last executing test programs:

8.922871067s ago: executing program 2 (id=7473):
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x4040, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x0, 0x0, 0x7ff, 0x100}})
read$FUSE(r1, &(0x7f0000001300)={0x2020, 0x0, 0x0, <r2=>0x0}, 0x2020)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, 0x0, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
time(0xfffffffffffffffc)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESDEC=r2, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r7}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x80, 0xffffffffffffffff, 0x8}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRESDEC=r3, @ANYRES32], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a00)=ANY=[@ANYBLOB="b702000022000000bfa300000000000007030000007effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67dafe6c8dc525d78c07f34e4d5b3185b310efcfa89147a09000000f110026e6d2ef831ab7ea0c34f17e3ad6eecbb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b0a341a2d7cbdb9cd38bdb2ca8e0500009cb20d03e7564c35a8d36774d5e5003a14817ac61e4dd19699a13477bf7e060e3670ef0e789f65f105006704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d9961b626c57c2691208173656d60a17e3c184b751c51160fbcbbdb5b1e7be6148ba532e60a0ac346dfebd31a080600000002000000ff000000334d83239dd27080e71113610e10d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08ab1e1ad828267d4eadd3957663e88535c133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0182babc190ae2ebf8aad34732181feb215139f15ea7e8cb0bae7c34d5ac5e7c805210600000000000000c3dec04b25dfc17975238345d4f71ab158c36657b7218baa0700f781c0a99bd50499ccc421ace5e845885efb5b9964ecbeba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d0175b989b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4effcf7462710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2000034837d365e63845f3c1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000000000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edeeeba72205beff7771bcb293747b88486cacee403000000a2919a4bff2ed893f2c814679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75e26b45264e3d3f8e0048e55ae289ce2ad779ce71d4dc30cbb2cc4289d2f884d66cddc76eb7f601110ff39053c262279f4ef00fbdb8c338615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2e152cb2cf06f8edb30177fead735a952ffce676a93110904d5ee2abdab2ef3ff84c4d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007981699b6c0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d2503a3ea376721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e6712824a85eb9ee0a3b68c9e209756623adf685dd715d68ed11e4b4d5502f5124948f8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef66fa03a99b5c1c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f54b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b6c16bd94d2da66059de81abfa15eeeb88b6ae5882ad341032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f553572548104d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7862f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f32744a8c6882a72475e4280a4d9a47c003c6ed3071330c58145be813a10788a720a6b5a498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cf2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ec8faf3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7afe8a1f8cde79b7a6c5aafe954b8ba37818e40c14b37c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1db99c2cf2735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c02b53d44bd84bf6770157e96bbb96b5e1f165c87e7ad68a3600b3d357fa9a7d53c281d88ebb175a4dbb82130e6970982947913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980ede51116a3d04d58872a07d6a7e12db673acd2f7b8988d833e71943fe2c1c60100f36b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3d0bda50f6c0af58dbd6c031b1a5a7512c5896514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e2a79b55daa1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9df0617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e6887dd7245bc5d61dc5a114d10ffb22e76678bbfc1e3865d17d128306d1b81884a934cb00000000000000000098a4526e6468987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434b8be07cbd52325296e22802493edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbc8b8e21589c92446ae65d408c0637ffcc2d44d715ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f51a973a6c545b28211a92000000001501aed8972af0fcd540a9d4e293690c5e697b3a1480e46df5371bca1cfb28a57c1b3c956ec81397e81fbf870a67385fea04220423f52ad8178b9fd04bdc7e5fee4bd52db996e633792118efdb6b88023e80da74fdf723c7f05e96d738989f2c8b1e6b3a9716b6130a09e2698b12d8ae4d329f305fde3e8dec42eae3c69988ad568543a715755110c8dff124a6ba9ee1dc32ea7d17a35a420133c7df262a30cbff8790d80fd4def27ff1b268014daec1b0d1d2864bf010801f092efac0b349b86631d2a7455a72c0e7f43730b78e9beb255188acb12f3770fcc2223ba034181d9c3acef5b6d9ee77883ca12cfd68a5db88cc94c65a9fd1d070387a351905240b0b1920429109032ddc3cf9bf4ba32f594d45478bca432bdeb1a21fd5b5c2c416ed8eeabade9e2002b4e714dc3d7476fa52fedc0d0e6bed973e3aa468597810c13a8c40d9845bf0080850f309ec4dc5f88ef54b6674d8402f8ccd86d33edb1894e46b793641e9bf407b7c8b2b4b555f07467c96828163ce30fd4c24b108df352bc32eae5b1e3adecf6cf8d2bc3549f49c14a553683499b707a422e98082456c0dcf3f7155db062dfad1e92af9708dca9b70a77f4b88c06f8ee7a43df5f5ac21a6ed194102abaa0970000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r9, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000040)="76389e147583ddd0569ba56a5cfd55", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
openat$selinux_avc_cache_stats(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000980), 0xffffffffffffffff)
socket$netlink(0x10, 0x3, 0x10)

8.024117341s ago: executing program 2 (id=7481):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000100)={'erspan0\x00', 0x0})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b708000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES8=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x0, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="20010000120013070000000000000000e0000001000000000000000000000000fc0000000000000000000000006c00000000000000000000000000000000008107e0b6d0c935bb00", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000072c42572f64a264410b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fbc18c8582fc7800000000000000000000000050019000000000028001a"], 0x120}}, 0x0)

6.655965153s ago: executing program 2 (id=7487):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = syz_open_procfs(0x0, 0x0)
pread64(r0, &(0x7f000001a240)=""/102400, 0x19000, 0x0)
r1 = openat$selinux_create(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$binfmt_misc(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="73797a308ea4f6115e20876ee20f3277cb33362f595787bedb47a14344b700"/42], 0x12)
r2 = openat$incfs(r0, &(0x7f0000000080)='.log\x00', 0x8402, 0x0)
creat(&(0x7f0000000180)='./bus\x00', 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
ioctl$FIGETBSZ(r2, 0x2, &(0x7f0000000200))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r6}, 0x10)
syz_mount_image$fuse(0x0, &(0x7f0000000340)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@xino_off}, {@nfs_export_on}], [], 0x2c})

6.645559984s ago: executing program 4 (id=7488):
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_udp_int(0xffffffffffffffff, 0x11, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0xb, &(0x7f0000000a00)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000690000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095000000000000002d55710c64e30cd8655910b3eb2d1451a6bf4b04dc0ab703f4c87963ba8fd1c024815f140290fb3f659193ae297fdcd50b6dc8d41d9568a55e58cc6514e272e53a081168e74d7189f0e655f66e08d4e108968d80ea3cac636aa60bea16f1e27d5761f66d6e252599ca89adacf4e13a2013988c420dd7cf1fce0cb888b55ee528de49f84820012fd6f16b20de6f1ea6691dcee8e86fa2109aa7898fe1f7ff973463c482db5da9926d158ee55592221796e273ccf22a8ce8dd3674739087015098b80e9842e82aa484b0247773b358f0235bba5950707984fb201d101bfd1f78b0ba9a72d422d94b5a34491cf3f671af9dacdf409ce0c1"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000040)='percpu_alloc_percpu\x00', r0}, 0x10)
syz_clone(0x10eb22f000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="4400000010003704000000000057996f46dafaff", @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800e00010069703665727370616e0000000c0c0280040012000500110000000000"], 0x44}}, 0x0)

5.732644049s ago: executing program 2 (id=7504):
prlimit64(0x0, 0x6, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000680)=ANY=[], 0x0, 0x2, 0x0, 0x0, 0x41100}, 0x90)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f00000000c0), 0x10)
sendmsg$can_bcm(r4, &(0x7f0000000480)={&(0x7f0000000280), 0x3, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="0000000000000000000007e2e6b50000", @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="000000000100000000000000000000000400000000000000"], 0x48}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000700)=ANY=[@ANYRES8=r3, @ANYRESHEX, @ANYRESDEC, @ANYRESDEC=r0, @ANYRES8, @ANYRES64=r0], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r5, 0x11, 0x66, &(0x7f0000000100)=0xc6, 0x4)
setsockopt$inet6_udp_encap(r5, 0x11, 0x64, &(0x7f0000000780)=0x2, 0x4)
bind$inet6(r5, &(0x7f0000000200)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0xd2, &(0x7f0000000080)=ANY=[@ANYBLOB="ffffffffbfff00000000000086dd600489f1009c1100fc010000000000000025030000000000ff02000000090000000000000000000100000e22"], 0x0)
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000600)=ANY=[@ANYBLOB="12010000000000402cc0d1554f59c302831261ef53086a052f03000000000001090224000100000000090400000103000000092100000001220500090581030000000000"], 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
syz_usb_control_io$hid(r6, 0x0, 0x0)
syz_usb_control_io$hid(r6, &(0x7f0000001440)={0xfffffffffffffd87, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0076000000000000000000200f63ff97c7038da197c35451a125d98e464c4519f2e5213e5d4b4afd2e3f1ab2db5b057a56fa5c92422be63f053b2f4d5263b3cab3f4aacca9f65fb1a42933f016dc5c74276886fc976738d31e632a1ce1bfc4d5dbe620ca271baeea961fd43bb0a53ca60b9c2bd8f1785ad1972eb390b149046246b881fd9d101ae8668852dca3ecf246187a3f889ad6aa1b3721dd0558a2fe78c430efd290ffd6f8fb9a2c8ca78e3b91c30007c7fc2ac90a3b61b913348ac09f218948d98912f2f53073428b23a1f6d3d057ce7a262be384da10763e35f11a27716e44c7b26067bc6569ecad5fdeb7235db3795de8351aafeddc9faa9ff30fef38dbc6853a5ba16cd0e07aa7d4f54b96d3d0"], 0x0}, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r8, <r9=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000807b8af8ff00000000bfa2000000000000070200001dcbffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe50, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

5.520293037s ago: executing program 4 (id=7505):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000f600850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000000000000030000005800018044000400200001000a0000fcffffff000000000000000000000000000000000100000000200002000a00000000000000fe8000000000000000000000000000bb000000000d0001007564703a73"], 0x6c}}, 0x0)

5.519383207s ago: executing program 4 (id=7506):
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000cb0acc4023392500002b000000010902120001000000008cea495f9116280000f7e1a634002200"], 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=@framed={{}, [@printk={@llx, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x2d}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x51)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r5, 0x29, 0x4b, &(0x7f0000000100)=0xfffffff7, 0x4)
bind$inet6(r5, &(0x7f0000f5dfe4)={0xa, 0x6e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c)
socket$inet6(0xa, 0x2, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x4052, r4, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x400400, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x200040c5)

4.782281797s ago: executing program 1 (id=7513):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x7a)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x40, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x108000, 0x0)
open(&(0x7f0000000780)='./bus\x00', 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r5)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r6 = inotify_init1(0x0)
fcntl$setown(r6, 0x8, 0xffffffffffffffff)
fcntl$getownex(r6, 0x10, &(0x7f0000000140)={0x0, <r7=>0x0})
r8 = syz_open_procfs(r7, &(0x7f0000000600)='fd/4\x00')
ioctl$EXT4_IOC_GROUP_EXTEND(r8, 0x40086607, &(0x7f0000000240))

4.668818127s ago: executing program 3 (id=7515):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000f1ff007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@remote, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x1}}, {{@in6=@dev={0xfe, 0x80, '\x00', 0x3f}, 0x0, 0x6c}, 0x0, @in6=@dev}}, 0xe8)
syz_emit_ethernet(0x3e, &(0x7f0000000100)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0xfffc, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}, @time_exceeded={0x4, 0x0, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @dev}}}}}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008d}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setaffinity(0x0, 0xffffffffffffffc2, &(0x7f0000000280)=0x666)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x0, 0x5, 0x2, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/14, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x0, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'})
sendmsg$nl_route_sched(r7, 0x0, 0x0)

4.295814137s ago: executing program 0 (id=7517):
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000280)=<r0=>0x0)
prlimit64(r0, 0xe, &(0x7f0000000140)={0x4ef1, 0x6}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
setsockopt$CAN_RAW_ERR_FILTER(0xffffffffffffffff, 0x65, 0x2, &(0x7f0000000300)=0x413, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@metacopy_on}], [], 0x2c})
r5 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
linkat(r5, &(0x7f0000000180)='./file1\x00', r5, &(0x7f00000001c0)='./file3\x00', 0x0)
r6 = openat(r5, &(0x7f0000000080)='./file3\x00', 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@bloom_filter={0x1e, 0x6, 0x7, 0x1, 0x4, r6, 0xb, '\x00', 0x0, r6, 0x1, 0x3, 0x3, 0xb}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x12, 0x56, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000001000000000000000000000063010400000000009500000000000000bbf12fe423408b11ebcbe9265d07c51a8f3bbf413a1ef564456f9cea1e2f7d8559495b895fb1d238fe738d035e226a65d1c379cce1a80ca1419d173a4a9d1db2d324bf7c97519ccb571bf87b5f2150a5f2aefe9922767574742fa903145054cb4d3f281f6faf9bfdcc91c1b2adb37b2c38914a68253fdff415952376a859d5560b7308029c15b88cece5d17d4520e79ee872506ac50d0645fbc462"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x55)
socket(0x0, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendto$inet6(r9, &(0x7f00000000c0), 0x0, 0x20000004, &(0x7f0000b63fe4), 0x1c)
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00001009040000022a3e740009058b"], 0x0)

3.970618524s ago: executing program 1 (id=7518):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000300)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@lazytime}, {@jqfmt_vfsold}, {@usrquota}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f00000021c0)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000002140)={0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0xf6ffffffffffffff, 0x2})

3.861220633s ago: executing program 1 (id=7519):
r0 = syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x2000480, &(0x7f0000001000)={[], [{@fsname={'fsname', 0x3d, 'system.advise\x00'}}, {@obj_role={'obj_role', 0x3d, '\x00\x9d\x8af(\xfd\xecw\a\x9c 2\x88,\x13}O#\xdcv\x1d\xc7O7\xf6\x93\\_\xfa.3\x1e\xa8\f\x00\x00\x00\x00\x00\x00\xef\x06\xc9\xbc?\xf2fB\x88\xd5\x9e\xd4\\\xa0C}\xd4\xd1\xad\xff\xd8\x1a\x04\xf9\x02Q\xb3Gd\x8eE\xa0\x10w\xf6nN\v\x15\xe8\x92\x98w+{PC\x80\xcbe'}}]}, 0x1, 0x765, &(0x7f0000000800)="$eJzs3c1rHOUfAPDvbJKmv7Q/E0HQegoIGijdmBpbBQ8VDyJYKOjZdtlsQ80mW7Kb0oSAFhG8CCoeBL307Eu9efXlqv+FB2mpmhYrHiQyu7PpNtltN22SRffzgWmf55nZPPPdZ2aeZ/cZdgLoW+PpP7mIQxHxQRIxmpUnETFUTw1GnGhsd2tttZguSayvv/ZbUt/m5tpqMVpekzqQZR6LiO/fjTic21pvdXllrlAulxaz/GRt/vxkdXnlyLn5wmxptrRwbGp6+ujxZ48f27lY//hp5eC1D19+6qsTf73z6JX3f0jiRBzM1rXGsVPGYzx7T4bSt/AOL+10ZT2W9HoHuC/pqTnQOMvjUIzGQD0FAPyXvRUR6wBAn0n0/wDQZ5rfA9xcWy02l95+I7G3rr8YEfsb8TfnNxtrBrM5u/31edCRm0k2M9KYzEwiYmwH6h+PiM++eeOLdIldmocEaOftSxFxZmx86/U/2XLPwnY93cU245vyrn+wd75Nxz/PtRv/5TbGP3HH+KdhuM25ez/uff7nru5ANR2l478XWu5tu9USf2ZsIMv9vz7mG0rOniuX0mvbQxExEUPDaX7qLnVM3Pj7Rqd1reO/3z968/O0/vT/21vkrg4O3/mamUKt8CAxt7p+KeLxwXbxJxvtn7Rp/7TsVJd1vPL8e592WpfGn8bbXLbGv7vWL0c82bb9b9/Rltz1/sTJ+uEw2Two2vj6509G2pUf2dT+6ZLW3/wssBfS9h+5e/xjSev9mtXt1/Hj5dHvOq27d/ztj/99yev19L6s7GKhVlucitiXvLq1/Ojt1zbzze3T+CeeaH/+bz7+11v2If1MeKbL+Aev/frl/ce/u9L4Z7bV/ttPXLk1N9Cp/u7af7qemshKurn+dbuDD/LeAQAAAAAAAAAAAAAAAAAAAAAAAEC3chFxMJJcfiOdy+XzjWd4PxIjuXKlWjt8trK0MBP1Z2WPxVCu+VOXoy2/hzqV/R5+M390U/6ZiHg4Ij4e/l89ny9WyjO9Dh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMgc6PP8/9ctwr/cOANg1+3u9AwDAntP/A0D/0f8DQP/R/wNA/9H/A0D/0f8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwy06dPJku63+urRbT/MyF5aW5yoUjM6XqXH5+qZgvVhbP52crldlyKV+szN/r75UrlfPTsbB0cbJWqtYmq8srp+crSwu10+fmC7Ol06WhPYkKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALanurwyVyiXS4sSEhISG4leX5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/h3+CQAA///Q6StZ")
r1 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
r2 = creat(&(0x7f0000000740)='./file0\x00', 0x108)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
pipe(&(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(r4, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
close(r4)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r6, 0x0, 0x19, &(0x7f0000000000)=0x2, 0x4)
sendto$inet(r6, &(0x7f00000000c0)="f461c5bbd75c3583", 0x8, 0x0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)
recvmmsg(r6, &(0x7f0000000ac0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000040)={0x7ff}, 0x17f)
write(r2, &(0x7f0000000180)="1c0000004a005f0214f9f424000904000a", 0x11)
splice(r3, 0x0, r4, 0x0, 0xfffd, 0x0)
pwrite64(r2, &(0x7f0000000280)='+', 0x1, 0x0)
r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
copy_file_range(r7, 0x0, r1, &(0x7f00000000c0)=0x10000, 0x6, 0x0)
r8 = open(&(0x7f0000000f80)='./file0\x00', 0x0, 0x2)
pwritev2(r8, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xf000}], 0x1, 0x7800, 0x0, 0x3)
socket$inet6_udplite(0xa, 0x2, 0x88)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
fremovexattr(r0, &(0x7f0000000780)=@known='system.advise\x00')
getsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000300)={@initdev, @local, <r10=>0x0}, &(0x7f0000000480)=0xc)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000640)={0x2, 0x4, 0x8, 0x1, 0x80, r9, 0x4, '\x00', r10, r3, 0x3, 0x4, 0x2}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000dfffffffbfa420000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70400000800000085000000950000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000100)=ANY=[@ANYRESDEC], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x61, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r11}, 0x10)
syz_kvm_setup_cpu$x86(r2, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="362e0f017df2f3670f00d7c4c1fe703cec00440f20c03501000000440f22c066baf80cb8d056bf87ef66bafc0c66ed65f3dd0266b81c008ee09a759300000900360fc7acfd0c0000000fd516", 0x4c}], 0x1, 0x9, &(0x7f00000002c0)=[@dstype3={0x7, 0xf}], 0x1)
syz_usb_connect(0x0, 0x3d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000b19a3640d219751284070102030109022b0002070000ac18563dd8399550bba2ef9521593300090400010079319c0009040000000202ff"], 0x0)

3.861008483s ago: executing program 0 (id=7520):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb0100180000000000000038000000380000000300"/31], 0x0, 0x53}, 0x20)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffea0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c00000010004b0400f4ed00000000007a000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c0002800800090000000000060006000000"], 0x4c}}, 0x0)

3.859807403s ago: executing program 3 (id=7521):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x9, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_udp_encap(r2, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4)
r3 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010700", 0x30, 0x11, 0x0, @private1, @mcast2, {[], {0x0, 0xe22, 0x30, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}, "75a03d97e18e8a73f58c3e4b40ebdf680bf1e271eb4a3c86536745c48427f037e8d61cc7"}}}}}}}, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDEL6RD(r4, 0x89fa, &(0x7f00000001c0)={'sit0\x00', &(0x7f0000000180)={@remote, @multicast2, 0xe, 0xa}})

3.743955992s ago: executing program 3 (id=7522):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00')
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1333404, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x11080, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000240)=@framed={{}, [@map_fd={0x18, 0x2, 0x1, 0x0, r0}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
unshare(0x22020600)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="74010000170003024c00000000000000000000000000000000000000000000004c00000000000000ac141400000000000000000000000000fc020000000000000000000000000000ac1e000100"/104, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe800000000000000000000000000000fe8000000000000000000000000000bb00000000000000000a00000000000000", @ANYRES32=0x0, @ANYBLOB="5e43f6ad9d131f78ac81cb521a78615e53050df764e16f43e1d83d23589b8e6235d9b7eec4271a1d873f2e66dec129b99483f91ca9009d7f3020a7fb7ca25b4523e90ba439a92352b93e1ef078bf94d0bc562dda79929b9ed662384b82e31df9405b0794b10f76", @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000008001f"], 0x174}}, 0x0)
open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x10)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0)
read$FUSE(r0, &(0x7f0000002140)={0x2020}, 0x2100)

