luSyP+vuTo8anJ/flrsi/6NqT5sTlPmevnV/78unnfV3kww7PGf+mWll+ec2bpavME3UR1urryyDPXPovYWWkVf3J7HTCJiB0RsXOZZRx/6vtd7Y61ir8YC0eUF75wB9aZ6t9FPJm1/8Voir+QtF2fHHv+0PjB0YGYmtw/Wrwr5vv9j0tvtSt/4fhXX9r+G1u+/7P403vEZCDi7LnzJxrrtWeXUchfX9SSNoe2/2/889//tb0R/ck7jXR/cVb+2J+8nj4MFvs/rk5PnxmfeW6RbzyOZfHv2zMTfzVm+v+27Pas8Uo8HBHpm3h3RDwSEY/mbfdYRDweEXsWCP/Xl/d+0O5Y+/ZfYFa+g9L4JxZo//QjL03NtP/SE+UTv/zYrvz6oto/a919+Z7FfP4ttoIree0AAADgblFqfAc+KY3cTpdKIyPZd/i3x8ZSJSKePnr6o1MT2Xflt0ZfqZjpGpo1HzqWzw0X+fGm/IF83vib8mAjP1I7PTXR7eChx21q0/9Tf5ej1VIQsJ74vRb0Lv0fepf+D71L/4fe9WK3KwB0R3/r3Z/e6XoAXbH08b9lQVgv3P9D79L/oXfp/9CT2v42vrSin/zfrYnK2qhGy8Tg2qhGkYjSmqhG5xJvfpl1iU5f+VZ9ZdepLPo/s1hmYkPLQ93+ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiM/wIAAP//x6naDQ==")
bpf$MAP_CREATE(0x0, 0x0, 0xfffffffffffffe6a)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = dup(r5)
write$UHID_INPUT(r6, &(0x7f00000030c0)={0x765, {"a2e3ad21ed0d09f91b48090987f70e06d038e7ff7fc6e5539b0d3d0e8b089b3f3b0068090890e0878f0e1ac6e7049b074a959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074a0936cd3b78130daa61d8e8040000095802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1bb5a7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b7293ffff00009af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
sched_setscheduler(r0, 0x0, &(0x7f0000000000)=0x70000)
recvmmsg(0xffffffffffffffff, &(0x7f0000000480), 0x400034f, 0x2, 0x0)

4.239454656s ago: executing program 1 (id=5912):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',group_i', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000004280)={0x2020}, 0x2020)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fdinfo\x00')
lseek(r2, 0x1, 0x0)
getdents(r2, &(0x7f0000020940)=""/224, 0xe0)
getsockopt$IP_VS_SO_GET_TIMEOUT(r2, 0x0, 0x486, &(0x7f0000000500), &(0x7f0000000540)=0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYRES16, @ANYRES64, @ANYRES16], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=")
r3 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r4 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r5, &(0x7f0000000180), 0x40010)
fallocate(r3, 0x0, 0x0, 0x1000f4)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'tunl0\x00', <r7=>0x0})
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x40, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x6, 0x0, 0x0, 0xffffff81}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x40}}, 0x0)
pipe(&(0x7f0000000000)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
vmsplice(r10, &(0x7f00000016c0)=[{&(0x7f0000000ac0)="4191062c1421f8d286fea25179d3bff47ffb95a24f597e0388f330e7dfb81fde917ae89f97d5fde0855ce2942ff541f21652a7409dad35f8886d587bb6e698986ca5f808b1b92c1a374dbc7424a26c0ad2b6840cf3049fc728f9109eb576c388dca33df6129f9efd43ccbd58a93f146ce183a410b8959fe192652e32068e0d8e24d8eab4ecbd5ebaa165771a07c890804037074a1ebad3bcdd46b8f34ecb2f4a6e1bbc6ac3d80ea44fbfedf338583f63ba4607f430acc0a98b4fcbb501006052cb83625cbf60ebf28e9095458c1e9971417b2912bbe30037dd5c1ac06f612816e97ac304404619b0c75222e9339f6ba14eac3c1486ac997f919248490b14a5e12ef47e61857f6d43ebc490155bf06e801547ed96f1264b5c220cf3f66d", 0x11d}, {&(0x7f0000000280)="09ec8b684fbd9f0a18960e84defd08b28dc2f98b5aad5cfeb075441d6d15233b802af831523479391b7297416ddff60a6500da9864b052a3105e6fa49014cb2ce5f295aaff14d9077735f34eaec042e8252a6456999297ed02a01da56a3809f0c58184192ebf4bead7e8618412536273bf08e0f6847e436dc74fd4450e8ff88199f35a0c759aff55639834dc4c945dfb330a7b92b049700cb67e0f14337d8390091514253c2f2d4499d89b5f04759319e2c7b6856f03c69029b689f0be37093c79e8ff2405eb93cbfe5487143a294c3e61b0c9be8323cd4d01c37e5f5d4bf94546d02d4dc988dbb4717ee61e5be16f4c7701cc671d25", 0xf6}, {&(0x7f0000000080)="6a5b3986af4597e55298f14c7f201f060fe2bafbdf16a0ace97ea54e624ac84ccc7fc7f393c4ece5273773faa8c63f157edf2a0d41a7c6340c630b50b30c42d156fa375b30d31bf6a611fd29e60958434b6f597e0bb9ec6731ad3c9b2ee1dc975565bc1d534aae4c0693aebccc5caa31bf5b1c194f52f6325788b12d4fb81e71d68ab2fd", 0x84}, {&(0x7f0000000380)="f3ba9e8346ddfd46f5ba7fbc25c6aed71214dcfaa44b98dfdbc07bc80c42d5501285b1bc305d7f699524d78bca1a151bfd74ca3d4f468f1244e6951083a7e19dec984cc37874a28db922c628a534fb91191d25f636a589", 0x57}, {&(0x7f0000001780)="12dfbd793db81fe455d97618c2aedf67f1b166ec59876a1fbbe13986e69655d6f600262371ef8dae091786d7f9a4d7ca234f8852df8f05000f02b5258ec56ec5fdd5f3531f795bf2f172d6fb23f3549b9734f2eef416b7698a93335a94b8cda61325b62cda1807b03675c6347b431f2d71baa6bc59e9047069153d70ffba20956e58971501c2d9f299fdfa3a38fa73a5da43ba2506d8704592ee5c19ca0d2075ddc9313d8bd2202a89dae6a689d3900818f892f3f17957cd53023399810da5655e0fd0f0f394c9a8bedc", 0xca}, {&(0x7f0000000500)="0f15ce0e2a894e2afb7a77dc4a4ec84b8109b2c95397d40adb9d5e8df8fd9a3167faa56aa764e61ba1a6cc8fd041bb89bee6d17105e169dd8d68d5b79eb5958574299b9035fbed2942a75e731b7571c29a760623e725792c", 0x58}, {&(0x7f0000000580)="2ee97d629c7e44f81166cb7f6ff136f276b93d54b74333781a4c68225b61bae187918e", 0x23}, {&(0x7f00000005c0)="ed48f08c19f5d937fe3f92802a25b07496a34825b6d3fbf57fec343be7e4b6531b0e0f0637b3c46e072578521ad417549bae2e00ad7b67f769ec533e3c9c62b6955e9005ca02506938aeb5adac5798e85f440385c7f26cced77e12ecffa7b98c962259e08cffa0eb0ad803bfdf8336da8df2e85a2a8b407329650ee71f68ca7de83df1c45914bedd1b8add5bc677e5590af05aea657a8b2b7dd4fc76010e259917ab727d4065cee39115ca3d322533bb48b5b8a23e8557688d783d0e5c444fd5ae3e02d7245c498d9c6675c8a9626ecde62915d6ada50bb3a0496c87f77457a664a250ba9d037a463f44057ad767bb933fa0790f660401baa2575729ec0306acedbdda2144218960158223a8759efb5bb977d9ff572bd597b13cf7b1647ffe268d5951288ca88461e1d8000000000000eb9d2b945305cad0caef49497b593f4b9f17db2323ffcbc7d743bd572811a09ec96ee3823858205f275fbccc94ca558a3bece72bdb26869f255617e4f10b6f16f9fd0e093508889b46e730834e13588900"/398, 0x18e}], 0x8, 0x8)
r11 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r11, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10)
connect$inet(r11, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10)
splice(r9, 0x0, r11, 0x0, 0x2000000002ffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x1c, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4}, [@map_idx_val={0x18, 0x6, 0x6, 0x0, 0x8}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x430}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}, @generic={0xea, 0x3, 0x4, 0x5, 0x5}]}, &(0x7f0000000380)='syzkaller\x00', 0xfffffffe, 0x2f, &(0x7f00000003c0)=""/47, 0x40f00, 0x1, '\x00', r7, 0x25, r3, 0x8, &(0x7f0000000400)={0x3, 0x4}, 0x8, 0x10, &(0x7f0000000440)={0x2, 0x1, 0x8, 0xa4}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000480)=[r3], &(0x7f00000004c0)=[{0x2, 0x2, 0x10, 0x3}, {0x4, 0x2, 0xe, 0x3}, {0x0, 0x1, 0xf, 0x4}], 0x10, 0x6, @void, @value}, 0x94)
io_setup(0x7d, &(0x7f0000000600)=<r12=>0x0)
io_submit(r12, 0x1, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r4, &(0x7f0000000000)="96", 0x1, 0x0, 0x0, 0x0, r4}])

3.989022169s ago: executing program 4 (id=5913):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f0000000180), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")
r0 = fsopen(0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r1}, &(0x7f0000000800), &(0x7f0000000840)=r2}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$can_raw(0x1d, 0x3, 0x1)
write$cgroup_devices(r6, 0x0, 0xffdd)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
r7 = open(&(0x7f0000000300)='.\x02\x00', 0x14927e, 0x44) (fail_nth: 3)
fallocate(r7, 0x0, 0x0, 0x1001f0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x100, 0x1, 0x28, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

3.865054511s ago: executing program 3 (id=5914):
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000740)="a4b91b65e332755b1847783e8fdab1640f1c24721aa8ab62ebe31eeedc2d056e67c0b9686689513f91185de1a7c2f58a9a249b4f15415d22fa65c53ac596b474c0d3b538ca46bd97fa2bc1ab07bc81321d468cd2333e12dac55020dc4419a2703ee50f7086ee970bd8946f46afd6e6e8a2463b3541f359f0e72d42c4c80a685a3b087edbae8315508e5041da1ad81605128357919a5081145437346328989e4a29fe807f7af44d578ae7ce027b1eb31ca92c0f5fcd44c08508433e164be2989b957714cf0234509b0c482f20f9cddb1c2985e75539c2127877bcca6a986ecf1be016e2a99d47ad00d954bba015b29046daf1aad7471177bf190362e0229aba30")
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1], 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000140)='.\x00', 0x0, 0x0)
utimensat(r2, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x12, 0x2, 0x8, 0xd0eb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, 0x0)
syz_pidfd_open(r5, 0x0)
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[], 0xc0}}, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x7, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0xff, 0xff})
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f1, &(0x7f0000010640)={'sit0\x00', &(0x7f00000001c0)=@ethtool_cmd={0x2f, 0x5, 0x0, 0x0, 0x7, 0x0, 0x3, 0xfc, 0x0, 0xfc, 0x0, 0x0, 0x0, 0xff, 0x0, 0x45}})
syz_mount_image$msdos(&(0x7f00000006c0), &(0x7f00000003c0)='./file0\x00', 0x840, &(0x7f0000000c80)=ANY=[@ANYBLOB='nfs=stale_rw,dots,nodots,dots,nodots,dots,dots,nodots,nodots,dots,dots,nodots,nodots,check=relaxed,flush,usefree,dots,dots,nodots,errors=continue,\x00'], 0x1, 0x1f3, &(0x7f0000000a80)="$eJzs3cFqE1EUANCbmiYTcdGdIAgjLnRV1C+oSAUxIFSy0J2gK7NqN6mb9jP8Bf/LD5CuspEncSadGNMYBjKj9ZxN78x9r+/dGTLJJjcpCl9vf44s68TOQRzEtBN7sRNz5wEAXCfTlOJbKrS9FwCgGRu8/39veEsAwJa9fvP25dPh8PAoz7OIi/PJaDIq/hb55y+Gh4/ynzrVrIvJZHTjMv84X/7sMMvvxs0y/6SYn1+mexEx6sXD+0V+lnv2apj/Or8f77dcOwAAAAAAAAAAAAAAAAAAAAAAtOVu5HN71dmqv8/+/nJ+UOaLo4X+QEv9e7pxp1seVu2B0lkTRQEAAAAAAAAAAAAAAAAAAMA/5uT008d34/GH4yroR8Time6KMVcHnfIfbzS4/WAn6k0flGXWWLRTXqLtFjhYfXM3CaL7t9ydukHewFqDtZc3pVmw+lUwb4tx5fReRKxf/cFR3c1PU0rjL/eOT04jrR1cPSP6jT6RAAAAAAAAAAAAAAAAAADg/7Xwre/fZG1sCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABaUP3+f43gLCJuxR8Hz9fajazdYgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALi2fgQAAP//+EUj2A==")
syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

3.863966931s ago: executing program 0 (id=5915):
pipe2$9p(0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000440)=ANY=[])
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000400)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa00000000000001503000008004e002d3501000000000095006e00000000006916000000000000bf67000000000000350605000fff0720670600000c000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffbd4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172bf9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6a1002d94ad089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8bf777b2eaa45c940aabc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224bb031bbee6d23cef7074f6d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18532f4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32a103393c7c166215dab684e62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095031dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961cf4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fd0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cf"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
pipe(&(0x7f00000001c0))
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()

3.23776627s ago: executing program 3 (id=5916):
pipe(&(0x7f00000001c0))
prlimit64(0x0, 0xe, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={0x0}, 0x18)
sysinfo(0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], &(0x7f00000015c0)=""/4096, 0x26, 0x1000, 0x1, 0x0, 0x0, @void, @value}, 0x20)

2.905771415s ago: executing program 2 (id=5917):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000fbb703000000e31f008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000c00)='sys_enter\x00', r1}, 0x18)
fadvise64(0xffffffffffffffff, 0x8, 0xb098, 0x0)

2.905126605s ago: executing program 2 (id=5918):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',group_i', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000004280)={0x2020}, 0x2020)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fdinfo\x00')
lseek(r2, 0x1, 0x0)
getdents(r2, &(0x7f0000020940)=""/224, 0xe0)
getsockopt$IP_VS_SO_GET_TIMEOUT(r2, 0x0, 0x486, &(0x7f0000000500), &(0x7f0000000540)=0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYRES16, @ANYRES64, @ANYRES16], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=")
r3 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r4 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r5, &(0x7f0000000180), 0x40010)
fallocate(r3, 0x0, 0x0, 0x1000f4)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'tunl0\x00', <r7=>0x0})
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x40, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x6, 0x0, 0x0, 0xffffff81}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x40}}, 0x0)
pipe(&(0x7f0000000000)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
vmsplice(r10, &(0x7f00000016c0)=[{&(0x7f0000000ac0)="4191062c1421f8d286fea25179d3bff47ffb95a24f597e0388f330e7dfb81fde917ae89f97d5fde0855ce2942ff541f21652a7409dad35f8886d587bb6e698986ca5f808b1b92c1a374dbc7424a26c0ad2b6840cf3049fc728f9109eb576c388dca33df6129f9efd43ccbd58a93f146ce183a410b8959fe192652e32068e0d8e24d8eab4ecbd5ebaa165771a07c890804037074a1ebad3bcdd46b8f34ecb2f4a6e1bbc6ac3d80ea44fbfedf338583f63ba4607f430acc0a98b4fcbb501006052cb83625cbf60ebf28e9095458c1e9971417b2912bbe30037dd5c1ac06f612816e97ac304404619b0c75222e9339f6ba14eac3c1486ac997f919248490b14a5e12ef47e61857f6d43ebc490155bf06e801547ed96f1264b5c220cf3f66d", 0x11d}, {&(0x7f0000000280)="09ec8b684fbd9f0a18960e84defd08b28dc2f98b5aad5cfeb075441d6d15233b802af831523479391b7297416ddff60a6500da9864b052a3105e6fa49014cb2ce5f295aaff14d9077735f34eaec042e8252a6456999297ed02a01da56a3809f0c58184192ebf4bead7e8618412536273bf08e0f6847e436dc74fd4450e8ff88199f35a0c759aff55639834dc4c945dfb330a7b92b049700cb67e0f14337d8390091514253c2f2d4499d89b5f04759319e2c7b6856f03c69029b689f0be37093c79e8ff2405eb93cbfe5487143a294c3e61b0c9be8323cd4d01c37e5f5d4bf94546d02d4dc988dbb4717ee61e5be16f4c7701cc671d25", 0xf6}, {&(0x7f0000000080)="6a5b3986af4597e55298f14c7f201f060fe2bafbdf16a0ace97ea54e624ac84ccc7fc7f393c4ece5273773faa8c63f157edf2a0d41a7c6340c630b50b30c42d156fa375b30d31bf6a611fd29e60958434b6f597e0bb9ec6731ad3c9b2ee1dc975565bc1d534aae4c0693aebccc5caa31bf5b1c194f52f6325788b12d4fb81e71d68ab2fd", 0x84}, {&(0x7f0000000380)="f3ba9e8346ddfd46f5ba7fbc25c6aed71214dcfaa44b98dfdbc07bc80c42d5501285b1bc305d7f699524d78bca1a151bfd74ca3d4f468f1244e6951083a7e19dec984cc37874a28db922c628a534fb91191d25f636a589", 0x57}, {&(0x7f0000001780)="12dfbd793db81fe455d97618c2aedf67f1b166ec59876a1fbbe13986e69655d6f600262371ef8dae091786d7f9a4d7ca234f8852df8f05000f02b5258ec56ec5fdd5f3531f795bf2f172d6fb23f3549b9734f2eef416b7698a93335a94b8cda61325b62cda1807b03675c6347b431f2d71baa6bc59e9047069153d70ffba20956e58971501c2d9f299fdfa3a38fa73a5da43ba2506d8704592ee5c19ca0d2075ddc9313d8bd2202a89dae6a689d3900818f892f3f17957cd53023399810da5655e0fd0f0f394c9a8bedc", 0xca}, {&(0x7f0000000500)="0f15ce0e2a894e2afb7a77dc4a4ec84b8109b2c95397d40adb9d5e8df8fd9a3167faa56aa764e61ba1a6cc8fd041bb89bee6d17105e169dd8d68d5b79eb5958574299b9035fbed2942a75e731b7571c29a760623e725792c", 0x58}, {&(0x7f0000000580)="2ee97d629c7e44f81166cb7f6ff136f276b93d54b74333781a4c68225b61bae187918e", 0x23}, {&(0x7f00000005c0)="ed48f08c19f5d937fe3f92802a25b07496a34825b6d3fbf57fec343be7e4b6531b0e0f0637b3c46e072578521ad417549bae2e00ad7b67f769ec533e3c9c62b6955e9005ca02506938aeb5adac5798e85f440385c7f26cced77e12ecffa7b98c962259e08cffa0eb0ad803bfdf8336da8df2e85a2a8b407329650ee71f68ca7de83df1c45914bedd1b8add5bc677e5590af05aea657a8b2b7dd4fc76010e259917ab727d4065cee39115ca3d322533bb48b5b8a23e8557688d783d0e5c444fd5ae3e02d7245c498d9c6675c8a9626ecde62915d6ada50bb3a0496c87f77457a664a250ba9d037a463f44057ad767bb933fa0790f660401baa2575729ec0306acedbdda2144218960158223a8759efb5bb977d9ff572bd597b13cf7b1647ffe268d5951288ca88461e1d8000000000000eb9d2b945305cad0caef49497b593f4b9f17db2323ffcbc7d743bd572811a09ec96ee3823858205f275fbccc94ca558a3bece72bdb26869f255617e4f10b6f16f9fd0e093508889b46e730834e13588900"/398, 0x18e}], 0x8, 0x8)
r11 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r11, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10)
connect$inet(r11, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10)
splice(r9, 0x0, r11, 0x0, 0x2000000002ffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x1c, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4}, [@map_idx_val={0x18, 0x6, 0x6, 0x0, 0x8}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x430}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}, @generic={0xea, 0x3, 0x4, 0x5, 0x5}]}, &(0x7f0000000380)='syzkaller\x00', 0xfffffffe, 0x2f, &(0x7f00000003c0)=""/47, 0x40f00, 0x1, '\x00', r7, 0x25, r3, 0x8, &(0x7f0000000400)={0x3, 0x4}, 0x8, 0x10, &(0x7f0000000440)={0x2, 0x1, 0x8, 0xa4}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000480)=[r3], &(0x7f00000004c0)=[{0x2, 0x2, 0x10, 0x3}, {0x4, 0x2, 0xe, 0x3}, {0x0, 0x1, 0xf, 0x4}], 0x10, 0x6, @void, @value}, 0x94)
io_setup(0x7d, &(0x7f0000000600)=<r12=>0x0)
io_submit(r12, 0x1, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r4, &(0x7f0000000000)="96", 0x1, 0x0, 0x0, 0x0, r4}])

2.834452746s ago: executing program 0 (id=5919):
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff})
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1f, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000008000000000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x11, 0x7fff0000}]})

2.833353956s ago: executing program 1 (id=5920):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETSW(r0, 0x5403, 0x0)
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x4, 0x0, 0x0, 0x0, "0062050000000000007f00"})
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x2, 0x0, "1f00000800"})
r2 = dup3(r1, r0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={0xffffffffffffffff, 0x0, 0x62, 0xfffffffffffffe74, &(0x7f0000000140)="cb74445b7d4c0b24676c6c71ae37efcedaf46242309766deb4e793f90000000000000000dbc856cbc664650634231454ca2d8034c4ca29e0d99c3b6615e91835a600c08f989af45438a54981be310aad92ae545b1c961e5f3762a51fe4c736edec6f", &(0x7f0000000cc0)=""/265, 0xcb95, 0x0, 0xff, 0x194, &(0x7f0000000980)="ffc4438e5c3081d0e133e812196ec0ed923733aa8b5aba32c8650e7a66d6136853773dfbc6226be13039e230d511f1ac50cc7811aac0400e4c833fedf842ae2918e6fddb550729246fcf4c0a01bc64989ea3985fb362751a83991bd56e761379caa64f6148893ff25f38d5cd6dd695bbf9ca709a9960e0e6b054d5e2239bcb7c0fb2ac66dc4c8f534e439ff20ccaf0d48a98c19c92a3b437a699350f49606d21a403f8c112c46fea5486bf367a854b0f6c1e563b656e4794f6793a08bb3656c391643f6df71d0255054368a938d38503d064da82d5dbf395ad47ed3932669168d324ed0f6de8360d499042ddc7d02b6c0772128257702bfe6d0971f00fea85da062cdc", &(0x7f00000007c0)="4c87fe555ceb79157b1e507ff4d3cc053321e42ae89f596427188b4877ab8f1776c0685784f1174c6401ecc1dd6e2a77bc79238f87ad9215a92ff203a30099e77c543e702b4a4438d358616381745f24f74e585498af129c4b173b242f445b08135f7fa40eb7ba78160ff4f0c80e1b324d0c234cb7f43a3ff9e9535dc16000c797113a039f4508a09144090000009f38a90a24f173b3e68377e4272950a80cfcd3aa6850e917bc7e57370060f5e6db941d67fc98a1e98103830b821657438325578d2af822dd4fc13ea7a7eef8d9be4e715aec8fd6cadc41c8da5ce9da2b9e1559d92a1936fc2b3a00000000000000000072200e10ba6269b634f10f7098c65ba67ba65c0e2687637e131fb8d5ba6c12c09c8356853c434a44ff0878e496dcf9a4f5ca02c293279948f37ebb28843f92c87c057a3b410e04418557d5deda7ddd3bd1d384d64ec980187e8b64a0696571a49e847db79349c9b3c3fab5f1f977bde4d802d9026ae0c11744eb1525c5195fd215d7a432497f35c2f2cfcd2b6336b26dfef0cb968c910ea2af5cdd4d58cc08535d5514", 0x2, 0x0, 0x3ff}, 0x24)
read$rfkill(r2, &(0x7f00000002c0), 0x8)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000180))
read(r1, &(0x7f0000000e00)=""/4096, 0x1000)

