last executing test programs:

8.588388099s ago: executing program 0 (id=1085):
socket$netlink(0x10, 0x3, 0x0)
r0 = epoll_create1(0x0)
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x7, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200))
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0x1, 0x8000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
syz_btf_id_by_name$bpf_lsm(&(0x7f0000000280)='bpf_lsm_xfrm_state_alloc\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
fcntl$dupfd(r0, 0x2, 0xffffffffffffffff)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000))
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x37, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0xa0)
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000001c0)='sched_switch\x00', r3}, 0x10)
read$watch_queue(0xffffffffffffffff, &(0x7f0000001d40)=""/4095, 0xfff)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x4})

6.155227253s ago: executing program 0 (id=1092):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r1, &(0x7f00000000c0)=""/55, 0x37)
getdents(r1, &(0x7f0000000300)=""/194, 0xc2) (fail_nth: 8)

6.085764194s ago: executing program 0 (id=1094):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='fdb_delete\x00', r1}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

6.008336565s ago: executing program 0 (id=1096):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000dc0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x419, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x10, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x3}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x0, 0xf7}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000800000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(r3)
syz_usb_control_io$hid(r0, &(0x7f0000000200)={0x24, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x00'], 0x0, 0x0, 0x0}, 0x0)

4.129318922s ago: executing program 1 (id=1104):
mincore(&(0x7f0000f0c000/0x3000)=nil, 0x3000, 0x0)
timerfd_gettime(0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
rt_tgsigqueueinfo(r0, r0, 0x1e, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$bt_hci(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, 0xffff, 0x4}, 0x6)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0xc)
openat$null(0xffffffffffffff9c, 0x0, 0x6401, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r4)
sendmsg$TIPC_CMD_GET_NODES(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)={0x1c, r5, 0x1, 0xa6, 0x0, {{}, {0x0, 0x6}}}, 0x1c}}, 0x0)

3.669613468s ago: executing program 0 (id=1108):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000880)={[{@errors_remount}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@debug}, {@bsdgroups}, {@oldalloc}, {@nojournal_checksum}]}, 0x2, 0x44a, &(0x7f0000000400)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c")
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$EXT4_IOC_GETFSUUID(r2, 0x8008662c, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getpgid(0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000700), &(0x7f00000000c0), 0xff, r1}, 0x38)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='locks_get_lock_context\x00', r3}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x26, &(0x7f0000000000))
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001500)=ANY=[@ANYBLOB="180000000040000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000198500000071000000850000005000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r6, &(0x7f0000000280)="54fb0831bea4d4185b5f5ee3f5e10d1cbde7454763182ce809582ca8cc32539233589c035b1a2a498f28153d541f1ae26063d1182e7174024783eb7709f4a3d0c29ad56d0f76ce69557800"/90, &(0x7f00000005c0)=""/154}, 0x20)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x800400, &(0x7f00000014c0), 0x1, 0x793, &(0x7f0000001700)="$eJzs3c1rXFUbAPDnTpKmb9r3TV4QbF0FBA2UTkyNrYKLigsRLBR0bTtMpqFmkimZSWlCoBYR3AhaXAi66dqPunPrx1b/Bd2ISEvVtFhxISN3PjqTZiadtvloze8Htz3n3jM595l77zln5h7mBrBjjab/ZCL2R8R7ScRwY30SEQO1VH/E0Xq5myvL+XRJolp99bekVubGynI+2l6T2tPI7IuIb96OOJBZW295cWkmVywW5hv58crsmfHy4tLB07O56cJ0Ye7wxOTkoSPPHBncuFj/+H5p79X3X3ry86N/vfXo5Xe/TeJo7G1sa49jo4zGaOM9GUjfwlVe3OjKtlmy3TvAPUkvzb76VR77Yzj6aqne9F4SAHiQnI+IKgCwwyT6fwDYYZrfA9xYWc6nS/X89n4fsdWuvRARu+vxN+9v1rf0N+7Z7a7dBx26kay635FExMgG1D8aER9/+fqn6RKbdB8SoJM3L0TEyZHRZvvfan+SNXMW6nqfkPFUD2VGb8tr/2DrfJWOf55tjf9a11/m1vgnOox/Bjtcu/diNGJXe37t9Z+5sgHVdJWO/54faM1tu9kWf8NIXyP339qYbyA5dbpYSNu2/0XEWAwMpvmJdeoYu/739VUr+lrJ9vHf7xff+CStP/2/VSJzpf+2JncqV8ndb9xN1y5EPNbfKf7k1vFPuox/j/dYx8vPvfNRt21p/Gm8zWV1/Js/q6x6KeKJ6Bx/U7Le/MTD47XTYbx5UnTwxU8fDnWrv/34p0taf/OzwFZIj//Q+vGPJO3zNct3X8d3l4a/7rbtzvF3Pv93Ja/V0s3G41yuUpmfiNiVvLJ2/aHWa5v5Zvk0/rHHO1//653/6WfCkz3G33/118/uPf7NlcY/dVfH/+4Tl2/O9HWrv7fjP1lLjTXW9NL+9bqD9/PeAQAAAAAAAAAAAAAAAAAAAAAAAECvMhGxN5JM9lY6k8lm68/wfiSGMsVSuXLgVGlhbipqz8oeiYFM86cuh9t+D3Wi8Xv4zfyh2/JPR8T/I+KDwf/U8tl8qTi13cEDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMOeLs//T/0yuN17BwBsmt13LHG9sCU7AgBsmTv3/wDAv43+HwB2Hv0/AOw8+n8A2Hn0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGyy48eOpUv1z5XlfJqfOru4MFM6e3CqUJ7Jzi7ks/nS/JnsdKk0XSxk86XZtpf+0OnvFUulM5Mxt3BuvFIoV8bLi0snZksLc5UTp2dz04UThYEtiwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeldeXJrJFYuFeYmHJVEdrh+6B2V/Nj/x88Ef961X5qLTeOMT290yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwc/gkAAP//skMoxA==")
mount$incfs(&(0x7f0000000300)='./file0\x00', &(0x7f0000000400)='./file0\x00', &(0x7f0000000280), 0x0, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
r8 = openat$incfs(r7, &(0x7f0000000180)='.pending_reads\x00', 0x10b441, 0x0)
ioctl$INCFS_IOC_CREATE_FILE(r8, 0xc058671e, &(0x7f00000009c0)={{}, {0xffffffffffffffff}, 0x4f, 0x0, 0x0, 0x0, &(0x7f0000000480)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0, 0x0, 0x0})
openat(r7, &(0x7f0000000380)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x80001, 0xb6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r9}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x4, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
syz_usb_connect(0x0, 0x24, &(0x7f0000000e80)=ANY=[@ANYBLOB="120100006fb68440e11d02c1087d01020301090212000100000000090408000043"], 0x0)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c152bfdf9435e3ffe46", 0xe90c, 0xa0c4, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)

3.53796258s ago: executing program 2 (id=1110):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socket$igmp6(0xa, 0x3, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1f, 0xf, &(0x7f00000000c0)=@ringbuf={{0x18, 0x6}, {{}, {}, {}, {0x85, 0x0, 0x0, 0x2a}, {0x7, 0x0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0xb5}}}, &(0x7f0000000940)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
connect$tipc(0xffffffffffffffff, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0)

2.872938849s ago: executing program 1 (id=1114):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
r4 = socket(0x8000000010, 0x2, 0x0)
write(r4, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9463cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)