3.628110112s ago: executing program 0 (id=7523):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@bloom_filter={0x1e, 0x9, 0x2, 0x2, 0x204, 0xffffffffffffffff, 0xffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x3, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000c00)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x90)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000004c0)={&(0x7f00000002c0)="1b2bdb44d51316357a19cbca28ecf3f8b989fbb34b929e2d74168f675a37e9bcd0bbdabe7d53809872216873ed2c27a176fc6fbd9c98fdb4d4cd409c60ad5e13a6d175bb6afc677bc594923fea63c27f20076c276d05fb4dd628b888c70cc6442ebd21ebdc662b8538cd9dfde65060b7cc317133007725cc97de37f45a5576fbb2f4babc05f388231fcde713cdbfb06b4c2f2f426a2b5652c7308c", &(0x7f0000000040)=""/65, &(0x7f0000000380)="f9df328fee334e6c9ccb3b3cbc27ec0809158b7c669278a56646ae3c8b5330af28e6da355ae10f86c5fa211777b309fd488b7ccb8b619874e50c7f808ee09a65769a4ea6dabe30c1cc8b876b20ee7a328d0f81ee3a6bcf0205b849a2dd248bffe1c8f7a6a54d1504e8a6a9b022e97592dec2a15e56935a76a29b363ce52a60430e43a51180c073", &(0x7f0000000200)="9e61e0b1a3fffc268ec26cbb14ff90d6c7297828582feb2decc7", 0x1200000, r0, 0x4}, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
unshare(0x22020600)
r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000bc0)='ns/cgroup\x00')
bpf$MAP_CREATE(0x0, &(0x7f0000000b40)=@base={0x13, 0x59, 0x3, 0x77b0, 0x2a82, r0, 0x400, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x1}, 0x48)
keyctl$join(0x1, &(0x7f0000000b00)={'syz', 0x1})
r4 = syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0xa04108, &(0x7f0000000140)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@stripe={'stripe', 0x3d, 0xa}}, {@nolazytime}, {@noquota}, {@jqfmt_vfsold}, {@minixdf}, {@init_itable_val={'init_itable', 0x3d, 0x2}}, {@grpid}, {@debug}]}, 0x11, 0x4d8, &(0x7f0000000540)="$eJzs3d9rW9cdAPDvla3ESZzZ2faQBZaFJcMJWyQ7XhKzhyyDsTwFtmXvmWfLxli2jCUnsQnDYX/AYIyt0Kc+9aXQP6BQ8ieUQqB9L21pKW3SPuShrYqkq+K4UmxT/Ujtzwdu7jnnXt3vOTH36J57j6QADqwzEXE9IgYi4kJEjKTlmXS5UctsNvZ78vj+TG1Jolq99WkSSVrWPFaSro81XhJDEfHXGxH/SL4bt7y+sThdLBZW03y+srSSL69vXFxYmp4vzBeWJycnrkxdnbo8Nd6Rdo5GxLU/fvi/f7/6p2tv/ubue7c/Pv/PWrWG0+1b25HKdiJukh5qaEvZYESsduLgL4CBdN2R/ywAALqudo3/44j4Zf36fyQG6lenAAAAwH5S/f1wfJlEVAEAAIB9K1OfA5tkculcgOHIZHK5xhzen8bRTLFUrvx6rrS2PNuYKzsa2czcQrEwns4VHo1sUstPpHNsm/lL2/KTEXEiIv47cqSez82UirP9vvkBAAAAB8SxbeP/L0Ya438AAABgnxnd4/5DXaoHAAAA0D17Hf8DAAAAPzzG/wAAALCv/fnmzdpSbf7+9eyd9bXF0p2Ls4XyYm5pbSY3U1pdyc2XSvP17+xb2ul4xVJp5bexvHYvXymUK/ny+sbtpdLacuX2gk8NAAAAQL+c+MXDd5OI2PzdkfpSc6jflQJ6ItnLzh90rx5A7w30uwJA3wy2Knza+3oAvZftdwWAvtvpPkDbyTtvdb4uAABAd4z9rP3zf/cGYH/L9LsCAEDPtXz+DxwIWTMA4cD70Q7bv//z/2p1TxUCAAA6bri+JJlc+ixwODKZXC7ieP1nAbLJ3EKxMJ6OD94ZyR6u5Sfqr0z29tlhAAAAAAAAAAAAAAAAAAAAAAAAADjAqtUkqgAAAMC+FpH5KKl/m3/E2Mi54e33Bw4lT0fq64i4+/Kt/9+brlRWJ2rln31bXnkpLb/UjzsYAAAAwHbNcXpzHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfTk8f2Z5tLLuJ/8ISJGG/GHnok/GEP19VBkI+Lo50kMbnldEhEDHYi/+SAiTrZqf1KrVoymtWgV/0gf42ci4lgH4sNB9rDW/1xvdf5l4kx93er8O1xPD3Yg/tb+b3v8Zv830Kb/Ob7LGKcevZ5vG/9BxKnB1v1PM37SJv7ZXcb/+982Ntptq74SMdby/Sd5Jla+srSSL69vXFxYmp4vzBeWJycnrkxdnbo8NZ6fWygW0n9bxvjPz9/4+nntP9om/ugO7T+3y/Z/9eje4580ktlW8c+fbf3+e7JN/Ez63verNF3bPtZMbzbSW51+7e3Tz2v/bJv27/T3P7/L9l/4y7/e3+WuAEAPlNc3FqeLxcJqlxPJYNdDSEjsLXE4PQm2bEov+nt2Xry4iX72SgAAQDdsGfkAAAAAAAAAAAAAAAAAAAAAfdKLrxPbHnOzP00FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHiubwIAAP//zIPNdg==")
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
setns(r3, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000188500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r7, 0xc0502100, &(0x7f0000000400))
socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r8}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)

2.92561337s ago: executing program 3 (id=7524):
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000080)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @private0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x901006, 0x0, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=@framed={{}, [@printk={@llx, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x2d}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x51)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000280)=ANY=[@ANYRESHEX=0x0, @ANYRES32, @ANYRES16=r0, @ANYRES8=r0, @ANYRESDEC=r0], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{}, 0x0, &(0x7f0000000040)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x17, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000018b7030000e8ffff7f850000000400000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

2.814593309s ago: executing program 2 (id=7525):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
keyctl$session_to_parent(0x12)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x0, 0x9, 0x1}, 0x48)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$netlink(r6, &(0x7f0000000840)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000340)={0x10}, 0x10}, {&(0x7f00000003c0)={0x30, 0x39, 0x400, 0x70bd28, 0x25dfdbfd, "", [@nested={0x20, 0x7b, 0x0, 0x1, [@typed={0x8, 0x13c, 0x0, 0x0, @fd}, @typed={0x14, 0x117, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00'}]}]}, 0x30}, {&(0x7f0000000900)={0x6c, 0x23, 0x200, 0x70bd2b, 0x0, "", [@generic="8135332e2d3eaabb931c20da407a83a39e7dfea86bd70b41e9dbf0b6eee2e21e1c4a375c533e54c5d980188ca55bb269516ea9d04d62aa006784677653251f9e46d44785a2260852da9462dde341112e4766", @typed={0x8, 0x0, 0x0, 0x0, @uid}]}, 0x6c}, {&(0x7f0000000680)={0x1c, 0x0, 0x2, 0x0, 0x25dfdbff, "", [@nested={0x4, 0x21}, @typed={0x8, 0x0, 0x0, 0x0, @pid}]}, 0x1c}, {0x0}], 0x5}, 0x4eb1eb4ab2037d65)
getsockname$packet(r6, &(0x7f00000000c0)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0xfe3b)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)

2.760280914s ago: executing program 0 (id=7526):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000680)=ANY=[@ANYBLOB="050000000000007473112100000000008510000002000000850011000000000095000000000000009500a50500000000abe50ba4bbb6029f0557519b3038aa56b7fca728be4f16aaa6ea7eeb65f787bde3d44eae75078ff8834c6bfd8f8d8a29e6a3"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70)

2.760038963s ago: executing program 0 (id=7527):
socket$inet6(0xa, 0x2, 0x0)
mkdir(0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xa, 0x5, 0x0, 0x8000}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000380), &(0x7f00000001c0)='./file1\x00', 0x402, &(0x7f0000000500)=ANY=[@ANYBLOB="756e695f786c6174653d312c6e6f6e756d7461696c3d300000000000000008303030303030303030303034303030303030303030302c73686f72746e616d653d65722c73686f72746e616d653d6d697865642c756e695f786c6174653d312c73686f72746e616d653d6d697865642c696f636861727365743d757466f69e75731725e72216799ebd57484a7e1948a8aa65667265652c757466383d312c6e66733d6e6f7374616c655f726f2c73686f72742e616d653d6d697865642c757466383d306d653d77696e6e742c007aea3388304ddedb3208ceb9b2c23924743277bd2c0d0019d44efede967f3df81cce421f7aafa8aa7c706311ab7a0ce39abf7858b6ba6ef5206da03692650000000000000001d0559b166f8c433d34c03a60999dea3bab649a260b216354ecc726cd1f6519546e8ef6ae17a0da1b9313ef4b5633c5f1bf756a7816d304d61c4d15539bae9f6e8dc91d178c85744c5cc226ca0568f9f6da8997bc10100b836488e47d0b7e6ccffaf123b1000000"], 0x1, 0x250, &(0x7f0000002680)="$eJzs3EFrI2UYB/DHbt1tu+ymBxEUxBe96GXY1g8gQXZBLCh1I+pBmLVTDR2TkgmViLh78+rnWDx6E9Qv0Is37956EbzsQYw0Sd1kjYiwcWrz+0H7PuHNH55hJuGZQHLy7lefHOxX2X7ej5W1FCsR9+JBxOZpNfHEZF0Z1Zdj2r14+eqvPz339nvvv9Hc2bm5m9Kt5u1XtlNK15//7tPPv37hh/7Vd765/u2VON784OSX7Z+Pnz5+5uT32x+3q9SuUqfbT3m60+328ztlkfba1UGW0ltlkVdFaneqojezv192Dw8HKe/sXds47BVVlfLOIB0Ug9Tvpn5vkPKP8nYnZVmWrm0E/6R1f3c3b9bdBQuzevqv12vmlyJi/S/brft1NAUA1Ot8z/+nU4v5f3HM/8vgdP7fmLx+Z5n/AQAAAAAAAAAAAADg/+DBcNgYDoeNs/Xs70pErEXE2eO6+2QxnP/lNvXFvbWI8suj1lFrvI73m/vRjjKKuBGN+G10PUyM61uv79y8kUY24/vy7iR/96h1aTa/FY3YnJ/fGufTbP7J2JjOb0cjnpqf356bvxwvvTiVz6IRP34Y3Shjb3RdP8x/sZXSa2/uPJJfHz0PAAAALoIs/Wnu/XuW/d3+OP8vPh945P56NZ5drffYAQAAYFlUg88O8rIseooLWLwaEeegDcV0sfa4T8p6LKLVut+ZAACAx+3h0F93JwAAAAAAAAAAAAAAAAAAALC8/osfPKv7GAEAAAAAAAAAAAAAAAAAAAAAAOC8+CMAAP//i7gqKA==")
clock_getres(0xfffffffffffffff1, &(0x7f0000000040))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
renameat2(r2, &(0x7f0000000340)='./file0\x00', r3, &(0x7f00000003c0)='./file1\x00', 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x7, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000180000ab340000002f2684fade2eb64a000000000000000000"], &(0x7f00000000c0)='syzkaller\x00'}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r4}, 0x10)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121701, 0x0)
write$binfmt_aout(r5, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r5, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000279600"})
r6 = syz_open_pts(r5, 0x0)
r7 = dup(r6)
ioctl$TIOCSSOFTCAR(r7, 0x541a, &(0x7f0000000000))

2.100459907s ago: executing program 4 (id=7528):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x7a)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x40, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x108000, 0x0)
open(&(0x7f0000000780)='./bus\x00', 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r5)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r6 = inotify_init1(0x0)
fcntl$setown(r6, 0x8, 0xffffffffffffffff)
fcntl$getownex(r6, 0x10, &(0x7f0000000140)={0x0, <r7=>0x0})
r8 = syz_open_procfs(r7, &(0x7f0000000600)='fd/4\x00')
ioctl$EXT4_IOC_GROUP_EXTEND(r8, 0x40086607, &(0x7f0000000240))

2.054015391s ago: executing program 3 (id=7529):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000880)={[{@noblock_validity}, {@sb={'sb', 0x3d, 0xffffffffffffffe0}}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010000000000000000", @ANYRES32=r2, @ANYBLOB], 0x50}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000780)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c000000020000000000000002000004080000000000000003000000000000000000000002000000000000000000000000000002000000000000000000000004000000000000a06740c5381059ff303e4e39335697148a3fe9832274c703808dc16a1d8d56319f2361de4f91e8d992336ab9023e08c6bc91fa63b441fd27597289dcaaa5e54ad5cfdf24edaec51606a5d68f5d15bbeb169fa38f215efc9902ef30264d8348c166302375cf6446a849e05a96a2dee08da7865168e2148bc3f9e0fdaee033a62c617d868f"], 0x0, 0x56, 0x0, 0xc00}, 0x20)
waitid(0x1, r3, &(0x7f0000001300), 0x8, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000017c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1, '\x00', 0x0, r6, 0x0, 0x1}, 0x48)

1.888814345s ago: executing program 2 (id=7530):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=<r3=>r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r4, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r6, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r6, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{r1}, &(0x7f00000005c0), &(0x7f0000000600)=r2}, 0x20)
r7 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYRESDEC=r3, @ANYBLOB="e18ec924d6802397cca4", @ANYRESHEX=r2], 0x0)
syz_usb_control_io$hid(r7, 0x0, 0x0)
syz_usb_control_io(r7, &(0x7f00000003c0)={0x2c, &(0x7f0000000180)={0x20, 0x21, 0x9b, {0x9b, 0xc, "f329964160917d60a5d034ba7b5293b1a2e2fa589ab6d68958a1666ca326698d8a823e0aa56bdbb4d275365994d7c3b1031dee6b2020d43d1f385420dc7fa58d3cad485b498c43cd320650287551ab510c480e17a89446dd9a07a1f441992281b6d63570f4875e66cf80178046bcd41e74dc6e0ad983714b3033386e552444f0ac8850f9297ec8d9bcbfbab4e9b1d3be99c60d2092708aa8c4"}}, &(0x7f0000000280)={0x0, 0x3, 0x98, @string={0x98, 0x3, "9a6a4b3b8b880fed9bfcf086942ecac3e19926963fd889b07ad0b34744ee9b4bfc63d093acfefb52857ea27a04b127b2f7b04278d41698b944b7b7869f0ce44839cc6a026699d9f4f2b6a4d06dd538df08f00b2e88559b7f99f9273254630de1562657338c302b8002f4374d69ea760b18476e8fd155432fc7ae6c0518b860d6304b435588b9f4806f82fda60faab4ccf5b4b33eaac6"}}, &(0x7f0000000000)=ANY=[@ANYBLOB="000f08e5ff00050f08000103100b"], &(0x7f0000000080)={0x20, 0x29, 0xf, {0xf, 0x29, 0x81, 0x10, 0x1, 0xfd, "ece7d798", "d3268ff9"}}, &(0x7f0000000340)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x2, 0x4, 0x2, 0x8, 0x9, 0x1, 0x4}}}, &(0x7f0000000a40)={0x84, &(0x7f0000000400)=ANY=[@ANYBLOB="5e0f03000000a8bc2a"], &(0x7f00000004c0)={0x0, 0xa, 0x1, 0xc}, &(0x7f0000000500)={0x0, 0x8, 0x1, 0x7}, &(0x7f0000000540)={0x20, 0x0, 0x4, {0x0, 0x2}}, &(0x7f0000000580)={0x20, 0x0, 0x4, {0x400, 0x20}}, &(0x7f0000000680)={0x40, 0x7, 0x2, 0x4}, &(0x7f00000006c0)={0x40, 0x9, 0x1, 0x7f}, &(0x7f0000000700)={0x40, 0xb, 0x2, "a5c5"}, &(0x7f0000000740)={0x40, 0xf, 0x2, 0xa}, &(0x7f0000000780)={0x40, 0x13, 0x6, @multicast}, &(0x7f00000007c0)={0x40, 0x17, 0x6, @local}, &(0x7f0000000800)={0x40, 0x19, 0x2, "31c2"}, &(0x7f0000000840)={0x40, 0x1a, 0x2, 0x33b}, &(0x7f0000000880)={0x40, 0x1c, 0x1, 0x9}, &(0x7f00000008c0)={0x40, 0x1e, 0x1}, &(0x7f0000000900)={0x40, 0x21, 0x1, 0x8}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
socket$key(0xf, 0x3, 0x2)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000006000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r9}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000700)={{r8}, &(0x7f0000000680), &(0x7f00000006c0)='%+9llu \x00'}, 0x20)
r10 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001040)=ANY=[@ANYBLOB="38010000100013070000000000000000ffffffff000000000000000000000000fe8000000000000000000000000000bb00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000032000000ff01000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dd3c538c08e7d83100000000000000000a000200000000000000000048000200656362286369706865725f6e756c6c2900"/240], 0x138}, 0x1, 0xe}, 0x0)
syz_usb_control_io(r7, &(0x7f0000000100)={0x2c, &(0x7f0000000380)=ANY=[@ANYBLOB='\x00\x00\v'], 0x0, 0x0, 0x0, 0x0}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

1.888063894s ago: executing program 1 (id=7531):
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x400003, 0x100)
mknodat(0xffffffffffffffff, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x18)
syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
setgid(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850003000f00000018010000646c000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
r4 = socket(0x1e, 0x805, 0x0)
sendmsg$tipc(r4, &(0x7f0000000640)={&(0x7f0000000300), 0x10, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xc, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mount$incfs(&(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000100), 0x0, 0x0)

1.887866045s ago: executing program 0 (id=7532):
r0 = gettid()
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r1, &(0x7f0000000040), 0x8)
listen(r1, 0x0)
r2 = dup2(r1, r1)
accept4$bt_l2cap(r2, 0x0, 0x0, 0x0)
shutdown(r2, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) (async)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[], 0x0) (async)
r3 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[], 0x0)
syz_usb_control_io$hid(r3, 0x0, &(0x7f0000000480)={0x2c, &(0x7f0000000080)=ANY=[@ANYBLOB="230000000000333ed9b7f4d1ee9538c2f19037021694494f6c44086a6760322e2ed250694a2439e17cc9144f2b9aa887ea52ee27ced03000c2ecf41e113e4cdb304f256e0bc0df000000000000000000"], 0x0, 0x0, 0x0, 0x0}) (async)
syz_usb_control_io$hid(r3, 0x0, &(0x7f0000000480)={0x2c, &(0x7f0000000080)=ANY=[@ANYBLOB="230000000000333ed9b7f4d1ee9538c2f19037021694494f6c44086a6760322e2ed250694a2439e17cc9144f2b9aa887ea52ee27ced03000c2ecf41e113e4cdb304f256e0bc0df000000000000000000"], 0x0, 0x0, 0x0, 0x0})

1.69612169s ago: executing program 3 (id=7533):
memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x0, &(0x7f0000000440)=ANY=[], 0x1, 0x1268, &(0x7f0000002500)="$eJzs3U9rI2UcB/Bf2vTv2qbquroL4oNeFCFue/DkpcguiAWl2gUVhFmbamialCYUIuLWkyfBlyHq0ZsgvoFevHgWBJFePO5BHGmT1aZJu7ptU5HP5zIPzzzfeWYyzMCE+TF7L32+sb7WLK9lrRgpFKK4ORbFuylSjMRodOzEc7d+/OnJN956+9XFpaUbyyndXHxz/sWU0uxT373z0ddPf9+6dOub2W8nYnfu3b3fFn7evbJ7de+Pr6LaTNVmqjdaKUu3G41WdrtWSavV5no5pddrlaxZSdV6s7LVs36t1tjcbKesvjozvblVaTZTVm+n9Uo7tQqptdVO2ftZtZ7K5XKamQ5OY+XLu3meR+T5WIxHnuf5VEzHpXgoZmI2SjEXD8cj8WhcjsfiSjweT8TVg1EXvd8AAAAAAAAAAAAAAAAAAADw/3Kf+v+C+n8AAAAAAAAAAAAAAAAAAAA4f0fr/4sRvv8PAAAAAAAAAAAAAAAAAAAAQ3af7/8fqf9/Xv0/AAAAAAAAAAAAAAAAAAAAnIfJzmI5pcmIjU+3V7ZXOstO/+JaVKMWlbgepfg9Dqr/Ozrtm68s3bieDszFCxt3uvk72yujvfn5sVLMFQbm5zv51JufiOnD+YUoxeXB8y8MzE/Gs8/s5z/p5MtRih/ei0bUYjWi0D36g/zH8ym9/NrSVG/+2v64Y42e82kBAACAs1ROf+l/ft/pDhq4vrOq+3yeuiMLJ/w/cOT5vBjXihd11NzTbH+4ntVqla0HbIwfv53x0225r1GIiCwO98xO/7K8P/mZTfGgjdGhTjp28phTnNMo/gd+zDNo/PrFoZ7JGO7sI91LIqvt3z//WSp28vxcd2zgxThxUur4e0ZhCPclhuPvk37RewIAAAAAAAAAAMC/MfDtv6mI6Hsf8IO+nnuvh/fG+7d8/OyfDeEIAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mQHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFcBAAD///ME0UM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f0000000180)='./bus\x00', 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe4, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000004c0), &(0x7f0000000380), 0x5, r1}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='sched_process_fork\x00', r2}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000540)='./file0\x00')
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x20, @local}, 0x10)
setsockopt$sock_int(r3, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x6046, 0x1, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="9d92fd7d0dc90653480e96255ffa012cf0adb2f6c32eac979c2a7358329dffcc18490a4e993b65a5842894888506489ab3c9258fc3db9bc91b7452c34ee796f1f450ff96e8d523dd85dfb806903629d0aa477162c52bb6b6a844f2fbb0899cede1dba6bc0dde67874723fd679bd91d80426275149a4bf38b50c68b6b4a18ab5c9e25a02f1e6346b1456880bf4bcfa9635425f53dd18d55a49c816f6433c678eb9dd9cfa71b34a6706b02fc595aaa36f21d4f65a348e294e15cb7619ddbdb408f2bcfe57feff04915b0a24809581275f234fce97afc4724108053252d554a77b590e5e499dc8ff11c924800", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000001ac0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r5}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x2400c806, &(0x7f0000000080)={0x2, 0x4e20, @multicast2}, 0x10)
write$binfmt_elf64(r3, &(0x7f0000000300)=ANY=[], 0x678)
creat(&(0x7f00000003c0)='./file1\x00', 0x0)
renameat2(r0, &(0x7f0000000380)='./file0\x00', r0, &(0x7f0000000200)='./bus/file0\x00', 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc01090589"], 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f0000000280)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x4, {{0x13, 0x4, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @remote, {[@timestamp={0x44, 0x10, 0xfc, 0x0, 0x0, [0x0, 0x0, 0x0]}, @cipso={0x86, 0x27, 0x0, [{0x0, 0xb, "34a6caf58db76931cc"}, {0x0, 0xe, "4f1347dfaaca82c253d084b7"}, {0x0, 0x2}, {0x6, 0x6, "11f421b4"}]}]}}}}})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r6, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
dup(r8)

1.262301246s ago: executing program 4 (id=7534):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8}, 0x48)
pwritev2(0xffffffffffffffff, &(0x7f00000006c0)=[{&(0x7f0000000740)="1a20ba2b800000000000000000c46a858a5d3ffc915f8cccaf719e04564da76b938e88dc16fa32ca198b316b73c161ba3ac87d4b95d5633d1004fb01ba05f79483a9c67c28c98638b4b4b69638", 0x4d}, {&(0x7f0000000500)}, {0x0}, {0x0}, {0x0}], 0x5, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_tracing={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x4, 0x0, &(0x7f0000000380)=[{}, {0x0, 0x0, 0x0, 0xc}, {}, {0x2}]}, 0x90)
r0 = open(0x0, 0x0, 0x0)
fallocate(r0, 0x0, 0x0, 0x0)
accept4$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed}, &(0x7f00000001c0)=0xe, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000008000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000380)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0/../file0\x00', &(0x7f0000000100)='tmpfs\x00', 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r6}, 0x10)
r7 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb5, 0x7f}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000002c0)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r7}, @generic={0x79}, @initr0, @exit, @alu={0x5, 0x0, 0xd, 0xa}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xee, &(0x7f0000000340)=""/238}, 0x21)