2.762352088s ago: executing program 0 (id=5921):
syz_usb_connect(0x4, 0x0, 0x0, 0x0)
clock_gettime(0x2, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@perf_event={0x4}}, 0x18)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, 0x0, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000c40)={0x1, 0x0, [{0x0, 0xf3, &(0x7f00000008c0)=""/243}]})
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
unshare(0x64000600)

2.709754178s ago: executing program 4 (id=5922):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
syz_usb_connect(0x4, 0x0, 0x0, 0x0)
clock_gettime(0x2, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@perf_event={0x4}}, 0x18)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000c40)={0x1, 0x0, [{0x0, 0xf3, &(0x7f00000008c0)=""/243}]})
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
unshare(0x64000600)

2.646977889s ago: executing program 2 (id=5923):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0)
r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x8)
close(r0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="00000000000000000000e2b39393e01cbc21c4c6", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0e000000040000000800006da500000000000000a6de0043e766b1007200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
read$FUSE(r0, &(0x7f000000c400)={0x2020}, 0x2020)
creat(&(0x7f0000000600)='./file0\x00', 0xca)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pipe2$9p(&(0x7f0000000240)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r8 = dup(r7)
write$P9_RLERRORu(r8, &(0x7f0000000300)=ANY=[@ANYBLOB='S\x00\x00\x00\a'], 0x53)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r8])

2.613033599s ago: executing program 1 (id=5924):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect(0x4, 0x0, 0x0, 0x0)
clock_gettime(0x2, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000c40)={0x1, 0x0, [{0x0, 0xf3, &(0x7f00000008c0)=""/243}]})
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
unshare(0x64000600)

1.881586141s ago: executing program 0 (id=5925):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xffffffff, 0x0, "ff3f66fa733f1b33e356d25b90c98fe587b88a"})
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r1, 0x0, 0x24000400)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x4, 0x0, 0x0, 0x0, "0062050000000000007f00"})
r2 = syz_open_pts(r0, 0x0)
ioctl$TCSETAF(r2, 0x5408, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x2, 0x0, "1f00000800"})
r3 = dup3(r2, r0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={0xffffffffffffffff, 0x0, 0x0, 0x109, &(0x7f0000000140), &(0x7f0000000cc0)=""/265, 0xcb95, 0x0, 0x103, 0x194, &(0x7f0000000980)="ffc4438e5c3081d0e133e812196ec0ed923733aa8b5aba32c8650e7a66d6136853773dfbc6226be13039e230d511f1ac50cc7811aac0400e4c833fedf842ae2918e6fddb550729246fcf4c0a01bc64989ea3985fb362751a83991bd56e761379caa64f6148893ff25f38d5cd6dd695bbf9ca709a9960e0e6b054d5e2239bcb7c0fb2ac66dc4c8f534e439ff20ccaf0d48a98c19c92a3b437a699350f49606d21a403f8c112c46fea5486bf367a854b0f6c1e563b656e4794f6793a08bb3656c391643f6df71d0255054368a938d38503d064da82d5dbf395ad47ed3932669168d324ed0f6de8360d499042ddc7d02b6c0772128257702bfe6d0971f00fea85da062cdc", &(0x7f00000007c0)="4c87fe555ceb79157b1e507ff4d3cc053321e42ae89f596427188b4877ab8f1776c0685784f1174c6401ecc1dd6e2a77bc79238f87ad9215a92ff203a30099e77c543e702b4a4438d358616381745f24f74e585498af129c4b173b242f445b08135f7fa40eb7ba78160ff4f0c80e1b324d0c234cb7f43a3ff9e9535dc16000c797113a039f4508a09144090000009f38a90a24f173b3e68377e4272950a80cfcd3aa6850e917bc7e57370060f5e6db941d67fc98a1e98103830b821657438325578d2af822dd4fc13ea7a7eef8d9be4e715aec8fd6cadc41c8da5ce9da2b9e1559d92a1936fc2b3a00000000000000000072200e10ba6269b634f10f7098c65ba67ba65c0e2687637e131fb8d5ba6c12c09c8356853c434a44ff0878e496dcf9a4f5ca02c293279948f37ebb28843f92c87c057a3b410e04418557d5deda7ddd3bd1d384d64ec980187e8b64a0696571a49e847db79349c9b3c3fab5f1f977bde4d802d9026ae0c11744eb1525c5195fd215d7a432497f35c2f2cfcd2b6336b26dfef0cb968c910ea2af5cdd4d58cc08535d5514", 0x2, 0x0, 0x3ff}, 0x50)
read$rfkill(r3, &(0x7f00000002c0), 0x8)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000180))
read(r2, &(0x7f0000000e00)=""/4096, 0x1000)

1.27768431s ago: executing program 4 (id=5926):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000300)='qdisc_dequeue\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000300)='qdisc_dequeue\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e)

1.255394541s ago: executing program 2 (id=5927):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xffffffff, 0x0, "ff3f66fa733f1b33e356d25b90c98fe587b88a"})
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000200)={0x2c, 0x19, 0x15, 0x0, 0x0, "", [@typed={0xa, 0x0, 0x0, 0x0, @str='\x00\x02\x00\x00\x00\x02'}, @nested={0x10, 0x9, 0x0, 0x1, [@typed={0xa, 0x0, 0x0, 0x0, @str='\x00\x02\x00\x00\x00\x02'}]}]}, 0x2c}], 0x1}, 0x24000400)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x4, 0x0, 0x0, 0x0, "0062050000000000007f00"})
r2 = syz_open_pts(r0, 0x0)
ioctl$TCSETAF(r2, 0x5408, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x2, 0x0, "1f00000800"})
r3 = dup3(r2, r0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={0xffffffffffffffff, 0x0, 0x62, 0xfffffffffffffe74, &(0x7f0000000140)="cb74445b7d4c0b24676c6c71ae37efcedaf46242309766deb4e793f90000000000000000dbc856cbc664650634231454ca2d8034c4ca29e0d99c3b6615e91835a600c08f989af45438a54981be310aad92ae545b1c961e5f3762a51fe4c736edec6f", &(0x7f0000000cc0)=""/265, 0xcb95, 0x0, 0xff, 0x194, &(0x7f0000000980)="ffc4438e5c3081d0e133e812196ec0ed923733aa8b5aba32c8650e7a66d6136853773dfbc6226be13039e230d511f1ac50cc7811aac0400e4c833fedf842ae2918e6fddb550729246fcf4c0a01bc64989ea3985fb362751a83991bd56e761379caa64f6148893ff25f38d5cd6dd695bbf9ca709a9960e0e6b054d5e2239bcb7c0fb2ac66dc4c8f534e439ff20ccaf0d48a98c19c92a3b437a699350f49606d21a403f8c112c46fea5486bf367a854b0f6c1e563b656e4794f6793a08bb3656c391643f6df71d0255054368a938d38503d064da82d5dbf395ad47ed3932669168d324ed0f6de8360d499042ddc7d02b6c0772128257702bfe6d0971f00fea85da062cdc", &(0x7f00000007c0)="4c87fe555ceb79157b1e507ff4d3cc053321e42ae89f596427188b4877ab8f1776c0685784f1174c6401ecc1dd6e2a77bc79238f87ad9215a92ff203a30099e77c543e702b4a4438d358616381745f24f74e585498af129c4b173b242f445b08135f7fa40eb7ba78160ff4f0c80e1b324d0c234cb7f43a3ff9e9535dc16000c797113a039f4508a09144090000009f38a90a24f173b3e68377e4272950a80cfcd3aa6850e917bc7e57370060f5e6db941d67fc98a1e98103830b821657438325578d2af822dd4fc13ea7a7eef8d9be4e715aec8fd6cadc41c8da5ce9da2b9e1559d92a1936fc2b3a00000000000000000072200e10ba6269b634f10f7098c65ba67ba65c0e2687637e131fb8d5ba6c12c09c8356853c434a44ff0878e496dcf9a4f5ca02c293279948f37ebb28843f92c87c057a3b410e04418557d5deda7ddd3bd1d384d64ec980187e8b64a0696571a49e847db79349c9b3c3fab5f1f977bde4d802d9026ae0c11744eb1525c5195fd215d7a432497f35c2f2cfcd2b6336b26dfef0cb968c910ea2af5cdd4d58cc08535d5514", 0x2, 0x0, 0x3ff}, 0x24)
read$rfkill(r3, &(0x7f00000002c0), 0x8)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000180))
read(r2, &(0x7f0000000e00)=""/4096, 0x1000)

1.244830701s ago: executing program 4 (id=5928):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000480)='./file2\x00', 0xc0ed4040, &(0x7f00000003c0), 0xf5, 0x47e, &(0x7f0000001e40)="$eJzs3M9vFFUcAPDv7G5Lyw+LiD9A0CoYiT9aWgQ5mBiNJh40mugB42ndFoIUMFATIUTRA8Z4MCTejUcT/wJPejHqycQr3g0JMVwAT2tmZ4a2293aH1u2dD+fZNj3Zmbnve++fds37+0SQM8aTv9JIjZHxJWIGIqISvMJw9nDzesXareuX6glUa+//U+SPi1uXL9Qyy/R2FKbsh31ep7f0KLcS+9FVKemJs/k+dHpkx+Onj13/tnjJ6vHJo9Nnho/fPi5A7v7D40f7EicaVw3dn5yeteO1969/EbtyOX3f/shre/m/HgRRycNZ69uS090urAu2zIrnVS6WBGWJG23vny7EkNRjsHbx4bi1c+7WjlgtVVa/X3OXawD61g6UAd6UfGHPr3/LbY7NO5YE669lE14pHHfzLfsSCVK+Tl9Tfe3nTQQEUcu/vttusUqzUMAAMz2Uzr+eaZp/Dcw/7x78jWUrRFxb0Rsi4j7ImJ7RNwfEQ9ExIMR8dASy29eIZk//ildLVKDS7z2YqTjvxfyta25479i9Bdby3luSyP+vuTo8anJ/flrsi/6NqT5sTlPmevnV/78unnfV3kww7PGf+mWll+ec2bpavME3UR1urryyDPXPovYWWkVf3J7HTCJiB0RsXOZZRx/6vtd7Y61ir8YC0eUF75wB9aZ6t9FPJm1/8Voir+QtF2fHHv+0PjB0YGYmtw/Wrwr5vv9j0tvtSt/4fhXX9r+G1u+/7P403vEZCDi7LnzJxrrtWeXUchfX9SSNoe2/2/889//tb0R/ck7jXR/cVb+2J+8nj4MFvs/rk5PnxmfeW6RbzyOZfHv2zMTfzVm+v+27Pas8Uo8HBHpm3h3RDwSEY/mbfdYRDweEXsWCP/Xl/d+0O5Y+/ZfYFa+g9L4JxZo//QjL03NtP/SE+UTv/zYrvz6oto/a919+Z7FfP4ttoIree0AAADgblFqfAc+KY3cTpdKIyPZd/i3x8ZSJSKePnr6o1MT2Xflt0ZfqZjpGpo1HzqWzw0X+fGm/IF83vib8mAjP1I7PTXR7eChx21q0/9Tf5ej1VIQsJ74vRb0Lv0fepf+D71L/4fe9WK3KwB0R3/r3Z/e6XoAXbH08b9lQVgv3P9D79L/oXfp/9CT2v42vrSin/zfrYnK2qhGy8Tg2qhGkYjSmqhG5xJvfpl1iU5f+VZ9ZdepLPo/s1hmYkPLQ93+ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiM/wIAAP//x6naDQ==")
bpf$MAP_CREATE(0x0, 0x0, 0xfffffffffffffe6a)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = dup(r5)
write$UHID_INPUT(r6, &(0x7f00000030c0)={0x765, {"a2e3ad21ed0d09f91b48090987f70e06d038e7ff7fc6e5539b0d3d0e8b089b3f3b0068090890e0878f0e1ac6e7049b074a959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074a0936cd3b78130daa61d8e8040000095802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1bb5a7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b7293ffff00009af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
sched_setscheduler(r0, 0x0, &(0x7f0000000000)=0x70000)
recvmmsg(0xffffffffffffffff, &(0x7f0000000480), 0x400034f, 0x2, 0x0)

1.198865382s ago: executing program 3 (id=5929):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000fbb703000000e31f008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000c00)='sys_enter\x00', r1}, 0x18)
fadvise64(0xffffffffffffffff, 0x8, 0xb098, 0x0)

1.173858472s ago: executing program 3 (id=5930):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x3004000, &(0x7f00000001c0)={[{@errors_remount}, {@resuid}, {@block_validity}, {@min_batch_time={'min_batch_time', 0x3d, 0x40000000007}}, {@nobarrier}, {@noblock_validity}, {@dioread_nolock}]}, 0x1, 0x790, &(0x7f0000001740)="$eJzs3c9rHFUcAPDvTHaT/k4qClZRAx5aEPPLgj9QaMGjiKCevDQkaSnd/qCJYEOEFrEnjwXBiwiCF2+KF0FKT4p46UX6H0ilSBBaxUNkprPJttlNds1upnU/H5jkvXm7+95k+c6bHy/zAuhbo9mPNOJARFxMIoaL9UlEVPNUJeLI3dfdWV6a+Wt5aSaJlZW3/0jy19xeXpqJhvdkdhdv2xER168l8cjA+nrnLyyemq7V5s4X+fGF0+fG5y8sPn/y9PSJuRNzZ6ampl6eOjz54sRU17b1o6d+/uafy29+/Om+G1d+v/7dviSOxJ6irHE7umU0Rlf/Jo0qEfF6tysryUCxPWnDuqRSYoPoSNrwHT4ewzEQa1/ecFz7ttTGAQA9sZItAECfSfT/ANBn6tcBbi8vzdSXcq9IANvl1tHIb9RncX+nWO6WVOJI/ntHPg5g159JNN7WTepjB7Yo+4yv36t+ni3Ro/vwQHMXL+U3/pv0/0ke/yP5KJ718T8QUewftub+fYj4h+2zlfh/qwv1i38AAAAAAADonqtHI+KlZvf/0tXxP9Hk/t9QREx0of7N7/+lN7tQDdDEraMRrxbP9rl3/N/qE11GBorc3oh4LKrJ8ZO1uSz290XEoagOZfnJ5h+f7zLevTz5Q6v6G8f/ZUtWf30sYNGOm5Whe98zO70wvdXtBiJuXYp4otIs/pPV/j9pMf73WJt1fL/01dOtyjaPf6BXVr6IONi0/197cl2y8fP5xvPjgfH6UcF6i8de+7BV/W3F/9q/KQFdlPX/uzaO/5Gk8Xmd853X8cntic9alf3X4//B5J38qaKDxboPphcWzk9GDCZvrF/fvUeIwkOtHg/1eMni/9Czzc//Nzr+r0bEuTbr/PLH6q+tykbzSHX8D2XI4n+2o/6/88TfvzzZclfRXv9/OO/TDxVrXP+DjbUboGW3EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuimNiD2RpGOr6TQdG4vYHRGPxq60dnZ+4bnjZ98/M5uVRYxENT1+sjY3ERHDd/NJlp/M02v5qfvyL0TE/oi4MrQzz4/NnK3Nlr3xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDY3WL+/8xvQ2W3DgDomR1lNwAA2Hb6fwDoP/p/AOg/Hff/P+3tTUMAgG3j/B8A+o/+HwAAAAAAAAAAAAAAAAAAAAAAAAB6av8zV28kEXHxlZ35khksyqqltgzotbTsBgClGSi7AUBpKu28KElWzwmA/w/n+ECySXnrKUJcQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoH8cPNDu/P9tzRQKPETM3gf9y/z/0L8c1UP/Mv8/YP5/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADY3PyFxVPTtdrceYluJyoPRjMehMRQRDwAzZDoIFH2ngkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIfBvwEAAP//snoPXw==")
r0 = socket(0x200000100000011, 0x803, 0x0)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
sendmsg$netlink(r0, &(0x7f0000000180)={&(0x7f0000000040)=@kern={0x10, 0x0, 0x0, 0x10000}, 0xc, 0x0}, 0x8000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10)
inotify_init1(0x80000)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0xffffffffffffffa8, &(0x7f0000000000)=0x1002)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
keyctl$reject(0x13, 0x0, 0x8, 0x204, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x34, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1b, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r6, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1, 0x10, 0x0, 0xd, 0x0, 0x0, 0xfffffffffffffdc3, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x77)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000e40)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x300, 0x18c, 0x203, 0x300, 0x19030000, 0x3f0, 0x2e0, 0x2e0, 0x3f0, 0x2e0, 0x7fffffe, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x300, 0x0, {0x1000000}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0xf00}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xe}, {}, {0x0, 0x0, 0x3}, {0x2}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {0x16}, {}, {}, {0x7}, {}, {0x0, 0x0, 0x0, 0x101}, {}, {}, {}, {}, {}, {}, {0xfffe}, {}, {}, {}, {0x0, 0xfd}, {}, {0x7a04}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {0xb84, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}]}}]}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz1\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)
fchown(0xffffffffffffffff, 0xffffffffffffffff, 0xee01)

0s ago: executing program 0 (id=5931):
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x2, 0x56d, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sched_setaffinity(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1f, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x11, 0x7fff0000}]})

kernel console output (not intermixed with test programs):