2.80007943s ago: executing program 4 (id=1115):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r0, &(0x7f00000003c0)={&(0x7f0000000180), 0x10, &(0x7f0000000380)=[{&(0x7f0000000480)="c3e972bd85a6d84136d6dd55048d3593a74f338ce6772ab9a6f64041c2f6fbbecdc08ebcd3192b6a53662dae7c8e9c665e80a5d0925f728dcac30c29793992e588952653d414cb8ccdabc38767fee819ec5af0c5ee936880fe8549b4ed347779cab4ffd4e0b62c53a1c01db28f2b3f91c34211c9353bc1dece61511917c2245fd66cb8dffeacb4d46d627c97b498bf1ff6b313bfbc9765457c831771d5eec7997ec242e4505f01c1bb3e069b2e630f42a2be86598a61", 0x64}, {&(0x7f0000000300)='V', 0x1}, {&(0x7f0000001600)="3eed50d0125719a810f88e3f47186fe4dae74182dfd109a2587c4797410c9b8e39bd3d9aa144d5908647c30c8db69b5c17084c9b1bfbb8680737c4f88abcdbc7d294d72ab1b344270915df9ddf5635644c351c22b29d948ac4106bce7107570beed63077cfbc98ef71699eae65d37724d995b553e7a3ade619b522313ab382caf879feb48942878e605ee3ee2872794e3abe22a3f025068b628a5d92468092a5cc649bbbd978b5772e537939432a502122235ced312dafd108c9ffeb0b38cc16da9418ca01d485a6afb5827da4df6e1121ec307de14bb32b6a977608e4576a998182dd93d592ff43e55bfdbbce23ecd501e43b3e93ef8d9d01711dff54c301e299d3801a3cffe6c9883fbd0e47124dc02569f62d48b878fcb58ce99fcffcd2a5166eff3ad93cf1d137274993d86a3b3730d63ded759f6ca88fa449e5575b15321e5a58a1f888eed7466db4976ce35f6d2efb5ad05d99a66482dc607cb5acb24d326803bd337519cc98103f59c63b5962cd72e4497d1b00817d6e09de70270a09b493c2226617b1c9ef9d506be00d6e07f14633a966f04ecca90fb8d2b963ad6f3817935bd6534fa3da1c5dc468789cbf1192f3c0bff3777f1edd2ada5d35f88f12f29e952c44445ce623509d66811c80a9e0f13ad85aba37d86ff0da4dda601d9e8acb264233bc939fb056316612cff687d5c44157be05bcc88b333ff2a40041d98f1acfe6e2231a84e09bd7a54a0442cf87ce3ee8fd8da39da1862862ae40fc3cb3055c8b70e62f243850707341f51426bb3e71c7a4fffefab060db786000618b05eb087a424a2f30f6a232ff44b605f70ceec0a8f70e37907f6e0bbba21e9d5b7ecb6d287742b75c101ba79525918c3473eae38f3c177249dfa8816661c9921f0b0c858d53ab87c8407b97950c842111002edd1d1e80b801b495da28bcd5409bc971e55dab1857e188ac9728efc8f9a4543945f86ade13b445eacecbbf848a96410ac37c57e3e9e8bc8b8fadd559d225c7468639da2b5d1208558b51e94c14faa7947a7c60e81a96bb5d194cc7289adbc02ebb4b49be1f1efc429db2f9b79b5a22919dba0c35341042c5776942c52365367c4bfc95b42be383cca7107161ded7e851d0126da33d581f1e2b08d0c061e86d31e7a83f9b51c79b4034c7deda7697034e1404c6e8e459f76c2efe64350146c7437ef808e04ca14df5f6f500264fd977272bbf8fc096774e8eb61d0963430751ac1425a073f84346b0eba368cba7fa34adc420800d4f99927280eba199f9695cf88124fafc3a2b1226d2f2ab3ea27c69a127650cf5c725b54c02bd8729033cf699ce7f030f9a3442056244da3cfb61a8126dba11377624f39eb009242152fd7b8b88de7dd86057f29bfcb7b7df0e65e7e9ac9eeaa41afa62743698bff03d5b2d51fb6bca2d92294e8e177cfa3661b26f1c040e9bed983b7bc0aa154eb9c92e4ee25091318c53113a1c23ac62d2d71504cba99041f29a4f332133292cf20abec9222a2acca57cac48fa6c0668ee5eecb494741a64d33b011dcca74696d4614c5b45a5d20983b1708d365ed3ffa60f9161972a611c22642c3c259b41f943f6d7a8b60f284d325e38fe76f0645e069ff70cae38850ccf973193b6232c987df26239a574691f7f07fffa6deae1eb0324fe546573c36f2a2c31cd442517a9b036ae6a2a491e7343864693c107a5dc2585820863c146c1ba6caa4fea9b87d567716f4c8ca1a9d2848055cd750512d3b7415d090019dc8a04a1a1d28931093cd8f00e94c407ca1fa2a5ce903d9df26e008c07cd13afa783220e1bd5e6b60645f3dbb6ecb4156fedafa2dd25498c6a99d94f0b38125ea7741b75109dcac9f80635f79f5c8a0483bb9f05a3a5bf721c7541edb252449f8b13e63c370a6146332f03ca1f1b6fe0bed984f13744bb7fa0fe322e83ddf9ffb2083e94f33604a0a199220c450dad94bf154805e7f9e4350ca2d81adf2978c87dcc8a8a7d56297ec124bfef0d28f35777205e973272c87e01070f14f5b14daa3b5104d9ff6b296c4f16ed49eb42d35e7ba3bccb7a26c33a263df88aadd596e9d9de0abbd4d449df11081f2cd62e1d8962b9b9feb25a3b8e03537d61a61c11ac22b7211d12c84e60a6abcc219e558b2513d8c530b3c7a57cdc47de545aafbb2a13c0e6c75b1b92fa241c713c83a09c92b2b61d565120372a9143415583c9596f27a663d4967cd653b08cebd6cb96c1f0dc80d57267ac9a8281d7149bde880828ee27d69a6818db58320db29d1b044eaf6ab8a5108bc522de406990b5393b1f7e7bab71bf6cf8eed1cd59c7607d662e8b313f5c4fce0f59b1027371381011b63dd5b2b09739082c0d62ffad96e30153a395234937d377c32fe7af82aca3a19d0ebc4a5c5fb5ff190f14d5695c703b571fb4bf03756635cafc6cf6267eab836c347a9d07e8089fc105346934cf3364e5be370b3c42b94bc5ae3d17a817398566a2953251eb91697d67278145df9a4b917bcca1bf211780b22f4caacfcb7604c84f943d05f6fdf8edbd258d7d8dbf84f9d99e57472c5b1c2337d749a1f345e662e2536d23c7a63bbbbf00f8b5b0a2106a0342ab27b9a10b82e82668cd49e0cbb09d7be0217645f1dda3be59c8232fa290d34791cda52aa5b5cec6339ab96a2eb3f5328cc7c0e6717c2824344547a2ed518f6b2b4e4fe5b684596aa6a9d3988fc5d5ff4cb46cec99d951b8386b10949a163af974b7543df97b4882a4ed60e927a1deb67c5f814235bef65fea79a2c712815be7403c93a3707fb90d4604ec3a6a3b0928f253f6ab6bd56c958e026c8c58172c4ac2a3efe2ecd5cea70c8313f9ac2d638bc296ba99e2ca86d2fd06b5402cdcddc3f3c9845d5ae77f6f36963b91e8f6cdccd17abe8d40ed02463af4bb0e496344f350097f1cc13313fa1e172b63556ed2b8a8121c01a5fb343ff7767821626fc49b0d6bd522e1c9bf137d5a5bccb4bc8dbb64c83a82ef6c2894f3896c9f6bf0c3764011d53eeb6db9ea9dae22d3ebcca4942d5828c0bca0d9ea37701d5a06c066ac4fe318e11e9c0d6c658ac810fb5d7836cfffe4ccbb0934e5567d74695980a156d4bf1c18861c5a29ccd349999dc20562d00e1f6c1851ae563541086438d60b975c8ceb466414ff60efa0b2dee790fd0659ffa98b92414c13d5a6825368f56c4984412205041cd8e006c7127d4395ecdffb5addf80ef938ce54a367154c4fc286d5f969325c12b13655a9a956dd3b98281f537e837669fc55d8930676e807aa8cd046e0f4583d59f86cb99f3f7a7ddde1fb39111fdec7677d2fee4b8f4814a5def5ebcc67c653384ce80eaffd880405f7edf8fd3ea049f040595df4a75e2f892e7a85e0ba351fb8d263bfff7168bb85017b360fcd2ba89346682a6ea7ccc46afbdb5ab444e3f477238b2ab503bde914d3cf1789539cde9c0621152cd97bff9f235d88a1ef4ea4309db3a05d401af7fb82784b050ef529dab4f1f003eb29710a962f7538c521e617e2f0efac36182d09985e1d725cc38c3833a53742a02f76fb2854a9e45f0febacf3bda83f11183ef5b9fef02ebcdf56d4104b175bad937d8f61964f97d673577cdcbbb48d8eb62b063ee6563b9ff053719baff871bcd83822d865b2f7ef023076425ac5cd71b1f2309de0c6f14cc9c4d3e8fad945f756a7c8a084ea1bfdf5ac6e740043e7f7bdaca06774b084ae314c2636529d4fdcd965c7f8c07156572620b827d694efdc9d2bfc5aa9391220a83765f2c71fcd48d4acaed60afb53d1013fa3b15e948ec4159f7d130ef85b594018346e99034c18738285223ea53a6b1d5cf11a607de2e19608ba03ec970a915b773824261f3fc931dd6d3b934d89f07baf14776314c3eeb8cd0537ef5736f565fbd14e520d4ab2f77ed9597b76ff91f8d1f99