909.848195ms ago: executing program 1 (id=7535):
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x0, 0x10001}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000300)={r0, 0x0, 0x20000000}, 0x20)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getpid()
getuid()
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000d8ffffffb703000008000000b70400000000925e850000000800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000013007b8af8ff00000000bfa20000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040))
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r6 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r6, 0x8108551b, 0x0)
ioctl$USBDEVFS_SUBMITURB(r6, 0x802c550a, &(0x7f0000000540)=@urb_type_iso={0x0, {0x0, 0x1}, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x11, 0x0, 0x0, 0x0, [{0x0, 0x0, 0x5}, {0x3, 0x6}, {0x72e8798d, 0x9, 0x6}, {0x2, 0x401, 0x5}, {0xffffffff, 0xfffffff0, 0x3}, {0x3, 0x3, 0x7fff}, {0x5, 0x4, 0x65f0}, {0x1000, 0x9}, {0x0, 0x5, 0x1000}, {0xf9, 0x0, 0xff}, {0x6, 0x0, 0x8}, {0x8000, 0xe44f7000}, {0x696c, 0xffff256d, 0xc42e}, {0xe9c, 0x800, 0x6}, {0x10001, 0xffffffff, 0x40}, {0x84e8, 0x200, 0x4}, {}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000001ec0)=ANY=[@ANYBLOB="1800000000000000000000000000000064120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000018010000646c6c2500000000002007007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

419.333915ms ago: executing program 4 (id=7536):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0xa}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
sched_setscheduler(0x0, 0x0, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, &(0x7f0000000140)={0x24, {{0x29, 0x0, 0x0, @mcast1}}}, 0x88)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffff}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff400c}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={0x0, r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00'}, 0x10)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
r6 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_AIE_ON(r6, 0x7001)

0s ago: executing program 1 (id=7537):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000500), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000bc0)={'wpan1\x00', <r2=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r0, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x1c, r1, 0x1, 0x0, 0x0, {0xf}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x6a, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x33, 0x0, @private, @broadcast}, {0x0, 0x0, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "abb99279fd89da307583e654afb42af2dc91b30b60e83d50", "66eb64f2e8a3742962ae5b2fb03f495701288cf603c82fce6302900c99be5aab"}}}}}}, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="8b3300000000000000000500000008000300", @ANYBLOB='\f'], 0x2c}}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmsg$tipc(r8, &(0x7f00000003c0)={&(0x7f0000000180), 0x10, &(0x7f0000000380)=[{&(0x7f0000000480)="c3e972bd85a6d84136d6dd55048d3593a74f338ce6772ab9a6f64041c2f6fbbecdc08ebcd3192b6a53662dae7c8e9c665e80a5d0925f728dcac30c29793992e588952653d414cb8ccdabc38767fee819ec5af0c5ee936880fe8549b4ed347779cab4ffd4e0b62c53a1c01db28f2b3f91c34211c9353bc1dece61511917c2245fd66cb8dffeacb4d46d627c97b498bf1ff6b313bfbc9765457c831771d5eec7997ec242e4505f01c1bb3e069b2e630f42a2be86598a61", 0x64}, {&(0x7f0000000300)='V', 0x1}, {&(0x7f0000001600)="3eed50d0125719a810f88e3f47186fe4dae74182dfd109a2587c4797410c9b8e39bd3d9aa144d5908647c30c8db69b5c17084c9b1bfbb8680737c4f88abcdbc7d294d72ab1b344270915df9ddf5635644c351c22b29d948ac4106bce7107570beed63077cfbc98ef71699eae65d37724d995b553e7a3ade619b522313ab382caf879feb48942878e605ee3ee2872794e3abe22a3f025068b628a5d92468092a5cc649bbbd978b5772e537939432a502122235ced312dafd108c9ffeb0b38cc16da9418ca01d485a6afb5827da4df6e1121ec307de14bb32b6a977608e4576a998182dd93d592ff43e55bfdbbce23ecd501e43b3e93ef8d9d01711dff54c301e299d3801a3cffe6c9883fbd0e47124dc02569f62d48b878fcb58ce99fcffcd2a5166eff3ad93cf1d137274993d86a3b3730d63ded759f6ca88fa449e5575b15321e5a58a1f888eed7466db4976ce35f6d2efb5ad05d99a66482dc607cb5acb24d326803bd337519cc98103f59c63b5962cd72e4497d1b00817d6e09de70270a09b493c2226617b1c9ef9d506be00d6e07f14633a966f04ecca90fb8d2b963ad6f3817935bd6534fa3da1c5dc468789cbf1192f3c0bff3777f1edd2ada5d35f88f12f29e952c44445ce623509d66811c80a9e0f13ad85aba37d86ff0da4dda601d9e8acb264233bc939fb056316612cff687d5c44157be05bcc88b333ff2a40041d98f1acfe6e2231a84e09bd7a54a0442cf87ce3ee8fd8da39da1862862ae40fc3cb3055c8b70e62f243850707341f51426bb3e71c7a4fffefab060db786000618b05eb087a424a2f30f6a232ff44b605f70ceec0a8f70e37907f6e0bbba21e9d5b7ecb6d287742b75c101ba79525918c3473eae38f3c177249dfa8816661c9921f0b0c858d53ab87c8407b97950c842111002edd1d1e80b801b495da28bcd5409bc971e55dab1857e188ac9728efc8f9a4543945f86ade13b445eacecbbf848a96410ac37c57e3e9e8bc8b8fadd559d225c7468639da2b5d1208558b51e94c14faa7947a7c60e81a96bb5d194cc7289adbc02ebb4b49be1f1efc429db2f9b79b5a22919dba0c35341042c5776942c52365367c4bfc95b42be383cca7107161ded7e851d0126da33d581f1e2b08d0c061e86d31e7a83f9b51c79b4034c7deda7697034e1404c6e8e459f76c2efe64350146c7437ef808e04ca14df5f6f500264fd977272bbf8fc096774e8eb61d0963430751ac1425a073f84346b0eba368cba7fa34adc420800d4f99927280eba199f9695cf88124fafc3a2b1226d2f2ab3ea27c69a127650cf5c725b54c02bd8729033cf699ce7f030f9a3442056244da3cfb61a8126dba11377624f39eb009242152fd7b8b88de7dd86057f29bfcb7b7df0e65e7e9ac9eeaa41afa62743698bff03d5b2d51fb6bca2d92294e8e177cfa3661b26f1c040e9bed983b7bc0aa154eb9c92e4ee25091318c53113a1c23ac62d2d71504cba99041f29a4f332133292cf20abec9222a2acca57cac48fa6c0668ee5eecb494741a64d33b011dcca74696d4614c5b45a5d20983b1708d365ed3ffa60f9161972a611c22642c3c259b41f943f6d7a8b60f284d325e38fe76f0645e069ff70cae38850ccf973193b6232c987df26239a574691f7f07fffa6deae1eb0324fe546573c36f2a2c31cd442517a9b036ae6a2a491e7343864693c107a5dc2585820863c146c1ba6caa4fea9b87d567716f4c8ca1a9d2848055cd750512d3b7415d090019dc8a04a1a1d28931093cd8f00e94c407ca1fa2a5ce903d9df26e008c07cd13afa783220e1bd5e6b60645f3dbb6ecb4156fedafa2dd25498c6a99d94f0b38125ea7741b75109dcac9f80635f79f5c8a0483bb9f05a3a5bf721c7541edb252449f8b13e63c370a6146332f03ca1f1b6fe0bed984f13744bb7fa0fe322e83ddf9ffb2083e94f33604a0a199220c450dad94bf154805e7f9e4350ca2d81adf2978c87dcc8a8a7d56297ec124bfef0d28f35777205e973272c87e01070f14f5b14daa3b5104d9ff6b296c4f16ed49eb42d35e7ba3bccb7a26c33a263df88aadd596e9d9de0abbd4d449df11081f2cd62e1d8962b9b9feb25a3b8e03537d61a61c11ac22b7211d12c84e60a6abcc219e558b2513d8c530b3c7a57cdc47de545aafbb2a13c0e6c75b1b92fa241c713c83a09c92b2b61d565120372a9143415583c9596f27a663d4967cd653b08cebd6cb96c1f0dc80d57267ac9a8281d7149bde880828ee27d69a6818db58320db29d1b044eaf6ab8a5108bc522de406990b5393b1f7e7bab71bf6cf8eed1cd59c7607d662e8b313f5c4fce0f59b1027371381011b63dd5b2b09739082c0d62ffad96e30153a395234937d377c32fe7af82aca3a19d0ebc4a5c5fb5ff190f14d5695c703b571fb4bf03756635cafc6cf6267eab836c347a9d07e8089fc105346934cf3364e5be370b3c42b94bc5ae3d17a817398566a2953251eb91697d67278145df9a4b917bcca1bf211780b22f4caacfcb7604c84f943d05f6fdf8edbd258d7d8dbf84f9d99e57472c5b1c2337d749a1f345e662e2536d23c7a63bbbbf00f8b5b0a2106a0342ab27b9a10b82e82668cd49e0cbb09d7be0217645f1dda3be59c8232fa290d34791cda52aa5b5cec6339ab96a2eb3f5328cc7c0e6717c2824344547a2ed518f6b2b4e4fe5b684596aa6a9d3988fc5d5ff4cb46cec99d951b8386b10949a163af974b7543df97b4882a4ed60e927a1deb67c5f814235bef65fea79a2c712815be7403c93a3707fb90d4604ec3a6a3b0928f253f6ab6bd56c958e026c8c58172c4ac2a3efe2ecd5cea70c8313f9ac2d638bc296ba99e2ca86d2fd06b5402cdcddc3f3c9845d5ae77f6f36963b91e8f6cdccd17abe8d40ed02463af4bb0e496344f350097f1cc13313fa1e172b63556ed2b8a8121c01a5fb343ff7767821626fc49b0d6bd522e1c9bf137d5a5bccb4bc8dbb64c83a82ef6c2894f3896c9f6bf0c3764011d53eeb6db9ea9dae22d3ebcca4942d5828c0bca0d9ea37701d5a06c066ac4fe318e11e9c0d6c658ac810fb5d7836cfffe4ccbb0934e5567d74695980a156d4bf1c18861c5a29ccd349999dc20562d00e1f6c1851ae563541086438d60b975c8ceb466414ff60efa0b2dee790fd0659ffa98b92414c13d5a6825368f56c4984412205041cd8e006c7127d4395ecdffb5addf80ef938ce54a367154c4fc286d5f969325c12b13655a9a956dd3b98281f537e837669fc55d8930676e807aa8cd046e0f4583d59f86cb99f3f7a7ddde1fb39111fdec7677d2fee4b8f4814a5def5ebcc67c653384ce80eaffd880405f7edf8fd3ea049f040595df4a75e2f892e7a85e0ba351fb8d263bfff7168bb85017b360fcd2ba89346682a6ea7ccc46afbdb5ab444e3f477238b2ab503bde914d3cf1789539cde9c0621152cd97bff9f235d88a1ef4ea4309db3a05d401af7fb82784b050ef529dab4f1f003eb29710a962f7538c521e617e2f0efac36182d09985e1d725cc38c3833a53742a02f76fb2854a9e45f0febacf3bda83f11183ef5b9fef02ebcdf56d4104b175bad937d8f61964f97d673577cdcbbb48d8eb62b063ee6563b9ff053719baff871bcd83822d865b2f7ef023076425ac5cd71b1f2309de0c6f14cc9c4d3e8fad945f756a7c8a084ea1bfdf5ac6e740043e7f7bdaca06774b084ae314c2636529d4fdcd965c7f8c07156572620b827d694efdc9d2bfc5aa9391220a83765f2c71fcd48d4acaed60afb53d1013fa3b15e948ec4159f7d130ef85b594018346e99034c18738285223ea53a6b1d5cf11a607de2e19608ba03ec970a915b773824261f3fc931dd6d3b934d89f07baf14776314c3eeb8cd0537ef5736f565fbd14e520d4ab2f77ed9597b76ff91f8d1f99ebd6e473efda7accb273975a06944d1037032129992b994ca791a09b4d83980a1e494b0f97098df5f6fb6bbb02722adb11dc319c565c2c363cbd19d9fb3efb4613b62d6584cd53f7bd80e3e89304f444ce9dd1835661e3bb4de02ccf568a2a5daaf0d56898d4286c3fb62e22af62d7ac318685834467f337561dde2e0c1e2827cdffcf42c17728ee64b3ff4ccc0227590badd0bd7e448b8cca0892d6a5e0130d2ac665f47c6b28daa101c1b319869bdd39fa924d6d9ba7d72feda5f21ac78641c7d4801d41c7879721b3be4dab40d9c4a78552440101f373489cc5240b0144a9ce32691a784b6dfe971a21bb5980ff67da2d1bb90b223c9e192a39c1aeadd1f5c790811079c0b51a97105c99b6f95d71bb3ea47c33d9dcb0a53c929c44499e184a3cd722c908d3b0d157e28ffdeb2ed7192e780d96a7a2f0fd5a87bdc973e049da0caf931f26f5a21813e2e602ceb2259997e0205ce48fd9424bd6d4d75dd4301f429ee30745cd839a40dbeab4c3db2f0f10bbaea071ca41d1392385681730a3678a5f60f604dbe19cb9d7dd234337e327451b8cc65394af399432ef7fc3765d055874ebdca14e5999292d6f72f31e92bacf25db5ef8f5212952c1910de06ddbe1687a0e1837922f2228289916ed3aeb7b9cc24da3ae47139e371930afa6d3573df6732c26c0c7ae06d9cedfa77160711bcb06e6553338deae4c5731cf53cc154113096d02f3036d7d9edfcdc331e4bb860c5208489212e904eab70e7f860b0379895cbdecbf7a0b7a25e5b853c7dbe08a4e296a30afec8cf5a9f6ea4aef32a508655d539a770b21e660c9ee1d7688c56abeb7cf1afccc8d59780cf26312589e0c8e1bc00ad7b1325cd9a5dd69246e0b33407c381ea09265154aec297e4ccdf9785a1042a83e77c13d4ce4360782f2428f9916b5cd123b089eb683d30c1e895b9944aa905a1a5b52301d8cc5e4741834ead6ebdb5dc05c9c49c5e883e99d40b9838037beaf876534d747856103e59caf6266fbbe760b6ef83d004634b74f14f8eb4aef93c4cc9cbbd78d83d532c70feef51ea3f170b25d81a6a9b074bfca7e9b3771bf83517e0dd9d0600f70b86b20f61fe36076f8bada334b2390fa954973bc901619a3cfd039349cb328625f495ab288dbdd6dbfd022c2a83f59e0b998619a12e35891b5ae9e83a71765507b4a571cd2241e5885c705244c1022688bef7c5065fbcf219fc01753adb611b3fbc09403dcb10a4f99d788667eff75fa27074ca8481a633530e26163ccf7dada049d23e717e067b6fa5b2f652bc50abda9e7ccdc5f2f3c35ecc2c4431c819c9691be4422e379750774e9f39dae06f26423c8a4278789c9f3111b43f6dd25b0ad47c4cc5fda3f3ed82079c9366e0adced883488f429c1d7e1b351fd0bb204dd7977ef224c4df6d7a5f7697bc6500a7d03a8a914154779fa7092bf1be6bad4092367ce5d295a5d5d0e7c469f372ca2011d612637025e89f178ae9ada0c5b73bcb7d7c034ff595263cd4216e3c76ba5f3d81932a088a90bf8043e877e299c670ef1622a098d5519d9adc4ee7d4cd00e5934a4375fa83fdb81214b892482b31bdde59a70aaf25cb7f417c3a2a91c4e54b48149f6c41d9d396ee6ff13e3028c64a7c9b1f2e7c6e67184a3d52d6f570db3d225c947423c4c6533f22df57d15c5e5a3183422bd378b06fe4732a9401dcb19840fb8fa5c50a0ff497fef362c507753e46b8881d3e767f3b1d893a3805941c94f2efa05ce34b9ea81d716984af6834230d4707a87089d40779503ee6a9bb245d7d997f14acb80e89731c042bbbbe3dcd05177b0ee0eec23455830ef5b65aca357f2b0b887e0b9821c0", 0x1000}, {&(0x7f0000000340)="b768eb20304f2fdc5a9694a4867840d93170ca1a86406f", 0xfffffec0}], 0x4, 0x0, 0x0, 0x8010}, 0x0)
sendmmsg(r9, &(0x7f0000003b00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x3, 0x0)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000f00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r10}, 0x10)
r11 = dup2(r9, r8)
setsockopt$sock_attach_bpf(r8, 0x1, 0x21, &(0x7f0000000080), 0x4)
sendmmsg$unix(r11, &(0x7f0000001340)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{&(0x7f0000000400)=@abs, 0x6e, &(0x7f0000000140)=[{&(0x7f0000000540)="ce966893ffb05ffac67725c545826081671e1f50a2f88e2bbe535fe73b6b2333ad91d82dd7c4a8aa9173460b74355ef25afb06273a9681ef7a882a6a55ccb3d3f9a41fe75fbdd647210d3db8e24c9e2b121f6a5f0e4c9256f2c458b547799229a71603df174364af938e18e4b94f01d061ded21a45cdc1ed4a0ceff8e39388d28484123f0ba51b43bf9e07319beeaa63a38101a092397d4f8a7def986475167d66b6755c6262a4c38cfeb29e268f53", 0xaf}, {&(0x7f0000000600)="478497813717f9d817936bd52fe6e6a5a7cee00fcf6063fa6664fccca256fad90ea34e3c78ff04040a5d2c06318825713c5851503e153a331a93579725b8afbee3a827841febbdbf58470345d71ad620923c72ccc6bd4ffb5ff6ee6e9336efc0aa1080e0", 0x64}, {&(0x7f0000001480)="84a13f5db46521d1c680585a417396fa3a38c1036194db971226ddb9a710bbcf04ec5db1348729a48e71ebe5b6977b0d5c27b8991a0256aa96dc6fe189631dde4ef5c8edde469d61a4cd2a16bd7a17f104aac6755c389937c8a6bccb31793727f3bad854fb9e65d04cedaab0547ff72493128387cf385153f6bd2b9bebd164270a2a553631558dfa80fffab821efabc00067a714f433bc044452352b5874d698d1e4c66673dfa299c6ec391f011633bdc00a680a4cdd47bbca124d193178e377352d0225d8e7dbf859d91b9c99dd4d24b9a134ca2e693d01054cabf1d7c3a70b8e7a5045523e761ac7682351fa54", 0xffc6}, {&(0x7f0000000780)="0100f94945de15ae1b313eaa6869b3e26002c9d0d6c7f71ea65cc6e63e970913fdf880198807394b7254e54f274d4a18af84c893d9f8415cea7ad9def74b81ebcc00dabea85cc664b083d7a58a822bc720236070c9d1ed132adc1f41842a9404143a4b4d5fadbb81f57023a5e8396a50ebe5329990e52a0ff67e8174db0aab6dfe2e0eb2edf960", 0x87}], 0x4, &(0x7f0000000680)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xffffffffffffffff}}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x100}}, {{&(0x7f0000000c40)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000cc0)=[{&(0x7f0000000d40)="c485ae5463e7373921aedf2b7f3ae0a8ca79444055ffcf6255979ed13acbb80c6c24ae23d9cd68c29e71179e603b5a7717414c78fd06b7e6fba140d99fb90339afecfcf70226b4c3cb279deade7ea2faac187730d9c71b13baa3785a902a13a2a6eaf38897f74e3f2d95b85e3ed05fcdf8b0f816609ec82877bb99096f1ea9cabeaca507ca87e4d1d4639bef", 0x8c}, {&(0x7f0000000e00)="8b98cc2669d0a84b16b18485e3b802e1a345a2f3c74c6e268b06dafc8d209377a5f6f4f27f66694c92d88c41c6c52719f4111a4789847b715f48d7bfdc03b4349a0943c963db4bc0333edc", 0x4b}], 0x2, &(0x7f0000000ec0)=ANY=[@ANYBLOB="30000002b5371de60000000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32], 0x30, 0xc040041}}, {{0x0, 0x0, &(0x7f0000000fc0)=[{&(0x7f0000000f00)="893958bb763d38091e7e242e6b89748e3ae0e526db912907f759bc2da4327401b44bb9cbd9420fd576eeac9c46c7d3a21d84aa3bbb63db4454d363cb9d87a0a72ec46625171cadc7be01cdcfc4bd17e09d0ffe8e3d65175491881c81a2ef8257beea93031b11889c28a46ec4e5bd48f92f08a9b66a331e00e0b1d5e413b9b1b110fc3619d4ce658d63b1ebca69fca2afa68a8ac0d1339abf12ef5bc3aa5f10223527c3f42aa9d10b4459ed9a54e16836", 0xb0}], 0x1, &(0x7f0000001280)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xc0}}], 0x5, 0x0)
sendmsg$NL80211_CMD_STOP_P2P_DEVICE(r11, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000e80)={0x20, r7, 0x400, 0x70bd2a, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x0, 0x55}}}}, [""]}, 0x20}, 0x1, 0x0, 0x0, 0x4000004}, 0x20000009)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000540)=@raw={'raw\x00', 0x8, 0x3, 0x4d8, 0x340, 0x11, 0x148, 0x340, 0x0, 0x440, 0x2a8, 0x2a8, 0x440, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x0, 0x3, 0x7}}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00'}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x538)
fcntl$getownex(r5, 0x10, &(0x7f0000000200))
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r5, 0xc400941d, &(0x7f0000000a80)={0x0, 0x7fffffff, 0x2, 0x1})
r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='io.stat\x00', 0x275a, 0x0)
write$binfmt_script(r12, &(0x7f0000000040), 0xfecc)

kernel console output (not intermixed with test programs):