0:7052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19774 comm="syz.4.5479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1789.556701][   T30] audit: type=1326 audit(2000000725.250:7053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19774 comm="syz.4.5479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1789.596433][   T30] audit: type=1326 audit(2000000725.250:7054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19774 comm="syz.4.5479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1789.620048][   T30] audit: type=1326 audit(2000000725.250:7055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19774 comm="syz.4.5479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1789.643734][   T30] audit: type=1326 audit(2000000725.250:7056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19774 comm="syz.4.5479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1789.668687][T19775] loop4: detected capacity change from 0 to 256
[ 1789.680550][   T30] audit: type=1326 audit(2000000725.250:7057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19774 comm="syz.4.5479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1789.982478][T19789] 9pnet: Insufficient options for proto=fd
[ 1790.785452][T19797] device wireguard0 entered promiscuous mode
[ 1791.319660][T14445] usb 4-1: USB disconnect, device number 17
[ 1791.333376][T14445] usblp0: removed
[ 1791.659592][T19815] binder: 19814:19815 ioctl c0306201 0 returned -14
[ 1791.678265][T19815] binder: 19814:19815 ioctl c0306201 200000000280 returned -11
[ 1791.898864][T19817] device wireguard1 entered promiscuous mode
[ 1792.809847][T19844] 9pnet: Insufficient options for proto=fd
[ 1792.860776][  T564] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[ 1793.130506][  T564] usb 1-1: Using ep0 maxpacket: 32
[ 1793.310946][  T564] usb 1-1: config 0 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1793.580490][  T564] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1793.617612][  T564] usb 1-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[ 1793.647935][  T564] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1793.697668][  T564] usb 1-1: config 0 descriptor??
[ 1795.815198][  T564] uclogic 0003:5543:0781.0007: ignoring exceeding usage max
[ 1795.824766][  T564] uclogic 0003:5543:0781.0007: unbalanced collection at end of report description
[ 1795.834481][  T564] uclogic 0003:5543:0781.0007: parse failed
[ 1795.856219][  T564] uclogic: probe of 0003:5543:0781.0007 failed with error -22
[ 1796.130330][  T564] usb 1-1: USB disconnect, device number 19
[ 1796.818981][T19892] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5513'.
[ 1796.829058][T19892] tipc: Started in network mode
[ 1796.834585][T19892] tipc: Node identity 0000000000002d210000000000000001, cluster identity 4711
[ 1796.844205][T19892] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[ 1797.325491][T19897] FAULT_INJECTION: forcing a failure.
[ 1797.325491][T19897] name failslab, interval 1, probability 0, space 0, times 0
[ 1797.338497][T19897] CPU: 0 PID: 19897 Comm: syz.3.5512 Not tainted 5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 1797.348494][T19897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1797.358563][T19897] Call Trace:
[ 1797.361851][T19897]  <TASK>
[ 1797.364786][T19897]  __dump_stack+0x21/0x30
[ 1797.369129][T19897]  dump_stack_lvl+0xee/0x150
[ 1797.373724][T19897]  ? show_regs_print_info+0x20/0x20
[ 1797.378937][T19897]  dump_stack+0x15/0x20
[ 1797.383102][T19897]  should_fail+0x3c1/0x510
[ 1797.387526][T19897]  __should_failslab+0xa4/0xe0
[ 1797.392302][T19897]  should_failslab+0x9/0x20
[ 1797.396816][T19897]  slab_pre_alloc_hook+0x3b/0xe0
[ 1797.401755][T19897]  kmem_cache_alloc_trace+0x48/0x270
[ 1797.407040][T19897]  ? alloc_fdtable+0xb4/0x2b0
[ 1797.411722][T19897]  alloc_fdtable+0xb4/0x2b0
[ 1797.416222][T19897]  ? _find_last_bit+0x7c/0x120
[ 1797.421086][T19897]  dup_fd+0x870/0xb20
[ 1797.425092][T19897]  ? __kasan_check_write+0x14/0x20
[ 1797.430207][T19897]  ksys_unshare+0x436/0x7b0
[ 1797.434725][T19897]  ? sighand_ctor+0x60/0x60
[ 1797.439243][T19897]  ? fpregs_assert_state_consistent+0xb1/0xe0
[ 1797.445326][T19897]  __x64_sys_unshare+0x38/0x40
[ 1797.450097][T19897]  x64_sys_call+0x442/0x9a0
[ 1797.454598][T19897]  do_syscall_64+0x4c/0xa0
[ 1797.459009][T19897]  ? clear_bhb_loop+0x50/0xa0
[ 1797.463681][T19897]  ? clear_bhb_loop+0x50/0xa0
[ 1797.468357][T19897]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1797.474260][T19897] RIP: 0033:0x7f8944827929
[ 1797.478671][T19897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1797.498306][T19897] RSP: 002b:00007f8942e4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1797.506732][T19897] RAX: ffffffffffffffda RBX: 00007f8944a4f160 RCX: 00007f8944827929
[ 1797.514705][T19897] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000022020600
[ 1797.522674][T19897] RBP: 00007f8942e4e090 R08: 0000000000000000 R09: 0000000000000000
[ 1797.530642][T19897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1797.538611][T19897] R13: 0000000000000000 R14: 00007f8944a4f160 R15: 00007ffd1954a1b8
[ 1797.546586][T19897]  </TASK>
[ 1797.549791][   T30] kauditd_printk_skb: 84 callbacks suppressed
[ 1797.549808][   T30] audit: type=1400 audit(2000000733.150:7142): avc:  denied  { mount } for  pid=19886 comm="syz.1.5511" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 1797.874026][T19907] FAULT_INJECTION: forcing a failure.
[ 1797.874026][T19907] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1798.139356][T19907] CPU: 1 PID: 19907 Comm: syz.0.5517 Not tainted 5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 1798.149388][T19907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1798.159457][T19907] Call Trace:
[ 1798.162747][T19907]  <TASK>
[ 1798.165684][T19907]  __dump_stack+0x21/0x30
[ 1798.170025][T19907]  dump_stack_lvl+0xee/0x150
[ 1798.174627][T19907]  ? show_regs_print_info+0x20/0x20
[ 1798.179870][T19907]  ? kasan_check_range+0x8d/0x290
[ 1798.184909][T19907]  dump_stack+0x15/0x20
[ 1798.189075][T19907]  should_fail+0x3c1/0x510
[ 1798.193537][T19907]  should_fail_usercopy+0x1a/0x20
[ 1798.198574][T19907]  _copy_from_user+0x20/0xd0
[ 1798.203179][T19907]  __copy_msghdr_from_user+0xaf/0x5e0
[ 1798.208564][T19907]  ? _raw_spin_unlock+0x4d/0x70
[ 1798.213524][T19907]  ? __ia32_sys_shutdown+0x1e0/0x1e0
[ 1798.218831][T19907]  ? __switch_to_asm+0x3a/0x60
[ 1798.223609][T19907]  ? __schedule+0xb76/0x14c0
[ 1798.228217][T19907]  ___sys_sendmsg+0x156/0x260
[ 1798.233018][T19907]  ? __sys_sendmsg+0x250/0x250
[ 1798.237809][T19907]  ? preempt_schedule_irq+0xbb/0x110
[ 1798.243120][T19907]  ? irqentry_exit_cond_resched+0x29/0x30
[ 1798.248872][T19907]  ? irqentry_exit+0x37/0x40
[ 1798.253562][T19907]  ? __fdget+0x1a1/0x230
[ 1798.257817][T19907]  __x64_sys_sendmsg+0x1e2/0x2a0
[ 1798.262771][T19907]  ? ___sys_sendmsg+0x260/0x260
[ 1798.267642][T19907]  ? ksys_write+0x1eb/0x240
[ 1798.272154][T19907]  ? __kasan_check_write+0x14/0x20
[ 1798.277278][T19907]  ? switch_fpu_return+0x15d/0x2c0
[ 1798.282407][T19907]  x64_sys_call+0x4b/0x9a0
[ 1798.286833][T19907]  do_syscall_64+0x4c/0xa0
[ 1798.291258][T19907]  ? clear_bhb_loop+0x50/0xa0
[ 1798.295945][T19907]  ? clear_bhb_loop+0x50/0xa0
[ 1798.300635][T19907]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1798.306544][T19907] RIP: 0033:0x7f85c31e7929
[ 1798.310968][T19907] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1798.330589][T19907] RSP: 002b:00007f85c1850038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1798.339039][T19907] RAX: ffffffffffffffda RBX: 00007f85c340efa0 RCX: 00007f85c31e7929
[ 1798.347037][T19907] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[ 1798.355130][T19907] RBP: 00007f85c1850090 R08: 0000000000000000 R09: 0000000000000000
[ 1798.363248][T19907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1798.371248][T19907] R13: 0000000000000000 R14: 00007f85c340efa0 R15: 00007ffe587f78a8
[ 1798.379243][T19907]  </TASK>
[ 1799.210797][T19924] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1799.226180][T19924] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1799.241467][T19924] device bridge_slave_0 entered promiscuous mode
[ 1799.259568][T19924] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1799.286156][T19924] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1799.300994][T19924] device bridge_slave_1 entered promiscuous mode
[ 1799.411264][T19924] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1799.418355][T19924] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1799.425709][T19924] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1799.432771][T19924] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1800.160787][T14497] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1800.201599][T14497] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1800.220977][T19939] loop4: detected capacity change from 0 to 16
[ 1800.258230][T14497] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1800.282042][T14497] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1800.299698][T14497] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1800.320913][T14497] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1800.329088][T19939] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1800.329293][T14497] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1800.343567][T14497] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1800.356116][T19939] erofs: (device loop4): z_erofs_readahead: readahead error at page 2 @ nid 89
[ 1800.367163][T14497] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1800.376201][   T49] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192]
[ 1800.384443][T14497] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1800.407262][T14497] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1800.407280][T14497] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1800.424632][T19946] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192]
[ 1800.449780][T19946] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192]
[ 1800.500980][T19946] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192]
[ 1800.553200][T19946] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192]
[ 1800.588633][T14497] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1800.601391][T14497] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1800.623028][T14497] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1800.639913][T19949] FAULT_INJECTION: forcing a failure.
[ 1800.639913][T19949] name failslab, interval 1, probability 0, space 0, times 0
[ 1800.652602][T19949] CPU: 1 PID: 19949 Comm: syz.0.5530 Not tainted 5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 1800.662602][T19949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1800.672677][T19949] Call Trace:
[ 1800.675975][T19949]  <TASK>
[ 1800.678921][T19949]  __dump_stack+0x21/0x30
[ 1800.683276][T19949]  dump_stack_lvl+0xee/0x150
[ 1800.687891][T19949]  ? show_regs_print_info+0x20/0x20
[ 1800.693111][T19949]  ? __kernel_text_address+0xa0/0x100
[ 1800.698506][T19949]  dump_stack+0x15/0x20
[ 1800.702678][T19949]  should_fail+0x3c1/0x510
[ 1800.707109][T19949]  __should_failslab+0xa4/0xe0
[ 1800.711894][T19949]  should_failslab+0x9/0x20
[ 1800.714255][T14497] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1800.716424][T19949]  slab_pre_alloc_hook+0x3b/0xe0
[ 1800.716453][T19949]  kmem_cache_alloc_trace+0x48/0x270
[ 1800.734365][T19949]  ? __get_vm_area_node+0x11d/0x350
[ 1800.739709][T19949]  __get_vm_area_node+0x11d/0x350
[ 1800.744752][T19949]  __vmalloc_node_range+0xe8/0x840
[ 1800.749877][T19949]  ? bpf_prog_alloc_no_stats+0x3e/0x2d0
[ 1800.755435][T19949]  ? selinux_capset+0xf0/0xf0
[ 1800.760121][T19949]  ? _kstrtoull+0x3c0/0x4d0
[ 1800.764635][T19949]  ? bpf_prog_alloc_no_stats+0x3e/0x2d0
[ 1800.770197][T19949]  __vmalloc+0x79/0x90
[ 1800.774280][T19949]  ? bpf_prog_alloc_no_stats+0x3e/0x2d0
[ 1800.779838][T19949]  bpf_prog_alloc_no_stats+0x3e/0x2d0
[ 1800.785228][T19949]  bpf_prog_alloc+0x1f/0x1e0
[ 1800.789832][T19949]  bpf_prog_load+0x7c3/0x1550
[ 1800.794556][T19949]  ? __kasan_check_write+0x14/0x20
[ 1800.799690][T19949]  ? map_freeze+0x360/0x360
[ 1800.804211][T19949]  ? selinux_bpf+0xc7/0xf0
[ 1800.808641][T19949]  ? security_bpf+0x82/0xa0
[ 1800.813155][T19949]  __sys_bpf+0x4c3/0x730
[ 1800.817411][T19949]  ? bpf_link_show_fdinfo+0x310/0x310
[ 1800.822803][T19949]  ? debug_smp_processor_id+0x17/0x20
[ 1800.828197][T19949]  __x64_sys_bpf+0x7c/0x90
[ 1800.832632][T19949]  x64_sys_call+0x4b9/0x9a0
[ 1800.837156][T19949]  do_syscall_64+0x4c/0xa0
[ 1800.841586][T19949]  ? clear_bhb_loop+0x50/0xa0
[ 1800.846276][T19949]  ? clear_bhb_loop+0x50/0xa0
[ 1800.850969][T19949]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1800.856886][T19949] RIP: 0033:0x7f85c31e7929
[ 1800.861311][T19949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1800.880931][T19949] RSP: 002b:00007f85c182f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1800.889359][T19949] RAX: ffffffffffffffda RBX: 00007f85c340f080 RCX: 00007f85c31e7929
[ 1800.897428][T19949] RDX: 0000000000000094 RSI: 0000200000000400 RDI: 0000000000000005
[ 1800.905414][T19949] RBP: 00007f85c182f090 R08: 0000000000000000 R09: 0000000000000000
[ 1800.913400][T19949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1800.921383][T19949] R13: 0000000000000000 R14: 00007f85c340f080 R15: 00007ffe587f78a8
[ 1800.929375][T19949]  </TASK>
[ 1800.932763][T19949] syz.0.5530: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz0,mems_allowed=0
[ 1800.949061][T19949] CPU: 1 PID: 19949 Comm: syz.0.5530 Not tainted 5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 1800.959050][T19949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1800.969116][T19949] Call Trace:
[ 1800.972402][T19949]  <TASK>
[ 1800.975341][T19949]  __dump_stack+0x21/0x30
[ 1800.979685][T19949]  dump_stack_lvl+0xee/0x150
[ 1800.984287][T19949]  ? show_regs_print_info+0x20/0x20
[ 1800.989501][T19949]  ? pr_cont_kernfs_name+0xe3/0xf0
[ 1800.994622][T19949]  dump_stack+0x15/0x20
[ 1800.998785][T19949]  warn_alloc+0x1b0/0x1d0
[ 1801.003130][T19949]  ? __should_failslab+0xa4/0xe0
[ 1801.008087][T19949]  ? zone_watermark_ok_safe+0x270/0x270
[ 1801.013648][T19949]  ? kmem_cache_alloc_trace+0x119/0x270
[ 1801.019211][T19949]  __vmalloc_node_range+0x2c4/0x840
[ 1801.024420][T19949]  ? selinux_capset+0xf0/0xf0
[ 1801.029120][T19949]  ? _kstrtoull+0x3c0/0x4d0
[ 1801.033647][T19949]  ? bpf_prog_alloc_no_stats+0x3e/0x2d0
[ 1801.039306][T19949]  __vmalloc+0x79/0x90
[ 1801.043400][T19949]  ? bpf_prog_alloc_no_stats+0x3e/0x2d0
[ 1801.048968][T19949]  bpf_prog_alloc_no_stats+0x3e/0x2d0
[ 1801.054365][T19949]  bpf_prog_alloc+0x1f/0x1e0
[ 1801.058978][T19949]  bpf_prog_load+0x7c3/0x1550
[ 1801.063786][T19949]  ? __kasan_check_write+0x14/0x20
[ 1801.068923][T19949]  ? map_freeze+0x360/0x360
[ 1801.073445][T19949]  ? selinux_bpf+0xc7/0xf0
[ 1801.077901][T19949]  ? security_bpf+0x82/0xa0
[ 1801.082427][T19949]  __sys_bpf+0x4c3/0x730
[ 1801.086691][T19949]  ? bpf_link_show_fdinfo+0x310/0x310
[ 1801.092085][T19949]  ? debug_smp_processor_id+0x17/0x20
[ 1801.097462][T19949]  __x64_sys_bpf+0x7c/0x90
[ 1801.101880][T19949]  x64_sys_call+0x4b9/0x9a0
[ 1801.106470][T19949]  do_syscall_64+0x4c/0xa0
[ 1801.110923][T19949]  ? clear_bhb_loop+0x50/0xa0
[ 1801.115598][T19949]  ? clear_bhb_loop+0x50/0xa0
[ 1801.120268][T19949]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1801.126270][T19949] RIP: 0033:0x7f85c31e7929
[ 1801.130694][T19949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1801.150296][T19949] RSP: 002b:00007f85c182f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1801.158718][T19949] RAX: ffffffffffffffda RBX: 00007f85c340f080 RCX: 00007f85c31e7929
[ 1801.166691][T19949] RDX: 0000000000000094 RSI: 0000200000000400 RDI: 0000000000000005
[ 1801.174660][T19949] RBP: 00007f85c182f090 R08: 0000000000000000 R09: 0000000000000000
[ 1801.182726][T19949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1801.190708][T19949] R13: 0000000000000000 R14: 00007f85c340f080 R15: 00007ffe587f78a8
[ 1801.198694][T19949]  </TASK>
[ 1801.204271][T19949] Mem-Info:
[ 1801.207410][T19949] active_anon:38 inactive_anon:12070 isolated_anon:0
[ 1801.207410][T19949]  active_file:25997 inactive_file:3082 isolated_file:0
[ 1801.207410][T19949]  unevictable:0 dirty:426 writeback:1
[ 1801.207410][T19949]  slab_reclaimable:9373 slab_unreclaimable:74934
[ 1801.207410][T19949]  mapped:33254 shmem:3009 pagetables:610 bounce:0
[ 1801.207410][T19949]  kernel_misc_reclaimable:0
[ 1801.207410][T19949]  free:1528323 free_pcp:19851 free_cma:0
[ 1801.250027][T19949] Node 0 active_anon:152kB inactive_anon:48280kB active_file:103988kB inactive_file:12328kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:133016kB dirty:1704kB writeback:4kB shmem:12036kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:4928kB pagetables:2440kB all_unreclaimable? no
[ 1801.281002][T19949] DMA32 free:2978772kB min:62612kB low:78264kB high:93916kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2983024kB mlocked:0kB bounce:0kB free_pcp:4252kB local_pcp:0kB free_cma:0kB
[ 1801.308240][T19949] lowmem_reserve[]: 0 3941 3941
[ 1801.313191][T19949] Normal free:3134392kB min:84840kB low:106048kB high:127256kB reserved_highatomic:0KB active_anon:152kB inactive_anon:48280kB active_file:103988kB inactive_file:12328kB unevictable:0kB writepending:1708kB present:5242880kB managed:4036096kB mlocked:0kB bounce:0kB free_pcp:74972kB local_pcp:27384kB free_cma:0kB
[ 1801.342699][T19949] lowmem_reserve[]: 0 0 0
[ 1801.347136][T19949] DMA32: 3*4kB (M) 1*8kB (M) 2*16kB (M) 3*32kB (M) 3*64kB (M) 3*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (UM) 3*2048kB (UM) 724*4096kB (M) = 2978772kB
[ 1801.363077][T19949] Normal: 906*4kB (UME) 1544*8kB (UME) 711*16kB (ME) 399*32kB (UME) 153*64kB (UME) 126*128kB (UME) 85*256kB (UME) 44*512kB (UME) 19*1024kB (UM) 13*2048kB (UM) 727*4096kB (UM) = 3134200kB
[ 1801.381658][T19949] 32391 total pagecache pages
[ 1801.386362][T19949] 294 pages in swap cache
[ 1801.390721][T19949] Swap cache stats: add 13817, delete 13523, find 107/107
[ 1801.397839][T19949] Free swap  = 123516kB
[ 1801.402047][T19949] Total swap = 124996kB
[ 1801.406208][T19949] 2097051 pages RAM
[ 1801.410018][T19949] 0 pages HighMem/MovableOnly
[ 1801.414826][T19949] 342271 pages reserved
[ 1801.419000][T19949] 0 pages cma reserved
[ 1801.493547][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1801.524946][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1801.578967][T19924] device veth0_vlan entered promiscuous mode
[ 1801.591758][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1801.602078][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1801.685723][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1801.693485][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1801.702723][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1802.824543][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1802.991961][T19924] device veth1_macvtap entered promiscuous mode
[ 1804.549416][   T44] tipc: Left network mode
[ 1805.554930][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1805.563937][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1805.574623][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1805.584295][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1805.953737][T19999] device wireguard1 entered promiscuous mode
[ 1806.770329][T14497] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1806.925567][   T44] device bridge_slave_1 left promiscuous mode
[ 1807.004610][   T44] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1807.153340][   T44] device bridge_slave_0 left promiscuous mode
[ 1807.159581][   T44] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1807.167904][   T44] device veth1_macvtap left promiscuous mode
[ 1807.174052][   T44] device veth0_vlan left promiscuous mode
[ 1808.790691][T14445] Bluetooth: hci0: command 0x1003 tx timeout
[ 1808.830682][T13533] Bluetooth: hci0: sending frame failed (-49)
[ 1810.426326][T20066] device wireguard0 entered promiscuous mode
[ 1810.870517][T16134] Bluetooth: hci0: command 0x1001 tx timeout
[ 1810.881129][T13533] Bluetooth: hci0: sending frame failed (-49)