ebd6e473efda7accb273975a06944d1037032129992b994ca791a09b4d83980a1e494b0f97098df5f6fb6bbb02722adb11dc319c565c2c363cbd19d9fb3efb4613b62d6584cd53f7bd80e3e89304f444ce9dd1835661e3bb4de02ccf568a2a5daaf0d56898d4286c3fb62e22af62d7ac318685834467f337561dde2e0c1e2827cdffcf42c17728ee64b3ff4ccc0227590badd0bd7e448b8cca0892d6a5e0130d2ac665f47c6b28daa101c1b319869bdd39fa924d6d9ba7d72feda5f21ac78641c7d4801d41c7879721b3be4dab40d9c4a78552440101f373489cc5240b0144a9ce32691a784b6dfe971a21bb5980ff67da2d1bb90b223c9e192a39c1aeadd1f5c790811079c0b51a97105c99b6f95d71bb3ea47c33d9dcb0a53c929c44499e184a3cd722c908d3b0d157e28ffdeb2ed7192e780d96a7a2f0fd5a87bdc973e049da0caf931f26f5a21813e2e602ceb2259997e0205ce48fd9424bd6d4d75dd4301f429ee30745cd839a40dbeab4c3db2f0f10bbaea071ca41d1392385681730a3678a5f60f604dbe19cb9d7dd234337e327451b8cc65394af399432ef7fc3765d055874ebdca14e5999292d6f72f31e92bacf25db5ef8f5212952c1910de06ddbe1687a0e1837922f2228289916ed3aeb7b9cc24da3ae47139e371930afa6d3573df6732c26c0c7ae06d9cedfa77160711bcb06e6553338deae4c5731cf53cc154113096d02f3036d7d9edfcdc331e4bb860c5208489212e904eab70e7f860b0379895cbdecbf7a0b7a25e5b853c7dbe08a4e296a30afec8cf5a9f6ea4aef32a508655d539a770b21e660c9ee1d7688c56abeb7cf1afccc8d59780cf26312589e0c8e1bc00ad7b1325cd9a5dd69246e0b33407c381ea09265154aec297e4ccdf9785a1042a83e77c13d4ce4360782f2428f9916b5cd123b089eb683d30c1e895b9944aa905a1a5b52301d8cc5e4741834ead6ebdb5dc05c9c49c5e883e99d40b9838037beaf876534d747856103e59caf6266fbbe760b6ef83d004634b74f14f8eb4aef93c4cc9cbbd78d83d532c70feef51ea3f170b25d81a6a9b074bfca7e9b3771bf83517e0dd9d0600f70b86b20f61fe36076f8bada334b2390fa954973bc901619a3cfd039349cb328625f495ab288dbdd6dbfd022c2a83f59e0b998619a12e35891b5ae9e83a71765507b4a571cd2241e5885c705244c1022688bef7c5065fbcf219fc01753adb611b3fbc09403dcb10a4f99d788667eff75fa27074ca8481a633530e26163ccf7dada049d23e717e067b6fa5b2f652bc50abda9e7ccdc5f2f3c35ecc2c4431c819c9691be4422e379750774e9f39dae06f26423c8a4278789c9f3111b43f6dd25b0ad47c4cc5fda3f3ed82079c9366e0adced883488f429c1d7e1b351fd0bb204dd7977ef224c4df6d7a5f7697bc6500a7d03a8a914154779fa7092bf1be6bad4092367ce5d295a5d5d0e7c469f372ca2011d612637025e89f178ae9ada0c5b73bcb7d7c034ff595263cd4216e3c76ba5f3d81932a088a90bf8043e877e299c670ef1622a098d5519d9adc4ee7d4cd00e5934a4375fa83fdb81214b892482b31bdde59a70aaf25cb7f417c3a2a91c4e54b48149f6c41d9d396ee6ff13e3028c64a7c9b1f2e7c6e67184a3d52d6f570db3d225c947423c4c6533f22df57d15c5e5a3183422bd378b06fe4732a9401dcb19840fb8fa5c50a0ff497fef362c507753e46b8881d3e767f3b1d893a3805941c94f2efa05ce34b9ea81d716984af6834230d4707a87089d40779503ee6a9bb245d7d997f14acb80e89731c042bbbbe3dcd05177b0ee0eec23455830ef5b65aca357f2b0b887e0b9821c0", 0x1000}, {&(0x7f0000000340)="b768eb20304f2fdc5a9694a4867840d93170ca1a86406f", 0xfffffec0}], 0x4, 0x0, 0x0, 0x8010}, 0x0)
r2 = dup2(r1, r0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x21, &(0x7f0000000040), 0x4)
write$P9_RVERSION(r2, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000004b00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x5, 0x200040d1)
sendmsg$tipc(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000740)="1619a35e12e2ec8bd8b64446aec4567b55efc0229334cbd7e5df05b3597a77e18f9718bc24e1d9a5b6dc03379b405685321f453de34440f4d985f76362ba07f87f2839199d8e392a014509d8431d0f1b8c66b3788b8b932c7535e0bf73c24b79f083729e25dc996f6617ae7e47712290d310367833b96f18df84bfbc4b53098ac05e5709dbf706ce3e51239a140361eed44ac1257828d1597b236478bb4ac2", 0x9f}, {&(0x7f0000002bc0)="170c132fb6ca0ff8824444e94be2b67024edc7408a3af1f7090bb87c547f02522326957272ff5b1719be4dae4d497add7a576d7d8cbb0470259c06a976af559b9da29b16474c826cf832b13ef05cf3027047af3d63d22cffa130f8b97813ffa14bc9fffa968712fc25061c6fc35446ec3d6d478fcb1414778806044ae60f387502e20f8e6a3e26bc8c8915809f434aba500d79cf699e74cc8eed0da983f2356e783e5d9e7100313e88918c1104b643482239bb16e8fb2f8342a250bf81181adef934a0a0e2bc320288f9cc13fe11ea4cf1c227ae2149a311ec514e1149a4cf86a7cac0836748cc313a41ec4ced70a0494c3bdc5d5640faafaa1b9e146d62d601dd71a2e05671d8095156e24b4e83e09729c17a06e70152549e915ea85aed821ed8406c5f1790dccbbd300c488eaf885af38fba8471e3f96863b4e21d1fe52cd09b33f4d508c78fb1d46ea26f6cc5a8a79099ccfa6bcc1a7d6c86448789abe0ca5675dd9f6a6eb47140fbe1fa4e0a02d14e28c86a105cab0e587ff8bf7effa95ead4f3b071c21de68be55a2b372865def1d157b609b65dd315fc739b8072bc3d2d6d5c10fd01fabbadb0cbad27325bfc66b410e1f8a1360a0b5ff3b11b11bcfe7a6341ca8a2c1b174caf166a73ad607db008d686c77c89b38b6e27443f58da8020915a30053d725a6488792a4967cc314c38a0f017840cec3959dfbf3456d99da63eac9168757850488ee39ad2ff9c9897a68fc360ccba6b8c9c5192ec53e0653364e9d14764d1900d3e60281382dfeb8970bf9dc78f7149b88088316d24f0ddf64ce87c052af351d0378b8440bf430edf6145cc62f83ebf32990b965df72f2bfb4a4c883c57bc49cc1b0708f693f1b05b71db567da5c66be7df8783679515d26f7e39b3a696c74c4cca62e4508f8dd23b61bcdc8c220910305c4ff1963c821fa92b92bc3ad1dd1d56411052a14fa2e331a861225e1fc1e4debd3c633e673c70a906b3ba5a79c1086a6d26fff65f7070c54eec4e8bdb6383a7ace3c4db6734b09bd0f1bd2ab9e8428c2cc6314874048f91082e50d9ec8a4b39455311597cceb3c5321298101aa7e565522ae00aa89b5bb141e00b211b7dac8a6d9adbac54ad8c2be1b08dff33fce2fb295d8183faf8bf8165dfdbf5d195e055222f84c2508b4a583578f602444294edd7455718773995a1a412bdd004d5fdf38a18c25a7e1f60d5f99f4b337088d3c4a0cdb07e8c00a1b802fabb08417d0632d2058ca7cec5ef445247dcdf7b62723ef894107e501ac50b5b2670c1e63d4d879afc34e2b35c97957aaf1d59051d16572a8346cde0b70b2945eb3978fc89b3d5ca8998fd5f5c584a8f7267d93966e5f49cdcd153ee845153258d54c0152aa68059e92edff0e55b55c90f6e00a9b1ff68f1d82aed31462691f3970b73889cfe4effb846a3f4a121fced291b52c4a8380c04e28a53b5693567d6140b494614a34559133601b79715cf031c7a273c32ba5b90c80e790cd25d850278780a78f78851126d9cea6e7b2940eba5e519682c0a78de4c68fc9e91d7730935807a1f308beebd9689ade204dfc44e457b3358651e7cd714ebc1f706b70765cd0017fdec05701633ba146ef13406a1e4322fd9d18a34a30a191f87ba5f5003f00f5c40b52b02c72a01357f3e1101f3c72b9bc5380d75031f3cf425b23c08eb37021597b45fbf62c0d14ded0cb24575ce1781353645ceecc3703cef1fb7ca25e5e00d9fa55eb58c10347669b0f3cf9ce933fb87517770e34e49ae6dc320bd12959b8009b9f24bb8f37e577f50ff5224afd1dd4095e33f6f52599646d7d2ca5e1f773b24b976e5486820e18036023c2b907e850a5e7f007c59099572386c64ab41a8458abfda673f65a375bdc", 0x53e}], 0x2, 0x0, 0x0, 0x1}, 0x4004000) (fail_nth: 8)