SCALL_64_after_hwframe+0x61/0xcb
[ 1112.633385][T26297] RIP: 0033:0x7fc12f08ab59
[ 1112.637646][T26297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1112.657202][T26297] RSP: 002b:00007fc12e30c048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1112.665427][T26297] RAX: ffffffffffffffda RBX: 00007fc12f21af60 RCX: 00007fc12f08ab59
[ 1112.673238][T26297] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[ 1112.681049][T26297] RBP: 00007fc12e30c0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1112.688869][T26297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1112.696670][T26297] R13: 000000000000000b R14: 00007fc12f21af60 R15: 00007ffef90feec8
[ 1112.743514][T26300] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6870'.
[ 1112.743686][T12060] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1112.763233][T12060] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1112.783104][T12060] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1112.785666][T26300] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1112.792054][T12060] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1112.806995][T26300] IPv6: NLM_F_CREATE should be set when creating new route
[ 1112.815746][T12060] usb 5-1: config 0 descriptor??
[ 1112.823544][T26304] input: syz1 as /devices/virtual/input/input124
[ 1112.837751][T26300] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=26300 comm=syz.0.6870
[ 1112.872901][T26300] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6870'.
[ 1112.897240][T18602] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1112.917068][T18602] usb 3-1: config 0 has no interfaces?
[ 1113.402187][T18602] usb 3-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[ 1113.500720][T18602] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1113.606309][T18602] usb 3-1: Product: syz
[ 1113.680562][T18602] usb 3-1: Manufacturer: syz
[ 1113.685248][T18602] usb 3-1: SerialNumber: syz
[ 1113.687793][T12060] usbhid 5-1:0.0: can't add hid device: -71
[ 1113.695613][T12060] usbhid: probe of 5-1:0.0 failed with error -71
[ 1113.698801][T18602] usb 3-1: config 0 descriptor??
[ 1113.713499][T12060] usb 5-1: USB disconnect, device number 30
[ 1114.518016][T26358] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6887'.
[ 1114.537246][T26358] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1114.726106][T12060] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[ 1115.273571][T26369] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6891'.
[ 1115.297629][T12060] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1115.308458][T12060] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1115.318164][T12060] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1115.327060][T12060] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1115.335697][T12060] usb 1-1: config 0 descriptor??
[ 1115.373811][T12062] usb 3-1: USB disconnect, device number 22
[ 1115.432255][T26373] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[ 1115.461614][   T24] audit: type=1400 audit(1721607006.824:4137): avc:  denied  { read write } for  pid=26374 comm="syz.2.6894" name="uhid" dev="devtmpfs" ino=169 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[ 1115.463154][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1115.496489][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1115.504214][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1115.511752][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1115.519169][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1115.526830][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1115.534303][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1115.541767][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1115.553167][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1115.608478][   T24] audit: type=1400 audit(1721607006.824:4138): avc:  denied  { open } for  pid=26374 comm="syz.2.6894" path="/dev/uhid" dev="devtmpfs" ino=169 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[ 1115.611929][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1115.782123][T26389] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6896'.
[ 1116.059722][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1116.067100][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1116.075981][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1116.086234][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1116.093620][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1116.101094][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1116.108415][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1116.115630][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1116.122956][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1116.130209][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1116.137574][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1116.144840][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1116.152125][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1116.159440][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1116.166657][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1116.174074][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1116.181224][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1116.188444][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1116.195669][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1116.202858][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1116.202876][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1116.202891][ T2822] hid-generic 0000:0000:0000.007F: unknown main item tag 0x0
[ 1116.218400][ T2822] hid-generic 0000:0000:0000.007F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1116.313978][T26397] tipc: Started in network mode
[ 1116.320356][T26397] tipc: Own node identity ac1414aa, cluster identity 4711
[ 1116.327608][T26397] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1116.345441][T26357] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1116.409918][T26399] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[ 1116.495525][T26399] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue
[ 1116.630097][T26394] FAULT_INJECTION: forcing a failure.
[ 1116.630097][T26394] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1116.954654][T26394] CPU: 1 PID: 26394 Comm: syz.2.6898 Not tainted 5.10.221-syzkaller-01371-g1240968f7644 #0
[ 1116.964466][T26394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1116.974366][T26394] Call Trace:
[ 1116.977521][T26394]  dump_stack_lvl+0x1e2/0x24b
[ 1116.981998][T26394]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 1116.987390][T26394]  ? preempt_schedule_irq+0xe7/0x140
[ 1116.992497][T26394]  dump_stack+0x15/0x17
[ 1116.996488][T26394]  should_fail+0x3c6/0x510
[ 1117.000768][T26394]  should_fail_usercopy+0x1a/0x20
[ 1117.005601][T26394]  _copy_to_user+0x20/0x90
[ 1117.009853][T26394]  simple_read_from_buffer+0xc7/0x150
[ 1117.015147][T26394]  proc_fail_nth_read+0x1a3/0x210
[ 1117.020006][T26394]  ? security_file_permission+0x7b/0xb0
[ 1117.025402][T26394]  ? proc_fault_inject_write+0x390/0x390
[ 1117.030857][T26394]  ? security_file_permission+0x86/0xb0
[ 1117.036240][T26394]  ? rw_verify_area+0x1c3/0x360
[ 1117.041063][T26394]  ? proc_fault_inject_write+0x390/0x390
[ 1117.046528][T26394]  vfs_read+0x204/0xbb0
[ 1117.050516][T26394]  ? kernel_read+0x70/0x70
[ 1117.054769][T26394]  ? __kasan_check_write+0x14/0x20
[ 1117.059713][T26394]  ? mutex_lock+0xa5/0x110
[ 1117.063963][T26394]  ? mutex_trylock+0xa0/0xa0
[ 1117.068392][T26394]  ? __fdget_pos+0x2e7/0x3a0
[ 1117.072822][T26394]  ? ksys_read+0x77/0x2c0
[ 1117.076977][T26394]  ksys_read+0x199/0x2c0
[ 1117.081058][T26394]  ? vfs_write+0xe70/0xe70
[ 1117.085317][T26394]  ? fpu__clear_all+0x20/0x20
[ 1117.089829][T26394]  ? __kasan_check_read+0x11/0x20
[ 1117.094683][T26394]  __x64_sys_read+0x7b/0x90
[ 1117.099026][T26394]  do_syscall_64+0x34/0x70
[ 1117.103285][T26394]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1117.109007][T26394] RIP: 0033:0x7fea496bc63c
[ 1117.113253][T26394] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[ 1117.132699][T26394] RSP: 002b:00007fea4893f040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1117.140943][T26394] RAX: ffffffffffffffda RBX: 00007fea4984df60 RCX: 00007fea496bc63c
[ 1117.148837][T26394] RDX: 000000000000000f RSI: 00007fea4893f0b0 RDI: 0000000000000006
[ 1117.156659][T26394] RBP: 00007fea4893f0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1117.164467][T26394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1117.172278][T26394] R13: 000000000000000b R14: 00007fea4984df60 R15: 00007ffcebda8628
[ 1117.403462][T12062] tipc: 32-bit node address hash set to aa1414ac
[ 1118.111197][T12060] uclogic 0003:256C:006D.0080: failed retrieving Huion firmware version: -71
[ 1118.178755][T12060] uclogic 0003:256C:006D.0080: failed probing parameters: -71
[ 1118.235796][T12060] uclogic: probe of 0003:256C:006D.0080 failed with error -71
[ 1118.267138][T12060] usb 1-1: USB disconnect, device number 12
[ 1118.289613][T26429] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv1,bsddf,barrier=0x0000000000000000,norecovery,data_err=ignore,resuid=0x0000000000000000,nodelalloc,acl,noinit_itable,,errors=continue
[ 1118.806362][T26444] netlink: 'syz.3.6911': attribute type 3 has an invalid length.
[ 1118.831672][T26453] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled
[ 1118.939153][T26453] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue
[ 1118.968050][T26462] tipc: Enabling of bearer <udp:s> rejected, already enabled
[ 1119.031532][T12060] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[ 1119.308848][T26467] xt_bpf: check failed: parse error
[ 1119.583980][T26474] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1119.631803][T12060] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1119.661880][T12060] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1119.676073][T26478] tmpfs: Unknown parameter 'hugKmaµlways'
[ 1119.694206][T12060] usb 2-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[ 1119.705700][T12060] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1119.719447][T12060] usb 2-1: config 0 descriptor??
[ 1119.787956][T26482] tap0: tun_chr_ioctl cmd 1074025677
[ 1119.793359][T26482] tap0: linktype set to 65534
[ 1119.800963][   T24] audit: type=1400 audit(1721607011.380:4139): avc:  denied  { mac_admin } for  pid=26481 comm="syz.2.6922" capability=33  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1119.805692][T26482] SELinux:  Context system_u:object_r:klogd_var_run_t:s0 is not valid (left unmapped).
[ 1119.837916][   T24] audit: type=1400 audit(1721607011.422:4140): avc:  denied  { relabelto } for  pid=26481 comm="syz.2.6922" name="vga_arbiter" dev="devtmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 trawcon="system_u:object_r:klogd_var_run_t:s0"
[ 1119.891930][   T24] audit: type=1400 audit(1721607011.422:4141): avc:  denied  { associate } for  pid=26481 comm="syz.2.6922" name="vga_arbiter" dev="devtmpfs" ino=2 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 srawcon="system_u:object_r:klogd_var_run_t:s0"
[ 1120.169840][T12060] isku 0003:1E7D:319C.0081: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.1-1/input0
[ 1120.365224][T12060] isku 0003:1E7D:319C.0081: couldn't init struct isku_device
[ 1120.372521][T12060] isku 0003:1E7D:319C.0081: couldn't install keyboard
[ 1120.402933][T12060] isku: probe of 0003:1E7D:319C.0081 failed with error -32
[ 1120.433945][T26500] netlink: 52 bytes leftover after parsing attributes in process `syz.0.6925'.
[ 1120.863456][T12060] usb 2-1: USB disconnect, device number 19
[ 1121.893660][T18602] usb 4-1: new high-speed USB device number 119 using dummy_hcd
[ 1122.791209][T26533] netlink: 76 bytes leftover after parsing attributes in process `syz.1.6935'.
[ 1123.108652][T26540] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6939'.
[ 1123.257349][T26546] syz.1.6938[26546] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1123.257697][T26546] syz.1.6938[26546] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1123.519106][T18602] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1123.694993][T18602] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1123.705011][T18602] usb 4-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00
[ 1123.714020][T18602] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1123.722724][T18602] usb 4-1: config 0 descriptor??
[ 1123.880244][T18601] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[ 1123.910692][T26558] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6945'.
[ 1124.201879][T26570] netlink: 'syz.2.6949': attribute type 4 has an invalid length.
[ 1124.242109][T18602] usbhid 4-1:0.0: can't add hid device: -71
[ 1124.249812][T18602] usbhid: probe of 4-1:0.0 failed with error -71
[ 1124.258093][T18601] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1124.276555][T18601] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1124.295283][T18602] usb 4-1: USB disconnect, device number 119
[ 1124.309306][T18601] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1124.324897][T18601] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1124.336544][T18601] usb 1-1: config 0 descriptor??
[ 1124.748038][T26575] netlink: 312 bytes leftover after parsing attributes in process `syz.4.6950'.
[ 1124.833867][T18601] hid (null): bogus close delimiter
[ 1124.911560][   T24] audit: type=1400 audit(1721607016.745:4142): avc:  denied  { read } for  pid=26598 comm="syz.1.6952" name=".log" dev="incremental-fs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1124.942444][   T24] audit: type=1400 audit(1721607016.766:4143): avc:  denied  { open } for  pid=26598 comm="syz.1.6952" path="/42/file0/.log" dev="incremental-fs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1125.734313][   T24] audit: type=1400 audit(2000000000.188:4144): avc:  denied  { map } for  pid=26549 comm="syz.0.6942" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[ 1125.782046][T26616] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6958'.
[ 1126.134259][   T24] audit: type=1400 audit(2000000001.123:4145): avc:  denied  { mounton } for  pid=26630 comm="syz.1.6963" path="/44/file0" dev="tmpfs" ino=265 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[ 1126.347207][ T2822] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[ 1126.737785][ T2822] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1126.758488][ T2822] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1126.775972][ T2822] usb 5-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00
[ 1126.795192][T18601] usb 1-1: string descriptor 0 read error: -71
[ 1126.812672][T26647] xt_bpf: check failed: parse error
[ 1126.814347][T18601] uclogic 0003:256C:006D.0082: failed retrieving string descriptor #200: -71
[ 1126.824371][ T2822] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1126.831582][T18601] uclogic 0003:256C:006D.0082: failed retrieving pen parameters: -71
[ 1126.842058][T18601] uclogic 0003:256C:006D.0082: failed probing pen v2 parameters: -71
[ 1126.849986][T18601] uclogic 0003:256C:006D.0082: failed probing parameters: -71
[ 1126.861554][T18601] uclogic: probe of 0003:256C:006D.0082 failed with error -71
[ 1126.870829][T18601] usb 1-1: USB disconnect, device number 13
[ 1126.888970][ T2822] usb 5-1: config 0 descriptor??
[ 1126.996993][T26653] EXT4-fs (loop0): Ignoring removed orlov option
[ 1127.014973][T26656] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6970'.
[ 1127.046008][T26653] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[ 1127.175336][T26653] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,sb=0xffffffffffffffe0,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue
[ 1127.392250][   T24] audit: type=1400 audit(2000000002.435:4146): avc:  denied  { ioctl } for  pid=26659 comm="syz.1.6971" path="/dev/usbmon0" dev="devtmpfs" ino=134 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1127.737928][ T2822] usbhid 5-1:0.0: can't add hid device: -71
[ 1127.743783][ T2822] usbhid: probe of 5-1:0.0 failed with error -71
[ 1127.797482][ T2822] usb 5-1: USB disconnect, device number 31
[ 1127.894229][T26672] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6973'.
[ 1127.907253][T26672] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1127.914352][T26672] IPv6: NLM_F_CREATE should be set when creating new route
[ 1127.922831][T26672] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=26672 comm=syz.0.6973
[ 1127.939927][T26672] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6973'.
[ 1128.280992][T18598] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[ 1128.663854][T18598] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1128.684740][T18598] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1128.704736][T18598] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1128.721958][T18598] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1128.777050][   T24] audit: type=1400 audit(2000000003.894:4147): avc:  denied  { read write } for  pid=26685 comm="syz.2.6979" name="vga_arbiter" dev="devtmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 trawcon="system_u:object_r:klogd_var_run_t:s0"
[ 1128.807563][T18598] usb 1-1: config 0 descriptor??
[ 1128.856735][T26696] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6981'.
[ 1128.894427][   T24] audit: type=1400 audit(2000000003.936:4148): avc:  denied  { open } for  pid=26685 comm="syz.2.6979" path="/dev/vga_arbiter" dev="devtmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 trawcon="system_u:object_r:klogd_var_run_t:s0"
[ 1129.262204][T18598] hid (null): bogus close delimiter
[ 1130.242200][T26729] netlink: 92 bytes leftover after parsing attributes in process `syz.2.6987'.
[ 1130.315373][T26731] device wireguard0 entered promiscuous mode
[ 1131.052932][T18598] usb 1-1: string descriptor 0 read error: -71
[ 1131.081482][T18598] uclogic 0003:256C:006D.0083: failed retrieving string descriptor #200: -71
[ 1131.094391][T18598] uclogic 0003:256C:006D.0083: failed retrieving pen parameters: -71
[ 1131.111583][T18598] uclogic 0003:256C:006D.0083: failed probing pen v2 parameters: -71
[ 1131.137878][T18598] uclogic 0003:256C:006D.0083: failed probing parameters: -71
[ 1131.166145][T18598] uclogic: probe of 0003:256C:006D.0083 failed with error -71
[ 1131.235943][T18598] usb 1-1: USB disconnect, device number 14
[ 1131.900332][T26762] attempt to access beyond end of device
[ 1131.900332][T26762] loop0: rw=2049, want=241, limit=128
[ 1131.998345][T26751] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1132.014913][T26751] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1132.026337][T26751] F2FS-fs (loop4): invalid crc value
[ 1132.034840][T26770] netlink: 182 bytes leftover after parsing attributes in process `syz.1.6999'.
[ 1132.039662][T26751] F2FS-fs (loop4): invalid crc_offset: 33558524
[ 1132.049909][T26751] F2FS-fs (loop4): Failed to get valid F2FS checkpoint
[ 1132.233998][ T2822] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[ 1132.302529][T26780] binder: 26779:26780 unknown command 0
[ 1132.308019][T26780] binder: 26779:26780 ioctl c0306201 20000480 returned -22
[ 1132.332114][T26783] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1132.481698][T12060] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[ 1132.613621][   T24] audit: type=1400 audit(2000000007.915:4149): avc:  denied  { create } for  pid=26788 comm="syz.2.7006" name=E91F7189591E9233614B scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1
[ 1132.618204][T26789] netlink: 48 bytes leftover after parsing attributes in process `syz.2.7006'.
[ 1132.635926][ T2822] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1132.655517][    T9] attempt to access beyond end of device
[ 1132.655517][    T9] loop0: rw=1, want=153, limit=128
[ 1132.663037][T18595] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[ 1132.666857][ T2822] usb 1-1: config 0 has no interfaces?
[ 1132.834256][ T2822] usb 1-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[ 1132.843272][ T2822] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1132.851218][ T2822] usb 1-1: Product: syz
[ 1132.855304][ T2822] usb 1-1: Manufacturer: syz
[ 1132.859749][ T2822] usb 1-1: SerialNumber: syz
[ 1132.865524][ T2822] usb 1-1: config 0 descriptor??
[ 1132.910391][T12060] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1132.922240][T12060] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1132.932170][T12060] usb 5-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00
[ 1132.941081][T12060] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1132.949555][T12060] usb 5-1: config 0 descriptor??
[ 1132.967521][T18598] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[ 1133.015568][T18595] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1133.026522][T18595] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1133.036975][T18595] usb 2-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[ 1133.045856][T18595] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1133.055250][T18595] usb 2-1: config 0 descriptor??
[ 1133.108250][   T24] audit: type=1400 audit(2000000008.440:4150): avc:  denied  { mounton } for  pid=26761 comm="syz.0.6998" path="/113/file0/file0" dev="loop0" ino=1049019 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=file permissive=1
[ 1133.118032][T26761] attempt to access beyond end of device
[ 1133.118032][T26761] loop0: rw=524288, want=193, limit=128
[ 1133.142465][T26761] attempt to access beyond end of device
[ 1133.142465][T26761] loop0: rw=0, want=177, limit=128
[ 1133.153001][T26761] attempt to access beyond end of device
[ 1133.153001][T26761] loop0: rw=0, want=177, limit=128
[ 1133.163915][T26761] attempt to access beyond end of device
[ 1133.163915][T26761] loop0: rw=0, want=161, limit=128
[ 1133.174834][T26761] attempt to access beyond end of device
[ 1133.174834][T26761] loop0: rw=0, want=161, limit=128
[ 1133.185420][T26761] attempt to access beyond end of device
[ 1133.185420][T26761] loop0: rw=0, want=161, limit=128
[ 1133.196329][T26761] attempt to access beyond end of device
[ 1133.196329][T26761] loop0: rw=0, want=161, limit=128
[ 1133.207026][T26761] attempt to access beyond end of device
[ 1133.207026][T26761] loop0: rw=0, want=161, limit=128
[ 1133.234038][   T24] audit: type=1400 audit(2000000008.566:4151): avc:  denied  { create } for  pid=26795 comm="syz.3.7009" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1133.254603][T18599] usb 1-1: USB disconnect, device number 15
[ 1133.329696][T18598] usb 3-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[ 1133.339659][T18598] usb 3-1: config 9 has no interfaces?
[ 1133.345094][T18598] usb 3-1: New USB device found, idVendor=11c2, idProduct=2208, bcdDevice= 0.00
[ 1133.354301][T18598] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1133.501438][T12060] usbhid 5-1:0.0: can't add hid device: -71
[ 1133.503821][T18595] isku 0003:1E7D:319C.0084: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.1-1/input0
[ 1133.507347][T12060] usbhid: probe of 5-1:0.0 failed with error -71
[ 1133.525368][T12060] usb 5-1: USB disconnect, device number 32
[ 1133.590302][ T2822] hid-generic 0000:0000:0000.0085: unknown main item tag 0x0
[ 1133.597782][ T2822] hid-generic 0000:0000:0000.0085: unknown main item tag 0x0
[ 1133.605573][ T2822] hid-generic 0000:0000:0000.0085: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[ 1133.643944][T18598] usb 3-1: string descriptor 0 read error: -71
[ 1133.651068][T18598] usb 3-1: USB disconnect, device number 23
[ 1133.701285][T18595] isku 0003:1E7D:319C.0084: couldn't init struct isku_device
[ 1133.701331][T25943] usb 4-1: new high-speed USB device number 120 using dummy_hcd
[ 1133.708614][T18595] isku 0003:1E7D:319C.0084: couldn't install keyboard
[ 1133.714341][T18595] isku: probe of 0003:1E7D:319C.0084 failed with error -32
[ 1134.005635][T26821] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.7017: casefold flag without casefold feature
[ 1134.019043][T26821] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #2: comm syz.4.7017: missing EA_INODE flag
[ 1134.031590][T26821] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.7017: error while reading EA inode 2 err=-117
[ 1134.044272][T26821] EXT4-fs (loop4): 1 orphan inode deleted
[ 1134.049999][T26821] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1134.084999][T18595] usb 2-1: USB disconnect, device number 20
[ 1134.101157][T25943] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1134.115378][T25943] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1134.125488][T25943] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1134.135038][T25943] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1134.147942][T25943] usb 4-1: config 0 descriptor??
[ 1134.671928][   T24] audit: type=1326 audit(2000000010.078:4152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26836 comm="syz.0.7020" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc12f08ab59 code=0x0
[ 1134.790614][T26840] 9pnet: Insufficient options for proto=fd