[ 1812.134021][   T30] audit: type=1326 audit(2000000747.960:7143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20089 comm="syz.4.5568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1812.157967][   T30] audit: type=1326 audit(2000000747.960:7144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20089 comm="syz.4.5568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1812.181537][   T30] audit: type=1326 audit(2000000747.960:7145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20089 comm="syz.4.5568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1812.205102][   T30] audit: type=1326 audit(2000000747.960:7146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20089 comm="syz.4.5568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1812.228806][   T30] audit: type=1326 audit(2000000747.960:7147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20089 comm="syz.4.5568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1812.253665][   T30] audit: type=1326 audit(2000000747.960:7148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20089 comm="syz.4.5568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1812.303425][   T30] audit: type=1326 audit(2000000747.960:7149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20089 comm="syz.4.5568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1812.330070][   T30] audit: type=1326 audit(2000000747.960:7150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20089 comm="syz.4.5568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1812.360720][   T30] audit: type=1326 audit(2000000747.960:7151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20089 comm="syz.4.5568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1812.384828][   T30] audit: type=1326 audit(2000000747.960:7152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20089 comm="syz.4.5568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1812.413908][T20090] loop4: detected capacity change from 0 to 256
[ 1812.578613][T20103] device wireguard1 entered promiscuous mode
[ 1812.640495][T16134] usb 4-1: new full-speed USB device number 18 using dummy_hcd
[ 1812.956888][T14445] Bluetooth: hci0: command 0x1009 tx timeout
[ 1813.060673][T16134] usb 4-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 65535, setting to 64
[ 1813.072318][T16134] usb 4-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 1813.082726][T16134] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1813.290786][T20096] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1813.620778][T16134] aiptek 4-1:17.0: Aiptek using 400 ms programming speed
[ 1813.682420][T16134] input: Aiptek as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:17.0/input/input8
[ 1814.210581][T16134] usb 4-1: USB disconnect, device number 18
[ 1817.111662][T20160] loop4: detected capacity change from 0 to 256
[ 1817.186118][   T30] kauditd_printk_skb: 98 callbacks suppressed
[ 1817.186135][   T30] audit: type=1326 audit(2000000753.010:7251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20155 comm="syz.4.5583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1817.274386][   T30] audit: type=1326 audit(2000000753.050:7252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20156 comm="syz.2.5585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f87df22c929 code=0x7ffc0000
[ 1817.298157][   T30] audit: type=1326 audit(2000000753.050:7253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20147 comm="syz.4.5583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbf602a4b19 code=0x7ffc0000
[ 1817.322923][   T30] audit: type=1326 audit(2000000753.050:7254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20147 comm="syz.4.5583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1817.347212][   T30] audit: type=1326 audit(2000000753.050:7255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20147 comm="syz.4.5583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1817.408543][   T30] audit: type=1326 audit(2000000753.060:7256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20153 comm="syz.2.5585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f87df1c8b19 code=0x7ffc0000
[ 1817.464168][   T30] audit: type=1326 audit(2000000753.060:7257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20153 comm="syz.2.5585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87df22c929 code=0x7ffc0000
[ 1817.489579][   T30] audit: type=1326 audit(2000000753.060:7258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20153 comm="syz.2.5585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87df22c929 code=0x7ffc0000
[ 1817.597638][   T30] audit: type=1326 audit(2000000753.390:7259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20176 comm="syz.2.5592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87df22c929 code=0x7ffc0000
[ 1817.711220][T20171] loop4: detected capacity change from 0 to 512
[ 1817.718669][   T30] audit: type=1326 audit(2000000753.390:7260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20176 comm="syz.2.5592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f87df22c929 code=0x7ffc0000
[ 1817.802122][T20171] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1817.860756][T20171] EXT4-fs (loop4): 1 truncate cleaned up
[ 1817.866443][T20171] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,errors=remount-ro,. Quota mode: none.
[ 1820.652742][T20228] loop4: detected capacity change from 0 to 256
[ 1820.733159][T20228] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[ 1821.005320][T20236] device wireguard0 entered promiscuous mode
[ 1821.321932][T20247] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5608'.
[ 1822.431397][T20254] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5610'.
[ 1822.442442][   T30] kauditd_printk_skb: 90 callbacks suppressed
[ 1822.442470][   T30] audit: type=1326 audit(2000000758.270:7351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20237 comm="syz.2.5607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87df22c929 code=0x7fc00000
[ 1822.443019][   T30] audit: type=1326 audit(2000000758.270:7352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20237 comm="syz.2.5607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f87df22c929 code=0x7fc00000
[ 1822.443599][   T30] audit: type=1326 audit(2000000758.270:7353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20237 comm="syz.2.5607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87df22c929 code=0x7fc00000
[ 1822.444026][   T30] audit: type=1326 audit(2000000758.270:7354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20237 comm="syz.2.5607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87df22c929 code=0x7fc00000
[ 1822.444576][   T30] audit: type=1326 audit(2000000758.270:7355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20237 comm="syz.2.5607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87df22c929 code=0x7fc00000
[ 1822.444969][   T30] audit: type=1326 audit(2000000758.270:7356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20237 comm="syz.2.5607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87df22c929 code=0x7fc00000
[ 1822.445525][   T30] audit: type=1326 audit(2000000758.270:7357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20237 comm="syz.2.5607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87df22c929 code=0x7fc00000
[ 1822.445955][   T30] audit: type=1326 audit(2000000758.270:7358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20237 comm="syz.2.5607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87df22c929 code=0x7fc00000
[ 1822.446597][   T30] audit: type=1326 audit(2000000758.270:7359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20237 comm="syz.2.5607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87df22c929 code=0x7fc00000
[ 1822.447057][   T30] audit: type=1326 audit(2000000758.270:7360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20237 comm="syz.2.5607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87df22c929 code=0x7fc00000
[ 1825.283771][T20296] FAULT_INJECTION: forcing a failure.
[ 1825.283771][T20296] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1825.296974][T20296] CPU: 0 PID: 20296 Comm: syz.0.5622 Not tainted 5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 1825.307135][T20296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1825.317211][T20296] Call Trace:
[ 1825.320508][T20296]  <TASK>
[ 1825.323456][T20296]  __dump_stack+0x21/0x30
[ 1825.327798][T20296]  dump_stack_lvl+0xee/0x150
[ 1825.332394][T20296]  ? show_regs_print_info+0x20/0x20
[ 1825.337609][T20296]  dump_stack+0x15/0x20
[ 1825.341777][T20296]  should_fail+0x3c1/0x510
[ 1825.346209][T20296]  should_fail_usercopy+0x1a/0x20
[ 1825.351244][T20296]  _copy_to_user+0x20/0x90
[ 1825.355681][T20296]  simple_read_from_buffer+0xe9/0x160
[ 1825.361064][T20296]  proc_fail_nth_read+0x19a/0x210
[ 1825.366107][T20296]  ? proc_fault_inject_write+0x2f0/0x2f0
[ 1825.371766][T20296]  ? security_file_permission+0x83/0xa0
[ 1825.377332][T20296]  ? proc_fault_inject_write+0x2f0/0x2f0
[ 1825.382977][T20296]  vfs_read+0x282/0xbe0
[ 1825.387134][T20296]  ? kernel_read+0x1f0/0x1f0
[ 1825.391768][T20296]  ? __kasan_check_write+0x14/0x20
[ 1825.396885][T20296]  ? mutex_lock+0x95/0x1a0
[ 1825.401309][T20296]  ? wait_for_completion_killable_timeout+0x10/0x10
[ 1825.407905][T20296]  ? __fget_files+0x2c4/0x320
[ 1825.412592][T20296]  ? __fdget_pos+0x2d2/0x380
[ 1825.417181][T20296]  ? ksys_read+0x71/0x240
[ 1825.421508][T20296]  ksys_read+0x140/0x240
[ 1825.425750][T20296]  ? vfs_write+0xf70/0xf70
[ 1825.430166][T20296]  ? debug_smp_processor_id+0x17/0x20
[ 1825.435535][T20296]  __x64_sys_read+0x7b/0x90
[ 1825.440032][T20296]  x64_sys_call+0x96d/0x9a0
[ 1825.444530][T20296]  do_syscall_64+0x4c/0xa0
[ 1825.448941][T20296]  ? clear_bhb_loop+0x50/0xa0
[ 1825.453613][T20296]  ? clear_bhb_loop+0x50/0xa0
[ 1825.458286][T20296]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1825.464182][T20296] RIP: 0033:0x7f85c31e633c
[ 1825.468640][T20296] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1825.488244][T20296] RSP: 002b:00007f85c1850030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1825.496662][T20296] RAX: ffffffffffffffda RBX: 00007f85c340efa0 RCX: 00007f85c31e633c
[ 1825.504632][T20296] RDX: 000000000000000f RSI: 00007f85c18500a0 RDI: 0000000000000004
[ 1825.512598][T20296] RBP: 00007f85c1850090 R08: 0000000000000000 R09: 0000000000000000
[ 1825.520564][T20296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1825.528533][T20296] R13: 0000000000000000 R14: 00007f85c340efa0 R15: 00007ffe587f78a8
[ 1825.536505][T20296]  </TASK>
[ 1825.762327][T20299] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5623'.
[ 1825.773375][T20299] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5623'.
[ 1825.803980][T20299] netlink: 'syz.3.5623': attribute type 1 has an invalid length.
[ 1825.909370][T20317] FAULT_INJECTION: forcing a failure.
[ 1825.909370][T20317] name failslab, interval 1, probability 0, space 0, times 0
[ 1825.922174][T20317] CPU: 1 PID: 20317 Comm: syz.0.5627 Not tainted 5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 1825.932174][T20317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1825.942248][T20317] Call Trace:
[ 1825.945542][T20317]  <TASK>
[ 1825.948484][T20317]  __dump_stack+0x21/0x30
[ 1825.952829][T20317]  dump_stack_lvl+0xee/0x150
[ 1825.957424][T20317]  ? show_regs_print_info+0x20/0x20
[ 1825.962632][T20317]  ? finish_task_switch+0x16b/0x780
[ 1825.967859][T20317]  ? __switch_to_asm+0x3a/0x60
[ 1825.972651][T20317]  dump_stack+0x15/0x20
[ 1825.976830][T20317]  should_fail+0x3c1/0x510
[ 1825.981271][T20317]  __should_failslab+0xa4/0xe0
[ 1825.986054][T20317]  should_failslab+0x9/0x20
[ 1825.990575][T20317]  slab_pre_alloc_hook+0x3b/0xe0
[ 1825.995539][T20317]  ? shmem_alloc_inode+0x1a/0x30
[ 1826.000492][T20317]  kmem_cache_alloc+0x44/0x260
[ 1826.005273][T20317]  ? preempt_schedule_common+0xbe/0xf0
[ 1826.010833][T20317]  ? shmem_match+0x160/0x160
[ 1826.015455][T20317]  shmem_alloc_inode+0x1a/0x30
[ 1826.020227][T20317]  new_inode_pseudo+0x62/0x210
[ 1826.025006][T20317]  new_inode+0x28/0x1e0
[ 1826.029530][T20317]  shmem_get_inode+0x34a/0x9e0
[ 1826.034319][T20317]  __shmem_file_setup+0x113/0x2b0
[ 1826.039358][T20317]  shmem_file_setup+0x2f/0x40
[ 1826.044055][T20317]  __se_sys_memfd_create+0x1e6/0x3b0
[ 1826.049363][T20317]  __x64_sys_memfd_create+0x5b/0x70
[ 1826.054661][T20317]  x64_sys_call+0x473/0x9a0
[ 1826.059176][T20317]  do_syscall_64+0x4c/0xa0
[ 1826.063605][T20317]  ? clear_bhb_loop+0x50/0xa0
[ 1826.068300][T20317]  ? clear_bhb_loop+0x50/0xa0
[ 1826.072997][T20317]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1826.078990][T20317] RIP: 0033:0x7f85c31e7929
[ 1826.083411][T20317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1826.103120][T20317] RSP: 002b:00007f85c180de18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[ 1826.111550][T20317] RAX: ffffffffffffffda RBX: 000000000000055f RCX: 00007f85c31e7929
[ 1826.119545][T20317] RDX: 00007f85c180def0 RSI: 0000000000000000 RDI: 00007f85c326a4cc
[ 1826.127520][T20317] RBP: 0000200000000d00 R08: 00007f85c180dbb7 R09: 00007f85c180de40
[ 1826.135496][T20317] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000040
[ 1826.143492][T20317] R13: 00007f85c180def0 R14: 00007f85c180deb0 R15: 0000200000000080
[ 1826.151484][T20317]  </TASK>
[ 1827.991810][T20338] FAULT_INJECTION: forcing a failure.
[ 1827.991810][T20338] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1828.025230][T20338] CPU: 1 PID: 20338 Comm: syz.3.5635 Not tainted 5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 1828.035259][T20338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1828.045323][T20338] Call Trace:
[ 1828.048633][T20338]  <TASK>
[ 1828.051572][T20338]  __dump_stack+0x21/0x30
[ 1828.055915][T20338]  dump_stack_lvl+0xee/0x150
[ 1828.060513][T20338]  ? show_regs_print_info+0x20/0x20
[ 1828.065720][T20338]  ? vfs_write+0xc17/0xf70
[ 1828.070144][T20338]  dump_stack+0x15/0x20
[ 1828.074318][T20338]  should_fail+0x3c1/0x510
[ 1828.078757][T20338]  should_fail_usercopy+0x1a/0x20
[ 1828.083808][T20338]  _copy_from_user+0x20/0xd0
[ 1828.088446][T20338]  __se_sys_rt_sigqueueinfo+0xa8/0x470
[ 1828.093925][T20338]  ? __x64_sys_rt_sigqueueinfo+0x90/0x90
[ 1828.099579][T20338]  ? __kasan_check_write+0x14/0x20
[ 1828.104718][T20338]  ? fput_many+0x15a/0x1a0
[ 1828.109143][T20338]  ? fput+0x1a/0x20
[ 1828.112955][T20338]  ? ksys_write+0x1eb/0x240
[ 1828.117570][T20338]  ? debug_smp_processor_id+0x17/0x20
[ 1828.122959][T20338]  __x64_sys_rt_sigqueueinfo+0x7b/0x90
[ 1828.128435][T20338]  x64_sys_call+0x920/0x9a0
[ 1828.132950][T20338]  do_syscall_64+0x4c/0xa0
[ 1828.137373][T20338]  ? clear_bhb_loop+0x50/0xa0
[ 1828.142053][T20338]  ? clear_bhb_loop+0x50/0xa0
[ 1828.146730][T20338]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1828.152622][T20338] RIP: 0033:0x7f8944827929
[ 1828.157043][T20338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1828.176736][T20338] RSP: 002b:00007f8942e90038 EFLAGS: 00000246 ORIG_RAX: 0000000000000081
[ 1828.185155][T20338] RAX: ffffffffffffffda RBX: 00007f8944a4efa0 RCX: 00007f8944827929
[ 1828.193130][T20338] RDX: 0000200000001ac0 RSI: 0000000000000012 RDI: 000000000000076e
[ 1828.201099][T20338] RBP: 00007f8942e90090 R08: 0000000000000000 R09: 0000000000000000
[ 1828.209068][T20338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1828.217038][T20338] R13: 0000000000000000 R14: 00007f8944a4efa0 R15: 00007ffd1954a1b8
[ 1828.225016][T20338]  </TASK>
[ 1828.739249][   T30] kauditd_printk_skb: 28 callbacks suppressed
[ 1828.739268][   T30] audit: type=1326 audit(2000000764.560:7389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20360 comm="syz.0.5642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1828.803037][   T30] audit: type=1326 audit(2000000764.580:7390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20360 comm="syz.0.5642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1828.827308][   T30] audit: type=1326 audit(2000000764.600:7391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20360 comm="syz.0.5642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1828.860293][   T30] audit: type=1326 audit(2000000764.600:7392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20360 comm="syz.0.5642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1828.895104][   T30] audit: type=1326 audit(2000000764.600:7393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20360 comm="syz.0.5642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1828.918816][   T30] audit: type=1326 audit(2000000764.600:7394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20360 comm="syz.0.5642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1828.961380][   T30] audit: type=1326 audit(2000000764.600:7395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20360 comm="syz.0.5642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1828.985841][   T30] audit: type=1326 audit(2000000764.600:7396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20360 comm="syz.0.5642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1829.015224][   T30] audit: type=1326 audit(2000000764.600:7397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20360 comm="syz.0.5642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1829.049662][   T30] audit: type=1326 audit(2000000764.600:7398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20360 comm="syz.0.5642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1829.787966][T20398] FAULT_INJECTION: forcing a failure.
[ 1829.787966][T20398] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1829.801488][T20398] CPU: 0 PID: 20398 Comm: syz.2.5652 Not tainted 5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 1829.811489][T20398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1829.821537][T20398] Call Trace:
[ 1829.824808][T20398]  <TASK>
[ 1829.827740][T20398]  __dump_stack+0x21/0x30
[ 1829.832156][T20398]  dump_stack_lvl+0xee/0x150
[ 1829.836880][T20398]  ? show_regs_print_info+0x20/0x20
[ 1829.842089][T20398]  dump_stack+0x15/0x20
[ 1829.846241][T20398]  should_fail+0x3c1/0x510
[ 1829.850649][T20398]  should_fail_usercopy+0x1a/0x20
[ 1829.855695][T20398]  _copy_to_user+0x20/0x90
[ 1829.860112][T20398]  simple_read_from_buffer+0xe9/0x160
[ 1829.865479][T20398]  proc_fail_nth_read+0x19a/0x210
[ 1829.870501][T20398]  ? proc_fault_inject_write+0x2f0/0x2f0
[ 1829.876135][T20398]  ? security_file_permission+0x83/0xa0
[ 1829.881676][T20398]  ? proc_fault_inject_write+0x2f0/0x2f0
[ 1829.887316][T20398]  vfs_read+0x282/0xbe0
[ 1829.891491][T20398]  ? kernel_read+0x1f0/0x1f0
[ 1829.896078][T20398]  ? __kasan_check_write+0x14/0x20
[ 1829.901185][T20398]  ? mutex_lock+0x95/0x1a0
[ 1829.905619][T20398]  ? wait_for_completion_killable_timeout+0x10/0x10
[ 1829.912272][T20398]  ? __fget_files+0x2c4/0x320
[ 1829.916952][T20398]  ? __fdget_pos+0x2d2/0x380
[ 1829.921535][T20398]  ? ksys_read+0x71/0x240
[ 1829.925875][T20398]  ksys_read+0x140/0x240
[ 1829.930118][T20398]  ? vfs_write+0xf70/0xf70
[ 1829.934524][T20398]  ? debug_smp_processor_id+0x17/0x20
[ 1829.939892][T20398]  __x64_sys_read+0x7b/0x90
[ 1829.944387][T20398]  x64_sys_call+0x96d/0x9a0
[ 1829.948885][T20398]  do_syscall_64+0x4c/0xa0
[ 1829.953290][T20398]  ? clear_bhb_loop+0x50/0xa0
[ 1829.957963][T20398]  ? clear_bhb_loop+0x50/0xa0
[ 1829.962629][T20398]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1829.968519][T20398] RIP: 0033:0x7f87df22b33c
[ 1829.972924][T20398] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1829.992525][T20398] RSP: 002b:00007f87dd895030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1830.001100][T20398] RAX: ffffffffffffffda RBX: 00007f87df453fa0 RCX: 00007f87df22b33c
[ 1830.009081][T20398] RDX: 000000000000000f RSI: 00007f87dd8950a0 RDI: 0000000000000004
[ 1830.017046][T20398] RBP: 00007f87dd895090 R08: 0000000000000000 R09: 0000000000000000
[ 1830.025119][T20398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1830.033321][T20398] R13: 0000000000000000 R14: 00007f87df453fa0 R15: 00007ffdf7fe9a18
[ 1830.041316][T20398]  </TASK>
[ 1831.538972][T20406] FAULT_INJECTION: forcing a failure.
[ 1831.538972][T20406] name failslab, interval 1, probability 0, space 0, times 0
[ 1831.623965][T20406] CPU: 0 PID: 20406 Comm: syz.2.5655 Not tainted 5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 1831.634004][T20406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1831.644091][T20406] Call Trace:
[ 1831.647389][T20406]  <TASK>
[ 1831.650338][T20406]  __dump_stack+0x21/0x30
[ 1831.654734][T20406]  dump_stack_lvl+0xee/0x150
[ 1831.659348][T20406]  ? show_regs_print_info+0x20/0x20
[ 1831.664571][T20406]  dump_stack+0x15/0x20
[ 1831.668753][T20406]  should_fail+0x3c1/0x510
[ 1831.673193][T20406]  __should_failslab+0xa4/0xe0
[ 1831.677985][T20406]  should_failslab+0x9/0x20
[ 1831.682514][T20406]  slab_pre_alloc_hook+0x3b/0xe0
[ 1831.687488][T20406]  __kmalloc+0x6d/0x2c0
[ 1831.691667][T20406]  ? __se_sys_memfd_create+0xf2/0x3b0
[ 1831.697062][T20406]  ? strnlen_user+0x13b/0x1c0
[ 1831.701771][T20406]  __se_sys_memfd_create+0xf2/0x3b0
[ 1831.707019][T20406]  __x64_sys_memfd_create+0x5b/0x70
[ 1831.712248][T20406]  x64_sys_call+0x473/0x9a0
[ 1831.716777][T20406]  do_syscall_64+0x4c/0xa0
[ 1831.721208][T20406]  ? clear_bhb_loop+0x50/0xa0
[ 1831.725902][T20406]  ? clear_bhb_loop+0x50/0xa0
[ 1831.730607][T20406]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1831.736523][T20406] RIP: 0033:0x7f87df22c929
[ 1831.740940][T20406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1831.760544][T20406] RSP: 002b:00007f87dd873e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[ 1831.768957][T20406] RAX: ffffffffffffffda RBX: 00000000000004f3 RCX: 00007f87df22c929
[ 1831.776935][T20406] RDX: 00007f87dd873ef0 RSI: 0000000000000000 RDI: 00007f87df2af4cc