2.715381372s ago: executing program 4 (id=1116):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs={0x0, 0x0, 0xb}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xd, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000140)='ext4_request_inode\x00', r3, 0x0, 0x2c0}, 0x17)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioctl$PPPIOCSMRU(0xffffffffffffffff, 0x40047452, 0x0)
fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r4=>0x0})
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5c00000010000305000000000000ffff00000000", @ANYRES32=0x0, @ANYRES32=r4], 0x5c}}, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000002c40)={0x2020}, 0x2020)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x101240, 0x0)
ioctl$TUNSETTXFILTER(r6, 0x400454ca, &(0x7f0000000100)=ANY=[@ANYBLOB="2e42000c371303ed6a33f2ff8689b3f60e"])
ioctl$TUNSETTXFILTER(r6, 0x400454d1, &(0x7f0000000080)={0x0, 0x4, [@remote, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xb}, @remote, @remote]})

2.628774083s ago: executing program 2 (id=1117):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c25000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='fdb_delete\x00', r1}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

2.605284984s ago: executing program 2 (id=1118):
pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x800)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
chdir(&(0x7f0000000040)='./file0\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})

2.541278324s ago: executing program 2 (id=1119):
socket$netlink(0x10, 0x3, 0x0)
r0 = epoll_create1(0x0)
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x7, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200))
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0x1, 0x8000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
syz_btf_id_by_name$bpf_lsm(&(0x7f0000000280)='bpf_lsm_xfrm_state_alloc\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
fcntl$dupfd(r0, 0x2, 0xffffffffffffffff)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000))
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x37, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0xa0)
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000001c0)='sched_switch\x00', r3}, 0x10)
read$watch_queue(0xffffffffffffffff, &(0x7f0000001d40)=""/4095, 0xfff)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x4})

2.11443378s ago: executing program 1 (id=1120):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x4000, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @void, @value}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008bd6000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='task_rename\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='task_rename\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x10, 0x4, 0x8, 0x7, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000940)={{r4}, &(0x7f00000008c0), &(0x7f0000000900)=r3}, 0x20) (fail_nth: 5)