[ 1134.825134][   T24] audit: type=1400 audit(2000000010.214:4153): avc:  denied  { write } for  pid=26836 comm="syz.0.7020" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1134.859032][T26842] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[ 1135.196485][T12060] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[ 1135.384459][T26852] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7025'.
[ 1135.393410][T26852] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7025'.
[ 1135.406018][T25943] usb 4-1: string descriptor 0 read error: -71
[ 1135.425245][T12060] usb 2-1: Using ep0 maxpacket: 16
[ 1135.431550][T25943] uclogic 0003:256C:006D.0086: failed retrieving string descriptor #200: -71
[ 1135.451856][T25943] uclogic 0003:256C:006D.0086: failed retrieving pen parameters: -71
[ 1135.461030][T25943] uclogic 0003:256C:006D.0086: failed probing pen v2 parameters: -71
[ 1135.477476][T25943] uclogic 0003:256C:006D.0086: failed probing parameters: -71
[ 1135.511698][T25943] uclogic: probe of 0003:256C:006D.0086 failed with error -71
[ 1135.524575][T25943] usb 4-1: USB disconnect, device number 120
[ 1135.548960][T12060] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 1135.560200][T12060] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 1135.569385][T12060] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1135.578386][T12060] usb 2-1: config 0 descriptor??
[ 1136.330664][T26849] udc-core: couldn't find an available UDC or it's busy
[ 1136.339566][T26849] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1136.418264][T26885] tipc: Started in network mode
[ 1136.423073][T26885] tipc: Own node identity 00000000000000000000000000000001, cluster identity 4711
[ 1136.432253][T26885] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[ 1136.463545][T12060] usbhid 2-1:0.0: can't add hid device: -71
[ 1136.469584][T12060] usbhid: probe of 2-1:0.0 failed with error -71
[ 1136.484164][T12060] usb 2-1: USB disconnect, device number 21
[ 1136.947321][T26908] netlink: 92 bytes leftover after parsing attributes in process `syz.0.7040'.
[ 1137.888968][T26921] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1137.897975][T26921] ext4 filesystem being mounted at /69/bus supports timestamps until 2038 (0x7fffffff)
[ 1139.760610][T26959] EXT4-fs (loop4): Mount option "nouser_xattr" will be removed by 3.5
[ 1139.760610][T26959] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[ 1139.760610][T26959] 
[ 1139.985339][T26959] EXT4-fs error (device loop4) in ext4_do_update_inode:5275: error 27
[ 1140.003344][T26959] EXT4-fs (loop4): Remounting filesystem read-only
[ 1140.023086][T26959] EXT4-fs error (device loop4): ext4_dirty_inode:6079: inode #3: comm syz.4.7056: mark_inode_dirty error
[ 1140.065992][T26959] EXT4-fs error (device loop4) in ext4_do_update_inode:5275: error 27
[ 1140.131751][T26959] EXT4-fs error (device loop4): __ext4_ext_dirty:182: inode #3: comm syz.4.7056: mark_inode_dirty error
[ 1140.160788][T26959] Quota error (device loop4): write_blk: dquota write failed
[ 1140.183026][T26959] Quota error (device loop4): qtree_write_dquot: Error -27 occurred while creating quota
[ 1140.230245][T26959] EXT4-fs error (device loop4): ext4_acquire_dquot:6219: comm syz.4.7056: Failed to acquire dquot type 0
[ 1140.280970][T26959] EXT4-fs (loop4): 1 truncate cleaned up
[ 1140.357050][T26959] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,nouser_xattr,
[ 1140.370508][T26977] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1140.427229][T26959] ext4 filesystem being mounted at /71/file1 supports timestamps until 2038 (0x7fffffff)
[ 1140.459409][T26978] netlink: 'syz.2.7059': attribute type 4 has an invalid length.
[ 1141.074043][T26985] tipc: Enabling of bearer <udp:s> rejected, already enabled
[ 1141.120186][   T24] audit: type=1326 audit(2000000016.849:4154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26986 comm="syz.1.7066" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0b6b05bb59 code=0x0
[ 1141.565658][T27006] device pim6reg1 entered promiscuous mode
[ 1142.304023][ T2822] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[ 1142.546706][T27024] FAULT_INJECTION: forcing a failure.
[ 1142.546706][T27024] name failslab, interval 1, probability 0, space 0, times 0
[ 1142.559327][T27024] CPU: 1 PID: 27024 Comm: syz.0.7075 Not tainted 5.10.221-syzkaller-01371-g1240968f7644 #0
[ 1142.559892][ T2822] usb 5-1: Using ep0 maxpacket: 16
[ 1142.569109][T27024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1142.569115][T27024] Call Trace:
[ 1142.569139][T27024]  dump_stack_lvl+0x1e2/0x24b
[ 1142.569151][T27024]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 1142.569164][T27024]  dump_stack+0x15/0x17
[ 1142.569176][T27024]  should_fail+0x3c6/0x510
[ 1142.569188][T27024]  ? fuse_get_req+0x3b3/0xa80
[ 1142.569201][T27024]  __should_failslab+0xa4/0xe0
[ 1142.569224][T27024]  should_failslab+0x9/0x20
[ 1142.618776][T27024]  kmem_cache_alloc+0x3d/0x2e0
[ 1142.623305][T27024]  fuse_get_req+0x3b3/0xa80
[ 1142.627675][T27024]  ? fuse_simple_request+0x1a10/0x1a10
[ 1142.632933][T27024]  ? fuse_do_ioctl+0x394/0x2770
[ 1142.637628][T27024]  ? __alloc_pages_nodemask+0xaf0/0xaf0
[ 1142.643009][T27024]  fuse_simple_request+0x124/0x1a10
[ 1142.648047][T27024]  ? fuse_put_request+0x2d0/0x2d0
[ 1142.652898][T27024]  ? gfp_pfmemalloc_allowed+0x120/0x120
[ 1142.658276][T27024]  ? __kasan_check_write+0x14/0x20
[ 1142.663223][T27024]  ? copy_page_from_iter+0x48b/0x6e0
[ 1142.668345][T27024]  fuse_do_ioctl+0x13fe/0x2770
[ 1142.672951][T27024]  ? __fsnotify_parent+0x4b9/0x6c0
[ 1142.677905][T27024]  ? fuse_write_inode+0x1e0/0x1e0
[ 1142.682758][T27024]  ? __x32_compat_sys_ioctl+0x90/0x90
[ 1142.683661][ T2822] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1142.687975][T27024]  ? has_cap_mac_admin+0x3c0/0x3c0
[ 1142.698450][ T2822] usb 5-1: config 0 has no interfaces?
[ 1142.702996][T27024]  ? selinux_file_alloc_security+0x120/0x120
[ 1142.703011][T27024]  ? current_in_userns+0x11a/0x180
[ 1142.703027][T27024]  fuse_ioctl_common+0x197/0x1b0
[ 1142.703049][T27024]  fuse_dir_ioctl+0x11a/0x140
[ 1142.728424][T27024]  ? fuse_rename_common+0x11f0/0x11f0
[ 1142.733621][T27024]  __se_sys_ioctl+0x114/0x190
[ 1142.738137][T27024]  __x64_sys_ioctl+0x7b/0x90
[ 1142.742735][T27024]  do_syscall_64+0x34/0x70
[ 1142.746991][T27024]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1142.752715][T27024] RIP: 0033:0x7fc12f08ab59
[ 1142.756984][T27024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1142.776604][T27024] RSP: 002b:00007fc12e30c048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1142.784840][T27024] RAX: ffffffffffffffda RBX: 00007fc12f21af60 RCX: 00007fc12f08ab59
[ 1142.792640][T27024] RDX: 0000000020002680 RSI: 000000005000940f RDI: 0000000000000006
[ 1142.800451][T27024] RBP: 00007fc12e30c0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1142.808347][T27024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1142.816176][T27024] R13: 000000000000000b R14: 00007fc12f21af60 R15: 00007ffef90feec8
[ 1142.817146][ T2822] usb 5-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[ 1142.833508][ T2822] usb 5-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[ 1142.841470][ T2822] usb 5-1: Product: syz
[ 1142.845525][ T2822] usb 5-1: SerialNumber: syz
[ 1142.850758][ T2822] usb 5-1: config 0 descriptor??
[ 1142.917289][   T24] audit: type=1400 audit(2000000018.738:4155): avc:  denied  { write } for  pid=27028 comm="syz.3.7077" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1143.264662][T27037] hub 6-0:1.0: USB hub found
[ 1143.269318][T27037] hub 6-0:1.0: 1 port detected
[ 1143.277024][T27037] Module has invalid ELF structures
[ 1143.282225][   T24] audit: type=1400 audit(2000000019.116:4156): avc:  denied  { sys_module } for  pid=27035 comm="syz.3.7078" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 1143.315211][   T24] audit: type=1400 audit(2000000019.116:4157): avc:  denied  { module_load } for  pid=27035 comm="syz.3.7078" path="/sys/kernel/notes" dev="sysfs" ino=1417 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[ 1143.422725][T12060] usb 5-1: USB disconnect, device number 33
[ 1143.617127][T18595] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[ 1144.551166][T18595] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1144.562383][T18595] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1280, setting to 1024
[ 1144.574200][T18595] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1144.588459][T18595] usb 1-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1144.597933][T18595] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1144.630951][T18595] usb 1-1: config 0 descriptor??
[ 1144.780972][T27040] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[ 1144.806650][    T9] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1145.235280][T27040] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev tmpfs, type tmpfs) errno=-22
[ 1145.350798][T18595] usbhid 1-1:0.0: can't add hid device: -71
[ 1145.356871][T18595] usbhid: probe of 1-1:0.0 failed with error -71
[ 1145.368506][T18595] usb 1-1: USB disconnect, device number 16
[ 1145.618316][T27093] hub 6-0:1.0: USB hub found
[ 1145.623773][T27093] hub 6-0:1.0: 1 port detected
[ 1145.923970][T27097] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1145.931119][T27097] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1145.939007][T27097] device bridge_slave_0 entered promiscuous mode
[ 1145.948179][T27095] netlink: 'syz.3.7094': attribute type 3 has an invalid length.
[ 1145.958709][T27097] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1145.965661][T27097] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1145.970141][ T2822] usb 5-1: new full-speed USB device number 34 using dummy_hcd
[ 1145.973436][T27097] device bridge_slave_1 entered promiscuous mode
[ 1146.034150][   T24] audit: type=1400 audit(2000000022.003:4158): avc:  denied  { setattr } for  pid=27105 comm="syz.3.7097" path="/dev/tty1" dev="devtmpfs" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1
[ 1146.054853][T27097] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1146.064378][T27097] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1146.064475][T27097] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1146.064485][T27097] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1146.118939][T12060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1146.126800][T12060] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1146.134815][T12060] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1146.155653][T25943] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1146.164048][T25943] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1146.170955][T25943] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1146.178673][T25943] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1146.187027][T25943] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1146.193935][T25943] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1146.205557][T25943] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1146.222647][T12062] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1146.284567][T18599] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1146.299328][T27097] device veth0_vlan entered promiscuous mode
[ 1146.305790][T18595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1146.315396][T18595] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1146.323146][T18595] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1146.337564][T12062] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1146.346909][T27097] device veth1_macvtap entered promiscuous mode
[ 1146.357500][T12062] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1146.365699][ T2822] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 11
[ 1146.375649][ T2822] usb 5-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[ 1146.385325][ T2822] usb 5-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1146.394934][ T2822] usb 5-1: config 1 interface 0 has no altsetting 0
[ 1146.401590][ T2822] usb 5-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[ 1146.410542][ T2822] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1146.420634][    T9] device bridge_slave_1 left promiscuous mode
[ 1146.426696][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1146.434254][    T9] device bridge_slave_0 left promiscuous mode
[ 1146.440598][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1146.449402][    T9] device veth1_macvtap left promiscuous mode
[ 1146.455444][    T9] device veth0_vlan left promiscuous mode
[ 1146.456626][ T2822] ums-sddr09 5-1:1.0: USB Mass Storage device detected
[ 1146.541861][T18602] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[ 1146.576023][T12060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1146.609613][T27117] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1146.618480][T27117] EXT4-fs error (device loop0): ext4_find_inline_data_nolock:163: inode #12: comm syz.0.7095: inline data xattr refers to an external xattr inode
[ 1146.633651][T27117] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.7095: couldn't read orphan inode 12 (err -117)
[ 1146.645681][T27117] EXT4-fs (loop0): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000000001,init_itable=0x0000000000000000,nolazytime,grpid,prjquota,norecovery,lazytime,errors=continue,auto_da_alloc,test_dummy_encryption,,errors=continue
[ 1146.680136][ T2822] scsi host1: usb-storage 5-1:1.0
[ 1146.743253][   T24] audit: type=1400 audit(2000000022.759:4159): avc:  denied  { mounton } for  pid=27116 comm="syz.0.7095" path="/0/file0/file0" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[ 1146.743361][T27117] overlayfs: missing 'lowerdir'
[ 1146.766270][T25943] Bluetooth: hci0: command 0x1003 tx timeout
[ 1146.777030][T27078] Bluetooth: hci0: sending frame failed (-49)
[ 1146.799048][T18602] usb 3-1: Using ep0 maxpacket: 16
[ 1146.837613][T27123] 9pnet: Insufficient options for proto=fd
[ 1147.164934][T27130] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7103'.
[ 1147.246686][T18602] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 1147.288459][T18602] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1147.297479][T18602] usb 3-1: Product: syz
[ 1147.301853][T18602] usb 3-1: Manufacturer: syz
[ 1147.308296][T18602] usb 3-1: SerialNumber: syz
[ 1147.313904][T18602] usb 3-1: config 0 descriptor??
[ 1147.331221][T27132] binfmt_misc: Unknown parameter 'nr_inodes'
[ 1147.332150][   T24] audit: type=1400 audit(2000000023.368:4160): avc:  denied  { mount } for  pid=27131 comm="syz.3.7104" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[ 1147.362701][   T24] audit: type=1400 audit(2000000023.368:4161): avc:  denied  { remount } for  pid=27131 comm="syz.3.7104" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[ 1147.383222][   T24] audit: type=1400 audit(2000000023.410:4162): avc:  denied  { unmount } for  pid=25453 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[ 1147.680068][T12060] scsi 1:0:0:0: Direct-Access     Sandisk  ImageMate SDDR09 0177 PQ: 0 ANSI: 0
[ 1147.684528][T18595] usb 4-1: new high-speed USB device number 121 using dummy_hcd
[ 1147.762321][T12062] usb 3-1: USB disconnect, device number 24
[ 1147.866326][T27140] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7106'.
[ 1147.928580][T18602] usb 5-1: USB disconnect, device number 34
[ 1147.932767][T27120] sddr09: could not read card info
[ 1147.940236][    T9] sd 1:0:0:0: [sdb] 0 512-byte logical blocks: (0 B/0 B)
[ 1147.949369][    T9] sd 1:0:0:0: [sdb] 0-byte physical blocks
[ 1147.961044][    T9] sd 1:0:0:0: [sdb] Write Protect is off
[ 1147.966561][    T9] sd 1:0:0:0: [sdb] Asking for cache data failed
[ 1147.972771][    T9] sd 1:0:0:0: [sdb] Assuming drive cache: write through
[ 1147.984165][    T9] sd 1:0:0:0: [sdb] Attached SCSI removable disk
[ 1148.084907][T18595] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1148.096052][T18595] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1280, setting to 1024
[ 1148.109301][T18595] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1148.122752][T18595] usb 4-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1148.131604][T18595] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1148.140352][T18595] usb 4-1: config 0 descriptor??
[ 1148.161175][T27135] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[ 1148.348844][T20501] udevd[20501]: inotify_add_watch(7, /dev/sdb, 10) failed: No such file or directory
[ 1148.602295][T27135] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev tmpfs, type tmpfs) errno=-22
[ 1148.751760][T18595] usbhid 4-1:0.0: can't add hid device: -71
[ 1148.758056][T18595] usbhid: probe of 4-1:0.0 failed with error -71
[ 1148.862482][T18595] usb 4-1: USB disconnect, device number 121
[ 1149.012308][T12060] Bluetooth: hci0: command 0x1001 tx timeout
[ 1149.018244][T27078] Bluetooth: hci0: sending frame failed (-49)
[ 1149.107888][T27159] 9pnet: Insufficient options for proto=fd
[ 1149.793356][T11747] tipc: Disabling bearer <udp:s>
[ 1149.798563][T11747] tipc: Left network mode
[ 1149.881306][T27176] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1149.888310][T27176] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1149.896497][T27176] device bridge_slave_0 entered promiscuous mode
[ 1149.899239][T27170] F2FS-fs (loop0): Unrecognized mount option "nodiˆ¤8‡¯i†scard" or missing value
[ 1149.903645][T27176] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1149.919306][T27176] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1149.926683][T27176] device bridge_slave_1 entered promiscuous mode
[ 1149.986354][T27176] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1149.993241][T27176] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1150.000591][T27176] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1150.007338][T27176] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1150.072073][T12062] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1150.092059][T12062] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1150.141344][T12062] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1150.151010][T27185] device wireguard0 entered promiscuous mode
[ 1150.191519][T12062] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1150.200553][T12062] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1150.207496][T12062] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1150.215359][T12062] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1150.223949][T12062] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1150.230832][T12062] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1150.238087][T12062] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1150.245932][T12062] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1150.260394][T18598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1150.281094][T18595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1150.291463][T18595] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1150.316336][T18595] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1150.327912][T27176] device veth0_vlan entered promiscuous mode
[ 1150.343960][T12062] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1150.353266][T27176] device veth1_macvtap entered promiscuous mode
[ 1150.364611][T12062] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1150.376439][T27194] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[ 1150.391503][T12060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1150.401618][T27194] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.7122: inode #1: comm syz.0.7122: iget: illegal inode #
[ 1150.417328][T27194] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.7122: error while reading EA inode 1 err=-117
[ 1150.449997][T27194] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.7122: inode #1: comm syz.0.7122: iget: illegal inode #
[ 1150.477420][T27194] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.7122: error while reading EA inode 1 err=-117
[ 1150.509350][T27194] EXT4-fs (loop0): 1 orphan inode deleted
[ 1150.517737][T27194] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,delalloc,debug_want_extra_isize=0x000000000000004c,minixdf,resgid=0x0000000000000000,nomblk_io_submit,usrjquota=,,errors=continue
[ 1150.541697][   T24] audit: type=1400 audit(2000000026.738:4163): avc:  denied  { setattr } for  pid=27193 comm="syz.0.7122" name="file0" dev="loop0" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1150.565787][T11747] device bridge_slave_1 left promiscuous mode
[ 1150.577361][T11747] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1150.585985][T11747] device bridge_slave_0 left promiscuous mode
[ 1150.968984][   T24] audit: type=1400 audit(2000000026.969:4164): avc:  denied  { mount } for  pid=27193 comm="syz.0.7122" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[ 1151.016036][T25943] Bluetooth: hci0: command 0x1009 tx timeout
[ 1151.016880][T11747] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1151.051051][T27207] 9pnet: Insufficient options for proto=fd
[ 1151.057934][T11747] device veth1_macvtap left promiscuous mode
[ 1151.067907][T11747] device veth0_vlan left promiscuous mode
[ 1151.210712][T27097] EXT4-fs error (device loop0): htree_dirblock_to_tree:1091: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[ 1151.234589][   T24] audit: type=1400 audit(2000000027.473:4165): avc:  denied  { unlink } for  pid=27097 comm="syz-executor" name="lost+found" dev="loop0" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=blk_file permissive=1
[ 1151.240597][T27097] EXT4-fs error (device loop0): ext4_lookup:1827: inode #15: comm syz-executor: unexpected EA_INODE flag
[ 1151.773444][T27097] EXT4-fs error (device loop0): ext4_lookup:1827: inode #15: comm syz-executor: unexpected EA_INODE flag
[ 1151.895579][T27228] EXT4-fs (loop4): Ignoring removed nobh option
[ 1151.924627][T27228] EXT4-fs (loop4): mounted filesystem without journal. Opts: nobh,stripe=0x0000000000010000,dioread_nolock,,errors=continue
[ 1152.113475][T27241] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7135'.
[ 1152.152808][   T24] audit: type=1400 audit(2000000028.439:4166): avc:  denied  { ioctl } for  pid=27234 comm="syz.2.7134" path="socket:[124455]" dev="sockfs" ino=124455 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1152.253461][T27249] udc-core: couldn't find an available UDC or it's busy
[ 1152.260388][   T24] audit: type=1400 audit(2000000028.533:4167): avc:  denied  { setopt } for  pid=27245 comm="syz.4.7139" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1152.282942][T27249] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1152.301624][T27242] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1152.308772][T27242] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1152.316194][T27242] device bridge_slave_0 entered promiscuous mode
[ 1152.323039][T27242] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1152.330005][T27242] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1152.337677][T27242] device bridge_slave_1 entered promiscuous mode
[ 1152.670478][T27242] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1152.677347][T27242] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1152.684435][T27242] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1152.691254][T27242] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1152.712901][T18595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1152.720531][T18595] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1152.728028][T18595] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1152.739743][T18595] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1152.748041][T18595] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1152.754929][T18595] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1152.770215][T25943] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1152.778582][T25943] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1152.785469][T25943] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1152.793296][T25943] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1152.800934][ T2822] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[ 1152.808867][T25943] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1152.830411][T12062] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1152.844610][T27242] device veth0_vlan entered promiscuous mode
[ 1152.851626][T25943] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1152.867769][T25943] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1152.879494][T25943] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1152.900700][T27242] device veth1_macvtap entered promiscuous mode
[ 1152.909691][T12062] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1152.927614][T12062] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1152.936576][T12062] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1152.945216][T12062] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1152.953687][T12062] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1153.057148][ T2822] usb 5-1: device descriptor read/64, error -71
[ 1153.087136][T11747] device bridge_slave_1 left promiscuous mode
[ 1153.093887][T11747] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1153.119398][T11747] device bridge_slave_0 left promiscuous mode
[ 1153.125917][T11747] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1153.136353][T11747] device veth1_macvtap left promiscuous mode