[ 1831.784904][T20406] RBP: 00002000000005c0 R08: 00007f87dd873bb7 R09: 00007f87dd873e40
[ 1831.792881][T20406] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000
[ 1831.800853][T20406] R13: 00007f87dd873ef0 R14: 00007f87dd873eb0 R15: 00002000000001c0
[ 1831.808828][T20406]  </TASK>
[ 1831.812128][T20421] device wireguard0 entered promiscuous mode
[ 1831.851229][T20422] device wireguard1 entered promiscuous mode
[ 1832.326098][   T44] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1832.517524][T20449] device wireguard0 entered promiscuous mode
[ 1834.420861][  T564] Bluetooth: hci0: command 0x1003 tx timeout
[ 1834.490554][T13533] Bluetooth: hci0: sending frame failed (-49)
[ 1834.673298][   T30] kauditd_printk_skb: 60 callbacks suppressed
[ 1834.673313][   T30] audit: type=1326 audit(2000000770.500:7459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20483 comm="syz.2.5679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87df22c929 code=0x7ffc0000
[ 1834.708227][   T30] audit: type=1326 audit(2000000770.540:7460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20483 comm="syz.2.5679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f87df22c929 code=0x7ffc0000
[ 1834.740528][   T30] audit: type=1326 audit(2000000770.540:7461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20483 comm="syz.2.5679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87df22c929 code=0x7ffc0000
[ 1834.767066][   T30] audit: type=1326 audit(2000000770.540:7462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20483 comm="syz.2.5679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7f87df22c929 code=0x7ffc0000
[ 1834.793537][   T30] audit: type=1326 audit(2000000770.540:7463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20483 comm="syz.2.5679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87df22c929 code=0x7ffc0000
[ 1834.817173][   T30] audit: type=1326 audit(2000000770.540:7464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20483 comm="syz.2.5679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87df22c929 code=0x7ffc0000
[ 1834.840944][   T30] audit: type=1326 audit(2000000770.540:7465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20483 comm="syz.2.5679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87df22c929 code=0x7ffc0000
[ 1834.865274][   T30] audit: type=1326 audit(2000000770.540:7466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20483 comm="syz.2.5679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87df22c929 code=0x7ffc0000
[ 1834.889159][   T30] audit: type=1326 audit(2000000770.540:7467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20483 comm="syz.2.5679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87df22c929 code=0x7ffc0000
[ 1834.912798][   T30] audit: type=1326 audit(2000000770.540:7468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20483 comm="syz.2.5679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87df22c929 code=0x7ffc0000
[ 1834.982228][T20497] FAULT_INJECTION: forcing a failure.
[ 1834.982228][T20497] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1834.995418][T20497] CPU: 0 PID: 20497 Comm: syz.2.5682 Not tainted 5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 1835.005410][T20497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1835.015468][T20497] Call Trace:
[ 1835.018786][T20497]  <TASK>
[ 1835.021737][T20497]  __dump_stack+0x21/0x30
[ 1835.026061][T20497]  dump_stack_lvl+0xee/0x150
[ 1835.030645][T20497]  ? show_regs_print_info+0x20/0x20
[ 1835.035835][T20497]  ? stack_trace_save+0x98/0xe0
[ 1835.040694][T20497]  ? __stack_depot_save+0x34/0x480
[ 1835.045836][T20497]  dump_stack+0x15/0x20
[ 1835.049984][T20497]  should_fail+0x3c1/0x510
[ 1835.054398][T20497]  should_fail_usercopy+0x1a/0x20
[ 1835.059419][T20497]  _copy_from_user+0x20/0xd0
[ 1835.064018][T20497]  __copy_msghdr_from_user+0xaf/0x5e0
[ 1835.069392][T20497]  ? _kstrtoull+0x3c0/0x4d0
[ 1835.073904][T20497]  ? __ia32_sys_shutdown+0x1e0/0x1e0
[ 1835.079183][T20497]  ? kstrtouint_from_user+0x1a0/0x200
[ 1835.084566][T20497]  ___sys_sendmsg+0x156/0x260
[ 1835.089247][T20497]  ? __sys_sendmsg+0x250/0x250
[ 1835.094151][T20497]  ? __fdget+0x1a1/0x230
[ 1835.098415][T20497]  __x64_sys_sendmsg+0x1e2/0x2a0
[ 1835.103357][T20497]  ? ___sys_sendmsg+0x260/0x260
[ 1835.108347][T20497]  ? ksys_write+0x1eb/0x240
[ 1835.112847][T20497]  ? fpregs_assert_state_consistent+0xb1/0xe0
[ 1835.119163][T20497]  x64_sys_call+0x4b/0x9a0
[ 1835.123582][T20497]  do_syscall_64+0x4c/0xa0
[ 1835.127998][T20497]  ? clear_bhb_loop+0x50/0xa0
[ 1835.132674][T20497]  ? clear_bhb_loop+0x50/0xa0
[ 1835.137352][T20497]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1835.143259][T20497] RIP: 0033:0x7f87df22c929
[ 1835.147666][T20497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1835.167283][T20497] RSP: 002b:00007f87dd895038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1835.175697][T20497] RAX: ffffffffffffffda RBX: 00007f87df453fa0 RCX: 00007f87df22c929
[ 1835.183666][T20497] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[ 1835.191631][T20497] RBP: 00007f87dd895090 R08: 0000000000000000 R09: 0000000000000000
[ 1835.199603][T20497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1835.207594][T20497] R13: 0000000000000000 R14: 00007f87df453fa0 R15: 00007ffdf7fe9a18
[ 1835.215787][T20497]  </TASK>
[ 1836.583960][  T564] Bluetooth: hci0: command 0x1001 tx timeout
[ 1836.590045][T13533] Bluetooth: hci0: sending frame failed (-49)
[ 1836.799932][T20532] FAULT_INJECTION: forcing a failure.
[ 1836.799932][T20532] name failslab, interval 1, probability 0, space 0, times 0
[ 1836.812782][T20532] CPU: 0 PID: 20532 Comm: syz.1.5692 Not tainted 5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 1836.822800][T20532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1836.832963][T20532] Call Trace:
[ 1836.836239][T20532]  <TASK>
[ 1836.839165][T20532]  __dump_stack+0x21/0x30
[ 1836.843496][T20532]  dump_stack_lvl+0xee/0x150
[ 1836.848085][T20532]  ? show_regs_print_info+0x20/0x20
[ 1836.853279][T20532]  dump_stack+0x15/0x20
[ 1836.857431][T20532]  should_fail+0x3c1/0x510
[ 1836.861854][T20532]  __should_failslab+0xa4/0xe0
[ 1836.866627][T20532]  should_failslab+0x9/0x20
[ 1836.871126][T20532]  slab_pre_alloc_hook+0x3b/0xe0
[ 1836.876063][T20532]  ? dst_alloc+0x15c/0x1d0
[ 1836.880475][T20532]  kmem_cache_alloc+0x44/0x260
[ 1836.885239][T20532]  ? ipv6_sysctl_rtcache_flush+0x100/0x100
[ 1836.891039][T20532]  dst_alloc+0x15c/0x1d0
[ 1836.895292][T20532]  ip6_rt_cache_alloc+0x378/0x8d0
[ 1836.900317][T20532]  ? ip6_pol_route+0x1110/0x1110
[ 1836.905255][T20532]  ? fib6_select_path+0x107/0x620
[ 1836.910277][T20532]  ip6_pol_route+0xe11/0x1110
[ 1836.914971][T20532]  ? stack_trace_save+0xe0/0xe0
[ 1836.919827][T20532]  ? fib6_table_lookup+0x9f0/0x9f0
[ 1836.924940][T20532]  ? stack_trace_save+0x98/0xe0
[ 1836.929788][T20532]  ip6_pol_route_output+0x51/0x80
[ 1836.934830][T20532]  fib6_rule_lookup+0x1c6/0x560
[ 1836.939683][T20532]  ? ip6_route_output_flags_noref+0x340/0x340
[ 1836.945750][T20532]  ? fib6_lookup+0x2a0/0x2a0
[ 1836.950337][T20532]  ? security_inode_alloc+0x33/0x110
[ 1836.955619][T20532]  ? inode_init_always+0x711/0x990
[ 1836.960726][T20532]  ? new_inode_pseudo+0x91/0x210
[ 1836.965661][T20532]  ? new_inode+0x28/0x1e0
[ 1836.969987][T20532]  ? proc_pid_make_inode+0x27/0x1d0
[ 1836.975181][T20532]  ? proc_pident_instantiate+0x69/0x2b0
[ 1836.980723][T20532]  ? proc_pident_lookup+0x1c0/0x270
[ 1836.985914][T20532]  ? proc_tid_base_lookup+0x2b/0x30
[ 1836.991109][T20532]  ? path_openat+0xfcf/0x2f10
[ 1836.995794][T20532]  ? do_filp_open+0x1b3/0x3e0
[ 1837.000472][T20532]  ? do_sys_openat2+0x14c/0x7b0
[ 1837.005332][T20532]  ? __x64_sys_openat+0x136/0x160
[ 1837.010354][T20532]  ? x64_sys_call+0x219/0x9a0
[ 1837.015032][T20532]  ? do_syscall_64+0x4c/0xa0
[ 1837.019628][T20532]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1837.025704][T20532]  ip6_route_output_flags_noref+0x283/0x340
[ 1837.031602][T20532]  ip6_route_output_flags+0x3c/0x200
[ 1837.036894][T20532]  ip6_dst_lookup_tail+0x591/0x1370
[ 1837.042104][T20532]  ? _raw_spin_lock+0xe0/0xe0
[ 1837.046783][T20532]  ? avc_has_perm+0x158/0x240
[ 1837.051460][T20532]  ? ip6_dst_lookup+0x60/0x60
[ 1837.056140][T20532]  ? memcpy+0x56/0x70
[ 1837.060124][T20532]  ? txopt_get+0x180/0x200
[ 1837.064539][T20532]  ? fl6_sock_lookup+0xc0/0xc0
[ 1837.069309][T20532]  ip6_dst_lookup_flow+0x49/0xc0
[ 1837.074249][T20532]  rawv6_sendmsg+0xc07/0x16d0
[ 1837.078925][T20532]  ? avc_has_perm+0x158/0x240
[ 1837.083601][T20532]  ? compat_rawv6_ioctl+0x10/0x10
[ 1837.088623][T20532]  ? __stack_depot_save+0x34/0x480
[ 1837.093745][T20532]  ? avc_has_perm_noaudit+0x460/0x460
[ 1837.099117][T20532]  ? inet_send_prepare+0x60/0x4c0
[ 1837.104143][T20532]  inet_sendmsg+0xa5/0xc0
[ 1837.108474][T20532]  sock_write_iter+0x29c/0x380
[ 1837.113234][T20532]  ? sock_read_iter+0x340/0x340
[ 1837.118082][T20532]  ? memset+0x35/0x40
[ 1837.122062][T20532]  ? iov_iter_init+0xbc/0x180
[ 1837.126734][T20532]  vfs_write+0x802/0xf70
[ 1837.130975][T20532]  ? file_end_write+0x1b0/0x1b0
[ 1837.135829][T20532]  ? __fget_files+0x2c4/0x320
[ 1837.140632][T20532]  ? __fdget_pos+0x1f7/0x380
[ 1837.145249][T20532]  ? ksys_write+0x71/0x240
[ 1837.149688][T20532]  ksys_write+0x140/0x240
[ 1837.154018][T20532]  ? __ia32_sys_read+0x90/0x90
[ 1837.158781][T20532]  ? debug_smp_processor_id+0x17/0x20
[ 1837.164154][T20532]  __x64_sys_write+0x7b/0x90
[ 1837.168758][T20532]  x64_sys_call+0x8ef/0x9a0
[ 1837.173266][T20532]  do_syscall_64+0x4c/0xa0
[ 1837.177681][T20532]  ? clear_bhb_loop+0x50/0xa0
[ 1837.182354][T20532]  ? clear_bhb_loop+0x50/0xa0
[ 1837.187058][T20532]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1837.192955][T20532] RIP: 0033:0x7fbee991e929
[ 1837.197437][T20532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1837.217051][T20532] RSP: 002b:00007fbee7f87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1837.225566][T20532] RAX: ffffffffffffffda RBX: 00007fbee9b45fa0 RCX: 00007fbee991e929
[ 1837.233541][T20532] RDX: 0000000000000028 RSI: 0000200000000180 RDI: 0000000000000003
[ 1837.241510][T20532] RBP: 00007fbee7f87090 R08: 0000000000000000 R09: 0000000000000000
[ 1837.249482][T20532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1837.257453][T20532] R13: 0000000000000000 R14: 00007fbee9b45fa0 R15: 00007ffe572a31c8
[ 1837.265447][T20532]  </TASK>
[ 1837.278648][T20535] FAULT_INJECTION: forcing a failure.
[ 1837.278648][T20535] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1837.292386][T20535] CPU: 0 PID: 20535 Comm: syz.0.5696 Not tainted 5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 1837.302402][T20535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1837.304819][T20538] netlink: 'syz.4.5697': attribute type 16 has an invalid length.
[ 1837.312476][T20535] Call Trace:
[ 1837.312486][T20535]  <TASK>
[ 1837.312494][T20535]  __dump_stack+0x21/0x30
[ 1837.312525][T20535]  dump_stack_lvl+0xee/0x150
[ 1837.320394][T20538] netlink: 'syz.4.5697': attribute type 17 has an invalid length.
[ 1837.323599][T20535]  ? show_regs_print_info+0x20/0x20
[ 1837.348514][T20535]  dump_stack+0x15/0x20
[ 1837.351071][  T564] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 1837.352699][T20535]  should_fail+0x3c1/0x510
[ 1837.364569][T20535]  should_fail_usercopy+0x1a/0x20
[ 1837.369616][T20535]  _copy_to_user+0x20/0x90
[ 1837.374060][T20535]  simple_read_from_buffer+0xe9/0x160
[ 1837.379457][T20535]  proc_fail_nth_read+0x19a/0x210
[ 1837.384515][T20535]  ? proc_fault_inject_write+0x2f0/0x2f0
[ 1837.390173][T20535]  ? security_file_permission+0x83/0xa0
[ 1837.395744][T20535]  ? proc_fault_inject_write+0x2f0/0x2f0
[ 1837.401390][T20535]  vfs_read+0x282/0xbe0
[ 1837.405554][T20535]  ? kernel_read+0x1f0/0x1f0
[ 1837.410151][T20535]  ? __kasan_check_write+0x14/0x20
[ 1837.415270][T20535]  ? mutex_lock+0x95/0x1a0
[ 1837.419728][T20535]  ? wait_for_completion_killable_timeout+0x10/0x10
[ 1837.426321][T20535]  ? __fget_files+0x2c4/0x320
[ 1837.431147][T20535]  ? __fdget_pos+0x2d2/0x380
[ 1837.435763][T20535]  ? ksys_read+0x71/0x240
[ 1837.440104][T20535]  ksys_read+0x140/0x240
[ 1837.444382][T20535]  ? vfs_write+0xf70/0xf70
[ 1837.448813][T20535]  ? debug_smp_processor_id+0x17/0x20
[ 1837.454365][T20535]  __x64_sys_read+0x7b/0x90
[ 1837.458866][T20535]  x64_sys_call+0x96d/0x9a0
[ 1837.463376][T20535]  do_syscall_64+0x4c/0xa0
[ 1837.467787][T20535]  ? clear_bhb_loop+0x50/0xa0
[ 1837.472461][T20535]  ? clear_bhb_loop+0x50/0xa0
[ 1837.477162][T20535]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1837.483147][T20535] RIP: 0033:0x7f85c31e633c
[ 1837.487566][T20535] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1837.507174][T20535] RSP: 002b:00007f85c1850030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1837.515719][T20535] RAX: ffffffffffffffda RBX: 00007f85c340efa0 RCX: 00007f85c31e633c
[ 1837.523691][T20535] RDX: 000000000000000f RSI: 00007f85c18500a0 RDI: 0000000000000007
[ 1837.531660][T20535] RBP: 00007f85c1850090 R08: 0000000000000000 R09: 0000000000000000
[ 1837.539630][T20535] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[ 1837.547602][T20535] R13: 0000000000000000 R14: 00007f85c340efa0 R15: 00007ffe587f78a8
[ 1837.555709][T20535]  </TASK>
[ 1838.062396][T16134] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 1838.334444][T20568] serio: Serial port tty23
[ 1838.538817][T20579] FAULT_INJECTION: forcing a failure.
[ 1838.538817][T20579] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1838.552112][T20579] CPU: 1 PID: 20579 Comm: syz.2.5711 Not tainted 5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 1838.562114][T20579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1838.572171][T20579] Call Trace:
[ 1838.575449][T20579]  <TASK>
[ 1838.578378][T20579]  __dump_stack+0x21/0x30
[ 1838.582738][T20579]  dump_stack_lvl+0xee/0x150
[ 1838.587324][T20579]  ? show_regs_print_info+0x20/0x20
[ 1838.592533][T20579]  dump_stack+0x15/0x20
[ 1838.596687][T20579]  should_fail+0x3c1/0x510
[ 1838.601102][T20579]  should_fail_alloc_page+0x55/0x80
[ 1838.606298][T20579]  prepare_alloc_pages+0x156/0x600
[ 1838.611411][T20579]  ? __alloc_pages_bulk+0xab0/0xab0
[ 1838.616609][T20579]  ? 0xffffffffa00124cc
[ 1838.620759][T20579]  ? is_bpf_text_address+0x177/0x190
[ 1838.626044][T20579]  __alloc_pages+0x10a/0x440
[ 1838.630640][T20579]  ? stack_trace_save+0xe0/0xe0
[ 1838.635584][T20579]  ? prep_new_page+0x110/0x110
[ 1838.640349][T20579]  ? stack_trace_save+0x98/0xe0
[ 1838.645204][T20579]  handle_pte_fault+0xe89/0x2680
[ 1838.650171][T20579]  ? __stack_depot_save+0x34/0x480
[ 1838.655288][T20579]  ? fault_around_bytes_set+0xc0/0xc0
[ 1838.660662][T20579]  ? __kasan_record_aux_stack+0xd2/0x100
[ 1838.666301][T20579]  ? kasan_record_aux_stack_noalloc+0xb/0x10
[ 1838.672283][T20579]  ? call_rcu+0xf6/0xf60
[ 1838.676528][T20579]  ? memcpy+0x56/0x70
[ 1838.680510][T20579]  do_handle_mm_fault+0x1a6d/0x1d50
[ 1838.685713][T20579]  ? numa_migrate_prep+0xd0/0xd0
[ 1838.690655][T20579]  ? find_vma_from_tree+0xfd/0x110
[ 1838.695765][T20579]  ? access_error+0x152/0x260
[ 1838.700445][T20579]  do_user_addr_fault+0x554/0x1180
[ 1838.705564][T20579]  ? do_kern_addr_fault+0x80/0x80
[ 1838.710594][T20579]  ? debug_smp_processor_id+0x17/0x20
[ 1838.715966][T20579]  ? fpregs_assert_state_consistent+0xb1/0xe0
[ 1838.722032][T20579]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1838.727664][T20579]  exc_page_fault+0x51/0xb0
[ 1838.732170][T20579]  asm_exc_page_fault+0x27/0x30
[ 1838.737018][T20579] RIP: 0033:0x7f87df1d9f4b
[ 1838.741437][T20579] Code: c0 8b 87 c0 00 00 00 66 0f 6c c0 85 c0 0f 85 44 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 21 00 00 48 8d 7c 24 20 <0f> 29 44 24 40 49 89 e4 48 89 44 24 50 8b 43 74 48 89 9c 24 00 01
[ 1838.761043][T20579] RSP: 002b:00007f87dd892e10 EFLAGS: 00010246
[ 1838.767112][T20579] RAX: 00007f87dd894f30 RBX: 00007f87df422620 RCX: 0000000000000000
[ 1838.775080][T20579] RDX: 00007f87dd894f78 RSI: 00007f87df28bbf8 RDI: 00007f87dd892e30
[ 1838.783139][T20579] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
[ 1838.791106][T20579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1838.799185][T20579] R13: 0000000000000000 R14: 00007f87df453fa0 R15: 00007ffdf7fe9a18
[ 1838.807159][T20579]  </TASK>
[ 1838.810873][  T564] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[ 1838.818545][T20579] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1838.821602][T16134] Bluetooth: hci0: command 0x1009 tx timeout
[ 1839.060457][  T564] usb 5-1: Using ep0 maxpacket: 16
[ 1840.632066][  T564] usb 5-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30
[ 1840.643273][  T564] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1840.654723][  T564] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[ 1840.665411][  T564] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 8
[ 1840.676412][  T564] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 255
[ 1841.071041][  T564] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1841.090083][  T564] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1841.278451][  T564] usb 5-1: SerialNumber: syz
[ 1841.310597][T20570] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1841.331203][  T564] cdc_acm 5-1:1.0: Control and data interfaces are not separated!
[ 1841.345020][  T564] cdc_acm: probe of 5-1:1.0 failed with error -12
[ 1841.408045][  T564] usb 5-1: USB disconnect, device number 19
[ 1841.826453][  T451] Bluetooth: hci2: Frame reassembly failed (-84)
[ 1842.072829][T20617] loop4: detected capacity change from 0 to 128
[ 1842.104503][T20617] device wireguard0 entered promiscuous mode
[ 1842.250914][  T451] attempt to access beyond end of device
[ 1842.250914][  T451] loop4: rw=1, want=1041, limit=128
[ 1843.280246][T20645] SELinux: ebitmap start bit (2047) is not a multiple of the map unit size (64)
[ 1843.291789][T20645] SELinux: failed to load policy
[ 1843.350515][T14445] Bluetooth: hci1: command 0x1003 tx timeout
[ 1843.356661][T12223] Bluetooth: hci1: sending frame failed (-49)
[ 1843.612211][T20652] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5734'.
[ 1844.043521][T18408] Bluetooth: hci2: command 0x1003 tx timeout
[ 1844.050078][T12223] Bluetooth: hci2: sending frame failed (-49)
[ 1844.193319][T11630] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1844.217040][T20665] loop4: detected capacity change from 0 to 8192
[ 1844.251753][T20116]  loop4: p1 p2[DM] p4
[ 1844.256050][T20116] loop4: p1 size 196608 extends beyond EOD, truncated
[ 1844.263526][T20116] loop4: p2 start 4292936063 is beyond EOD, truncated
[ 1844.270386][T20116] loop4: p4 size 50331648 extends beyond EOD, truncated
[ 1844.279982][T20665]  loop4: p1 p2[DM] p4
[ 1844.284270][T20665] loop4: p1 size 196608 extends beyond EOD, truncated
[ 1844.291702][T20665] loop4: p2 start 4292936063 is beyond EOD, truncated
[ 1844.298524][T20665] loop4: p4 size 50331648 extends beyond EOD, truncated
[ 1844.594504][  T451] Bluetooth: hci3: Frame reassembly failed (-84)
[ 1845.430467][T14445] Bluetooth: hci1: command 0x1001 tx timeout
[ 1845.436682][T20668] Bluetooth: hci1: sending frame failed (-49)
[ 1846.070484][T14445] Bluetooth: hci2: command 0x1001 tx timeout
[ 1846.100707][T20668] Bluetooth: hci2: sending frame failed (-49)
[ 1846.230515][  T564] Bluetooth: hci0: command 0x1003 tx timeout
[ 1846.236750][T20668] Bluetooth: hci0: sending frame failed (-49)
[ 1846.630487][  T443] Bluetooth: hci3: command 0x1003 tx timeout
[ 1846.636786][T20668] Bluetooth: hci3: sending frame failed (-49)
[ 1847.510503][T18408] Bluetooth: hci1: command 0x1009 tx timeout
[ 1847.620368][T20687] device wireguard0 entered promiscuous mode
[ 1848.150492][  T813] Bluetooth: hci2: command 0x1009 tx timeout
[ 1848.310632][T14445] Bluetooth: hci0: command 0x1001 tx timeout
[ 1848.316727][T20668] Bluetooth: hci0: sending frame failed (-49)
[ 1848.734252][T14445] Bluetooth: hci3: command 0x1001 tx timeout
[ 1848.740479][T20668] Bluetooth: hci3: sending frame failed (-49)
[ 1850.390639][  T564] Bluetooth: hci0: command 0x1009 tx timeout
[ 1850.790511][T14445] Bluetooth: hci3: command 0x1009 tx timeout
[ 1851.345357][   T30] kauditd_printk_skb: 116 callbacks suppressed