1.887729143s ago: executing program 3 (id=1121):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYRESOCT, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000002d01000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
write(r2, &(0x7f0000000000)="fc0000001a000700ab092500090007000aab0700a90100001d60369321000100ff0500000005d0000000000000039815fa2c1ec28656aaa79bb94b46fe000000bc0003000500000014000027000089fee1434f1e596534d07302ade0bbc91a3e3280772c05defd5a32e280fc83ab82f605f70c9ddef2fe082038f4f8b29d3ef3d92c83170e5bba4a46d284a710af333ae4f5566f91cf190201800015b2ccd243f295ed94e0ad91bd0734babc7c3f2eeb00d43dd16b17e583df150c3b880f411f46a6b567b4d5715587e658a1ad0a4f01731d05b0350b0041f0d48a99c03f080548deac270e33429fd3000175e63fb8d38a8700"/252, 0xfc)
r3 = getpid()
fcntl$getflags(0xffffffffffffffff, 0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000000, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r7}, 0x18)
io_pgetevents(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000001c0)='kvm_dirty_ring_push\x00', r8}, 0x18)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LIST_IFACE(r9, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40004}, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

1.841266074s ago: executing program 1 (id=1122):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000020000000c"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000066000000"], 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000000c0)='./bus\x00')
chdir(&(0x7f00000000c0)='./bus\x00')
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)

1.840817254s ago: executing program 3 (id=1123):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
accept$packet(r1, 0x0, &(0x7f0000000080))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

1.827868054s ago: executing program 1 (id=1124):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
socket$igmp6(0xa, 0x3, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYBLOB='6\x00\x00\x00\x00\x00', @ANYRES32], 0x20)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1f, 0xf, &(0x7f00000000c0)=@ringbuf={{0x18, 0x6}, {{}, {}, {}, {0x85, 0x0, 0x0, 0x2a}, {0x7, 0x0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0xb5}}}, &(0x7f0000000940)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = socket(0x1e, 0x1, 0x0)
connect$tipc(r5, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f0000000080)=[{&(0x7f0000000180)="580000001400192340834b80040d8c561e067f0202ff000000020000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100001000c0c100000000000000003a0", 0x58}], 0x1)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0)

1.818259614s ago: executing program 3 (id=1125):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000002080)={0x2020, 0x0, 0x0, <r0=>0x0}, 0x2020)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}], [{@mask={'mask', 0x3d, '^MAY_WRITE'}}, {@func={'func', 0x3d, 'FIRMWARE_CHECK'}}, {@euid_eq={'euid', 0x3d, r0}}, {@smackfstransmute={'smackfstransmute', 0x3d, '['}}, {@euid_lt={'euid<', r0}}, {@measure}]})
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x11a)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r2 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r4}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r3}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r5, &(0x7f0000000180), 0x40010)
mknodat(r1, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./bus\x00')
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
renameat2(r6, &(0x7f00000001c0)='./file0\x00', r6, &(0x7f0000000200)='./bus/file0\x00', 0x0)
link(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./bus\x00')
r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r7, &(0x7f0000000f80)=""/4096, 0x1000)

1.784484385s ago: executing program 4 (id=1126):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fdf, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x1)
ioctl$UI_SET_KEYBIT(r3, 0x40045565, 0xee)
r4 = dup2(r2, r1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r4}, 0x10)
setfsgid(0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000004000000020000100000000e020600000000000000000000000000020100020000402e00"], 0x0, 0x38, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r5=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="480000001c00110c0000006a00000f0007000000", @ANYRESOCT=r5, @ANYBLOB="80020e8000"/20], 0x48}}, 0x0)

1.693226976s ago: executing program 3 (id=1127):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000080), &(0x7f0000000280)=@tcp6, 0x1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0xfffffffffffffd70, 0xfffffffffffffffe}, 0x18)
epoll_pwait(r3, &(0x7f0000000000)=[{}, {}], 0x2, 0x7, &(0x7f0000000200)={[0x2]}, 0x8)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x3)
syz_emit_ethernet(0x4a, &(0x7f0000000280)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a9646", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

1.692911807s ago: executing program 3 (id=1128):
r0 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r6, 0x1, 0x9, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x641, 0x0)
flock(0xffffffffffffffff, 0x5)
unshare(0x10000)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) (fail_nth: 8)

1.686714876s ago: executing program 2 (id=1129):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c25000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='fdb_delete\x00', r1}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

1.686407776s ago: executing program 4 (id=1130):
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x402)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
socket$inet(0x2, 0x2, 0x0)
ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010005000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r6, 0x107, 0x5, &(0x7f0000000080)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
close(r6)
timerfd_create(0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000015"], 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x4000080)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=@framed={{0x72, 0xa, 0x0, 0xfe00, 0x0, 0x71, 0x10, 0x1f}}, &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

243.952917ms ago: executing program 1 (id=1131):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYBLOB='6\x00\x00\x00\x00\x00', @ANYRES32], 0x20)
socket$inet6_udp(0xa, 0x2, 0x0)
socket(0x1e, 0x1, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0)

189.205998ms ago: executing program 3 (id=1132):
syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000197c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000940)={r3, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECUREBITS(0x1c, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