[ 1153.142323][T11747] device veth0_vlan left promiscuous mode
[ 1153.495292][T25943] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[ 1153.503152][T12062] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[ 1153.609967][ T2822] usb 5-1: device descriptor read/64, error -71
[ 1153.627856][T27273] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1153.635023][T27273] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1153.642568][T27273] device bridge_slave_0 entered promiscuous mode
[ 1153.649557][T27273] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1153.656453][T27273] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1153.663938][T27273] device bridge_slave_1 entered promiscuous mode
[ 1153.707614][T27273] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1153.714538][T27273] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1153.721638][T27273] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1153.723747][T25943] usb 3-1: Using ep0 maxpacket: 16
[ 1153.728506][T27273] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1153.733983][T12062] usb 1-1: Using ep0 maxpacket: 16
[ 1153.757210][T12060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1153.765699][T12060] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1153.772999][T12060] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1153.782961][T18595] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1153.791110][T18595] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1153.797969][T18595] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1153.810938][T12060] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1153.818953][T12060] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1153.826024][T12060] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1153.846294][T27273] device veth0_vlan entered promiscuous mode
[ 1153.855395][T12060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1153.864840][T12060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1153.872474][T25943] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1153.883194][T12060] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1153.890352][T25943] usb 3-1: config 0 has no interfaces?
[ 1153.895810][ T2822] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[ 1153.903483][T12060] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1153.910981][T12060] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1153.919322][T12060] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1153.974148][T18595] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1153.983175][T18595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1153.994114][T27273] device veth1_macvtap entered promiscuous mode
[ 1154.009806][T18595] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1154.021754][T18595] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1154.029790][T25943] usb 3-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[ 1154.029805][T25943] usb 3-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[ 1154.029815][T25943] usb 3-1: Product: syz
[ 1154.029833][T25943] usb 3-1: SerialNumber: syz
[ 1154.040050][T18595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1154.046891][T12062] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 1154.072592][T27281] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7148'.
[ 1154.073063][T12062] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1154.089698][T25943] usb 3-1: config 0 descriptor??
[ 1154.094512][T12062] usb 1-1: Product: syz
[ 1154.096421][T18601] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1154.098520][T12062] usb 1-1: Manufacturer: syz
[ 1154.111037][T12062] usb 1-1: SerialNumber: syz
[ 1154.114935][T18601] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1154.138416][T12062] usb 1-1: config 0 descriptor??
[ 1154.209870][ T2822] usb 5-1: device descriptor read/64, error -71
[ 1154.440367][  T222] tipc: Disabling bearer <udp:syz2>
[ 1154.445674][  T222] tipc: Left network mode
[ 1154.479421][T18595] usb 3-1: USB disconnect, device number 25
[ 1154.581131][ T2822] usb 5-1: device descriptor read/64, error -71
[ 1154.598758][T18601] usb 1-1: USB disconnect, device number 17
[ 1154.695869][ T2822] usb usb5-port1: attempt power cycle
[ 1154.925028][  T222] device bridge_slave_1 left promiscuous mode
[ 1154.931081][  T222] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1154.938627][  T222] device bridge_slave_0 left promiscuous mode
[ 1154.944709][  T222] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1154.952464][  T222] device veth1_macvtap left promiscuous mode
[ 1154.958522][  T222] device veth0_vlan left promiscuous mode
[ 1155.047414][T27306] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7153'.
[ 1155.085955][ T2822] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[ 1155.543307][ T2822] usb 5-1: device not accepting address 37, error -71
[ 1156.015036][   T24] audit: type=1400 audit(2000000032.491:4168): avc:  denied  { audit_write } for  pid=27331 comm="syz.0.7163" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 1156.115259][   T24] audit: type=1107 audit(2000000032.522:4169): pid=27331 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[ 1156.181777][ T2822] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[ 1156.220905][T27342] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7167'.
[ 1156.327420][T27346] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1156.345448][T18601] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[ 1156.653748][ T2822] usb 5-1: Using ep0 maxpacket: 8
[ 1156.838747][ T2822] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1157.000603][ T2822] usb 5-1: New USB device found, idVendor=8086, idProduct=0b03, bcdDevice=f4.28
[ 1157.013319][ T2822] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1157.029998][T18601] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11
[ 1157.032092][ T2822] usb 5-1: Product: syz
[ 1157.114900][T18601] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024
[ 1157.126515][T18601] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 1157.135445][T18601] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1157.146150][ T2822] usb 5-1: Manufacturer: syz
[ 1157.153621][ T2822] usb 5-1: SerialNumber: syz
[ 1157.160854][ T2822] usb 5-1: config 0 descriptor??
[ 1157.172267][T27332] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[ 1157.231070][T27366] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7171'.
[ 1157.518195][T27330] fuse: Unknown parameter '0xffffffffffffffff0x0000000000000006'
[ 1157.591161][T25919] usb 4-1: new high-speed USB device number 122 using dummy_hcd
[ 1157.600910][T18601] aiptek 1-1:17.0: Aiptek using 400 ms programming speed
[ 1157.613223][T18601] input: Aiptek as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:17.0/input/input129
[ 1157.628914][T18601] usb 1-1: USB disconnect, device number 18
[ 1157.657885][ T2822] uvcvideo: Found UVC 0.00 device syz (8086:0b03)
[ 1157.665210][ T2822] uvcvideo: No valid video chain found.
[ 1157.678936][ T2822] usb 5-1: USB disconnect, device number 38
[ 1157.829345][T25919] usb 4-1: Using ep0 maxpacket: 16
[ 1158.191458][T25919] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 1158.221744][T25919] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1158.229924][T25919] usb 4-1: Product: syz
[ 1158.248760][T25919] usb 4-1: Manufacturer: syz
[ 1158.261636][T25919] usb 4-1: SerialNumber: syz
[ 1158.271581][T25919] usb 4-1: config 0 descriptor??
[ 1158.331503][T27382] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1158.338660][T27382] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1158.346072][T27382] device bridge_slave_0 entered promiscuous mode
[ 1158.353003][T27382] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1158.360177][T27382] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1158.368094][T27382] device bridge_slave_1 entered promiscuous mode
[ 1158.393190][T27394] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7181'.
[ 1158.534971][T27382] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1158.541847][T27382] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1158.549001][T27382] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1158.555867][T27382] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1158.598047][T18601] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1158.606124][T18601] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1158.614683][T18601] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1158.633823][T18599] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1158.683980][T18599] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1158.690898][T18599] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1158.699519][T18599] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1158.709019][T18599] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1158.715899][T18599] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1158.728439][T18599] usb 4-1: USB disconnect, device number 122
[ 1158.743414][T18601] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1158.751346][T18601] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1158.772962][T27382] device veth0_vlan entered promiscuous mode
[ 1158.783153][T18601] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1158.791671][T18601] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1158.801134][T18601] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1158.809670][T18601] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1158.826665][T27382] device veth1_macvtap entered promiscuous mode
[ 1158.869846][  T222] device bridge_slave_1 left promiscuous mode
[ 1158.875999][  T222] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1158.884516][  T222] device bridge_slave_0 left promiscuous mode
[ 1158.890852][  T222] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1158.899989][  T222] device veth1_macvtap left promiscuous mode
[ 1158.908881][  T222] device veth0_vlan left promiscuous mode
[ 1159.138598][T18595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1159.149210][T18595] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1159.161916][T18595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1159.239373][   T24] audit: type=1400 audit(2000000035.871:4170): avc:  denied  { name_bind } for  pid=27412 comm="syz.3.7186" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[ 1159.315832][T25943] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[ 1159.791597][T25943] usb 5-1: device descriptor read/64, error -71
[ 1159.797966][T25919] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[ 1160.071206][T25919] usb 2-1: Using ep0 maxpacket: 8
[ 1160.296862][T25943] usb 5-1: device descriptor read/64, error -71
[ 1160.306451][T25919] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1160.501499][T25919] usb 2-1: New USB device found, idVendor=8086, idProduct=0b03, bcdDevice=f4.28
[ 1160.798095][T25943] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[ 1160.805707][T25919] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1160.813845][T25919] usb 2-1: Product: syz
[ 1160.817821][T25919] usb 2-1: Manufacturer: syz
[ 1160.822454][T25919] usb 2-1: SerialNumber: syz
[ 1160.829586][T25919] usb 2-1: config 0 descriptor??
[ 1160.882981][T27452] tipc: Started in network mode
[ 1160.888311][T27452] tipc: Own node identity 000000000000000005, cluster identity 4711
[ 1160.991965][T18595] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[ 1161.058733][T25943] usb 5-1: device descriptor read/64, error -71
[ 1161.071390][T27416] fuse: Unknown parameter '0xffffffffffffffff0x0000000000000006'
[ 1161.195239][T25919] uvcvideo: Found UVC 0.00 device syz (8086:0b03)
[ 1161.206178][T25919] uvcvideo: No valid video chain found.
[ 1161.243045][T25919] usb 2-1: USB disconnect, device number 22
[ 1161.416758][T27479] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7204'.
[ 1161.425898][T27479] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7204'.
[ 1161.554267][T25943] usb 5-1: device descriptor read/64, error -71
[ 1161.648217][T18595] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1161.671851][T18595] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1161.711532][T18595] usb 3-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[ 1161.759567][T18595] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1161.827400][T18595] usb 3-1: config 0 descriptor??
[ 1161.916234][T25943] usb usb5-port1: attempt power cycle
[ 1162.000564][T27491] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1162.007709][T27491] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1162.015044][T27491] device bridge_slave_0 entered promiscuous mode
[ 1162.022190][T27491] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1162.029114][T27491] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1162.036443][T27491] device bridge_slave_1 entered promiscuous mode
[ 1162.081515][T27439] syz.2.7195[27439] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1162.081899][T27439] syz.2.7195[27439] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1162.373464][T18595] isku 0003:1E7D:319C.0087: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.2-1/input0
[ 1162.430569][T27491] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1162.437569][T27491] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1162.444723][T27491] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1162.451585][T27491] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1162.480306][T18602] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1162.487948][T18602] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1162.495200][T18602] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1162.507177][T25919] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1162.515197][T25919] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1162.522088][T25919] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1162.532440][T27501] netlink: 24 bytes leftover after parsing attributes in process `syz.0.7209'.
[ 1162.545664][T18602] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1162.554040][T18602] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1162.560908][T18602] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1162.581874][T18602] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1162.596272][T18598] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1162.609268][T11747] device bridge_slave_1 left promiscuous mode
[ 1162.615397][T11747] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1162.622857][T11747] device bridge_slave_0 left promiscuous mode
[ 1162.628933][T11747] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1162.636853][T11747] device veth1_macvtap left promiscuous mode
[ 1162.642764][T11747] device veth0_vlan left promiscuous mode
[ 1162.762175][T12060] usb 3-1: USB disconnect, device number 26
[ 1162.779868][T27491] device veth0_vlan entered promiscuous mode
[ 1162.787271][T18602] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1162.796174][T18602] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1162.804960][T27505] netlink: 'syz.3.7211': attribute type 3 has an invalid length.
[ 1162.812763][T27505] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7211'.
[ 1162.813340][T18602] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1162.829212][T18602] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1162.842284][T27491] device veth1_macvtap entered promiscuous mode
[ 1162.849707][T18598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1162.857757][T18598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1162.866239][T18598] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1162.877266][T18598] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1162.885371][T18598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1162.895225][T12062] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1162.903544][T12062] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1163.087584][T25943] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[ 1163.173392][T25943] usb 5-1: Using ep0 maxpacket: 16
[ 1163.278464][T27512] exfat: Deprecated parameter 'utf8'
[ 1163.283610][T27512] exfat: Deprecated parameter 'namecase'
[ 1163.289842][T27512] exfat: Deprecated parameter 'utf8'
[ 1163.295042][T27512] exfat: Bad value for 'errors'
[ 1163.408700][T27519] netlink: 24 bytes leftover after parsing attributes in process `syz.0.7215'.
[ 1163.439981][T25943] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 1163.452450][T25943] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1163.460616][T25943] usb 5-1: Product: syz
[ 1163.464700][T25943] usb 5-1: Manufacturer: syz
[ 1163.469485][T25943] usb 5-1: SerialNumber: syz
[ 1163.475033][T25943] usb 5-1: config 0 descriptor??
[ 1163.999738][T18602] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[ 1164.030021][T12060] usb 5-1: USB disconnect, device number 41
[ 1164.449229][T27539] IPv4: Oversized IP packet from 127.202.26.0
[ 1164.497038][T27542] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7221'.
[ 1164.621025][T18602] usb 1-1: Using ep0 maxpacket: 16
[ 1164.726781][T27554] EXT4-fs (loop4): Ignoring removed orlov option
[ 1164.734641][T27554] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[ 1164.747274][T18602] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1164.758004][T18602] usb 1-1: config 0 has no interfaces?
[ 1164.760084][T27552] netlink: 40 bytes leftover after parsing attributes in process `syz.1.7224'.
[ 1164.766165][T27554] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,sb=0xffffffffffffffe0,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue
[ 1164.774193][T27552] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=27552 comm=syz.1.7224
[ 1164.897439][T12060] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[ 1165.125969][T12060] usb 3-1: Using ep0 maxpacket: 32
[ 1165.182145][T18602] usb 1-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[ 1165.383457][T12060] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1165.420594][T12060] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1165.467110][T12060] usb 3-1: New USB device found, idVendor=0e8f, idProduct=0012, bcdDevice= 0.00
[ 1165.476137][T18602] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[ 1165.484030][T18602] usb 1-1: Product: syz
[ 1165.488042][T18602] usb 1-1: SerialNumber: syz
[ 1165.490484][T12060] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1165.502866][T18602] usb 1-1: config 0 descriptor??
[ 1165.506477][T12060] usb 3-1: config 0 descriptor??
[ 1165.783215][T18600] usb 4-1: new high-speed USB device number 123 using dummy_hcd
[ 1165.797721][T25943] usb 1-1: USB disconnect, device number 19
[ 1165.924587][T27580] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7232'.
[ 1165.936144][   T24] audit: type=1400 audit(2000000042.905:4171): avc:  denied  { shutdown } for  pid=27577 comm="syz.1.7231" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1165.975174][T12060] greenasia 0003:0E8F:0012.0088: unknown main item tag 0x0
[ 1165.983263][T12060] greenasia 0003:0E8F:0012.0088: unknown main item tag 0x0
[ 1165.992366][T12060] greenasia 0003:0E8F:0012.0088: unknown main item tag 0x0
[ 1165.998374][   T24] audit: type=1400 audit(2000000042.957:4172): avc:  denied  { unmount } for  pid=27491 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[ 1166.015073][T12060] greenasia 0003:0E8F:0012.0088: hidraw0: USB HID v0.00 Device [HID 0e8f:0012] on usb-dummy_hcd.2-1/input0
[ 1166.061857][T12060] greenasia 0003:0E8F:0012.0088: no inputs found
[ 1166.259557][T18600] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1166.287478][T18600] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1166.338223][T18600] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1166.363389][T18600] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1166.371812][T18598] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[ 1166.389637][T18602] usb 3-1: USB disconnect, device number 27
[ 1166.396399][T18600] usb 4-1: config 0 descriptor??
[ 1166.670769][T18598] usb 2-1: Using ep0 maxpacket: 16
[ 1166.945595][T18600] usbhid 4-1:0.0: can't add hid device: -71
[ 1166.951775][T18600] usbhid: probe of 4-1:0.0 failed with error -71
[ 1166.959163][T18600] usb 4-1: USB disconnect, device number 123
[ 1167.042922][T18598] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 1167.052320][T18598] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1167.060273][T18598] usb 2-1: Product: syz
[ 1167.064394][T18598] usb 2-1: Manufacturer: syz
[ 1167.068807][T18598] usb 2-1: SerialNumber: syz
[ 1167.074160][T18598] usb 2-1: config 0 descriptor??
[ 1167.116877][T18602] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[ 1167.600190][T25919] usb 2-1: USB disconnect, device number 23
[ 1168.088871][T18602] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1168.100377][T18602] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1168.113053][T18602] usb 5-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[ 1168.123740][T18602] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1168.143910][T18602] usb 5-1: config 0 descriptor??
[ 1168.254771][   T24] audit: type=1400 audit(2000000045.340:4173): avc:  denied  { mount } for  pid=27628 comm="syz.1.7247" name="/" dev="ramfs" ino=127424 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[ 1168.617416][T27599] udc-core: couldn't find an available UDC or it's busy
[ 1168.624972][T27599] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1168.666348][   T24] audit: type=1326 audit(2000000045.771:4174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27598 comm="syz.4.7237" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f96d8337b59 code=0x0
[ 1168.741822][T27645] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7250'.
[ 1168.802831][T18600] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[ 1168.833149][T27649] netlink: 88 bytes leftover after parsing attributes in process `syz.3.7249'.
[ 1168.850496][T18602] usbhid 5-1:0.0: can't add hid device: -71
[ 1168.856784][T18602] usbhid: probe of 5-1:0.0 failed with error -71
[ 1168.870086][T27647] netlink: 'syz.2.7251': attribute type 44 has an invalid length.
[ 1168.876743][T18602] usb 5-1: USB disconnect, device number 42
[ 1169.060320][T18600] usb 2-1: Using ep0 maxpacket: 32
[ 1169.191466][T27654] device syzkaller0 entered promiscuous mode
[ 1169.197737][T18600] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1169.212185][T18600] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1169.222081][T18600] usb 2-1: New USB device found, idVendor=0e8f, idProduct=0012, bcdDevice= 0.00
[ 1169.231014][T18600] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1169.240636][T18600] usb 2-1: config 0 descriptor??
[ 1169.696322][T18600] greenasia 0003:0E8F:0012.0089: unknown main item tag 0x0
[ 1169.749326][T18600] greenasia 0003:0E8F:0012.0089: unknown main item tag 0x0
[ 1169.757922][T18600] greenasia 0003:0E8F:0012.0089: unknown main item tag 0x0
[ 1169.770539][T18600] greenasia 0003:0E8F:0012.0089: hidraw0: USB HID v0.00 Device [HID 0e8f:0012] on usb-dummy_hcd.1-1/input0
[ 1169.782106][T18600] greenasia 0003:0E8F:0012.0089: no inputs found
[ 1170.003213][T25943] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[ 1170.194671][T18600] usb 2-1: USB disconnect, device number 24
[ 1170.298370][T25943] usb 5-1: Using ep0 maxpacket: 16
[ 1170.884594][T27700] F2FS-fs (loop0): Invalid gid value -1
[ 1171.060057][T27710] netlink: 32 bytes leftover after parsing attributes in process `syz.0.7262'.
[ 1171.098738][T25943] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 1171.107800][T25943] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1171.156301][T25943] usb 5-1: Product: syz
[ 1171.160313][T25943] usb 5-1: Manufacturer: syz
[ 1171.177370][T25943] usb 5-1: SerialNumber: syz
[ 1171.189627][T25943] usb 5-1: config 0 descriptor??
[ 1171.211480][T27718] overlayfs: failed to resolve './file0': -2
[ 1171.235989][   T24] audit: type=1400 audit(2000000048.469:4175): avc:  denied  { read } for  pid=27713 comm="syz.1.7264" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1171.274140][T27716] netlink: 'syz.2.7265': attribute type 3 has an invalid length.
[ 1171.440175][T27747] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[ 1171.532957][   T24] audit: type=1400 audit(2000000048.773:4176): avc:  denied  { map } for  pid=27729 comm="syz.2.7270" path="pipe:[126839]" dev="pipefs" ino=126839 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 1171.640599][T18599] usb 5-1: USB disconnect, device number 43
[ 1172.408711][T27757] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv1,bsddf,barrier=0x0000000000000000,norecovery,data_err=ignore,resuid=0x0000000000000000,nodelalloc,acl,noinit_itable,,errors=continue
[ 1172.727412][T18602] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[ 1172.835984][ T2822] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[ 1173.098950][T18602] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1173.099306][ T2822] usb 1-1: Using ep0 maxpacket: 32
[ 1173.109942][T18602] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1173.124721][T18602] usb 2-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[ 1173.133949][T18602] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1173.144370][T18602] usb 2-1: config 0 descriptor??