[ 1851.345377][   T30] audit: type=1326 audit(2000000787.170:7585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20714 comm="syz.0.5754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1851.375205][   T30] audit: type=1326 audit(2000000787.170:7586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20714 comm="syz.0.5754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1851.398767][   T30] audit: type=1326 audit(2000000787.180:7587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20714 comm="syz.0.5754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1851.423066][   T30] audit: type=1326 audit(2000000787.180:7588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20714 comm="syz.0.5754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1851.446757][   T30] audit: type=1326 audit(2000000787.180:7589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20714 comm="syz.0.5754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1851.470457][   T30] audit: type=1326 audit(2000000787.180:7590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20714 comm="syz.0.5754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1851.494698][   T30] audit: type=1326 audit(2000000787.180:7591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20714 comm="syz.0.5754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1851.518605][   T30] audit: type=1326 audit(2000000787.180:7592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20714 comm="syz.0.5754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1851.542401][   T30] audit: type=1326 audit(2000000787.180:7593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20714 comm="syz.0.5754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1851.565981][   T30] audit: type=1326 audit(2000000787.180:7594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20714 comm="syz.0.5754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1854.253093][   T44] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1856.362837][T20787] loop4: detected capacity change from 0 to 128
[ 1856.414408][T20787] FAT-fs (loop4): Invalid FSINFO signature: 0x41000000, 0x61417272 (sector = 1)
[ 1856.425575][T20787] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 1)
[ 1856.434348][T20787] FAT-fs (loop4): Filesystem has been set read-only
[ 1856.617349][T18408] Bluetooth: hci1: command 0x1003 tx timeout
[ 1856.680578][T20615] Bluetooth: hci1: sending frame failed (-49)
[ 1856.897108][   T30] kauditd_printk_skb: 122 callbacks suppressed
[ 1856.897126][   T30] audit: type=1326 audit(2000000792.720:7717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20794 comm="syz.4.5777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1856.927938][   T30] audit: type=1326 audit(2000000792.740:7718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20794 comm="syz.4.5777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1856.951952][   T30] audit: type=1326 audit(2000000792.760:7719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20794 comm="syz.4.5777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1856.976778][   T30] audit: type=1326 audit(2000000792.760:7720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20794 comm="syz.4.5777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1857.000469][   T30] audit: type=1326 audit(2000000792.760:7721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20794 comm="syz.4.5777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1857.024406][T20797] FAULT_INJECTION: forcing a failure.
[ 1857.024406][T20797] name failslab, interval 1, probability 0, space 0, times 0
[ 1857.037710][T20797] CPU: 1 PID: 20797 Comm: syz.2.5774 Not tainted 5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 1857.047722][T20797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1857.057794][T20797] Call Trace:
[ 1857.061085][T20797]  <TASK>
[ 1857.064026][T20797]  __dump_stack+0x21/0x30
[ 1857.068375][T20797]  dump_stack_lvl+0xee/0x150
[ 1857.072978][T20797]  ? show_regs_print_info+0x20/0x20
[ 1857.078204][T20797]  ? putname+0x111/0x160
[ 1857.082465][T20797]  dump_stack+0x15/0x20
[ 1857.086641][T20797]  should_fail+0x3c1/0x510
[ 1857.091075][T20797]  __should_failslab+0xa4/0xe0
[ 1857.095864][T20797]  should_failslab+0x9/0x20
[ 1857.100390][T20797]  slab_pre_alloc_hook+0x3b/0xe0
[ 1857.105345][T20797]  ? getname_flags+0xb9/0x500
[ 1857.110028][T20797]  kmem_cache_alloc+0x44/0x260
[ 1857.114799][T20797]  getname_flags+0xb9/0x500
[ 1857.119306][T20797]  getname+0x19/0x20
[ 1857.123206][T20797]  do_sys_openat2+0xd9/0x7b0
[ 1857.127806][T20797]  ? __kasan_check_write+0x14/0x20
[ 1857.132923][T20797]  ? fput_many+0x15a/0x1a0
[ 1857.137357][T20797]  ? do_sys_open+0xe0/0xe0
[ 1857.141779][T20797]  ? fput+0x1a/0x20
[ 1857.145586][T20797]  ? ksys_write+0x1eb/0x240
[ 1857.150084][T20797]  ? __ia32_sys_read+0x90/0x90
[ 1857.154848][T20797]  __x64_sys_creat+0x8e/0xb0
[ 1857.159442][T20797]  x64_sys_call+0x94a/0x9a0
[ 1857.163944][T20797]  do_syscall_64+0x4c/0xa0
[ 1857.168358][T20797]  ? clear_bhb_loop+0x50/0xa0
[ 1857.173039][T20797]  ? clear_bhb_loop+0x50/0xa0
[ 1857.177732][T20797]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1857.183632][T20797] RIP: 0033:0x7f87df22c929
[ 1857.188055][T20797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1857.207664][T20797] RSP: 002b:00007f87dd874038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[ 1857.216084][T20797] RAX: ffffffffffffffda RBX: 00007f87df454080 RCX: 00007f87df22c929
[ 1857.224053][T20797] RDX: 0000000000000000 RSI: 0000000000000100 RDI: 00002000000001c0
[ 1857.232021][T20797] RBP: 00007f87dd874090 R08: 0000000000000000 R09: 0000000000000000
[ 1857.239999][T20797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1857.247978][T20797] R13: 0000000000000001 R14: 00007f87df454080 R15: 00007ffdf7fe9a18
[ 1857.255957][T20797]  </TASK>
[ 1857.266586][   T30] audit: type=1326 audit(2000000792.760:7722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20794 comm="syz.4.5777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1857.290520][   T30] audit: type=1326 audit(2000000792.760:7723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20794 comm="syz.4.5777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1857.314467][   T30] audit: type=1326 audit(2000000792.760:7724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20794 comm="syz.4.5777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1857.339057][T20795] loop4: detected capacity change from 0 to 256
[ 1857.347865][   T30] audit: type=1326 audit(2000000792.760:7725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20794 comm="syz.4.5777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1857.371752][   T30] audit: type=1326 audit(2000000792.760:7726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20794 comm="syz.4.5777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1857.534278][T20810] loop4: detected capacity change from 0 to 128
[ 1857.576106][T20810] device wireguard0 entered promiscuous mode
[ 1857.620508][  T451] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1857.640017][T20816] serio: Serial port tty21
[ 1857.698151][  T451] attempt to access beyond end of device
[ 1857.698151][  T451] loop4: rw=1, want=1041, limit=128
[ 1858.702491][T20838] xt_bpf: check failed: parse error
[ 1858.722159][T14445] Bluetooth: hci1: command 0x1001 tx timeout
[ 1858.750635][T12223] Bluetooth: hci1: sending frame failed (-49)
[ 1860.256923][T16134] Bluetooth: hci0: command 0x1003 tx timeout
[ 1860.270493][T12223] Bluetooth: hci0: sending frame failed (-49)
[ 1860.675301][T20867] device wireguard1 entered promiscuous mode
[ 1860.790461][T16134] Bluetooth: hci1: command 0x1009 tx timeout
[ 1862.310469][T16134] Bluetooth: hci0: command 0x1001 tx timeout
[ 1862.316620][T12223] Bluetooth: hci0: sending frame failed (-49)
[ 1862.620985][   T30] kauditd_printk_skb: 168 callbacks suppressed
[ 1862.621002][   T30] audit: type=1326 audit(2000000798.450:7895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20903 comm="syz.3.5807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8944827929 code=0x7ffc0000
[ 1862.666790][   T30] audit: type=1326 audit(2000000798.450:7896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20903 comm="syz.3.5807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8944827929 code=0x7ffc0000
[ 1862.710531][   T30] audit: type=1326 audit(2000000798.450:7897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20903 comm="syz.3.5807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8944827929 code=0x7ffc0000
[ 1862.734152][   T30] audit: type=1326 audit(2000000798.450:7898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20903 comm="syz.3.5807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8944827929 code=0x7ffc0000
[ 1862.757724][   T30] audit: type=1326 audit(2000000798.450:7899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20903 comm="syz.3.5807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8944827929 code=0x7ffc0000
[ 1862.781776][   T30] audit: type=1326 audit(2000000798.450:7900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20903 comm="syz.3.5807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7f8944827929 code=0x7ffc0000
[ 1862.805504][   T30] audit: type=1326 audit(2000000798.450:7901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20903 comm="syz.3.5807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8944827929 code=0x7ffc0000
[ 1862.829207][   T30] audit: type=1326 audit(2000000798.450:7902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20903 comm="syz.3.5807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8944827929 code=0x7ffc0000
[ 1862.852768][   T30] audit: type=1326 audit(2000000798.450:7903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20903 comm="syz.3.5807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8944827929 code=0x7ffc0000
[ 1862.876278][   T30] audit: type=1326 audit(2000000798.450:7904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20903 comm="syz.3.5807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8944827929 code=0x7ffc0000
[ 1862.939719][T20915] device wireguard1 entered promiscuous mode
[ 1864.783033][  T813] Bluetooth: hci0: command 0x1009 tx timeout
[ 1864.870325][T20938] loop4: detected capacity change from 0 to 512
[ 1864.962940][T20938] EXT4-fs (loop4): failed to open journal device unknown-block(0,0) -6
[ 1865.074152][T20946] FAULT_INJECTION: forcing a failure.
[ 1865.074152][T20946] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1865.087325][T20946] CPU: 1 PID: 20946 Comm: syz.1.5817 Not tainted 5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 1865.097325][T20946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1865.107391][T20946] Call Trace:
[ 1865.110678][T20946]  <TASK>
[ 1865.113614][T20946]  __dump_stack+0x21/0x30
[ 1865.117952][T20946]  dump_stack_lvl+0xee/0x150
[ 1865.122546][T20946]  ? show_regs_print_info+0x20/0x20
[ 1865.127749][T20946]  dump_stack+0x15/0x20
[ 1865.131907][T20946]  should_fail+0x3c1/0x510
[ 1865.136329][T20946]  should_fail_usercopy+0x1a/0x20
[ 1865.141351][T20946]  _copy_from_iter+0x21a/0x1050
[ 1865.146202][T20946]  ? copy_mc_pipe_to_iter+0x770/0x770
[ 1865.151679][T20946]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[ 1865.157314][T20946]  ? __check_object_size+0x2f4/0x3c0
[ 1865.162603][T20946]  ? _copy_from_iter+0x6/0x1050
[ 1865.167455][T20946]  file_tty_write+0x4de/0x8c0
[ 1865.172146][T20946]  ? n_tty_read+0x1a30/0x1a30
[ 1865.176845][T20946]  tty_write+0x3c/0x50
[ 1865.180922][T20946]  vfs_write+0x802/0xf70
[ 1865.185173][T20946]  ? file_end_write+0x1b0/0x1b0
[ 1865.190027][T20946]  ? finish_task_switch+0x16b/0x780
[ 1865.195230][T20946]  ? __fget_files+0x2c4/0x320
[ 1865.199913][T20946]  ? __fdget_pos+0x1f7/0x380
[ 1865.204511][T20946]  ? ksys_write+0x71/0x240
[ 1865.208927][T20946]  ksys_write+0x140/0x240
[ 1865.213261][T20946]  ? __ia32_sys_read+0x90/0x90
[ 1865.218021][T20946]  ? __kasan_check_write+0x14/0x20
[ 1865.223173][T20946]  ? switch_fpu_return+0x15d/0x2c0
[ 1865.228291][T20946]  __x64_sys_write+0x7b/0x90
[ 1865.232884][T20946]  x64_sys_call+0x8ef/0x9a0
[ 1865.237394][T20946]  do_syscall_64+0x4c/0xa0
[ 1865.241808][T20946]  ? clear_bhb_loop+0x50/0xa0
[ 1865.246483][T20946]  ? clear_bhb_loop+0x50/0xa0
[ 1865.251310][T20946]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1865.257228][T20946] RIP: 0033:0x7fbee991e929
[ 1865.261654][T20946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1865.281263][T20946] RSP: 002b:00007fbee7f45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1865.289677][T20946] RAX: ffffffffffffffda RBX: 00007fbee9b46160 RCX: 00007fbee991e929
[ 1865.297682][T20946] RDX: 0000000000001006 RSI: 0000200000002080 RDI: 000000000000000b
[ 1865.305663][T20946] RBP: 00007fbee7f45090 R08: 0000000000000000 R09: 0000000000000000
[ 1865.313656][T20946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1865.321641][T20946] R13: 0000000000000000 R14: 00007fbee9b46160 R15: 00007ffe572a31c8
[ 1865.329627][T20946]  </TASK>
[ 1866.870909][T20985] tmpfs: Unknown parameter 'usrquota'
[ 1867.166113][T20990] loop4: detected capacity change from 0 to 2048
[ 1867.511303][T20999] xt_bpf: check failed: parse error
[ 1868.556320][T21010] loop4: detected capacity change from 0 to 128
[ 1868.944332][T16101] Bluetooth: hci1: command 0x1003 tx timeout
[ 1869.001246][T20615] Bluetooth: hci1: sending frame failed (-49)
[ 1869.213742][T21010] attempt to access beyond end of device
[ 1869.213742][T21010] loop4: rw=2049, want=465, limit=128
[ 1869.388053][T21017] device wireguard0 entered promiscuous mode
[ 1869.514740][T21010] attempt to access beyond end of device
[ 1869.514740][T21010] loop4: rw=2049, want=481, limit=128
[ 1869.606341][T21010] attempt to access beyond end of device
[ 1869.606341][T21010] loop4: rw=2049, want=497, limit=128
[ 1869.646812][T21022] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1869.731838][T21010] attempt to access beyond end of device
[ 1869.731838][T21010] loop4: rw=2049, want=513, limit=128
[ 1869.750703][T21010] attempt to access beyond end of device
[ 1869.750703][T21010] loop4: rw=2049, want=529, limit=128
[ 1869.763015][T21010] attempt to access beyond end of device
[ 1869.763015][T21010] loop4: rw=2049, want=545, limit=128
[ 1869.774123][T21010] attempt to access beyond end of device
[ 1869.774123][T21010] loop4: rw=2049, want=561, limit=128
[ 1869.785304][T21010] attempt to access beyond end of device
[ 1869.785304][T21010] loop4: rw=2049, want=593, limit=128
[ 1869.796447][T21010] attempt to access beyond end of device
[ 1869.796447][T21010] loop4: rw=2049, want=617, limit=128
[ 1869.807628][T21010] attempt to access beyond end of device
[ 1869.807628][T21010] loop4: rw=2049, want=633, limit=128
[ 1869.821686][T21029] FAULT_INJECTION: forcing a failure.
[ 1869.821686][T21029] name failslab, interval 1, probability 0, space 0, times 0
[ 1869.846958][T21029] CPU: 1 PID: 21029 Comm: syz.1.5843 Not tainted 5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 1869.857018][T21029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1869.867071][T21029] Call Trace:
[ 1869.870346][T21029]  <TASK>
[ 1869.873269][T21029]  __dump_stack+0x21/0x30
[ 1869.877596][T21029]  dump_stack_lvl+0xee/0x150
[ 1869.882182][T21029]  ? show_regs_print_info+0x20/0x20
[ 1869.887396][T21029]  dump_stack+0x15/0x20
[ 1869.891546][T21029]  should_fail+0x3c1/0x510
[ 1869.895956][T21029]  __should_failslab+0xa4/0xe0
[ 1869.900715][T21029]  should_failslab+0x9/0x20
[ 1869.905246][T21029]  slab_pre_alloc_hook+0x3b/0xe0
[ 1869.910198][T21029]  ? ioctx_alloc+0x10d/0x6e0
[ 1869.914786][T21029]  kmem_cache_alloc+0x44/0x260
[ 1869.919547][T21029]  ioctx_alloc+0x10d/0x6e0
[ 1869.923998][T21029]  __se_sys_io_setup+0x6f/0x220
[ 1869.928871][T21029]  __x64_sys_io_setup+0x5b/0x70
[ 1869.933721][T21029]  x64_sys_call+0x767/0x9a0
[ 1869.938306][T21029]  do_syscall_64+0x4c/0xa0
[ 1869.942724][T21029]  ? clear_bhb_loop+0x50/0xa0
[ 1869.947393][T21029]  ? clear_bhb_loop+0x50/0xa0
[ 1869.952065][T21029]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1869.957958][T21029] RIP: 0033:0x7fbee991e929
[ 1869.962371][T21029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1869.981975][T21029] RSP: 002b:00007fbee7f66038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[ 1869.990392][T21029] RAX: ffffffffffffffda RBX: 00007fbee9b46080 RCX: 00007fbee991e929
[ 1869.998373][T21029] RDX: 0000000000000000 RSI: 0000200000004200 RDI: 0000000000000008
[ 1870.006344][T21029] RBP: 00007fbee7f66090 R08: 0000000000000000 R09: 0000000000000000
[ 1870.014314][T21029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1870.022278][T21029] R13: 0000000000000000 R14: 00007fbee9b46080 R15: 00007ffe572a31c8
[ 1870.030369][T21029]  </TASK>
[ 1870.340595][T16134] usb 1-1: new full-speed USB device number 20 using dummy_hcd
[ 1870.622243][T21049] FAULT_INJECTION: forcing a failure.
[ 1870.622243][T21049] name failslab, interval 1, probability 0, space 0, times 0
[ 1870.634994][T21049] CPU: 1 PID: 21049 Comm: syz.1.5851 Not tainted 5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 1870.644996][T21049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1870.655049][T21049] Call Trace:
[ 1870.658325][T21049]  <TASK>
[ 1870.661248][T21049]  __dump_stack+0x21/0x30
[ 1870.665605][T21049]  dump_stack_lvl+0xee/0x150
[ 1870.670187][T21049]  ? show_regs_print_info+0x20/0x20
[ 1870.675381][T21049]  dump_stack+0x15/0x20
[ 1870.679528][T21049]  should_fail+0x3c1/0x510
[ 1870.683934][T21049]  __should_failslab+0xa4/0xe0
[ 1870.688689][T21049]  should_failslab+0x9/0x20
[ 1870.693193][T21049]  slab_pre_alloc_hook+0x3b/0xe0
[ 1870.698125][T21049]  kmem_cache_alloc_trace+0x48/0x270
[ 1870.703405][T21049]  ? __se_sys_mount+0x153/0x380
[ 1870.708247][T21049]  __se_sys_mount+0x153/0x380
[ 1870.712919][T21049]  ? __x64_sys_mount+0xd0/0xd0
[ 1870.717677][T21049]  ? __ia32_sys_read+0x90/0x90
[ 1870.722431][T21049]  __x64_sys_mount+0xbf/0xd0
[ 1870.727013][T21049]  x64_sys_call+0x6bf/0x9a0
[ 1870.731508][T21049]  do_syscall_64+0x4c/0xa0
[ 1870.735915][T21049]  ? clear_bhb_loop+0x50/0xa0
[ 1870.740583][T21049]  ? clear_bhb_loop+0x50/0xa0
[ 1870.745248][T21049]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1870.751136][T21049] RIP: 0033:0x7fbee991e929
[ 1870.755543][T21049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1870.775143][T21049] RSP: 002b:00007fbee7f87038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1870.783554][T21049] RAX: ffffffffffffffda RBX: 00007fbee9b45fa0 RCX: 00007fbee991e929
[ 1870.791525][T21049] RDX: 0000200000000000 RSI: 0000200000000240 RDI: 0000000000000000
[ 1870.799490][T21049] RBP: 00007fbee7f87090 R08: 0000200000000300 R09: 0000000000000000
[ 1870.807482][T21049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1870.815462][T21049] R13: 0000000000000000 R14: 00007fbee9b45fa0 R15: 00007ffe572a31c8
[ 1870.823438][T21049]  </TASK>
[ 1870.827322][T16134] usb 1-1: device descriptor read/64, error -71
[ 1871.076417][T21059] loop4: detected capacity change from 0 to 512
[ 1871.125053][T21059] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1871.131696][T16101] Bluetooth: hci1: command 0x1001 tx timeout
[ 1871.141107][T20615] Bluetooth: hci1: sending frame failed (-49)
[ 1871.156698][T21059] EXT4-fs (loop4): 1 truncate cleaned up
[ 1871.162432][T21059] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,errors=remount-ro,. Quota mode: none.
[ 1871.392095][T16134] usb 1-1: device descriptor read/64, error -71
[ 1871.551320][   T30] kauditd_printk_skb: 183 callbacks suppressed
[ 1871.551368][   T30] audit: type=1326 audit(2000000807.380:8088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21072 comm="syz.4.5858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1871.583119][   T30] audit: type=1326 audit(2000000807.380:8089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21072 comm="syz.4.5858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1871.609833][   T30] audit: type=1326 audit(2000000807.380:8090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21072 comm="syz.4.5858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1871.634335][   T30] audit: type=1326 audit(2000000807.380:8091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21072 comm="syz.4.5858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1871.658375][   T30] audit: type=1326 audit(2000000807.380:8092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21072 comm="syz.4.5858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1871.684256][   T30] audit: type=1326 audit(2000000807.380:8093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21072 comm="syz.4.5858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1871.690582][T16134] usb 1-1: new full-speed USB device number 21 using dummy_hcd
[ 1871.717151][   T30] audit: type=1326 audit(2000000807.380:8094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21072 comm="syz.4.5858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1871.742352][   T30] audit: type=1326 audit(2000000807.380:8095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21072 comm="syz.4.5858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1871.768062][   T30] audit: type=1326 audit(2000000807.380:8096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21072 comm="syz.4.5858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1871.792750][   T30] audit: type=1326 audit(2000000807.380:8097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21072 comm="syz.4.5858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf60308929 code=0x7ffc0000
[ 1871.800936][T21074] loop4: detected capacity change from 0 to 256
[ 1872.323592][T21079] device wireguard0 entered promiscuous mode
[ 1872.349149][T16134] usb 1-1: device descriptor read/64, error -71
[ 1872.750470][T16134] usb 1-1: device descriptor read/64, error -71
[ 1872.870535][T16134] usb usb1-port1: attempt power cycle