188.446667ms ago: executing program 0 (id=1133):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setgroups(0xfffffffffffffc2a, 0x0)
connect$unix(r2, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000009c0)=[{{&(0x7f0000000380)=@l2tp={0x2, 0x0, @broadcast}, 0x80, &(0x7f0000000700)=[{&(0x7f0000000640)=""/153, 0x99}], 0x1, &(0x7f0000000740)=""/113, 0x71}, 0x26000000}, {{&(0x7f00000007c0)=@generic, 0x80, &(0x7f00000008c0)=[{&(0x7f00000026c0)=""/4096, 0x1000}, {&(0x7f0000000840)=""/10, 0xa}, {&(0x7f0000000880)=""/22, 0x16}], 0x3, &(0x7f0000000900)=""/155, 0x9b}, 0xfffffff4}], 0x2, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYRES64=<r5=>r0, @ANYRES16=r1, @ANYRESDEC=r0], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000a40)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0xb, 0xc, &(0x7f00000036c0)=ANY=[@ANYRESDEC=r1, @ANYBLOB="e3fc7c80aa62bc913a0c06ef67ebd4fe2fbca9e9b8635db6b491369d14e5bba7d16309e8db5cc9c0ae9460b01aa77f41447b6105471e45ddd26a01229cc37e15af72dde6729a52b7be592f3ff97b9230cf5c949e70b5185d299b5411ca89a56ebd33a0cb366222071d58d441593486d60566e9c234e54c9424b6e3f1a116947c8efc85a2e7ab8782d9ed5933cef5a033af4f452b18ffc9aa2eb794e34475c801066f0e60bf030fbedef06c760bd8e4a634751e1f74070e63ee81a5ad5a8c215037a9df46a5bd402bc73bb7c08e88f9e7c283639bdc200b7640501665260ed4948969a03bab6962e1831bf8111fd0c4f779735eb627da8fa5d29a2a28ebaff697eace79808113bdf5cb1a80f456c4afe7c2a051c1c065df61e3b3e46a44d38c2fd47d25aa4bf8057a169d77d0b6da443f4976b1edb8e17fd9a90224fa62830e5ccfe6b68226f9da40b28b855f31a4ab02db9939ed0e1398823703130c0f663e8581c06069ece5901c711411592a2441afbc6c068bd0c1017a664b9e1f38c34f8aeee8174508cd8c018795f1cde6e877918c68493400c04f5764ab69f93f3b76ab9dcd654d4f5f9ac39d5f5940a253b79b5dc96820460f64a3c0616fdf26b6b82af1f92bd61514f1757565fce383138da51c10aaf960d0f444f08e93804882ea5fdefbf367c2aba7595341e4be522dcc445e2e7743ba8863f3d6cca47320c6af34b5b57a6ee2c9e873520c7172f44c72e8098f32114da48de6be1dc207fcd3fe73de06ed6b42085e92080d9a95a5cc3d6001034dad41a1bd637910eedc9f7c923002d34205f4333c66387a8d179049750137ca06d7c6d8148b07cf4a3418c6968eff5719e450caa4d38e3df27af7e3656d422baa18cd4a9c44aea8b2253ee6cc1213c555e1e89a81af0ec7fbb9c7b804930550ee5f644dab5f6c88b88e9165fe26036a4ebcce53770eb193eb6374d26b4608316bd50267bcc35ef27024c948c175cefe949f82681781fc94a2c913ac8cbe90dbbb60bb62a8152c58579efa178f1ca2a1b291a5e852cd314ac26175e9b599ae24260b668c56d611e82529331a2ed3b36d8e3747c94741e44343af4b056ce3a9d3d4ee76f12cd7f4f7baccff169da991e8d6d7ce8ecf552276dd508ff6bac0f741a2ca8c4e7f9ee21f72c0a37961c6c9a13ef917a482417f71210dac63740ca4618a69e083d90e0162a378c686e15fcfb04a88ea83cde0a587c3a1f8c7ad582e5019da492f2c888672a8364d84133aeb67d5f610d2c4b2e12578680083261589c5b20dc268732bb132c25e3dd514d47abcd314593e8d5deaf1e7ea333c67dac03d585dcf67d5af11c5a0facab257ec07689b58bb93842ed8704b9b490bf87ee2d48a646083e27dcc9bb3db8d63377ba7a821c32e47632fab1e263d8671a91c85ebd5b352f540b6799b43019dec9452671371756b014ff3356b29c77cebb58c9c1c8ed546ac6d07a35322696504305ddcd5a9ea026866a23cf1db3edf8cbcb9b93ce236a7c3d2c0e3b5f626d37a5599bbeaa8657634a8d2e0c7ddc4ee70bdc0f541e5f9817a98590e23e542d35b9729c11ed06c33c9f72b1b73d498c5386feaee01c2982c786a8bfd688ec074f63a8c5e1cbc5be2a8c1349520084d038be4143e38151797ce363dc2cf0118e493b328e8cbcaa641fecfaba53f4952a8b2d74c9e819399ec6dc9952d3525ffb0c9cb6631d921a827743b64ec043f98de2f209a18b18168a258d732d68a968a81151e0b4337b672fee233f144c8547b9491f63dcb95088511daa6d0b764acb7a28598ad87d3a7a407c903f14a64ffb7d308329d84d3e974dd28c4ade6a68ff2103e60848a30bb103d5e2d6a9c461c3615f1c3c1399835644cab7e93fa938fd6556fa95e5a6ccd881ef991040ba6176b10891403bde2f60ff1cc0ababb06f011df1c43712e83782dc2c8bc7c9c51d331483f3f41fd960d475e60a0ec23d53fd3ae62e101d3c5d99126fcce8c01dbb91eb62fb732cd00e748aa6146a45308e1abc76451aeb67c312cbb190fb5afe4ddae7b59a058897335aa2a1b0dd10d49b80fd98911a7fde9097e1dba4d6f1cf1d61ec75e21fab74ab46ad754fcc2d7953a8d1cf16a0b02eda7923b660ab9574ef2960da72aa7d0f54479db710de52407279150a86671f99eaa61c49f3791c29f4fe0f40a5f58eadf31770cdc7915b7ea5fc96a2bf53906202ba50761569d1d3142d8fe08bc425914951c9420dbfa055021a9994c6d6a695a5b63acb0da2ab221d11648ff8b2e4930201f7d5eb00aa04ea7b458a5dc7b172f57611041c04025e4ce6dfc95a9df8ebc59bfd930d05fcfbeba3935789d1b16a68110afc502dcddff131f606a1b9b3db6fb8154f9bdb142f7028c990bc8721c76655d7d5334276b31cdcf1b852546f09b76b3a753721dd99427b00a138262775ae0687321472844e2e17d48497300a9bf8136f687454bd8abb14b1502ea801773a69712998892e2dfe33e180106a84418053e6171a4cd885966d72ac1d013739b9c8678aa1cb3256d59cf4428f404f28c3896cf8e3465c7e89f00a9bf7091320b8858eb48416619f6823ef98bc60deb8789cdfddf942c27b3bcc4ee1c14ff790f8793fec81120c359cbb53b9089380072df6d3d5381928e5fd8739be0ac1202f1d527e98150fa6f9f067bbc8a42614e00a43589d5eea6e6b4d7deab5d1933104acd961d069a6da5ecf5d02bf939d6b44b0bcdbb2d58fd706dd5698e09c876080b3e1a7be6fdc85759631216ad0f86541286572a870def2d5c42acec5ff753ca68c8387c64d00e6eacc56ff0495480f984a13ec8130e6afe84b58fe02a4a47c68251a832c414472691ca687acc34b780febc51f9593ddc9bc48baaa26ab0bd257644c157702653b26608e230ca1a5a86a845c6a1857b2afcdd7d335856cff2edfc0b56511dfd51579e06665ecbb928dce77560ace70a18fb54839f306397c8fb921ac4340898ec7b1a4aca6b19c3e4f5be8862050bad3628eaeb1c5ea20182d7aad4a40c75e54332de3fcd7dfb3996f23368e204629607e4cf6871a7b1c448827aa5ab97e0720cd8288dd5e668a07247a56761b7f9009fbdc7968e1d9864a3310fafb87e96570a1e41831e68193812a7292bbc792bf19d17ff0dbbb8f22826b6ac749698eac832d3fbc93f41953e860f2328a2694dc39fcd29e5fbe88d656a277a945003caf0ec6a11a415fafcc587fdc103a6a1ef76563e291d6373433e502ee65b39a52d81a90d6894a630c8b0a0589b29ec15ca8e00e8d91612f6b32c91b46710b9e8e8adc00cde5bc67ccc5778b16e3202dd9668d6fd09e91b69484bd09c837e88f9357aecf7de929ca0370bdbe000d07b36d8d52046e2f2748b3c2d37809245000c22bed2a481ba2f4453a6f40f1041a33241dbad2cd1dee88cee8d6ca27a8c532a45c8b0fe670e61fd6dbfafd00b47a38a2b0d9ac095ec7bf1fa681a81ce396529c91ac4f9897cd21ea6d06415107ded0cff28e669f7b51fff152c3b037c50153dca26613c1e7bca46fa5477265ae2fd6c8791aee7aada759d5bc94fd0dcba45a804ba698bc2f910f5216419b63248507d5bc86059407b331fc273ce923bdc7e8c9eb8ceafa23c341183ca9363b43e85c1b21cae0550158005271b7b0921d4a550e5d9fdacae49065c4a33251556a5d9ccf653ab45c16e3bf0c7131dfb031665c7f2dd8f67c87164e89d00ccce58d577e2371215b18289350650f4305125c128ec5d2c87864ec5233ea696b4dfc558e685884cbbb021b51286144593f11b6692c03092334b32383cb34617695318da393b345dc40582063ec59436ba42ead07cab221788b50b5f5895b5df5dd90a303f71d7ff42aee5a5db742029a80ee9b58963f2435bc4a9c4331b38ac1e6e6c5e5478d4d10b31a58f237c0b43d6f1cc0679dddf946ad7757fc0dd3ecd10f5373d713fa9a37730225116a95ac4952966ebc6e6d566e6a2dd5ee44d58d51af7bef755aa7d3ccfcebd5ef42639a98140d74bd67089e5f0aacf90571644ad2a9f31c43df21484a72792aa3194c1b55ba0aaa6a8a3bde3bebdead76838b64e10deffa9b8553d481cb9852ce5a726ee2eb32a927aa463e11f7d4529b9fdb7f14dcb7b12d6f37a5d14619d61bbd66b374b1bef7f41cf334959990be832dfdd8df702231d43282906903c344ea184ff17b3edd1a0d46eb52155a3981ea775d07017ba1366075480435e6ba880eb95c2ec5ff01e0b3d612faaa3c46815ea2e1a1539b84f8de7cb3e9f6f2da2915121a8a44e99fbbf889a4085d0723f078d913bbb13e1396f91a5ea7a54ffc4f071bb45584fdf2e9d673a596d9d00adf470bd79bedaa6a653f8c60fbbd0de57fc5df97993d89648d3351fd0df79ed4a88a4ef7ab1d0dc22d5b75d0238cc9b84442db2df947e0759776c41ad7d106a21a39f52f9db6c8ee8fa24046c1e3cfe391df72bab84e14cbb7e36560d0cf8bff5b93d6872ba51e3f1af532cc112e77092c62fe11932fa6e9f2163bccc7809c3aaa4be060a914ca1c0c94c3823de8f1b0846d8f9f2fa88fa1989e43606b96d58ad98363f85cbe50bc248820c81cad2d72cce25f86900c23d7c3c52648108caac31cbbe912c76cb25490491c6aeeb5ac5797b9bfe74ae06541ee24d175d71eaa265df45973812f7667434fbbdf8058a52787ecc21c8f5fdfeb2b51bb3bc732f605f1d86269ba331590f6e0e3f3a9b1c83a6886890e722cdc35b30b6ea0a6a7f79a28a1896a5980244f59d4b0af1db101e7d6d04af3250a29ce29cb297f26c10411b45226b7ff089b645cbb616e524ad32bb374cf9178e04d279afe1f96a52c01a5c1d6a4f00c57c9f431028b493dddbb51de9e07611f3fb292ec720dd12b2bcb601e9dd748f43d12b32dd147741739f9c6ddc3980bc6531f748686d091be19c79f3707f8e4803d988a4d1de227e2372f28493405d2db37e109e3cede6eda0481801e6ccdce9b6cc3d50532fcdc19669680eeca12ac87891bba48ad4c410078565adac5a788b6bb02a71620a771eeeae1ff1076445aeecffc90748a3b0de4da822711ff39c92dfb01064b90a9bf71bdfd7e04bb34813fb934f654dcf3ee9dd60849890b783a621da1d5043fbf5897997220bf4acc03af431fd047e378c8fc14e4f250afe406a4632db0c73419d11476cd4328c0068c4cfcfb853ac060f8483255a272bf5c6b8f235ab257176f1b53b301817ba17e3e3d95cc4737930f9930ccb253dc1d85b27e2cf1dfee6252215df4e41fb2f9cbd080e4a2ba39f1ec1f451ddc03f0c2e325b28f319f16c6cd92858dfd596ea9c2a132a4f9406db28ec2e76e267acc1fcb3187f9770c0f269aff8d411dbde30c8e50ee4256c5eb30ffc45cb59140ccdf3acbb15195284f1c3f7a39f228dac85a64d731466cab3569811308b465cb82847e91094f8c1128a54247bb025d4f196175d9d541d2d4cb61d8ba4c2c810a29fdcdfbfdf21dc54f6147d2943a2da00348e2b31ac75f8ff9e5a5967741cfd01518be5d2325ba532003b2f911a14c6cdf22cc6366844e5912827fe1040a7ccf2b8b39c0cf529df2662eb40aba006cce390bcdde885b691dbdc5c805c35b5d3a32f50bd7ce61e5161be8321d5a32b489242710bacca7fb2bab07d178e252169861e9a1bad91c490f759b604e6a28499f88b0646c160fa6dc9d366d72be8723cf2003a9def8fca92a52f8fbbc9092cff518c380ea613a8c637e0cf7c61b48a12c5bca45729e0105849732a506fe567c6f0454daf12ec0c", @ANYRES16=r1, @ANYRES16, @ANYRES16=r5], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r7, 0x6, 0x210000000013, 0x0, 0x0)