[ 1173.241832][ T2822] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1173.258032][ T2822] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1173.268205][ T2822] usb 1-1: New USB device found, idVendor=0e8f, idProduct=0012, bcdDevice= 0.00
[ 1173.277824][ T2822] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1173.290102][ T2822] usb 1-1: config 0 descriptor??
[ 1173.614926][T18602] isku 0003:1E7D:319C.008A: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.1-1/input0
[ 1173.738278][ T2822] greenasia 0003:0E8F:0012.008B: unknown main item tag 0x0
[ 1173.745515][ T2822] greenasia 0003:0E8F:0012.008B: unknown main item tag 0x0
[ 1173.752560][ T2822] greenasia 0003:0E8F:0012.008B: unknown main item tag 0x0
[ 1173.760569][ T2822] greenasia 0003:0E8F:0012.008B: hidraw1: USB HID v0.00 Device [HID 0e8f:0012] on usb-dummy_hcd.0-1/input0
[ 1173.771832][ T2822] greenasia 0003:0E8F:0012.008B: no inputs found
[ 1173.963255][ T2822] usb 1-1: USB disconnect, device number 20
[ 1174.028201][T12062] usb 2-1: USB disconnect, device number 25
[ 1174.337334][T12060] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[ 1174.575855][T12060] usb 5-1: Using ep0 maxpacket: 16
[ 1174.660730][T27810] netlink: 24 bytes leftover after parsing attributes in process `syz.0.7290'.
[ 1175.108924][T12060] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 1175.117967][T12060] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1175.125792][T12060] usb 5-1: Product: syz
[ 1175.129749][T12060] usb 5-1: Manufacturer: syz
[ 1175.134100][T12060] usb 5-1: SerialNumber: syz
[ 1175.373712][T12060] usb 5-1: config 0 descriptor??
[ 1175.636188][T27831] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7293'.
[ 1175.819871][T18602] usb 5-1: USB disconnect, device number 44
[ 1176.844388][T27852] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7303'.
[ 1177.415932][T18600] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[ 1177.773364][T27876] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7310'.
[ 1177.793804][T27876] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7310'.
[ 1178.830090][T27895] netlink: 88 bytes leftover after parsing attributes in process `syz.1.7313'.
[ 1178.845305][T18600] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1178.939265][T18600] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1178.948889][T18600] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1178.957738][T18600] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1179.564581][T18600] usb 3-1: config 0 descriptor??
[ 1179.846331][T18600] usb 3-1: can't set config #0, error -71
[ 1179.920299][T27916] device wireguard0 entered promiscuous mode
[ 1179.990941][T18600] usb 3-1: USB disconnect, device number 28
[ 1180.770681][   T24] audit: type=1400 audit(2000000058.473:4177): avc:  denied  { ioctl } for  pid=27931 comm="syz.2.7323" path="socket:[127851]" dev="sockfs" ino=127851 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1181.149321][T18602] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[ 1181.577253][T18602] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11
[ 1181.596047][T18602] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024
[ 1181.605335][T12060] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[ 1181.638124][T18602] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 1181.683675][T18602] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1181.729538][T27944] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1182.005384][T12060] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1182.019327][T12060] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 48, changing to 9
[ 1182.048900][T12060] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[ 1182.080519][T12060] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1182.167399][T18602] aiptek 1-1:17.0: Aiptek using 400 ms programming speed
[ 1182.175309][T18602] input: Aiptek as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:17.0/input/input133
[ 1182.186663][T12060] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1182.198930][T12060] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1182.204859][T18602] usb 1-1: USB disconnect, device number 21
[ 1182.227453][T12060] usb 2-1: Manufacturer: syz
[ 1182.252831][T12060] usb 2-1: config 0 descriptor??
[ 1182.281741][T27956] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[ 1182.797369][T27986] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=4114 sclass=netlink_xfrm_socket pid=27986 comm=syz.3.7339
[ 1182.801135][   T24] audit: type=1400 audit(2000000060.604:4178): avc:  denied  { bind } for  pid=27985 comm="syz.3.7339" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1183.038667][T27956] udc-core: couldn't find an available UDC or it's busy
[ 1183.079110][T27956] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1183.126350][T27956] udc-core: couldn't find an available UDC or it's busy
[ 1183.148778][T27956] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1183.173497][T27956] udc-core: couldn't find an available UDC or it's busy
[ 1183.271839][T27956] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1183.274434][T27998] netlink: 'syz.2.7341': attribute type 27 has an invalid length.
[ 1183.302266][T12060] appleir 0003:05AC:8243.008C: unknown main item tag 0x0
[ 1183.309412][T12060] appleir 0003:05AC:8243.008C: No inputs registered, leaving
[ 1183.327139][T12060] appleir 0003:05AC:8243.008C: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[ 1183.695544][T27998] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1183.702604][T27998] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1183.882287][T28015] usb 2-1: USB disconnect, device number 26
[ 1184.585097][T28035] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7350'.
[ 1184.757104][T28045] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1184.764043][T28045] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1184.778481][T28045] device bridge_slave_0 entered promiscuous mode
[ 1184.791121][T28045] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1184.798502][T28045] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1184.808022][T28045] device bridge_slave_1 entered promiscuous mode
[ 1185.058640][T28063] device bridge_slave_1 left promiscuous mode
[ 1185.065801][T28063] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1185.073372][T28063] device bridge_slave_0 left promiscuous mode
[ 1185.079439][T28063] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1185.244409][T28061] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7358'.
[ 1185.468285][T28045] device veth0_vlan entered promiscuous mode
[ 1185.493102][T25926] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1185.823557][T25926] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1185.832131][T25926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1185.840532][T25926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1185.849321][T25926] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1185.860968][T28077] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7363'.
[ 1185.862487][T25926] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1185.877521][T25926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1185.885050][T25926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1185.892697][T25926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1185.900928][T25926] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1185.909121][T25926] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1185.915991][T25926] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1185.923546][T25926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1185.932064][T25926] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1185.940281][T25926] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1185.947115][T25926] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1185.963551][T28045] device veth1_macvtap entered promiscuous mode
[ 1185.970963][T25921] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1185.979538][T25921] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1186.005868][T25926] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1186.018208][T25926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1186.027350][T25926] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1186.035719][T25926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1186.058160][  T516] device bridge_slave_1 left promiscuous mode
[ 1186.084495][  T516] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1186.094788][  T516] device bridge_slave_0 left promiscuous mode
[ 1186.109235][  T516] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1186.119001][  T516] device veth1_macvtap left promiscuous mode
[ 1186.124901][  T516] device veth0_vlan left promiscuous mode
[ 1186.792471][T28085] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7362'.
[ 1187.018873][T28102] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7369'.
[ 1188.716496][T28015] usb 4-1: new high-speed USB device number 124 using dummy_hcd
[ 1188.745472][T28133] netlink: 52 bytes leftover after parsing attributes in process `syz.1.7374'.
[ 1188.847085][T28134] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7378'.
[ 1188.978140][T28015] usb 4-1: Using ep0 maxpacket: 16
[ 1189.055314][   T24] audit: type=1400 audit(2000000067.176:4179): avc:  denied  { ioctl } for  pid=28145 comm="syz.2.7383" path="socket:[129396]" dev="sockfs" ino=129396 ioctlcmd=0x7436 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1189.130006][T28152] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1189.137202][T28152] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1189.144416][T28152] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[ 1189.208912][T28015] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1189.220219][T28015] usb 4-1: config 0 has no interfaces?
[ 1189.228270][T28159] xt_bpf: check failed: parse error
[ 1189.388067][T28015] usb 4-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[ 1189.397552][T28015] usb 4-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[ 1189.405486][T28015] usb 4-1: Product: syz
[ 1189.520086][T28015] usb 4-1: SerialNumber: syz
[ 1189.581562][T28015] usb 4-1: config 0 descriptor??
[ 1190.077694][T25926] usb 4-1: USB disconnect, device number 124
[ 1190.079679][T28015] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[ 1190.536247][T28181] netlink: 76 bytes leftover after parsing attributes in process `syz.1.7392'.
[ 1190.683211][T28015] usb 3-1: Using ep0 maxpacket: 16
[ 1190.795765][T28186] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[ 1190.804055][T28186] EXT4-fs error (device loop4): ext4_get_journal_inode:5243: comm syz.4.7394: inode #67108864: comm syz.4.7394: iget: illegal inode #
[ 1190.838831][T28186] EXT4-fs (loop4): no journal found
[ 1190.845712][T28015] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1190.859092][T28015] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1190.869530][T28015] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1190.886297][T28015] usb 3-1: New USB device found, idVendor=5543, idProduct=0064, bcdDevice= 0.00
[ 1190.895303][T28015] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1190.949773][T28015] usb 3-1: config 0 descriptor??
[ 1190.992135][T28193] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7396'.
[ 1191.011731][T28193] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1191.018880][T28193] IPv6: NLM_F_CREATE should be set when creating new route
[ 1191.068632][T28196] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=28196 comm=syz.0.7396
[ 1191.117072][T28193] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7396'.
[ 1191.464659][   T24] audit: type=1400 audit(2000000069.706:4180): avc:  denied  { read } for  pid=28198 comm="syz.3.7398" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1191.486469][   T24] audit: type=1400 audit(2000000069.706:4181): avc:  denied  { create } for  pid=28198 comm="syz.3.7398" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[ 1191.529475][   T24] audit: type=1400 audit(2000000069.706:4182): avc:  denied  { mount } for  pid=28198 comm="syz.3.7398" name="/" dev="configfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[ 1191.565926][   T24] audit: type=1400 audit(2000000069.748:4183): avc:  denied  { unmount } for  pid=27176 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[ 1191.587809][T28212] netlink: 'syz.0.7402': attribute type 8 has an invalid length.
[ 1191.639774][T28215] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[ 1191.655901][T28015] hid (null): unknown global tag 0xe
[ 1191.657296][T28015] uclogic 0003:5543:0064.008D: unknown global tag 0xe
[ 1191.668128][T28015] uclogic 0003:5543:0064.008D: item 0 4 1 14 parsing failed
[ 1191.791745][T28015] uclogic 0003:5543:0064.008D: parse failed
[ 1191.797813][T28015] uclogic: probe of 0003:5543:0064.008D failed with error -22
[ 1192.663190][T18602] usb 3-1: USB disconnect, device number 29
[ 1192.938802][T28245] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7412'.
[ 1192.947761][T28245] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7412'.
[ 1192.986825][   T24] audit: type=1400 audit(2000000071.302:4184): avc:  denied  { setattr } for  pid=28249 comm="syz.1.7413" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1193.026612][T25925] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[ 1193.255263][T25925] usb 1-1: Using ep0 maxpacket: 16
[ 1193.567266][T25926] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[ 1194.084211][T25926] usb 2-1: Using ep0 maxpacket: 32
[ 1194.093994][T25925] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 1194.102856][T25925] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1194.122514][T25925] usb 1-1: Product: syz
[ 1194.126512][T25925] usb 1-1: Manufacturer: syz
[ 1194.130938][T25925] usb 1-1: SerialNumber: syz
[ 1194.142041][T25925] usb 1-1: config 0 descriptor??
[ 1194.200199][T28287] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7421'.
[ 1194.314416][T28290] 9pnet: Insufficient options for proto=fd
[ 1194.350674][T25926] usb 2-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[ 1194.359612][T25926] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1194.367405][T25926] usb 2-1: Product: syz
[ 1194.371459][T25926] usb 2-1: Manufacturer: syz
[ 1194.375919][T25926] usb 2-1: SerialNumber: syz
[ 1194.381881][T25926] usb 2-1: config 0 descriptor??
[ 1194.388779][T25925] r8152 1-1:0.0: Unknown version 0x0000
[ 1194.395359][T25925] usb 1-1: USB disconnect, device number 22
[ 1194.631072][T28303] input: syz1 as /devices/virtual/input/input136
[ 1194.741083][T18602] usb 4-1: new high-speed USB device number 125 using dummy_hcd
[ 1195.122466][T18602] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1195.133452][T18602] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1195.143338][T18602] usb 4-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00
[ 1195.152365][T18602] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1195.163618][T18602] usb 4-1: config 0 descriptor??
[ 1195.255687][T25926] (unnamed net_device) (uninitialized): Assigned a random MAC address: c2:14:32:89:12:24
[ 1195.286474][T25926] rtl8150 2-1:0.0: eth1: rtl8150 is detected
[ 1195.302529][T25926] usb 2-1: USB disconnect, device number 27
[ 1195.432390][T28325] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7431'.
[ 1196.248424][T28317] xt_hashlimit: max too large, truncated to 1048576
[ 1196.311832][T18602] logitech-djreceiver 0003:046D:C71B.008E: unknown main item tag 0x7
[ 1196.499483][T18602] usb 4-1: USB disconnect, device number 125
[ 1196.666559][T28363] device wireguard0 entered promiscuous mode
[ 1196.777812][T28368] hub 6-0:1.0: USB hub found
[ 1196.783520][T28368] hub 6-0:1.0: 1 port detected
[ 1196.811206][T28368] Module has invalid ELF structures
[ 1197.447562][T28376] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=28376 comm=syz.1.7440
[ 1198.937826][T28418] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7449'.
[ 1199.119367][T28420] netlink: 76 bytes leftover after parsing attributes in process `syz.0.7450'.
[ 1199.387733][T28427] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7453'.
[ 1199.404212][T28427] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1199.411324][T28427] IPv6: NLM_F_CREATE should be set when creating new route
[ 1199.420854][T28427] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=28427 comm=syz.2.7453
[ 1199.434884][T28427] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7453'.
[ 1200.240558][T28434] netlink: 24 bytes leftover after parsing attributes in process `syz.4.7454'.
[ 1200.399470][T28012] usb 4-1: new high-speed USB device number 126 using dummy_hcd
[ 1200.599499][T28448] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7457'.
[ 1200.739982][T28465] netlink: 'syz.4.7461': attribute type 4 has an invalid length.
[ 1200.828102][T28012] usb 4-1: Using ep0 maxpacket: 16
[ 1200.942988][T28012] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[ 1201.003123][T28012] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[ 1201.018405][T28012] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 1201.040331][T28012] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1201.055142][T28012] usb 4-1: config 0 descriptor??
[ 1201.360083][T28479] fuse: Bad value for 'fd'
[ 1201.371687][   T24] audit: type=1400 audit(2000000080.089:4185): avc:  denied  { map } for  pid=28471 comm="syz.1.7465" path="socket:[130551]" dev="sockfs" ino=130551 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1201.460179][T28480] udc-core: couldn't find an available UDC or it's busy
[ 1201.521457][   T24] audit: type=1400 audit(2000000080.089:4186): avc:  denied  { read } for  pid=28471 comm="syz.1.7465" path="socket:[130551]" dev="sockfs" ino=130551 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1201.555530][T28480] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1201.873264][T28440] udc-core: couldn't find an available UDC or it's busy
[ 1201.890104][T28440] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1201.946717][T28487] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1202.153347][T28487] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.7468: casefold flag without casefold feature
[ 1202.193979][T28487] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #12: comm syz.0.7468: missing EA_INODE flag
[ 1202.206224][T28487] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.7468: error while reading EA inode 12 err=-117
[ 1202.220347][T28487] EXT4-fs (loop0): 1 orphan inode deleted
[ 1202.226049][T28487] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_nolock,journal_dev=0x0000000000000007,quota,noinit_itable,errors=continue,errors=continue,errors=remount-ro,delalloc,auto_da_alloc,norecovery,errors=continue,journal_ioprio=0x0000000000000001,
[ 1202.252128][T28012] usbhid 4-1:0.0: can't add hid device: -71
[ 1202.269940][T28497] SELinux:  Context system_u:object_r:tpm_device_t:s0 is not valid (left unmapped).
[ 1202.297106][T28012] usbhid: probe of 4-1:0.0 failed with error -71
[ 1202.337595][T28012] usb 4-1: USB disconnect, device number 126
[ 1202.344028][   T24] audit: type=1400 audit(2000000081.044:4187): avc:  denied  { relabelfrom } for  pid=28492 comm="syz.2.7470" name="" dev="pipefs" ino=130626 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 1202.442849][   T24] audit: type=1400 audit(2000000081.055:4188): avc:  denied  { relabelto } for  pid=28492 comm="syz.2.7470" name="" dev="pipefs" ino=130626 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1 trawcon="system_u:object_r:tpm_device_t:s0"
[ 1202.670302][T28504] netlink: 'syz.0.7468': attribute type 4 has an invalid length.
[ 1203.055774][    T9] tipc: Left network mode
[ 1203.135751][T28514] EXT4-fs (loop0): Unrecognized mount option "dont_hash" or missing value
[ 1203.148564][T28511] netlink: 220 bytes leftover after parsing attributes in process `syz.4.7472'.
[ 1203.158090][T28511] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7472'.
[ 1203.195331][T28517] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1203.202534][T28517] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1203.210395][T28517] device bridge_slave_0 entered promiscuous mode
[ 1203.221079][T28517] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1203.228070][T28517] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1203.235945][T28517] device bridge_slave_1 entered promiscuous mode
[ 1203.295396][T28517] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1203.302294][T28517] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1203.309414][T28517] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1203.316286][T28517] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1203.361196][T28525] netlink: 'syz.0.7474': attribute type 4 has an invalid length.
[ 1203.376316][   T24] audit: type=1400 audit(2000000082.209:4189): avc:  denied  { shutdown } for  pid=28523 comm="syz.1.7476" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1203.523498][T12064] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1203.541002][T12064] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1203.556500][T12064] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1203.624856][T25926] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1203.636248][T25926] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1203.643149][T25926] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1203.667406][T12064] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1203.680755][T12064] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1203.687686][T12064] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1203.706447][T12064] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1203.715126][T12064] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1203.730856][T28531] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1203.740064][T28517] device veth0_vlan entered promiscuous mode
[ 1203.747488][T28012] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1203.756299][T28012] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1203.764822][T28012] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1203.772507][T28012] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1203.954389][    T9] device bridge_slave_1 left promiscuous mode
[ 1203.963012][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1203.980420][    T9] device bridge_slave_0 left promiscuous mode
[ 1203.986538][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1203.994778][    T9] device veth1_macvtap left promiscuous mode
[ 1204.000755][    T9] device veth0_vlan left promiscuous mode
[ 1204.260384][T28548] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7480'.
[ 1204.281165][T18602] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1204.342291][T18602] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1204.356694][T28517] device veth1_macvtap entered promiscuous mode
[ 1204.373099][T12064] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1204.380911][T12064] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1204.389493][T12064] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1204.411661][T12064] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1204.420205][T12064] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1204.474879][T28558] netlink: 182 bytes leftover after parsing attributes in process `syz.0.7484'.
[ 1204.487372][T28552] netlink: 16 bytes leftover after parsing attributes in process `syz.4.7482'.
[ 1205.031668][T28567] FAT-fs (loop0): Unrecognized mount option "00000000000000000000003" or missing value
[ 1205.166245][T28564] hub 6-0:1.0: USB hub found
[ 1205.171249][T28564] hub 6-0:1.0: 1 port detected
[ 1205.445529][T28594] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7488'.
[ 1205.754828][T28614] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1205.764807][   T24] audit: type=1400 audit(2000000084.718:4190): avc:  denied  { name_bind } for  pid=28626 comm="syz.1.7501" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[ 1205.791015][T28614] ext4 filesystem being mounted at /76/bus supports timestamps until 2038 (0x7fffffff)
[ 1206.318137][T28655] tipc: Started in network mode
[ 1206.322876][T28655] tipc: Own node identity 00000000000000000000000000000001, cluster identity 4711
[ 1206.332452][T28655] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[ 1206.519082][T28660] EXT4-fs error (device loop0): ext4_fill_super:4955: inode #2: comm syz.0.7507: casefold flag without casefold feature
[ 1206.531597][T28645] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[ 1206.531804][T28660] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[ 1206.549210][T28660] EXT4-fs (loop0): Errors on filesystem, clearing orphan list.
[ 1206.549210][T28660] 
[ 1206.559048][T28660] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1206.649674][T18602] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[ 1206.791880][   T24] audit: type=1400 audit(2000000085.789:4191): avc:  denied  { setattr } for  pid=28659 comm="syz.0.7507" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1207.048329][T18602] usb 5-1: config 0 has an invalid descriptor of length 140, skipping remainder of the config