[ 1873.190482][  T718] Bluetooth: hci1: command 0x1009 tx timeout
[ 1874.277751][T21114] loop4: detected capacity change from 0 to 512
[ 1874.433913][T21114] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1874.638245][T21114] EXT4-fs (loop4): 1 truncate cleaned up
[ 1874.644034][T21114] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,errors=remount-ro,. Quota mode: none.
[ 1875.445710][T21121] device wireguard0 entered promiscuous mode
[ 1877.694678][T21173] loop4: detected capacity change from 0 to 128
[ 1877.788288][T21173] device wireguard0 entered promiscuous mode
[ 1877.916829][  T451] handle_bad_sector: 29 callbacks suppressed
[ 1877.916850][  T451] attempt to access beyond end of device
[ 1877.916850][  T451] loop4: rw=1, want=1041, limit=128
[ 1878.258781][T21187] xt_hashlimit: size too large, truncated to 1048576
[ 1879.060946][T21210] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1879.075572][T21210] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1879.090901][T21210] device bridge_slave_0 entered promiscuous mode
[ 1879.114863][T21210] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1879.137256][T21210] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1879.160105][T21210] device bridge_slave_1 entered promiscuous mode
[ 1879.190457][    C0] ------------[ cut here ]------------
[ 1879.195997][    C0] refcount_t: addition on 0; use-after-free.
[ 1879.202143][    C0] WARNING: CPU: 0 PID: 21183 at lib/refcount.c:25 refcount_warn_saturate+0x104/0x1a0
[ 1879.211764][    C0] Modules linked in:
[ 1879.215672][    C0] CPU: 0 PID: 21183 Comm: syz.4.5889 Not tainted 5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 1879.225687][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1879.235768][    C0] RIP: 0010:refcount_warn_saturate+0x104/0x1a0
[ 1879.242061][    C0] Code: 04 01 48 c7 c7 60 ef 62 85 e8 08 9d 50 02 0f 0b eb df e8 5f d6 1c ff c6 05 ba f8 99 04 01 48 c7 c7 a0 ee 62 85 e8 ec 9c 50 02 <0f> 0b eb c3 e8 43 d6 1c ff c6 05 9f f8 99 04 01 48 c7 c7 00 ef 62
[ 1879.261889][    C0] RSP: 0000:ffffc90000d87760 EFLAGS: 00010246
[ 1879.267971][    C0] RAX: 4977731d740aa100 RBX: 0000000000000002 RCX: ffff8881206a13c0
[ 1879.275970][    C0] RDX: 0000000000000100 RSI: 0000000000000100 RDI: 0000000000000000
[ 1879.283988][    C0] RBP: ffffc90000d87770 R08: dffffc0000000000 R09: fffff520001b0e39
[ 1879.292019][    C0] R10: fffff520001b0e39 R11: 1ffff920001b0e38 R12: ffff888115ab0c08
[ 1879.300009][    C0] R13: dffffc0000000000 R14: 0000000000000002 R15: ffffc90000d878f8
[ 1879.308017][    C0] FS:  000055555bae5500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1879.317025][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1879.323655][    C0] CR2: 0000200000b66030 CR3: 0000000124582000 CR4: 00000000003506b0
[ 1879.331672][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1879.339652][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1879.347743][    C0] Call Trace:
[ 1879.351049][    C0]  <TASK>
[ 1879.353988][    C0]  tipc_crypto_xmit+0x1938/0x2400
[ 1879.359040][    C0]  ? tipc_crypto_do_cmd+0xcf0/0xcf0
[ 1879.364270][    C0]  ? skb_clone+0x202/0x360
[ 1879.368700][    C0]  tipc_crypto_clone_msg+0x9b/0x150
[ 1879.373953][    C0]  tipc_crypto_xmit+0x1ab9/0x2400
[ 1879.379106][    C0]  ? get_nohz_timer_target+0x74/0x550
[ 1879.384537][    C0]  ? put_prev_entity+0x470/0x470
[ 1879.389945][    C0]  ? tipc_crypto_do_cmd+0xcf0/0xcf0
[ 1879.395210][    C0]  ? memcpy+0x56/0x70
[ 1879.399213][    C0]  ? __copy_skb_header+0x437/0x600
[ 1879.404380][    C0]  tipc_bearer_xmit_skb+0x226/0x360
[ 1879.409604][    C0]  ? __skb_clone+0x47a/0x790
[ 1879.414243][    C0]  ? tipc_bearer_mtu+0x160/0x160
[ 1879.419202][    C0]  ? skb_clone+0x202/0x360
[ 1879.423657][    C0]  tipc_disc_timeout+0x6a2/0x830
[ 1879.428617][    C0]  ? update_rq_clock+0x4f0/0x580
[ 1879.433608][    C0]  ? tipc_disc_init_msg+0x600/0x600
[ 1879.438837][    C0]  ? __kasan_check_write+0x14/0x20
[ 1879.443994][    C0]  ? _raw_spin_lock_irqsave+0x110/0x110
[ 1879.449575][    C0]  ? tipc_disc_init_msg+0x600/0x600
[ 1879.454829][    C0]  call_timer_fn+0x38/0x290
[ 1879.459356][    C0]  ? tipc_disc_init_msg+0x600/0x600
[ 1879.464612][    C0]  __run_timers+0x639/0x9a0
[ 1879.469150][    C0]  ? calc_index+0x200/0x200
[ 1879.473696][    C0]  ? sched_clock_cpu+0x18/0x3c0
[ 1879.478567][    C0]  run_timer_softirq+0x6a/0xf0
[ 1879.483384][    C0]  handle_softirqs+0x250/0x560
[ 1879.488170][    C0]  __irq_exit_rcu+0x52/0xf0
[ 1879.492703][    C0]  irq_exit_rcu+0x9/0x10
[ 1879.496962][    C0]  sysvec_apic_timer_interrupt+0x58/0xc0
[ 1879.502641][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1879.508636][    C0] RIP: 0033:0x7fbf601e1d90
[ 1879.511734][T21215] FAULT_INJECTION: forcing a failure.
[ 1879.511734][T21215] name failslab, interval 1, probability 0, space 0, times 0
[ 1879.513077][    C0] Code: 66 2e 0f 1f 84 00 00 00 00 00 48 8b 70 f8 48 83 e8 08 48 39 f2 72 f3 48 39 c3 73 3e 48 89 33 48 83 c3 08 48 8b 70 f8 48 89 08 <48> 8b 0b 49 8b 14 24 eb bf 48 39 f2 72 97 48 39 f0 73 46 49 89 34
[ 1879.535896][T21215] CPU: 1 PID: 21215 Comm: syz.2.5900 Not tainted 5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 1879.545295][    C0] RSP: 002b:00007ffd393f6d40 EFLAGS: 00000216
[ 1879.555240][T21215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1879.555261][T21215] Call Trace:
[ 1879.555268][T21215]  <TASK>
[ 1879.555277][T21215]  __dump_stack+0x21/0x30
[ 1879.561367][    C0] 
[ 1879.571391][T21215]  dump_stack_lvl+0xee/0x150
[ 1879.571418][T21215]  ? show_regs_print_info+0x20/0x20
[ 1879.574696][    C0] RAX: 00007fbf5ee67e68 RBX: 00007fbf5ee669f0 RCX: ffffffff824b0077
[ 1879.577625][T21215]  ? __alloc_pages+0x440/0x440
[ 1879.581962][    C0] RDX: ffffffff824b0077 RSI: ffffffff824b0077 RDI: 00007fbf5ee685c8
[ 1879.584259][T21215]  dump_stack+0x15/0x20
[ 1879.588829][    C0] RBP: 00007fbf5ee66290 R08: 00007fbf5ee67428 R09: 00007fbf6051c000
[ 1879.594013][T21215]  should_fail+0x3c1/0x510
[ 1879.594036][T21215]  __should_failslab+0xa4/0xe0
[ 1879.602034][    C0] R10: 00007fbf5e973008 R11: 00000000000000ff R12: 00007fbf5ee66288
[ 1879.606766][T21215]  should_failslab+0x9/0x20
[ 1879.614778][    C0] R13: 0000000000000019 R14: ffffffffffffffff R15: 00007fbf5e973008
[ 1879.618904][T21215]  slab_pre_alloc_hook+0x3b/0xe0
[ 1879.626908][    C0]  ? bsearch+0x27/0xc0
[ 1879.631315][T21215]  ? __build_skb+0x2d/0x310
[ 1879.631338][T21215]  kmem_cache_alloc+0x44/0x260
[ 1879.636084][    C0]  ? bsearch+0x27/0xc0
[ 1879.644047][T21215]  __build_skb+0x2d/0x310
[ 1879.644071][T21215]  build_skb+0x24/0x200
[ 1879.648554][    C0]  ? bsearch+0x27/0xc0
[ 1879.656513][T21215]  ? tun_get_user+0x85d/0x33c0
[ 1879.656539][T21215]  tun_get_user+0x879/0x33c0
[ 1879.661475][    C0]  </TASK>
[ 1879.665512][T21215]  ? __bpf_get_stack+0x3a0/0x4f0
[ 1879.669996][    C0] ---[ end trace 4e5da01ebeb69a17 ]---
[ 1879.674744][T21215]  ? tun_do_read+0x1c40/0x1c40
[ 1879.674770][T21215]  ? kstrtouint_from_user+0x1a0/0x200
[ 1879.678840][    C0] ------------[ cut here ]------------
[ 1879.683138][T21215]  ? kstrtol_from_user+0x260/0x260
[ 1879.683162][T21215]  ? bpf_get_stack_raw_tp+0x175/0x1d0
[ 1879.687299][    C0] refcount_t: underflow; use-after-free.
[ 1879.691352][T21215]  ? putname+0x111/0x160
[ 1879.691374][T21215]  ? avc_policy_seqno+0x1b/0x70
[ 1879.696228][    C0] WARNING: CPU: 0 PID: 21183 at lib/refcount.c:28 refcount_warn_saturate+0x120/0x1a0
[ 1879.700695][T21215]  ? selinux_file_permission+0x2aa/0x510
[ 1879.700723][T21215]  tun_chr_write_iter+0x1eb/0x2e0
[ 1879.703732][    C0] Modules linked in:
[ 1879.708699][T21215]  vfs_write+0x802/0xf70
[ 1879.714166][    C0] CPU: 0 PID: 21183 Comm: syz.4.5889 Tainted: G        W         5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 1879.718889][T21215]  ? file_end_write+0x1b0/0x1b0
[ 1879.724261][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1879.729687][T21215]  ? __fget_files+0x2c4/0x320
[ 1879.734801][    C0] RIP: 0010:refcount_warn_saturate+0x120/0x1a0
[ 1879.740146][T21215]  ? __fdget_pos+0x1f7/0x380
[ 1879.745778][    C0] Code: 04 01 48 c7 c7 a0 ee 62 85 e8 ec 9c 50 02 0f 0b eb c3 e8 43 d6 1c ff c6 05 9f f8 99 04 01 48 c7 c7 00 ef 62 85 e8 d0 9c 50 02 <0f> 0b eb a7 e8 27 d6 1c ff c6 05 80 f8 99 04 01 48 c7 c7 40 ee 62
[ 1879.749982][T21215]  ? ksys_write+0x71/0x240
[ 1879.754838][    C0] RSP: 0000:ffffc90000d87760 EFLAGS: 00010246
[ 1879.764345][T21215]  ksys_write+0x140/0x240
[ 1879.764370][T21215]  ? __ia32_sys_read+0x90/0x90
[ 1879.769982][    C0] 
[ 1879.769990][    C0] RAX: 4977731d740aa100 RBX: 0000000000000003 RCX: ffff8881206a13c0
[ 1879.774996][T21215]  ? debug_smp_processor_id+0x17/0x20
[ 1879.775023][T21215]  __x64_sys_write+0x7b/0x90
[ 1879.778899][    C0] RDX: 0000000000000100 RSI: 0000000000000100 RDI: 0000000000000000
[ 1879.783126][T21215]  x64_sys_call+0x8ef/0x9a0
[ 1879.783149][T21215]  do_syscall_64+0x4c/0xa0
[ 1879.794505][    C0] RBP: ffffc90000d87770 R08: 0000000000000004 R09: 0000000000000003
[ 1879.799327][T21215]  ? clear_bhb_loop+0x50/0xa0
[ 1879.809395][    C0] R10: fffff520001b0e4c R11: 1ffff920001b0e4c R12: ffff888115ab0c08
[ 1879.814035][T21215]  ? clear_bhb_loop+0x50/0xa0
[ 1879.814059][T21215]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1879.820192][    C0] R13: dffffc0000000000 R14: 0000000000000003 R15: 00000000c0000000
[ 1879.824772][T21215] RIP: 0033:0x7f87df22b3df
[ 1879.824795][T21215] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1879.844411][    C0] FS:  000055555bae5500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1879.848801][T21215] RSP: 002b:00007f87dd895000 EFLAGS: 00000293
[ 1879.854884][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1879.859177][T21215]  ORIG_RAX: 0000000000000001
[ 1879.863955][    C0] CR2: 0000200000b66030 CR3: 0000000124582000 CR4: 00000000003506b0
[ 1879.866245][T21215] RAX: ffffffffffffffda RBX: 00007f87df453fa0 RCX: 00007f87df22b3df
[ 1879.874230][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1879.879564][T21215] RDX: 0000000000000102 RSI: 0000200000000840 RDI: 00000000000000c8
[ 1879.884259][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1879.892206][T21215] RBP: 00007f87dd895090 R08: 0000000000000000 R09: 0000000000000000
[ 1879.892223][T21215] R10: 0000000000000102 R11: 0000000000000293 R12: 0000000000000001
[ 1879.892236][T21215] R13: 0000000000000000 R14: 00007f87df453fa0 R15: 00007ffdf7fe9a18
[ 1879.896722][    C0] Call Trace:
[ 1879.896732][    C0]  <TASK>
[ 1879.901132][T21215]  </TASK>
[ 1880.063781][    C0]  tipc_crypto_xmit+0x1a82/0x2400
[ 1880.068833][    C0]  ? tipc_crypto_do_cmd+0xcf0/0xcf0
[ 1880.074087][    C0]  ? skb_clone+0x202/0x360
[ 1880.078519][    C0]  tipc_crypto_clone_msg+0x9b/0x150
[ 1880.083774][    C0]  tipc_crypto_xmit+0x1ab9/0x2400
[ 1880.088812][    C0]  ? get_nohz_timer_target+0x74/0x550
[ 1880.094231][    C0]  ? put_prev_entity+0x470/0x470
[ 1880.099187][    C0]  ? tipc_crypto_do_cmd+0xcf0/0xcf0
[ 1880.104431][    C0]  ? memcpy+0x56/0x70
[ 1880.108430][    C0]  ? __copy_skb_header+0x437/0x600
[ 1880.113587][    C0]  tipc_bearer_xmit_skb+0x226/0x360
[ 1880.118797][    C0]  ? __skb_clone+0x47a/0x790
[ 1880.123438][    C0]  ? tipc_bearer_mtu+0x160/0x160
[ 1880.128385][    C0]  ? skb_clone+0x202/0x360
[ 1880.132851][    C0]  tipc_disc_timeout+0x6a2/0x830
[ 1880.137805][    C0]  ? update_rq_clock+0x4f0/0x580
[ 1880.142802][    C0]  ? tipc_disc_init_msg+0x600/0x600
[ 1880.148153][    C0]  ? __kasan_check_write+0x14/0x20
[ 1880.153328][    C0]  ? _raw_spin_lock_irqsave+0x110/0x110
[ 1880.158896][    C0]  ? tipc_disc_init_msg+0x600/0x600
[ 1880.164175][    C0]  call_timer_fn+0x38/0x290
[ 1880.168784][    C0]  ? tipc_disc_init_msg+0x600/0x600
[ 1880.174080][    C0]  __run_timers+0x639/0x9a0
[ 1880.178696][    C0]  ? calc_index+0x200/0x200
[ 1880.183258][    C0]  ? sched_clock_cpu+0x18/0x3c0
[ 1880.188127][    C0]  run_timer_softirq+0x6a/0xf0
[ 1880.192944][    C0]  handle_softirqs+0x250/0x560
[ 1880.197731][    C0]  __irq_exit_rcu+0x52/0xf0
[ 1880.202279][    C0]  irq_exit_rcu+0x9/0x10
[ 1880.206537][    C0]  sysvec_apic_timer_interrupt+0x58/0xc0
[ 1880.212229][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1880.218229][    C0] RIP: 0033:0x7fbf601e1d90
[ 1880.222702][    C0] Code: 66 2e 0f 1f 84 00 00 00 00 00 48 8b 70 f8 48 83 e8 08 48 39 f2 72 f3 48 39 c3 73 3e 48 89 33 48 83 c3 08 48 8b 70 f8 48 89 08 <48> 8b 0b 49 8b 14 24 eb bf 48 39 f2 72 97 48 39 f0 73 46 49 89 34
[ 1880.242434][    C0] RSP: 002b:00007ffd393f6d40 EFLAGS: 00000216
[ 1880.248524][    C0] RAX: 00007fbf5ee67e68 RBX: 00007fbf5ee669f0 RCX: ffffffff824b0077
[ 1880.256555][    C0] RDX: ffffffff824b0077 RSI: ffffffff824b0077 RDI: 00007fbf5ee685c8
[ 1880.264568][    C0] RBP: 00007fbf5ee66290 R08: 00007fbf5ee67428 R09: 00007fbf6051c000
[ 1880.272785][    C0] R10: 00007fbf5e973008 R11: 00000000000000ff R12: 00007fbf5ee66288
[ 1880.280797][    C0] R13: 0000000000000019 R14: ffffffffffffffff R15: 00007fbf5e973008
[ 1880.288792][    C0]  ? bsearch+0x27/0xc0
[ 1880.292931][    C0]  ? bsearch+0x27/0xc0
[ 1880.297055][    C0]  ? bsearch+0x27/0xc0
[ 1880.301171][    C0]  </TASK>
[ 1880.304207][    C0] ---[ end trace 4e5da01ebeb69a18 ]---
[ 1880.309865][    C0] ------------[ cut here ]------------
[ 1880.315367][    C0] refcount_t: saturated; leaking memory.
[ 1880.321145][    C0] WARNING: CPU: 0 PID: 21183 at lib/refcount.c:22 refcount_warn_saturate+0x158/0x1a0
[ 1880.330662][    C0] Modules linked in:
[ 1880.334665][    C0] CPU: 0 PID: 21183 Comm: syz.4.5889 Tainted: G        W         5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 1880.346081][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1880.356172][    C0] RIP: 0010:refcount_warn_saturate+0x158/0x1a0
[ 1880.362392][    C0] Code: 04 01 48 c7 c7 40 ee 62 85 e8 b4 9c 50 02 0f 0b eb 8b e8 0b d6 1c ff c6 05 65 f8 99 04 01 48 c7 c7 40 ee 62 85 e8 98 9c 50 02 <0f> 0b e9 6c ff ff ff e8 ec d5 1c ff c6 05 4a f8 99 04 01 48 c7 c7
[ 1880.382033][    C0] RSP: 0000:ffffc90000d87920 EFLAGS: 00010246
[ 1880.388120][    C0] RAX: 4977731d740aa100 RBX: 0000000000000001 RCX: ffff8881206a13c0
[ 1880.396137][    C0] RDX: 0000000000000100 RSI: 0000000000000100 RDI: 0000000000000000
[ 1880.404145][    C0] RBP: ffffc90000d87930 R08: dffffc0000000000 R09: ffffed103ee065e8
[ 1880.412167][    C0] R10: ffffed103ee065e8 R11: 1ffff1103ee065e7 R12: ffff888125639808
[ 1880.420152][    C0] R13: dffffc0000000000 R14: 0000000000000001 R15: ffffc90000d87ae0
[ 1880.428175][    C0] FS:  000055555bae5500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1880.437229][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1880.443874][    C0] CR2: 0000200000b66030 CR3: 0000000124582000 CR4: 00000000003506b0
[ 1880.451962][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1880.459958][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1880.467989][    C0] Call Trace:
[ 1880.471300][    C0]  <TASK>
[ 1880.474243][    C0]  tipc_crypto_xmit+0x1938/0x2400
[ 1880.479281][    C0]  ? tipc_crypto_do_cmd+0xcf0/0xcf0
[ 1880.484519][    C0]  ? __copy_skb_header+0x437/0x600
[ 1880.489657][    C0]  tipc_bearer_xmit_skb+0x226/0x360
[ 1880.494927][    C0]  ? __skb_clone+0x47a/0x790
[ 1880.499536][    C0]  ? tipc_bearer_mtu+0x160/0x160
[ 1880.504522][    C0]  ? skb_clone+0x202/0x360
[ 1880.508951][    C0]  tipc_disc_timeout+0x6a2/0x830
[ 1880.514026][    C0]  ? update_rq_clock+0x4f0/0x580
[ 1880.518979][    C0]  ? tipc_disc_init_msg+0x600/0x600
[ 1880.524237][    C0]  ? __kasan_check_write+0x14/0x20
[ 1880.529387][    C0]  ? _raw_spin_lock_irqsave+0x110/0x110
[ 1880.535094][    C0]  ? tipc_disc_init_msg+0x600/0x600
[ 1880.540310][    C0]  call_timer_fn+0x38/0x290
[ 1880.544876][    C0]  ? tipc_disc_init_msg+0x600/0x600
[ 1880.550089][    C0]  __run_timers+0x639/0x9a0
[ 1880.554650][    C0]  ? calc_index+0x200/0x200
[ 1880.559175][    C0]  ? sched_clock_cpu+0x18/0x3c0
[ 1880.564087][    C0]  run_timer_softirq+0x6a/0xf0
[ 1880.568869][    C0]  handle_softirqs+0x250/0x560
[ 1880.573696][    C0]  __irq_exit_rcu+0x52/0xf0
[ 1880.578213][    C0]  irq_exit_rcu+0x9/0x10
[ 1880.582505][    C0]  sysvec_apic_timer_interrupt+0x58/0xc0
[ 1880.588154][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1880.594194][    C0] RIP: 0033:0x7fbf601e1d90
[ 1880.598622][    C0] Code: 66 2e 0f 1f 84 00 00 00 00 00 48 8b 70 f8 48 83 e8 08 48 39 f2 72 f3 48 39 c3 73 3e 48 89 33 48 83 c3 08 48 8b 70 f8 48 89 08 <48> 8b 0b 49 8b 14 24 eb bf 48 39 f2 72 97 48 39 f0 73 46 49 89 34
[ 1880.618285][    C0] RSP: 002b:00007ffd393f6d40 EFLAGS: 00000216
[ 1880.624383][    C0] RAX: 00007fbf5ee67e68 RBX: 00007fbf5ee669f0 RCX: ffffffff824b0077
[ 1880.632394][    C0] RDX: ffffffff824b0077 RSI: ffffffff824b0077 RDI: 00007fbf5ee685c8
[ 1880.640377][    C0] RBP: 00007fbf5ee66290 R08: 00007fbf5ee67428 R09: 00007fbf6051c000
[ 1880.648400][    C0] R10: 00007fbf5e973008 R11: 00000000000000ff R12: 00007fbf5ee66288
[ 1880.656416][    C0] R13: 0000000000000019 R14: ffffffffffffffff R15: 00007fbf5e973008
[ 1880.664428][    C0]  ? bsearch+0x27/0xc0
[ 1880.668518][    C0]  ? bsearch+0x27/0xc0
[ 1880.672623][    C0]  ? bsearch+0x27/0xc0
[ 1880.676704][    C0]  </TASK>
[ 1880.679727][    C0] ---[ end trace 4e5da01ebeb69a19 ]---
[ 1880.931341][T11630] tipc: Disabling bearer <udp:syz2>
[ 1880.936957][T11630] tipc: Left network mode
[ 1880.992518][T11630] ------------[ cut here ]------------
[ 1880.998251][T11630] refcount_t: saturated; leaking memory.
[ 1881.004592][T11630] WARNING: CPU: 0 PID: 11630 at lib/refcount.c:19 refcount_warn_saturate+0x13c/0x1a0
[ 1881.014792][T11630] Modules linked in:
[ 1881.018761][T11630] CPU: 0 PID: 11630 Comm: kworker/u4:7 Tainted: G        W         5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 1881.030733][T11630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1881.040994][T11630] Workqueue: netns cleanup_net
[ 1881.045835][T11630] RIP: 0010:refcount_warn_saturate+0x13c/0x1a0
[ 1881.052215][T11630] Code: 04 01 48 c7 c7 00 ef 62 85 e8 d0 9c 50 02 0f 0b eb a7 e8 27 d6 1c ff c6 05 80 f8 99 04 01 48 c7 c7 40 ee 62 85 e8 b4 9c 50 02 <0f> 0b eb 8b e8 0b d6 1c ff c6 05 65 f8 99 04 01 48 c7 c7 40 ee 62
[ 1881.073913][T11630] RSP: 0018:ffffc90000ab77c0 EFLAGS: 00010246
[ 1881.080092][T11630] RAX: 3eb5a8caacb7f300 RBX: 0000000000000000 RCX: ffff88811a468000
[ 1881.088328][T11630] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[ 1881.096456][T11630] RBP: ffffc90000ab77d0 R08: dffffc0000000000 R09: ffffed103ee065e8
[ 1881.104641][T18408] usb 3-1: new low-speed USB device number 22 using dummy_hcd
[ 1881.112376][T11630] R10: ffffed103ee065e8 R11: 1ffff1103ee065e7 R12: 1ffff92000156f04
[ 1881.120696][T11630] R13: ffff88811eb9508c R14: 0000000000000000 R15: 0000000000000cc0
[ 1881.128790][T11630] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1881.138189][T11630] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1881.145017][T11630] CR2: 00007fbee7f44f98 CR3: 00000001291e8000 CR4: 00000000003526b0
[ 1881.153208][T11630] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1881.161511][T11630] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1881.169626][T11630] Call Trace:
[ 1881.172986][T11630]  <TASK>
[ 1881.175998][T11630]  nf_nat_masq_schedule+0x439/0x4c0
[ 1881.181411][T11630]  ? __kasan_check_write+0x14/0x20
[ 1881.186600][T11630]  ? nf_nat_masq_schedule+0x4c0/0x4c0
[ 1881.192168][T11630]  ? masq_device_event+0xd0/0xd0
[ 1881.197178][T11630]  ? nfqnl_rcv_dev_event+0x441/0x470
[ 1881.202651][T11630]  ? __kasan_check_read+0x11/0x20
[ 1881.214910][T11630]  masq_device_event+0x9b/0xd0
[ 1881.224877][T11630]  raw_notifier_call_chain+0x90/0x100
[ 1881.235475][T11630]  dev_close_many+0x32d/0x4d0
[ 1881.245611][T11630]  ? __dev_open+0x4c0/0x4c0
[ 1881.255304][T11630]  ? _raw_spin_lock_irq+0x8f/0xe0
[ 1881.265584][T11630]  ? _raw_spin_lock_irqsave+0x110/0x110
[ 1881.277383][T11630]  ? generic_exec_single+0x22d/0x390
[ 1881.287918][T11630]  ? __kasan_check_read+0x11/0x20
[ 1881.298432][T11630]  unregister_netdevice_many+0x44c/0x1990
[ 1881.310527][T11630]  ? _raw_spin_unlock_irq+0x4e/0x70
[ 1881.321974][T11630]  ? wait_for_common+0x35d/0x420
[ 1881.332130][T11630]  ? alloc_netdev_mqs+0xc90/0xc90
[ 1881.342356][T11630]  ? unregister_netdevice_queue+0x1aa/0x360
[ 1881.354539][T11630]  ? list_netdevice+0x4c0/0x4c0
[ 1881.365021][T11630]  ip6gre_exit_batch_net+0x5a5/0x5f0
[ 1881.376599][T11630]  ? ip6gre_init_net+0x340/0x340
[ 1881.386835][T11630]  ? ip6gre_init_net+0x340/0x340
[ 1881.397003][T11630]  cleanup_net+0x602/0xad0
[ 1881.406693][T11630]  ? ops_init+0x4a0/0x4a0
[ 1881.415220][T11630]  ? pwq_dec_nr_in_flight+0x18c/0x3c0
[ 1881.426986][T11630]  process_one_work+0x6be/0xba0
[ 1881.437109][T11630]  worker_thread+0xa59/0x1200
[ 1881.447078][T11630]  ? _raw_spin_lock_irqsave+0xb0/0x110
[ 1881.458818][T11630]  kthread+0x411/0x500
[ 1881.467166][T11630]  ? worker_clr_flags+0x190/0x190
[ 1881.477403][T11630]  ? kthread_blkcg+0xd0/0xd0
[ 1881.482210][T18408] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[ 1881.493623][T18408] usb 3-1: config 179 has no interface number 0