connect$inet(r7, &(0x7f0000000140)={0x2, 0x4c22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x2, 0x7ffc1ffb}]})
ioctl$KDGKBTYPE(r8, 0x4b33, &(0x7f00000001c0))
ioprio_get$pid(0x1, 0x0)
mlockall(0x7)
io_setup(0x400, &(0x7f0000000080))
openat2(0xffffffffffffffff, 0x0, &(0x7f0000000140)={0x301000, 0x0, 0x9}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext3\x00', &(0x7f0000000180)='./file0\x00', 0x20445f, &(0x7f00000004c0)={[{@grpjquota_path={'grpjquota', 0x3d, './bus'}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@stripe}, {@noblock_validity}, {@dax_never}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==")
r9 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x4e0401, 0x0)
write$UHID_INPUT(r9, &(0x7f0000001680)={0x8, {"404dffadc4e9408df3f8f585e095795464af64475f3636f936bdb0a113a881399110c878eab1823d7b1904a44d03cc4dcb877b9d4214e488c84518bcf3af73be81548639a7fca7bbcafd9add64d484c1e25471199e4436187221aaac3e3563b2c93fb952ba555d027473b14f39d04c841cb990cd7eda2a3aac425807493eb56edda29c7dfb62c3393aca1ae68f26e6c7ba036e40ccef9093eaf268209e0a8a66ee8c29676d01be63c0e09d5b958ab5145ab9ebeefa54e017cb85cb4a527fcd52d43e0af8646aaea3f6871aba02be6f5f73e86d8b285f6e745d6a233785e937ade66e170e90b4e7a4876fc5a570f8981e97bcbb523d4339efb3c633b01451e164201c36234e419cef6c5c7196db0916c6edaf1444c049a852de0d354c2cdab9774f3ac60d05beb2734bef9a5465b0e8fb302e0299cfa968dd14c8476123b127129206c46d7ee905e0ea1da8f69efa6bae027d67993d5fb1e9dd78a875feb640cdc99606fa9058e68a22ed8de5491659f401ad1ab557b73ad7b14a5f7e5dfc90f1a19fff9f675d2a55c7a88179a33984b0d214f2c73ce30246223c083a0e458c495b93237c9ecef39d7a43883594da98eab64f02691b7380cbf5d0873e9f76062648c317c7894febe2de534b34f5686a1c390be43d5d54b9998ba183e6c4bc6094b7ee14904ab1644d441491414713a6f2de58ee0beac4196aa43af90708112f44c174f10610093b1d7c56bff57a08447afe41d13791af66289a9ec572529f19d07da0d88a7c31c4c1e42e160ffa6546ea8675041a0fd6f3b9cee126cefc357e492199381a99156ac877186d4ce48121996331bb038ddab0ee008e26071317c8abfc012b2c837eeda4e1d2fe880a770aa57d2dde6630c6511d47d28ea18ecb4feb05ca260467d9f5b6f0b6eead8229495c781c3d42b44ce6f29bdf65742817f70504594e9ac3e49fcd44bd196d0e93066f9eccadc2c0d4e666bf24f0c66af88d622970a2bcbf7976f43ea620c10eebfa22dfd89096a2b4899824365b9572abd747bfd689e09f208df463a688120cab841a97252fe07fdb454e40ad342f4cd179957f08bf5c0ca828da4a42968e91bd2689fead63ec5af12106a347a01174475b18b9093a36a240535db0b459c730c1fe8db9eb2b00e9eba5222b08659bf831122c599d8394cff67b7a28948797c69513ff05ddec755ed2041d8eaac9819ec6e541b69a55094429ca1d4a712401112adeb55b1146eb762cd0cbb1171e2b62c4ee5ae0443ae324e33a9c0ce226f45177c60000000001000000097f3818125eaa3bdc633d8abb2cb92cd01044d6036f94c5f9836cf28bf974cd7c46ec3218244f61d006a5c63e1aa65e09534d0a39dcc3ec8e0f4425f974f951283e9e257dbd9fdd9cc2de78f8f4cc0a5141a5afffcef75ba95bb19dc5c4a267b0316be0965899f5dfaebba1cdaf7379c091c8e2c80ae5bc30e48171dbcf8c731daad280360498e46e4d1675ec3b46d3ff59ee7c967adf6494249e46978b5cd9deff339a1e839156b67cce7b76b24d39ea36bc4aacae9e24f18448a86d59e8601fb5219b8fa9f6dad573f7e4fc7f99ef81744ea04389e240e48387d1e6b9ab5264bc0fe477a12bfb5c55349bc31c3bedb5fac8261990a9af74cfe45f4aba189d097e33b023e9b9c0e8195122fc0a18982e22ec85fd937f439f0e1f401795dda82d5f364ce91b3740c2fbae98750ae719af4e44753d902ff5defde40bf7056cc4a6dbe2ee98052baef25836488cd369af42de2d4ba7a707fc56b9ff212c44dabfa531a61ad816c5fd6003a94c61a96370ac6d4ad9ef2a5e0994ac5b7d61a196d938e5828e4cc09747e6a0863e30554581b1c4ca938f22ffbbc347ddac18a1c5dff735b483ee415127236aad7ee6b718503d858745a7ca07aceddcabaffb51f79c79976bec967e2833a4f944a4b51682c2ab614cb02c4dcf7fd983d7e33eeda0a093c8145f158be5fbfaedbdbe74270c08021816d714399fb8b547813484aec25d19be60641f4aa3d5081252792e403593c69d05ca77b8fcb8c5c606c781cf0f3627d9ec6d23c379c1fa39632884415ffaf29f84385d14faed9cd341990fa1dab2cac66d70d8017e89d52338c730db3f08d08902d64010ccabc8fabc2bf75c8b732e7bf73fa952e3e35f9343ba4de670abcfea07aa8a6cdcbe80ccf53546d676dfb698a063fd3e8b2e0f39739a9808009f2d86efbc6b0fad26572ac580b229a66dc050e948512f009b7da2bfd5a0e5ab16209de5b351e69cfb82d5087243881fc981a8651e9d41c0e75aa97d785e6ecbb82e427933f67b3b5818256b1f74418a9f6d7ee283b4c5313ecceff8c41e85c0a0f98144aadaf4f0791f98345549d001eb0835b3345ba68f563583c2f7e6d1e7ac94d6080d12be6f955a50bbc0d317a15549e73894736d93d12cbcaa02461abf91aa757a30f706045e45810b4ae12f93c4b70183fbd9890f5643d06e04b64a8f90ac93ed860081b1f358ba83828249784887043a25c0f9d0b5c5191cb93610f4b9961b00f5d3299683f27ed35b502a8e9e0a0636f1c5c2ad9eb92f656b3f2def262efb0eddf32d346a2cf3456a9f04cda77a0f7588c197be9f7e8d7352531cd9e94ced9b91f0582b56547cc3eb197ba45147c7b8bdca17e4fdfe2c21691ba6f9cb36cc825548fc4a5493b627df19f447049db0d0c5f48ec321f89f649c74bac33c64371272a6b380f485aa9b1165e464b8d6ae0533ec2c1b13e4cd161a0c62213e708f7b5aff62527c32e032be49de6e6143ffc29f8b3bf2138f9ef570d656da4db7969765e143ed6c5503a0e9f0e7ba5259bfd58fbbdc01fe4b03408072ee3895dccdd998347942c49dc405f2b379a8a94e0df70dd1a457b906ab34b1c3b7dd3ee67bcbe09e8846461b93828824b84ceb90bc55a7589cb025803d8e3e9405bfaf4971fbc8740d1adfbaec9c6be7df72b6098d65bb7646de0d9d307ce6b5988d4287993ab96aaede8f0864442d45e4d33c8be9983610d28a26743b4f71422aa6d665caf46267409286af64d62f8094d32b598d0650bfe81a93748a8d6c3cd5a2b41b4bbe2017c61b28838c4e8063a1a64efd96457f3cf611fb8556bb62571a89289ee9ed3f5aa32b2ba3e7d6ae199bbf4aac26c759912c14969ca3bd33b91ac6940b39fabe6ab261f547cc99194c2a1381ba5b4ec7bf6fb187b4d49e6aaf83ab5621967f588a5073d940cb9002343ec3cf774860bbebc49b263c7f561a0acb403ab20ac16c07c9650c27261e21421f728ede5326ce27b848d8f1900db2802abcab3012c89f89873074dc82c08a171d1515f31adf007fbf9caa8c4dda226c6890650fc411e73dbfbf2795a16ba2a6ae694308a0b6f4f07aa39826236539016e7a572e0abdf3873a6028307b71403605d7449094305fa2942fb8b4aa72b423adc83e584dd271efc4b5c10e84ff162ed3944232a9be1073339f04757127df70bccdfda37a5a3199b79a62424c0e792c6efe8626cb0b565b009cf76270692bf615e613de634d8f73867418334c74822847dee88daa9d963324769d5a7fde0cc0ffab070764f75f2da3d4695d63d9d256db9ebf3beead9a64ec72b249d046eb0197904001577b1e04c932fc6a3c41f5a645bd54c951ff32435da3b2c3bdbe8403860cdee3e1f310bf0e739b32b1669c6e5d2cbbf63352481177bfc650a95b59be905fdab3b71fd2b3f86746f89944e7f411c0496cbaf8c2abf59dfe0d21701d816360ffbed481557d37c1be2ca8ac89f24d5a0a1384b215903760e065bfb90545f6b521b68b5da56dbd74e9a5501659939564d2cbbd0848b7ced253f28b6ab4afbb161bdb6d6228bf52c3a768ba9f6cc344f959e63bb16a0323de0f9e91be51a3d34463511b2e7397ee864c5b39a0eabfca413fa1e4b30c788d1ae9a2c0b9b057cbfbf9334bcab45c4f4df929a8ff42ae664ea89e4de434553e9e59bf19c531ede0033da9282e073d901816991f7e5f87c1e13d66b1b00c4b185fcfa02770fa106ddac98dc41069e5a453ea7e5dd70aaf1608c63a31a9b27f7095286fd01b15201ab34d52768cdc9985510091e1ac9097825fd62214730b974e1fa4c54fb34eb2344b73542e26008b1001c4242c43b33cf4f13e53e5a2a80ec50fb34f3a5a2cb4aef88b1cdc233c9dc0ab3c63264ad1235a0ca83c968bdc640a6701367f7382c223fb7396dda5460877f667f55d2e116318fe1ebc926253a362ebe9cbcef4a0db3e9b2863a42e38a5634b0f8a0fd1f5567b18d4f7817bd007c6a73bf7cdeec3978708998c7356a3d12e4e286da2d7e784ec0d2ea3f25c3ee8fc53c26b508870fe7b63f222f87f7decf0a0e1a6ce93f29feb662a08b47f8a08da877b86034a74756dd5bfa0b3412393c031931b14aa9942ef5567732b5b438e5b41ae695d69970a5a1e102b3190d65553daf38b49a372f1bfd9ef3cff10f1c90c379ad0d8ccae2728c2612e9d3378d4ca4b89e107445994708914c453616a5e2fc3c582e3b0463949d2d52046f562b781614164b5d6c989e06aefbe6e2435b35d86fce6bf7f08628234bf605b683fd5cb50609a7a666793836d672e8e9f503ba6750389667ab074c318bdf23de7df8a642017917757e6ee3648afac16b9bf6f0544b1ce441517eb0c9dce5f5526e88e7cb04c8c0d278158fb59d45695bc0e71a38141b4d85686a39a07e99b051a1b91aba4bc7c0abd4bb5f8d44a2dd46382a0caff3e73651f37c6e34fb745372716788f26e3b527ed0a3fb6ac76a454c0b9b1ada9d454d4c502643de988b33edfb893db556a56699f17fe5902bc5d0f66e614f4ad990d517a9152f4fc83176a074e82e222d1ba4e38536f08662912dfaa7e913499ebb0520255c66e3916d9d4bd460eb21941225aee605d41100c07caf975d24caad0127fcbf7e33d2ebc664b4bbeba055d18dd924f178bc15957d3d367008df57015af4ec9199cdef6c195558e2b603db6a466026ba295e6f5a59a187051eca30b95e6c1648cd052567f1a42a8d718153872f7b4d965eb328af2f67de7cbff8fe9a5536fefb1fbdcc585670b779ee2e9b99ea2b8c37cfd59be7d7d956f8a70aa9989512038ee5c0c09e6ecd98a4e455a76b3deb84739c1072fdd1fca1db0a3ea8591474f39eafaf791e800d617762bbc49ee726b8c7a0f7dc8b4e79ec0bbdeda9d93624b25b5dc8c52d6b5d55468a0431a7db81f053897f41028095ea9d505c3adc045c806dc54033d3fc2c8b5005aeb44441bd5ad4134184ba24f60839f8cf1f8ba7b513b3e98a14fc9ac40351ab6f1bcb6bc2c6abb763c15caf2a02ef0a941773f4d2388f4064c3ccad97e511cf4a85d8925f3ba15f6bfed5a2402ed7de1135200773c23b298f79d7706db7c2628b52cecffd680d3b00506b306172868562177bba7b61535cd2a0756425618623267226d13bb9d7e514c176bfa6b95dd18935e7db65fab0163dde4239e9427e6e25798cfd201cc4ea81b7b0e2a9da8cf645c458250ad189c5fa996ac8e6b562ad7254380eb1ca6cf9308693569418aefcdb15fe3f55b0792952a0f7458a31aca782a909668ac78f9185f2d1cd6f448b987d809fdcc70653c5fad6d9f4eec13d0c20f03646dbb6d5a9d0eb4eae9961c8ac55c50812da488ec21ecab26f7b9b6ed3ea4f051bd38ae4aa47eb54377464e87954743b0b24044d5c3c5bef7ecc35a7d28fdb07fa57736679e85dd7063c42fa31e4a6fcbc33ccc8fd23dcd9f746525476b417194108443edab00", 0x1039}}, 0x1006)
mkdir(&(0x7f0000000040)='./bus\x00', 0x0)