[ 1207.060998][T18602] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1207.067851][T28645] usb 3-1: too many configurations: 18, using maximum allowed: 8
[ 1207.070188][T18602] usb 5-1: New USB device found, idVendor=3923, idProduct=0025, bcdDevice=2b.00
[ 1207.086364][T18602] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1207.095346][T18602] usb 5-1: config 0 descriptor??
[ 1207.210526][T28645] usb 3-1: unable to read config index 0 descriptor/start: -61
[ 1207.503323][T28645] usb 3-1: can't read configurations, error -61
[ 1207.564231][T28685] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[ 1207.648359][T28645] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[ 1207.934610][T28645] usb 3-1: too many configurations: 18, using maximum allowed: 8
[ 1208.047948][T28701] netlink: 'syz.0.7520': attribute type 9 has an invalid length.
[ 1208.055607][T28645] usb 3-1: unable to read config index 0 descriptor/start: -61
[ 1208.055627][T28645] usb 3-1: can't read configurations, error -61
[ 1208.084668][T28701] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7520'.
[ 1208.090268][T28645] usb usb3-port1: attempt power cycle
[ 1208.313105][T28709] netlink: 76 bytes leftover after parsing attributes in process `syz.3.7522'.
[ 1208.378333][T28707] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled
[ 1208.389053][ T2822] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[ 1208.542322][T28707] [EXT4 FS bs=4096, gc=1, bpg=71, ipg=32, mo=a842c09c, mo2=0000]
[ 1208.551048][T28645] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[ 1208.554303][T28707] System zones: 0-2, 18-18, 34-34
[ 1208.590383][T28707] EXT4-fs (loop0): 1 orphan inode deleted
[ 1208.596205][T28707] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,stripe=0x000000000000000a,nolazytime,noquota,jqfmt=vfsold,minixdf,init_itable=0x0000000000000002,grpid,debug,,errors=continue
[ 1208.617770][T28707] ext4 filesystem being mounted at /81/file1 supports timestamps until 2038 (0x7fffffff)
[ 1208.696916][T28645] usb 3-1: too many configurations: 18, using maximum allowed: 8
[ 1208.820131][T28645] usb 3-1: unable to read config index 0 descriptor/start: -61
[ 1208.827664][T28645] usb 3-1: can't read configurations, error -61
[ 1208.877169][ T2822] usb 2-1: config 7 descriptor has 1 excess byte, ignoring
[ 1208.884319][ T2822] usb 2-1: config 7 has 1 interface, different from the descriptor's value: 2
[ 1208.972398][T28645] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[ 1209.039357][ T2822] usb 2-1: New USB device found, idVendor=19d2, idProduct=1275, bcdDevice= 7.84
[ 1209.048265][ T2822] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1209.048278][ T2822] usb 2-1: Product: syz
[ 1209.048290][ T2822] usb 2-1: Manufacturer: syz
[ 1209.048300][ T2822] usb 2-1: SerialNumber: syz
[ 1209.087511][ T2822] rndis_host 2-1:7.0: skipping garbage
[ 1209.092945][ T2822] usb 2-1: bad CDC descriptors
[ 1209.097906][T28645] usb 3-1: device descriptor read/8, error -71
[ 1209.278844][T28726] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7525'.
[ 1209.412865][T28015] usb 2-1: USB disconnect, device number 28
[ 1209.544488][T28645] usb 3-1: device descriptor read/8, error -71
[ 1209.658282][T28645] usb usb3-port1: unable to enumerate USB device
[ 1209.744677][T28015] usb 5-1: USB disconnect, device number 45
[ 1210.103635][   T24] audit: type=1400 audit(2000000089.264:4192): avc:  denied  { listen } for  pid=28737 comm="syz.0.7532" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1210.123713][   T24] audit: type=1400 audit(2000000089.264:4193): avc:  denied  { accept } for  pid=28737 comm="syz.0.7532" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1210.183206][T28744] udc-core: couldn't find an available UDC or it's busy
[ 1210.195397][T28744] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1210.210769][ T2822] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[ 1210.253448][   T24] audit: type=1400 audit(2000000089.432:4194): avc:  denied  { name_bind } for  pid=28741 comm="syz.3.7533" src=32 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=udp_socket permissive=1
[ 1210.605645][T28015] usb 4-1: new high-speed USB device number 127 using dummy_hcd
[ 1210.639348][T28645] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[ 1210.715632][ T2822] usb 3-1: device descriptor read/64, error -71
[ 1210.887164][T28015] usb 4-1: Using ep0 maxpacket: 16
[ 1211.087178][T28645] usb 1-1: device descriptor read/64, error -71
[ 1211.106203][T28015] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 1211.117767][T28015] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 1211.127519][T28015] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1211.137342][T28015] usb 4-1: config 0 descriptor??
[ 1211.201821][ T2822] usb 3-1: device descriptor read/64, error -71
[ 1211.458971][ T2822] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[ 1211.478042][T28645] usb 1-1: device descriptor read/64, error -71
[ 1211.639667][T28015] usbhid 4-1:0.0: can't add hid device: -71
[ 1211.645657][T28015] usbhid: probe of 4-1:0.0 failed with error -71
[ 1211.655050][T28015] usb 4-1: USB disconnect, device number 127
[ 1211.715753][ T2822] usb 3-1: device descriptor read/64, error -71
[ 1211.734784][T28645] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[ 1211.842913][T28763] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7537'.
[ 1307.172330][    C1] rcu: INFO: rcu_preempt self-detected stall on CPU
[ 1307.178773][    C1] rcu: 	1-...!: (10004 ticks this GP) idle=4de/1/0x4000000000000000 softirq=136341/136346 fqs=0 last_accelerate: 6657/8d69 dyntick_enabled: 1
[ 1307.193334][    C1] 	(t=10003 jiffies g=163657 q=1)
[ 1307.198209][    C1] rcu: rcu_preempt kthread starved for 10003 jiffies! g163657 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0
[ 1307.209962][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1307.219850][    C1] rcu: RCU grace-period kthread stack dump:
[ 1307.225687][    C1] task:rcu_preempt     state:I stack:    0 pid:   13 ppid:     2 flags:0x00004000
[ 1307.234714][    C1] Call Trace:
[ 1307.237851][    C1]  __schedule+0xbe6/0x1330
[ 1307.242121][    C1]  ? release_firmware_map_entry+0x192/0x192
[ 1307.247813][    C1]  ? _raw_spin_lock_irqsave+0xf9/0x210
[ 1307.253108][    C1]  ? _raw_spin_lock+0x1b0/0x1b0
[ 1307.257812][    C1]  schedule+0x13d/0x1d0
[ 1307.261805][    C1]  schedule_timeout+0x18c/0x360
[ 1307.266567][    C1]  ? prepare_to_swait_event+0x39f/0x3e0
[ 1307.271972][    C1]  ? console_conditional_schedule+0x10/0x10
[ 1307.277690][    C1]  ? run_local_timers+0x160/0x160
[ 1307.282536][    C1]  ? __note_gp_changes+0x2d8/0x6f0
[ 1307.287491][    C1]  rcu_gp_kthread+0xefc/0x23a0
[ 1307.292240][    C1]  ? dump_blkd_tasks+0x7e0/0x7e0
[ 1307.296955][    C1]  ? rcu_barrier_callback+0x50/0x50
[ 1307.302000][    C1]  ? _raw_spin_lock+0x1b0/0x1b0
[ 1307.306667][    C1]  ? __kasan_check_read+0x11/0x20
[ 1307.311521][    C1]  ? __kthread_parkme+0xb9/0x1c0
[ 1307.316294][    C1]  kthread+0x34b/0x3d0
[ 1307.320196][    C1]  ? rcu_barrier_callback+0x50/0x50
[ 1307.325233][    C1]  ? kthread_blkcg+0xd0/0xd0
[ 1307.329659][    C1]  ret_from_fork+0x1f/0x30
[ 1307.333966][    C1] NMI backtrace for cpu 1
[ 1307.338077][    C1] CPU: 1 PID: 28763 Comm: syz.1.7537 Not tainted 5.10.221-syzkaller-01371-g1240968f7644 #0
[ 1307.347888][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1307.357865][    C1] Call Trace:
[ 1307.360982][    C1]  <IRQ>
[ 1307.363689][    C1]  dump_stack_lvl+0x1e2/0x24b
[ 1307.368200][    C1]  ? panic+0x812/0x812
[ 1307.372096][    C1]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 1307.377400][    C1]  ? _raw_spin_lock_irqsave+0xf9/0x210
[ 1307.382690][    C1]  ? _raw_spin_lock+0x1b0/0x1b0
[ 1307.387381][    C1]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[ 1307.393281][    C1]  dump_stack+0x15/0x17
[ 1307.397274][    C1]  nmi_trigger_cpumask_backtrace+0x2b5/0x300
[ 1307.403091][    C1]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[ 1307.408987][    C1]  arch_trigger_cpumask_backtrace+0x10/0x20
[ 1307.414715][    C1]  rcu_dump_cpu_stacks+0x199/0x2b0
[ 1307.419662][    C1]  rcu_sched_clock_irq+0xf8a/0x1890
[ 1307.424698][    C1]  ? rcutree_dead_cpu+0x340/0x340
[ 1307.429559][    C1]  ? hrtimer_run_queues+0x15f/0x440
[ 1307.434587][    C1]  update_process_times+0x198/0x200
[ 1307.439623][    C1]  tick_sched_timer+0x188/0x240
[ 1307.444307][    C1]  ? tick_setup_sched_timer+0x480/0x480
[ 1307.449690][    C1]  __hrtimer_run_queues+0x3d7/0xa50
[ 1307.454822][    C1]  ? hrtimer_interrupt+0x8b0/0x8b0
[ 1307.459764][    C1]  ? clockevents_program_event+0x214/0x2c0
[ 1307.465408][    C1]  ? ktime_get_update_offsets_now+0x266/0x280
[ 1307.471403][    C1]  hrtimer_interrupt+0x39a/0x8b0
[ 1307.476184][    C1]  __sysvec_apic_timer_interrupt+0xfd/0x3c0
[ 1307.481904][    C1]  asm_call_irq_on_stack+0xf/0x20
[ 1307.486756][    C1]  </IRQ>
[ 1307.489538][    C1]  sysvec_apic_timer_interrupt+0x85/0xe0
[ 1307.495034][    C1]  asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1307.500840][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x36/0x60
[ 1307.506818][    C1] Code: b0 c5 97 7e 65 8b 15 b5 c5 97 7e f7 c2 00 01 ff 00 74 11 f7 c2 00 01 00 00 74 35 83 b9 dc 0a 00 00 00 74 2c 8b 91 b8 0a 00 00 <83> fa 02 75 21 48 8b 91 c0 0a 00 00 48 8b 32 48 8d 7e 01 8b 89 bc
[ 1307.526354][    C1] RSP: 0018:ffffc90000d06930 EFLAGS: 00000246
[ 1307.532238][    C1] RAX: ffffffff8498952a RBX: 00000000000000ff RCX: ffff88812dc5e2c0
[ 1307.540046][    C1] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[ 1307.547868][    C1] RBP: ffffc90000d06930 R08: ffffffff8498951c R09: 0000000000000003
[ 1307.555680][    C1] R10: fffff520001a0d38 R11: dffffc0000000001 R12: dffffc0000000000
[ 1307.563483][    C1] R13: 1ffff920001a0d38 R14: 0000000000000035 R15: 0000000000000000
[ 1307.571318][    C1]  ? tipc_sk_lookup+0x21c/0x650
[ 1307.576120][    C1]  ? tipc_sk_lookup+0x22a/0x650
[ 1307.580823][    C1]  tipc_sk_lookup+0x22a/0x650
[ 1307.585303][    C1]  ? __kasan_check_write+0x14/0x20
[ 1307.590248][    C1]  ? tipc_sk_rcv+0x1e30/0x1e30
[ 1307.594852][    C1]  tipc_sk_rcv+0x499/0x1e30
[ 1307.599200][    C1]  ? __stack_depot_save+0x468/0x4d0
[ 1307.604229][    C1]  ? group_send_sig_info+0x131/0x320
[ 1307.609378][    C1]  ? kfree_skbmem+0x104/0x170
[ 1307.613857][    C1]  ? __lock_task_sighand+0x100/0x100
[ 1307.618970][    C1]  ? tipc_node_distr_xmit+0x36a/0x4d0
[ 1307.624177][    C1]  ? tipc_sk_backlog_rcv+0x18b/0x210
[ 1307.629389][    C1]  ? __fput+0x309/0x760
[ 1307.633392][    C1]  ? ____fput+0x15/0x20
[ 1307.637375][    C1]  ? __skb_queue_purge+0x180/0x180
[ 1307.642334][    C1]  ? kfree_skbmem+0x104/0x170
[ 1307.646836][    C1]  ? bpf_trace_run2+0xf4/0x280
[ 1307.651436][    C1]  tipc_node_xmit+0x34b/0xe30
[ 1307.655946][    C1]  ? kfree_skbmem+0x104/0x170
[ 1307.660459][    C1]  ? __bpf_trace_kmem_free+0x6f/0x90
[ 1307.665576][    C1]  ? tipc_node_get_linkname+0x190/0x190
[ 1307.670960][    C1]  ? kfree_skbmem+0x104/0x170
[ 1307.675470][    C1]  ? __traceiter_kmem_cache_free+0x2e/0x50
[ 1307.681133][    C1]  ? kmem_cache_free+0x1c0/0x1e0
[ 1307.685891][    C1]  ? kfree_skbmem+0x104/0x170
[ 1307.690414][    C1]  tipc_node_xmit_skb+0x153/0x1b0
[ 1307.695268][    C1]  ? __skb_queue_purge+0x180/0x180
[ 1307.700211][    C1]  ? trace_tipc_sk_rej_msg+0x2b/0x6f0
[ 1307.705415][    C1]  tipc_sk_rcv+0x1c0b/0x1e30
[ 1307.709941][    C1]  ? __skb_queue_purge+0x180/0x180
[ 1307.714900][    C1]  tipc_node_xmit+0x34b/0xe30
[ 1307.719495][    C1]  ? stack_trace_save+0x1c0/0x1c0
[ 1307.724354][    C1]  ? __kernel_text_address+0x9b/0x110
[ 1307.729553][    C1]  ? tipc_node_get_linkname+0x190/0x190
[ 1307.734929][    C1]  ? __kasan_check_write+0x14/0x20
[ 1307.739885][    C1]  ? _raw_spin_lock_irqsave+0xf9/0x210
[ 1307.745170][    C1]  ? _raw_spin_lock+0x1b0/0x1b0
[ 1307.749879][    C1]  tipc_sk_filter_rcv+0x1da8/0x3e00
[ 1307.754921][    C1]  ? tipc_sk_dump+0xf50/0xf50
[ 1307.759418][    C1]  ? __kasan_check_write+0x14/0x20
[ 1307.764374][    C1]  ? _raw_spin_lock_bh+0xa4/0x1b0
[ 1307.769304][    C1]  ? kmem_cache_free+0xa9/0x1e0
[ 1307.774088][    C1]  tipc_sk_rcv+0x8a1/0x1e30
[ 1307.778422][    C1]  ? kfree_skbmem+0x104/0x170
[ 1307.782942][    C1]  ? __skb_queue_purge+0x180/0x180
[ 1307.787874][    C1]  ? tipc_sk_filter_rcv+0x3583/0x3e00
[ 1307.793227][    C1]  tipc_node_xmit+0x34b/0xe30
[ 1307.797739][    C1]  ? tipc_node_get_linkname+0x190/0x190
[ 1307.803115][    C1]  tipc_node_distr_xmit+0x36a/0x4d0
[ 1307.808144][    C1]  ? tipc_node_xmit_skb+0x1b0/0x1b0
[ 1307.813406][    C1]  ? __kasan_check_write+0x14/0x20
[ 1307.818348][    C1]  ? _raw_spin_lock_irqsave+0xf9/0x210
[ 1307.823634][    C1]  ? __tipc_shutdown+0xe7c/0x1510
[ 1307.828493][    C1]  tipc_sk_backlog_rcv+0x18b/0x210
[ 1307.833443][    C1]  ? tipc_sk_timeout+0xab0/0xab0
[ 1307.838214][    C1]  __release_sock+0x148/0x410
[ 1307.842726][    C1]  release_sock+0x65/0x1b0
[ 1307.846978][    C1]  tipc_release+0xb6b/0x1440
[ 1307.851404][    C1]  sock_close+0xdf/0x270
[ 1307.855479][    C1]  ? sock_mmap+0xa0/0xa0
[ 1307.859560][    C1]  __fput+0x309/0x760
[ 1307.863380][    C1]  ____fput+0x15/0x20
[ 1307.867199][    C1]  task_work_run+0x129/0x190
[ 1307.871930][    C1]  exit_to_user_mode_loop+0xbf/0xd0
[ 1307.877063][    C1]  syscall_exit_to_user_mode+0xa2/0x1a0
[ 1307.882432][    C1]  do_syscall_64+0x40/0x70
[ 1307.886701][    C1]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1307.892418][    C1] RIP: 0033:0x7f913de0ab59
[ 1307.896685][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1307.916115][    C1] RSP: 002b:00007f913d08c048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1307.924350][    C1] RAX: 00000000000203a0 RBX: 00007f913df9af60 RCX: 00007f913de0ab59
[ 1307.932162][    C1] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000009
[ 1307.939983][    C1] RBP: 00007f913de79e5d R08: 0000000000000000 R09: 0000000000000000
[ 1307.947785][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1307.955598][    C1] R13: 000000000000000b R14: 00007f913df9af60 R15: 00007fff9a67dd88
[ 1330.781100][    C0] watchdog: BUG: soft lockup - CPU#0 stuck for 117s! [syz.1.7537:28764]
[ 1330.789253][    C0] Modules linked in:
[ 1330.792992][    C0] CPU: 0 PID: 28764 Comm: syz.1.7537 Not tainted 5.10.221-syzkaller-01371-g1240968f7644 #0
[ 1330.802789][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1330.812872][    C0] RIP: 0010:kvm_wait+0xfc/0x150
[ 1330.817548][    C0] Code: 38 f0 75 26 41 f7 c7 00 02 00 00 75 0f 0f 1f 44 00 00 0f 00 2d 75 56 d5 03 f4 eb 0e 0f 1f 44 00 00 0f 00 2d 66 56 d5 03 fb f4 <4c> 89 7c 24 18 ff 74 24 18 9d 48 c7 44 24 20 0e 36 e0 45 49 c7 04
[ 1330.837695][    C0] RSP: 0018:ffffc90000b27680 EFLAGS: 00000246
[ 1330.843584][    C0] RAX: 0000000000000003 RBX: 1ffff92000164ed4 RCX: ffffffff8150b1f4
[ 1330.851485][    C0] RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffffc90000b276c0
[ 1330.859305][    C0] RBP: ffffc90000b27730 R08: dffffc0000000000 R09: ffffed1021d07c72
[ 1330.867107][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[ 1330.874917][    C0] R13: ffff88810e83e388 R14: 0000000000000003 R15: 0000000000000246
[ 1330.882728][    C0] FS:  00007f913d06b6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1330.891843][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1330.898264][    C0] CR2: 0000001b321fcff8 CR3: 0000000113353000 CR4: 00000000003506b0
[ 1330.906078][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1330.913900][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1330.921693][    C0] Call Trace:
[ 1330.924942][    C0]  <IRQ>
[ 1330.927647][    C0]  ? show_regs+0x58/0x60
[ 1330.931721][    C0]  ? watchdog_timer_fn+0x471/0x590
[ 1330.936662][    C0]  ? proc_watchdog_cpumask+0xd0/0xd0
[ 1330.941784][    C0]  ? __hrtimer_run_queues+0x3d7/0xa50
[ 1330.947001][    C0]  ? hrtimer_interrupt+0x8b0/0x8b0
[ 1330.951938][    C0]  ? clockevents_program_event+0x214/0x2c0
[ 1330.957581][    C0]  ? ktime_get_update_offsets_now+0x266/0x280
[ 1330.963480][    C0]  ? hrtimer_interrupt+0x39a/0x8b0
[ 1330.968438][    C0]  ? __sysvec_apic_timer_interrupt+0xfd/0x3c0
[ 1330.974350][    C0]  ? asm_call_irq_on_stack+0xf/0x20
[ 1330.979358][    C0]  </IRQ>
[ 1330.982144][    C0]  ? sysvec_apic_timer_interrupt+0x85/0xe0
[ 1330.987791][    C0]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1330.993771][    C0]  ? __pv_queued_spin_lock_slowpath+0x6d4/0xc70
[ 1330.999859][    C0]  ? kvm_wait+0xfc/0x150
[ 1331.003925][    C0]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1331.009916][    C0]  ? kvm_arch_para_hints+0x30/0x30
[ 1331.014871][    C0]  ? __pv_queued_spin_lock_slowpath+0x6d4/0xc70
[ 1331.020954][    C0]  __pv_queued_spin_lock_slowpath+0x72f/0xc70
[ 1331.026872][    C0]  ? __pv_queued_spin_unlock_slowpath+0x280/0x280
[ 1331.033097][    C0]  ? __kasan_check_read+0x11/0x20
[ 1331.037958][    C0]  _raw_spin_lock_bh+0x139/0x1b0
[ 1331.042723][    C0]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[ 1331.047759][    C0]  ? selinux_socket_sendmsg+0x243/0x340
[ 1331.053139][    C0]  lock_sock_nested+0x92/0x300
[ 1331.057737][    C0]  ? sock_init_data+0xc0/0xc0
[ 1331.062256][    C0]  ? check_stack_object+0x114/0x130
[ 1331.067293][    C0]  tipc_sendstream+0x47/0x70
[ 1331.071707][    C0]  ? tipc_getsockopt+0x790/0x790
[ 1331.076485][    C0]  ____sys_sendmsg+0x59e/0x8f0
[ 1331.081257][    C0]  ? __sys_sendmsg_sock+0x40/0x40
[ 1331.086094][    C0]  ? import_iovec+0xe5/0x120
[ 1331.090515][    C0]  ___sys_sendmsg+0x252/0x2e0
[ 1331.095030][    C0]  ? __sys_sendmsg+0x280/0x280
[ 1331.099630][    C0]  ? fput+0x1a/0x20
[ 1331.103273][    C0]  ? __sys_sendmmsg+0x45a/0x510
[ 1331.107989][    C0]  ? __fdget+0x1bc/0x240
[ 1331.112034][    C0]  __se_sys_sendmsg+0x1b1/0x280
[ 1331.116720][    C0]  ? __x64_sys_sendmsg+0x90/0x90
[ 1331.121502][    C0]  ? fpu__clear_all+0x20/0x20
[ 1331.126048][    C0]  ? __kasan_check_read+0x11/0x20
[ 1331.130866][    C0]  __x64_sys_sendmsg+0x7b/0x90
[ 1331.135475][    C0]  do_syscall_64+0x34/0x70
[ 1331.139721][    C0]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1331.145444][    C0] RIP: 0033:0x7f913de0ab59
[ 1331.149709][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1331.169147][    C0] RSP: 002b:00007f913d06b048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1331.177386][    C0] RAX: ffffffffffffffda RBX: 00007f913df9b038 RCX: 00007f913de0ab59
[ 1331.185242][    C0] RDX: 0000000020000009 RSI: 0000000020000300 RDI: 0000000000000009
[ 1331.193095][    C0] RBP: 00007f913de79e5d R08: 0000000000000000 R09: 0000000000000000
[ 1331.200903][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1331.208717][    C0] R13: 000000000000006e R14: 00007f913df9b038 R15: 00007fff9a67dd88
[ 1331.216533][    C0] Sending NMI from CPU 0 to CPUs 1:
[ 1331.222953][    C1] NMI backtrace for cpu 1
[ 1331.222962][    C1] CPU: 1 PID: 28763 Comm: syz.1.7537 Not tainted 5.10.221-syzkaller-01371-g1240968f7644 #0
[ 1331.222969][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1331.222973][    C1] RIP: 0010:kasan_check_range+0x0/0x2a0
[ 1331.222992][    C1] Code: 48 c1 ee 03 48 01 c6 48 89 c7 e8 5b 56 04 03 31 c0 5d c3 0f 0b eb 02 0f 0b b8 ea ff ff ff 5d c3 cc cc cc cc cc cc cc cc cc cc <55> 48 89 e5 41 57 41 56 41 55 41 54 53 b0 01 48 85 f6 0f 84 a4 01
[ 1331.222997][    C1] RSP: 0018:ffffc90000d06988 EFLAGS: 00000256
[ 1331.223006][    C1] RAX: 0000000000000001 RBX: 1ffff920001a0d34 RCX: ffffffff84b1c194
[ 1331.223011][    C1] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffc90000d069c0
[ 1331.223016][    C1] RBP: ffffc90000d06990 R08: dffffc0000000000 R09: fffff520001a0dd3
[ 1331.223021][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[ 1331.223025][    C1] R13: ffffc90000d06e94 R14: 1ffff920001a0d38 R15: ffffc90000d069c0
[ 1331.223031][    C1] FS:  00007f913d08c6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1331.223035][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1331.223039][    C1] CR2: 00007f913d06bd58 CR3: 0000000113353000 CR4: 00000000003506a0
[ 1331.223044][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1331.223049][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1331.223051][    C1] Call Trace:
[ 1331.223053][    C1]  <NMI>
[ 1331.223056][    C1]  ? show_regs+0x58/0x60
[ 1331.223060][    C1]  ? nmi_cpu_backtrace+0x133/0x160
[ 1331.223064][    C1]  ? kasan_add_zero_shadow+0x50/0x50
[ 1331.223067][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 1331.223070][    C1]  ? nmi_handle+0xa8/0x280
[ 1331.223074][    C1]  ? kasan_add_zero_shadow+0x50/0x50
[ 1331.223077][    C1]  ? default_do_nmi+0x69/0x160
[ 1331.223080][    C1]  ? exc_nmi+0xad/0x100
[ 1331.223083][    C1]  ? end_repeat_nmi+0x16/0x31
[ 1331.223086][    C1]  ? _raw_spin_lock_bh+0xa4/0x1b0
[ 1331.223090][    C1]  ? kasan_add_zero_shadow+0x50/0x50
[ 1331.223093][    C1]  ? kasan_add_zero_shadow+0x50/0x50
[ 1331.223096][    C1]  ? kasan_add_zero_shadow+0x50/0x50
[ 1331.223099][    C1]  </NMI>
[ 1331.223102][    C1]  ? __kasan_check_write+0x14/0x20
[ 1331.223106][    C1]  _raw_spin_lock_bh+0xa4/0x1b0
[ 1331.223109][    C1]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[ 1331.223112][    C1]  ? kasan_check_range+0x1bf/0x2a0
[ 1331.223116][    C1]  tipc_sk_rcv+0x2d6/0x1e30
[ 1331.223119][    C1]  ? __stack_depot_save+0x468/0x4d0
[ 1331.223123][    C1]  ? group_send_sig_info+0x131/0x320
[ 1331.223126][    C1]  ? kfree_skbmem+0x104/0x170
[ 1331.223129][    C1]  ? __lock_task_sighand+0x100/0x100
[ 1331.223133][    C1]  ? tipc_node_distr_xmit+0x36a/0x4d0
[ 1331.223136][    C1]  ? tipc_sk_backlog_rcv+0x18b/0x210
[ 1331.223139][    C1]  ? __fput+0x309/0x760
[ 1331.223142][    C1]  ? ____fput+0x15/0x20
[ 1331.223146][    C1]  ? __skb_queue_purge+0x180/0x180
[ 1331.223149][    C1]  ? kfree_skbmem+0x104/0x170
[ 1331.223152][    C1]  ? bpf_trace_run2+0xf4/0x280
[ 1331.223156][    C1]  tipc_node_xmit+0x34b/0xe30
[ 1331.223159][    C1]  ? kfree_skbmem+0x104/0x170
[ 1331.223162][    C1]  ? __bpf_trace_kmem_free+0x6f/0x90
[ 1331.223166][    C1]  ? tipc_node_get_linkname+0x190/0x190
[ 1331.223169][    C1]  ? kfree_skbmem+0x104/0x170
[ 1331.223173][    C1]  ? __traceiter_kmem_cache_free+0x2e/0x50
[ 1331.223177][    C1]  ? kmem_cache_free+0x1c0/0x1e0
[ 1331.223180][    C1]  ? kfree_skbmem+0x104/0x170
[ 1331.223183][    C1]  tipc_node_xmit_skb+0x153/0x1b0
[ 1331.223187][    C1]  ? __skb_queue_purge+0x180/0x180
[ 1331.223191][    C1]  ? trace_tipc_sk_rej_msg+0x2b/0x6f0
[ 1331.223194][    C1]  tipc_sk_rcv+0x1c0b/0x1e30
[ 1331.223198][    C1]  ? __skb_queue_purge+0x180/0x180
[ 1331.223201][    C1]  tipc_node_xmit+0x34b/0xe30
[ 1331.223204][    C1]  ? stack_trace_save+0x1c0/0x1c0
[ 1331.223208][    C1]  ? __kernel_text_address+0x9b/0x110
[ 1331.223211][    C1]  ? tipc_node_get_linkname+0x190/0x190
[ 1331.223215][    C1]  ? __kasan_check_write+0x14/0x20
[ 1331.223218][    C1]  ? _raw_spin_lock_irqsave+0xf9/0x210
[ 1331.223222][    C1]  ? _raw_spin_lock+0x1b0/0x1b0
[ 1331.223225][    C1]  tipc_sk_filter_rcv+0x1da8/0x3e00
[ 1331.223229][    C1]  ? tipc_sk_dump+0xf50/0xf50
[ 1331.223232][    C1]  ? __kasan_check_write+0x14/0x20
[ 1331.223236][    C1]  ? _raw_spin_lock_bh+0xa4/0x1b0
[ 1331.223240][    C1]  ? kmem_cache_free+0xa9/0x1e0
[ 1331.223244][    C1]  tipc_sk_rcv+0x8a1/0x1e30
[ 1331.223247][    C1]  ? kfree_skbmem+0x104/0x170
[ 1331.223250][    C1]  ? __skb_queue_purge+0x180/0x180
[ 1331.223254][    C1]  ? tipc_sk_filter_rcv+0x3583/0x3e00
[ 1331.223257][    C1]  tipc_node_xmit+0x34b/0xe30
[ 1331.223261][    C1]  ? tipc_node_get_linkname+0x190/0x190
[ 1331.223264][    C1]  tipc_node_distr_xmit+0x36a/0x4d0
[ 1331.223268][    C1]  ? tipc_node_xmit_skb+0x1b0/0x1b0
[ 1331.223271][    C1]  ? __kasan_check_write+0x14/0x20
[ 1331.223275][    C1]  ? _raw_spin_lock_irqsave+0xf9/0x210
[ 1331.223278][    C1]  ? __tipc_shutdown+0xe7c/0x1510
[ 1331.223282][    C1]  tipc_sk_backlog_rcv+0x18b/0x210
[ 1331.223285][    C1]  ? tipc_sk_timeout+0xab0/0xab0
[ 1331.223288][    C1]  __release_sock+0x148/0x410
[ 1331.223291][    C1]  release_sock+0x65/0x1b0
[ 1331.223295][    C1]  tipc_release+0xb6b/0x1440
[ 1331.223298][    C1]  sock_close+0xdf/0x270
[ 1331.223301][    C1]  ? sock_mmap+0xa0/0xa0
[ 1331.223304][    C1]  __fput+0x309/0x760
[ 1331.223307][    C1]  ____fput+0x15/0x20
[ 1331.223310][    C1]  task_work_run+0x129/0x190
[ 1331.223313][    C1]  exit_to_user_mode_loop+0xbf/0xd0
[ 1331.223317][    C1]  syscall_exit_to_user_mode+0xa2/0x1a0
[ 1331.223320][    C1]  do_syscall_64+0x40/0x70
[ 1331.223324][    C1]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1331.223327][    C1] RIP: 0033:0x7f913de0ab59
[ 1331.223338][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1331.223342][    C1] RSP: 002b:00007f913d08c048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1331.223350][    C1] RAX: 00000000000203a0 RBX: 00007f913df9af60 RCX: 00007f913de0ab59
[ 1331.223355][    C1] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000009
[ 1331.223360][    C1] RBP: 00007f913de79e5d R08: 0000000000000000 R09: 0000000000000000
[ 1331.223365][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1331.223370][    C1] R13: 000000000000000b R14: 00007f913df9af60 R15: 00007fff9a67dd88