[ 1881.501973][T11630]  ret_from_fork+0x1f/0x30
[ 1881.510563][T18408] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10
[ 1881.574097][T18408] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[ 1881.577301][T11630]  </TASK>
[ 1881.585980][T18408] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[ 1881.603641][T18408] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 58368, setting to 8
[ 1881.614996][T18408] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1881.617341][T11630] ---[ end trace 4e5da01ebeb69a1a ]---
[ 1881.628409][T18408] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 1881.642950][T18408] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1881.665121][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1881.670586][T21222] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1881.679883][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1881.691568][T18408] xpad 3-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[ 1881.720745][T18408] xpad: probe of 3-1:179.65 failed with error -5
[ 1881.739091][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1881.762957][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1881.787956][  T451] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1881.795073][  T451] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1881.809034][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1881.824954][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1881.842031][  T451] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1881.849147][  T451] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1881.869999][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1881.878287][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1881.907631][ T2208] usb 3-1: USB disconnect, device number 22
[ 1881.908395][T21238] loop4: detected capacity change from 0 to 512
[ 1881.930171][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1881.939145][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1881.948590][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1881.959886][T21210] device veth0_vlan entered promiscuous mode
[ 1881.969380][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1881.977963][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1881.994400][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1882.002139][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1882.009705][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1882.019622][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1882.034493][T21210] device veth1_macvtap entered promiscuous mode
[ 1882.045638][T21238] EXT4-fs (loop4): 1 orphan inode deleted
[ 1882.051558][T21238] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1882.064302][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1882.068438][T21238] ext4 filesystem being mounted at /533/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1882.073324][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1882.092572][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1882.124859][T21245] FAULT_INJECTION: forcing a failure.
[ 1882.124859][T21245] name failslab, interval 1, probability 0, space 0, times 0
[ 1882.137489][T21245] CPU: 1 PID: 21245 Comm: syz.1.5908 Tainted: G        W         5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 1882.148873][T21245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1882.158937][T21245] Call Trace:
[ 1882.162227][T21245]  <TASK>
[ 1882.165163][T21245]  __dump_stack+0x21/0x30
[ 1882.169500][T21245]  dump_stack_lvl+0xee/0x150
[ 1882.174095][T21245]  ? show_regs_print_info+0x20/0x20
[ 1882.179306][T21245]  ? irqentry_exit+0x37/0x40
[ 1882.183911][T21245]  ? sysvec_reschedule_ipi+0x78/0x80
[ 1882.189206][T21245]  dump_stack+0x15/0x20
[ 1882.193381][T21245]  should_fail+0x3c1/0x510
[ 1882.197827][T21245]  __should_failslab+0xa4/0xe0
[ 1882.202612][T21245]  should_failslab+0x9/0x20
[ 1882.207126][T21245]  slab_pre_alloc_hook+0x3b/0xe0
[ 1882.212079][T21245]  ? xas_create+0x569/0x1580
[ 1882.216685][T21245]  kmem_cache_alloc+0x44/0x260
[ 1882.221472][T21245]  xas_create+0x569/0x1580
[ 1882.225911][T21245]  ? cgroup_rstat_updated+0xf5/0x370
[ 1882.231216][T21245]  xas_create_range+0x211/0x720
[ 1882.235491][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1882.236121][T21245]  shmem_add_to_page_cache+0x739/0xc30
[ 1882.244688][  T451] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1882.249685][T21245]  ? put_page+0xb0/0xb0
[ 1882.261880][T21245]  ? shmem_getpage_gfp+0xdf0/0x2310
[ 1882.267088][T21245]  ? __sanitizer_cov_trace_pc+0x1/0x60
[ 1882.272543][T21245]  shmem_getpage_gfp+0x1164/0x2310
[ 1882.277661][T21245]  shmem_fallocate+0x7f7/0xcf0
[ 1882.282423][T21245]  ? shmem_mmap+0x270/0x270
[ 1882.286922][T21245]  ? sysvec_reschedule_ipi+0x78/0x80
[ 1882.292202][T21245]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[ 1882.297832][T21245]  vfs_fallocate+0x4b4/0x590
[ 1882.302427][T21245]  __x64_sys_fallocate+0xc0/0x110
[ 1882.307454][T21245]  x64_sys_call+0x7ec/0x9a0
[ 1882.311972][T21245]  do_syscall_64+0x4c/0xa0
[ 1882.316387][T21245]  ? clear_bhb_loop+0x50/0xa0
[ 1882.321158][T21245]  ? clear_bhb_loop+0x50/0xa0
[ 1882.325848][T21245]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1882.331746][T21245] RIP: 0033:0x7fbee991e929
[ 1882.336161][T21245] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1882.355865][T21245] RSP: 002b:00007fbee7f45038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[ 1882.364281][T21245] RAX: ffffffffffffffda RBX: 00007fbee9b46160 RCX: 00007fbee991e929
[ 1882.372339][T21245] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009
[ 1882.380763][T21245] RBP: 00007fbee7f45090 R08: 0000000000000000 R09: 0000000000000000
[ 1882.388830][T21245] R10: 00000000001001f0 R11: 0000000000000246 R12: 0000000000000001
[ 1882.396897][T21245] R13: 0000000000000000 R14: 00007fbee9b46160 R15: 00007ffe572a31c8
[ 1882.405016][T21245]  </TASK>
[ 1882.752747][   T30] kauditd_printk_skb: 24 callbacks suppressed
[ 1882.752764][   T30] audit: type=1326 audit(2000000818.580:8122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21254 comm="syz.0.5910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1882.783416][   T30] audit: type=1326 audit(2000000818.580:8123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21254 comm="syz.0.5910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1882.807890][   T30] audit: type=1326 audit(2000000818.580:8124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21254 comm="syz.0.5910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1882.832282][   T30] audit: type=1326 audit(2000000818.580:8125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21254 comm="syz.0.5910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1882.857214][T11630] device bridge_slave_1 left promiscuous mode
[ 1882.871193][T11630] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1882.889233][T11630] device bridge_slave_0 left promiscuous mode
[ 1882.896498][T11630] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1882.925490][T11630] device veth1_macvtap left promiscuous mode
[ 1882.944196][   T30] audit: type=1326 audit(2000000818.580:8126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21254 comm="syz.0.5910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1882.954578][T11630] device veth0_vlan left promiscuous mode
[ 1882.970898][   T30] audit: type=1326 audit(2000000818.580:8127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21254 comm="syz.0.5910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1883.147890][   T30] audit: type=1326 audit(2000000818.580:8128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21254 comm="syz.0.5910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1883.215244][   T30] audit: type=1326 audit(2000000818.580:8129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21254 comm="syz.0.5910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1883.240103][   T30] audit: type=1326 audit(2000000818.580:8130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21254 comm="syz.0.5910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1883.264582][   T30] audit: type=1326 audit(2000000818.580:8131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21254 comm="syz.0.5910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85c31e7929 code=0x7ffc0000
[ 1883.340962][T21274] loop4: detected capacity change from 0 to 512
[ 1883.392064][T21274] EXT4-fs (loop4): 1 orphan inode deleted
[ 1883.409299][T21274] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1883.541954][T21274] ext4 filesystem being mounted at /534/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1883.924647][T21287] FAULT_INJECTION: forcing a failure.
[ 1883.924647][T21287] name failslab, interval 1, probability 0, space 0, times 0
[ 1883.937374][T21287] CPU: 1 PID: 21287 Comm: syz.4.5913 Tainted: G        W         5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 1883.948981][T21287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1883.959052][T21287] Call Trace:
[ 1883.962429][T21287]  <TASK>
[ 1883.965372][T21287]  __dump_stack+0x21/0x30
[ 1883.969715][T21287]  dump_stack_lvl+0xee/0x150
[ 1883.974325][T21287]  ? show_regs_print_info+0x20/0x20
[ 1883.979535][T21287]  ? find_lowest_rq+0x172/0x660
[ 1883.984406][T21287]  dump_stack+0x15/0x20
[ 1883.988578][T21287]  should_fail+0x3c1/0x510
[ 1883.993041][T21287]  __should_failslab+0xa4/0xe0
[ 1883.997822][T21287]  should_failslab+0x9/0x20
[ 1884.002335][T21287]  slab_pre_alloc_hook+0x3b/0xe0
[ 1884.007286][T21287]  ? __alloc_file+0x28/0x2a0
[ 1884.011887][T21287]  kmem_cache_alloc+0x44/0x260
[ 1884.016665][T21287]  __alloc_file+0x28/0x2a0
[ 1884.021289][T21287]  alloc_empty_file+0x97/0x180
[ 1884.026064][T21287]  path_openat+0xf3/0x2f10
[ 1884.030502][T21287]  ? __switch_to_asm+0x3a/0x60
[ 1884.035287][T21287]  ? release_firmware_map_entry+0x190/0x190
[ 1884.041216][T21287]  ? __kasan_check_read+0x11/0x20
[ 1884.046344][T21287]  ? preempt_schedule_irq+0xbb/0x110
[ 1884.051663][T21287]  ? do_filp_open+0x3e0/0x3e0
[ 1884.056362][T21287]  do_filp_open+0x1b3/0x3e0
[ 1884.060876][T21287]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[ 1884.066526][T21287]  ? vfs_tmpfile+0x2d0/0x2d0
[ 1884.071143][T21287]  do_sys_openat2+0x14c/0x7b0
[ 1884.075839][T21287]  ? __kasan_check_write+0x14/0x20
[ 1884.080963][T21287]  ? do_sys_open+0xe0/0xe0
[ 1884.085397][T21287]  ? fput+0x1a/0x20
[ 1884.089218][T21287]  ? ksys_write+0x1eb/0x240
[ 1884.093738][T21287]  __x64_sys_open+0x11c/0x140
[ 1884.098524][T21287]  x64_sys_call+0x3fc/0x9a0
[ 1884.103076][T21287]  do_syscall_64+0x4c/0xa0
[ 1884.107514][T21287]  ? clear_bhb_loop+0x50/0xa0
[ 1884.112218][T21287]  ? clear_bhb_loop+0x50/0xa0
[ 1884.116919][T21287]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1884.122836][T21287] RIP: 0033:0x7fbf60308929
[ 1884.127270][T21287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1884.146889][T21287] RSP: 002b:00007fbf5e92f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[ 1884.155354][T21287] RAX: ffffffffffffffda RBX: 00007fbf60530160 RCX: 00007fbf60308929
[ 1884.163347][T21287] RDX: 0000000000000044 RSI: 000000000014927e RDI: 0000200000000300
[ 1884.171339][T21287] RBP: 00007fbf5e92f090 R08: 0000000000000000 R09: 0000000000000000
[ 1884.179333][T21287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1884.187332][T21287] R13: 0000000000000000 R14: 00007fbf60530160 R15: 00007ffd393f6e28
[ 1884.195332][T21287]  </TASK>
[ 1884.266712][T21292] device wireguard1 entered promiscuous mode
[ 1885.912869][T21324] loop4: detected capacity change from 0 to 512
[ 1885.944614][T21324] EXT4-fs (loop4): failed to open journal device unknown-block(0,0) -6
[ 1886.183918][T21333] xt_bpf: check failed: parse error
[ 1887.239655][T11630] ==================================================================
[ 1887.247782][T11630] BUG: KASAN: use-after-free in tcp_metrics_flush_all+0xd3/0x210
[ 1887.255525][T11630] Read of size 4 at addr ffff88811eb9508c by task kworker/u4:7/11630
[ 1887.263603][T11630] 
[ 1887.265939][T11630] CPU: 1 PID: 11630 Comm: kworker/u4:7 Tainted: G        W         5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 1887.277493][T11630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1887.287569][T11630] Workqueue: netns cleanup_net
[ 1887.292361][T11630] Call Trace:
[ 1887.295645][T11630]  <TASK>
[ 1887.298589][T11630]  __dump_stack+0x21/0x30
[ 1887.302932][T11630]  dump_stack_lvl+0xee/0x150
[ 1887.307541][T11630]  ? show_regs_print_info+0x20/0x20
[ 1887.313189][T11630]  ? load_image+0x3a0/0x3a0
[ 1887.317719][T11630]  ? ____kasan_slab_free+0x130/0x160
[ 1887.323029][T11630]  ? __kasan_slab_free+0x11/0x20
[ 1887.327998][T11630]  print_address_description+0x7f/0x2c0
[ 1887.333578][T11630]  ? tcp_metrics_flush_all+0xd3/0x210
[ 1887.339187][T11630]  kasan_report+0xf1/0x140
[ 1887.343618][T11630]  ? _raw_spin_lock_bh+0x8e/0xe0
[ 1887.348768][T11630]  ? tcp_metrics_flush_all+0xd3/0x210
[ 1887.354175][T11630]  kasan_check_range+0x280/0x290
[ 1887.359140][T11630]  __kasan_check_read+0x11/0x20
[ 1887.364025][T11630]  tcp_metrics_flush_all+0xd3/0x210
[ 1887.369273][T11630]  ? tcp_net_metrics_init+0x150/0x150
[ 1887.374854][T11630]  tcp_net_metrics_exit_batch+0x10/0x20
[ 1887.380536][T11630]  cleanup_net+0x602/0xad0
[ 1887.384986][T11630]  ? ops_init+0x4a0/0x4a0
[ 1887.389333][T11630]  process_one_work+0x6be/0xba0
[ 1887.394232][T11630]  worker_thread+0xa59/0x1200
[ 1887.398953][T11630]  ? _raw_spin_lock_irqsave+0xb0/0x110
[ 1887.404446][T11630]  kthread+0x411/0x500
[ 1887.408540][T11630]  ? worker_clr_flags+0x190/0x190
[ 1887.413577][T11630]  ? kthread_blkcg+0xd0/0xd0
[ 1887.418171][T11630]  ret_from_fork+0x1f/0x30
[ 1887.422594][T11630]  </TASK>
[ 1887.425611][T11630] 
[ 1887.427954][T11630] Allocated by task 10295:
[ 1887.432393][T11630]  __kasan_slab_alloc+0xbd/0xf0
[ 1887.437247][T11630]  slab_post_alloc_hook+0x4f/0x2b0
[ 1887.442366][T11630]  kmem_cache_alloc+0xf7/0x260
[ 1887.447147][T11630]  copy_net_ns+0x145/0x5c0
[ 1887.451564][T11630]  create_new_namespaces+0x3a2/0x660
[ 1887.456846][T11630]  unshare_nsproxy_namespaces+0x120/0x170
[ 1887.462563][T11630]  ksys_unshare+0x4ac/0x7b0
[ 1887.467065][T11630]  __x64_sys_unshare+0x38/0x40
[ 1887.471838][T11630]  x64_sys_call+0x442/0x9a0
[ 1887.476337][T11630]  do_syscall_64+0x4c/0xa0
[ 1887.480747][T11630]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1887.486638][T11630] 
[ 1887.488954][T11630] Freed by task 11630:
[ 1887.493030][T11630]  kasan_set_track+0x4a/0x70
[ 1887.497617][T11630]  kasan_set_free_info+0x23/0x40
[ 1887.502558][T11630]  ____kasan_slab_free+0x125/0x160
[ 1887.507664][T11630]  __kasan_slab_free+0x11/0x20
[ 1887.512424][T11630]  slab_free_freelist_hook+0xc2/0x190
[ 1887.517823][T11630]  kmem_cache_free+0x100/0x320
[ 1887.522677][T11630]  cleanup_net+0xa2d/0xad0
[ 1887.527092][T11630]  process_one_work+0x6be/0xba0
[ 1887.532096][T11630]  worker_thread+0xa59/0x1200
[ 1887.536804][T11630]  kthread+0x411/0x500
[ 1887.540874][T11630]  ret_from_fork+0x1f/0x30
[ 1887.545296][T11630] 
[ 1887.547624][T11630] The buggy address belongs to the object at ffff88811eb95000
[ 1887.547624][T11630]  which belongs to the cache net_namespace of size 3968
[ 1887.561940][T11630] The buggy address is located 140 bytes inside of
[ 1887.561940][T11630]  3968-byte region [ffff88811eb95000, ffff88811eb95f80)
[ 1887.575311][T11630] The buggy address belongs to the page:
[ 1887.580935][T11630] page:ffffea00047ae400 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88811eb94000 pfn:0x11eb90
[ 1887.592473][T11630] head:ffffea00047ae400 order:3 compound_mapcount:0 compound_pincount:0
[ 1887.600798][T11630] flags: 0x4000000000010200(slab|head|zone=1)
[ 1887.606897][T11630] raw: 4000000000010200 0000000000000000 0000000100000001 ffff8881001c4d80
[ 1887.615479][T11630] raw: ffff88811eb94000 0000000080080004 00000001ffffffff 0000000000000000
[ 1887.624051][T11630] page dumped because: kasan: bad access detected
[ 1887.630559][T11630] page_owner tracks the page as allocated
[ 1887.636263][T11630] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 282, ts 25986092387, free_ts 25839464933
[ 1887.655384][T11630]  post_alloc_hook+0x192/0x1b0
[ 1887.660157][T11630]  prep_new_page+0x1c/0x110
[ 1887.664655][T11630]  get_page_from_freelist+0x2cc5/0x2d50
[ 1887.670205][T11630]  __alloc_pages+0x18f/0x440
[ 1887.674803][T11630]  new_slab+0xa1/0x4d0
[ 1887.678882][T11630]  ___slab_alloc+0x381/0x810
[ 1887.683470][T11630]  __slab_alloc+0x49/0x90
[ 1887.687796][T11630]  kmem_cache_alloc+0x138/0x260
[ 1887.692642][T11630]  copy_net_ns+0x145/0x5c0
[ 1887.697054][T11630]  create_new_namespaces+0x3a2/0x660
[ 1887.702339][T11630]  unshare_nsproxy_namespaces+0x120/0x170
[ 1887.708054][T11630]  ksys_unshare+0x4ac/0x7b0
[ 1887.712558][T11630]  __x64_sys_unshare+0x38/0x40
[ 1887.717318][T11630]  x64_sys_call+0x442/0x9a0
[ 1887.721817][T11630]  do_syscall_64+0x4c/0xa0
[ 1887.726228][T11630]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1887.732124][T11630] page last free stack trace:
[ 1887.736790][T11630]  free_unref_page_prepare+0x542/0x550
[ 1887.742247][T11630]  free_unref_page+0xa2/0x550
[ 1887.746925][T11630]  free_compound_page+0x78/0xa0
[ 1887.751769][T11630]  __put_compound_page+0x77/0xb0
[ 1887.756702][T11630]  __put_page+0xbc/0xe0
[ 1887.760854][T11630]  skb_release_data+0x3d3/0xa10
[ 1887.765787][T11630]  __kfree_skb+0x50/0x70
[ 1887.770028][T11630]  tcp_recvmsg_locked+0x14ac/0x2640
[ 1887.775236][T11630]  tcp_recvmsg+0x21b/0x720
[ 1887.779648][T11630]  inet_recvmsg+0x134/0x470
[ 1887.784148][T11630]  sock_read_iter+0x2a2/0x340
[ 1887.788822][T11630]  vfs_read+0x68b/0xbe0
[ 1887.792972][T11630]  ksys_read+0x140/0x240
[ 1887.797211][T11630]  __x64_sys_read+0x7b/0x90
[ 1887.801708][T11630]  x64_sys_call+0x96d/0x9a0
[ 1887.806211][T11630]  do_syscall_64+0x4c/0xa0
[ 1887.810625][T11630] 
[ 1887.812942][T11630] Memory state around the buggy address:
[ 1887.818561][T11630]  ffff88811eb94f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1887.826619][T11630]  ffff88811eb95000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1887.834676][T11630] >ffff88811eb95080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1887.842735][T11630]                       ^
[ 1887.847054][T11630]  ffff88811eb95100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1887.855112][T11630]  ffff88811eb95180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1887.863165][T11630] ==================================================================
[ 1887.871214][T11630] Disabling lock debugging due to kernel taint
[ 1887.880491][   T30] kauditd_printk_skb: 102 callbacks suppressed
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1887.880508][   T30] audit: type=1400 audit(2000000823.700:8234): avc:  denied  { write } for  pid=273 comm="syz-executor" path="pipe:[14953]" dev="pipefs" ino=14953 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[ 1889.086549][T11630] tipc: Left network mode
[ 1890.061712][T11630] device bridge_slave_1 left promiscuous mode
[ 1890.067881][T11630] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1890.075452][T11630] device bridge_slave_0 left promiscuous mode
[ 1890.081631][T11630] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1890.089822][T11630] device bridge_slave_1 left promiscuous mode
[ 1890.096074][T11630] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1890.103699][T11630] device bridge_slave_0 left promiscuous mode
[ 1890.109817][T11630] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1890.118007][T11630] device bridge_slave_1 left promiscuous mode
[ 1890.124197][T11630] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1890.132071][T11630] device bridge_slave_0 left promiscuous mode
[ 1890.138206][T11630] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1890.146550][T11630] device bridge_slave_1 left promiscuous mode
[ 1890.152807][T11630] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1890.160608][T11630] device bridge_slave_0 left promiscuous mode
[ 1890.166870][T11630] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1890.174951][T11630] device bridge_slave_1 left promiscuous mode
[ 1890.181092][T11630] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1890.188627][T11630] device bridge_slave_0 left promiscuous mode
[ 1890.194868][T11630] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1890.204086][T11630] device veth1_macvtap left promiscuous mode
[ 1890.210096][T11630] device veth0_vlan left promiscuous mode
[ 1890.216175][T11630] device veth1_macvtap left promiscuous mode
[ 1890.222211][T11630] device veth0_vlan left promiscuous mode
[ 1890.228265][T11630] device veth1_macvtap left promiscuous mode
[ 1890.234638][T11630] device veth0_vlan left promiscuous mode
[ 1890.240745][T11630] device veth1_macvtap left promiscuous mode
[ 1890.246760][T11630] device veth0_vlan left promiscuous mode
[ 1890.253116][T11630] device veth1_macvtap left promiscuous mode
[ 1890.259123][T11630] device veth0_vlan left promiscuous mode