178.103298ms ago: executing program 2 (id=1134):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r1}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x11, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

98.113499ms ago: executing program 4 (id=1135):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000020000000c"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000066000000"], 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000000c0)='./bus\x00')
chdir(&(0x7f00000000c0)='./bus\x00')
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)

0s ago: executing program 4 (id=1136):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
accept$packet(r1, 0x0, &(0x7f0000000080))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

kernel console output (not intermixed with test programs):

 PID: 2797 Comm: syz.4.706 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  204.233220][   T28] audit: type=1400 audit(1748677474.852:610): avc:  denied  { bind } for  pid=2799 comm="syz.0.707" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  204.239389][ T2797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  204.239404][ T2797] Call Trace:
[  204.239410][ T2797]  <TASK>
[  204.239419][ T2797]  __dump_stack+0x21/0x24
[  204.279040][ T2797]  dump_stack_lvl+0xee/0x150
[  204.283643][ T2797]  ? __cfi_dump_stack_lvl+0x8/0x8
[  204.288677][ T2797]  ? 0xffffffffa000097c
[  204.292869][ T2797]  dump_stack+0x15/0x24
[  204.297049][ T2797]  should_fail_ex+0x3d4/0x520
[  204.301733][ T2797]  should_fail_alloc_page+0x61/0x90
[  204.306931][ T2797]  prepare_alloc_pages+0x148/0x5f0
[  204.312051][ T2797]  ? __alloc_pages_bulk+0x9c0/0x9c0
[  204.317251][ T2797]  __alloc_pages+0x115/0x3a0
[  204.321926][ T2797]  ? __cfi___alloc_pages+0x10/0x10
[  204.327036][ T2797]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  204.332626][ T2797]  ? copy_page_from_iter+0x235/0x2b0
[  204.337911][ T2797]  pipe_write+0x592/0x1950
[  204.342334][ T2797]  ? __cfi_pipe_write+0x10/0x10
[  204.347209][ T2797]  ? selinux_file_permission+0x3ef/0x510
[  204.352888][ T2797]  ? fsnotify_perm+0x67/0x5b0
[  204.357669][ T2797]  ? security_file_permission+0x8a/0xb0
[  204.363216][ T2797]  vfs_write+0x5db/0xca0
[  204.367460][ T2797]  ? slab_free_freelist_hook+0xc2/0x190
[  204.373115][ T2797]  ? __cfi_vfs_write+0x10/0x10
[  204.377882][ T2797]  ? __fget_files+0x2d5/0x330
[  204.382565][ T2797]  ? __fdget_pos+0x1f2/0x380
[  204.387158][ T2797]  ? ksys_write+0x71/0x240
[  204.391579][ T2797]  ksys_write+0x140/0x240
[  204.395924][ T2797]  ? __cfi_ksys_write+0x10/0x10
[  204.400785][ T2797]  ? debug_smp_processor_id+0x17/0x20
[  204.406156][ T2797]  __x64_sys_write+0x7b/0x90
[  204.410779][ T2797]  x64_sys_call+0x27b/0x9a0
[  204.415283][ T2797]  do_syscall_64+0x4c/0xa0
[  204.419731][ T2797]  ? clear_bhb_loop+0x15/0x70
[  204.424403][ T2797]  ? clear_bhb_loop+0x15/0x70
[  204.429169][ T2797]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  204.435069][ T2797] RIP: 0033:0x7f3634f8e969
[  204.439479][ T2797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  204.459089][ T2797] RSP: 002b:00007f3635e12038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  204.467507][ T2797] RAX: ffffffffffffffda RBX: 00007f36351b5fa0 RCX: 00007f3634f8e969
[  204.475478][ T2797] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000000
[  204.483447][ T2797] RBP: 00007f3635e12090 R08: 0000000000000000 R09: 0000000000000000
[  204.491422][ T2797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  204.499406][ T2797] R13: 0000000000000000 R14: 00007f36351b5fa0 R15: 00007fff1357b488
[  204.507392][ T2797]  </TASK>
[  204.511144][   T39] usb 3-1: device descriptor read/64, error -71
[  204.517577][   T28] audit: type=1400 audit(1748677474.852:611): avc:  denied  { name_bind } for  pid=2799 comm="syz.0.707" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  204.521196][ T2792] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  204.539348][   T28] audit: type=1400 audit(1748677474.852:612): avc:  denied  { node_bind } for  pid=2799 comm="syz.0.707" saddr=ff02::1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  204.731006][ T2792] EXT4-fs error (device loop3): ext4_lookup:1858: comm syz.3.703: inode #15: comm syz.3.703: iget: illegal inode #
[  204.871677][   T39] usb 3-1: device descriptor read/64, error -71
[  204.898373][  T283] EXT4-fs (loop3): unmounting filesystem.
[  205.046708][   T39] usb usb3-port1: attempt power cycle
[  205.069850][ T2812] loop3: detected capacity change from 0 to 1024
[  205.092093][ T2814] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  205.102005][ T2812] EXT4-fs error (device loop3): __ext4_fill_super:5377: inode #2: comm syz.3.710: casefold flag without casefold feature
[  205.118663][ T2812] EXT4-fs (loop3): get root inode failed
[  205.124754][ T2812] EXT4-fs (loop3): mount failed
[  205.478328][ T2824] netlink: 4 bytes leftover after parsing attributes in process `syz.3.710'.
[  206.361752][   T39] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  207.850502][   T39] usb 3-1: device not accepting address 10, error -71
[  209.484738][ T2852] loop3: detected capacity change from 0 to 256
[  209.491556][ T2852] FAT-fs (loop3): Unrecognized mount option "iochars}=ascii" or missing value
[  209.501216][ T2854] syz.4.722[2854] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  209.501304][ T2854] syz.4.722[2854] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  209.571219][ T2857] loop1: detected capacity change from 0 to 128
[  209.598958][ T2854] device dummy0 entered promiscuous mode
[  209.620972][ T2857] FAT-fs (loop1): Directory bread(block 32) failed
[  209.633634][ T2857] FAT-fs (loop1): Directory bread(block 33) failed
[  209.640360][ T2857] FAT-fs (loop1): Directory bread(block 34) failed
[  209.647236][ T2857] FAT-fs (loop1): Directory bread(block 35) failed
[  209.657609][ T2854] device dummy0 left promiscuous mode
[  209.663655][ T2857] FAT-fs (loop1): Directory bread(block 36) failed
[  209.671353][ T2857] FAT-fs (loop1): Directory bread(block 37) failed
[  209.679082][ T2857] FAT-fs (loop1): Directory bread(block 38) failed
[  209.713446][ T2857] FAT-fs (loop1): Directory bread(block 39) failed
[  209.720030][ T2857] FAT-fs (loop1): Directory bread(block 40) failed
[  209.745188][ T2857] FAT-fs (loop1): Directory bread(block 41) failed
[  209.757596][ T2861] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  209.925502][ T2865] loop1: detected capacity change from 0 to 1024
[  209.975535][ T2865] EXT4-fs error (device loop1): __ext4_fill_super:5377: inode #2: comm syz.1.726: casefold flag without casefold feature
[  209.996127][ T2865] EXT4-fs (loop1): get root inode failed
[  210.008461][ T2865] EXT4-fs (loop1): mount failed
[  210.858019][   T28] audit: type=1326 audit(1748677481.482:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2877 comm="syz.0.730" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faebeb8e969 code=0x0
[  210.974182][   T28] audit: type=1326 audit(1748677481.602:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2877 comm="syz.0.730" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7faebeb8e969 code=0x0
[  212.208798][ T2887] loop2: detected capacity change from 0 to 512
[  212.323917][ T2887] EXT4-fs error (device loop2): ext4_do_update_inode:5255: inode #3: comm syz.2.732: corrupted inode contents
[  212.335962][ T2887] EXT4-fs error (device loop2): ext4_dirty_inode:6120: inode #3: comm syz.2.732: mark_inode_dirty error
[  212.348225][ T2887] EXT4-fs error (device loop2): ext4_do_update_inode:5255: inode #3: comm syz.2.732: corrupted inode contents
[  212.360368][ T2887] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #3: comm syz.2.732: mark_inode_dirty error
[  212.372099][ T2887] Quota error (device loop2): write_blk: dquota write failed
[  212.379760][ T2887] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  212.389948][ T2887] EXT4-fs error (device loop2): ext4_acquire_dquot:6789: comm syz.2.732: Failed to acquire dquot type 0
[  212.402661][ T2887] EXT4-fs (loop2): 1 orphan inode deleted
[  212.408473][ T2887] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  212.417901][ T2887] ext4 filesystem being mounted at /157/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  212.753075][ T2893] EXT4-fs error (device loop2): ext4_lookup:1862: inode #2: comm syz.2.732: deleted inode referenced: 16
[  212.772887][ T2893] EXT4-fs error (device loop2): ext4_lookup:1862: inode #2: comm syz.2.732: deleted inode referenced: 16
[  212.801970][ T2893] overlayfs: failed to resolve './file2': -117
[  213.311159][ T2769] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  213.475418][ T2905] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  215.126404][ T2901] random: crng reseeded on system resumption
[  215.223726][ T2909] netlink: 60 bytes leftover after parsing attributes in process `syz.3.737'.
[  215.554593][ T2916] FAULT_INJECTION: forcing a failure.
[  215.554593][ T2916] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  215.587348][ T2916] CPU: 0 PID: 2916 Comm: syz.0.739 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  215.597099][ T2916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  215.607169][ T2916] Call Trace:
[  215.610457][ T2916]  <TASK>
[  215.613395][ T2916]  __dump_stack+0x21/0x24
[  215.617748][ T2916]  dump_stack_lvl+0xee/0x150
[  215.622357][ T2916]  ? __cfi_dump_stack_lvl+0x8/0x8
[  215.627403][ T2916]  dump_stack+0x15/0x24
[  215.632009][ T2916]  should_fail_ex+0x3d4/0x520
[  215.636706][ T2916]  should_fail_alloc_page+0x61/0x90
[  215.641935][ T2916]  prepare_alloc_pages+0x148/0x5f0
[  215.647088][ T2916]  ? __alloc_pages_bulk+0x9c0/0x9c0
[  215.652318][ T2916]  ? map_create+0x49c/0xd80
[  215.656864][ T2916]  ? __x64_sys_bpf+0x7c/0x90
[  215.661489][ T2916]  ? x64_sys_call+0x488/0x9a0
[  215.666207][ T2916]  ? do_syscall_64+0x4c/0xa0
[  215.670831][ T2916]  __alloc_pages+0x115/0x3a0
[  215.675452][ T2916]  ? __cfi___alloc_pages+0x10/0x10
[  215.680588][ T2916]  ? __cfi__raw_spin_lock+0x10/0x10
[  215.685814][ T2916]  __get_free_pages+0xe/0x30
[  215.690431][ T2916]  kasan_populate_vmalloc_pte+0x29/0x120
[  215.696099][ T2916]  __apply_to_page_range+0x8c1/0xc00
[  215.701409][ T2916]  ? __cfi_kasan_populate_vmalloc_pte+0x10/0x10
[  215.707695][ T2916]  ? __cfi_kasan_populate_vmalloc_pte+0x10/0x10
[  215.714058][ T2916]  apply_to_page_range+0x3b/0x50
[  215.719017][ T2916]  kasan_populate_vmalloc+0x60/0x70
[  215.724237][ T2916]  alloc_vmap_area+0x173e/0x1870
[  215.729292][ T2916]  ? vm_map_ram+0x930/0x930
[  215.733917][ T2916]  ? __kasan_kmalloc+0x95/0xb0
[  215.738709][ T2916]  ? kmalloc_node_trace+0x3d/0xb0
[  215.743771][ T2916]  __get_vm_area_node+0x160/0x360
[  215.748831][ T2916]  __vmalloc_node_range+0x326/0x13d0
[  215.754335][ T2916]  ? prealloc_init+0x146/0x8f0
[  215.759214][ T2916]  ? pcpu_memcg_post_alloc_hook+0x177/0x270
[  215.765138][ T2916]  ? __bitmap_weight+0xb3/0x100
[  215.770089][ T2916]  ? __cfi___vmalloc_node_range+0x10/0x10
[  215.775819][ T2916]  ? __alloc_percpu_gfp+0x25/0x30
[  215.780836][ T2916]  ? pcpu_alloc+0x1108/0x16b0
[  215.785521][ T2916]  bpf_map_area_alloc+0xd7/0xe0
[  215.790406][ T2916]  ? prealloc_init+0x146/0x8f0
[  215.795212][ T2916]  prealloc_init+0x146/0x8f0
[  215.799835][ T2916]  htab_map_alloc+0xb24/0xfd0
[  215.804536][ T2916]  map_create+0x49c/0xd80
[  215.808905][ T2916]  __sys_bpf+0x30b/0x780
[  215.813190][ T2916]  ? bpf_link_show_fdinfo+0x320/0x320
[  215.818775][ T2916]  ? __cfi_ksys_write+0x10/0x10
[  215.823655][ T2916]  ? debug_smp_processor_id+0x17/0x20
[  215.829054][ T2916]  __x64_sys_bpf+0x7c/0x90
[  215.833497][ T2916]  x64_sys_call+0x488/0x9a0
[  215.838281][ T2916]  do_syscall_64+0x4c/0xa0
[  215.842719][ T2916]  ? clear_bhb_loop+0x15/0x70
[  215.847410][ T2916]  ? clear_bhb_loop+0x15/0x70
[  215.852107][ T2916]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  215.858025][ T2916] RIP: 0033:0x7faebeb8e969
[  215.862456][ T2916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.882073][ T2916] RSP: 002b:00007faebf9cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  215.890507][ T2916] RAX: ffffffffffffffda RBX: 00007faebedb5fa0 RCX: 00007faebeb8e969
[  215.898499][ T2916] RDX: 0000000000000050 RSI: 0000200000000840 RDI: 0000000000000000
[  215.906573][ T2916] RBP: 00007faebf9cf090 R08: 0000000000000000 R09: 0000000000000000
[  215.914571][ T2916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  215.922569][ T2916] R13: 0000000000000000 R14: 00007faebedb5fa0 R15: 00007fff3002a398
[  215.930561][ T2916]  </TASK>
[  216.273132][   T28] audit: type=1400 audit(1748677486.902:615): avc:  denied  { bind } for  pid=2914 comm="syz.1.740" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  216.502501][  T286] EXT4-fs (loop2): unmounting filesystem.
[  216.508881][ T2925] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  216.527561][ T2925] EXT4-fs error (device loop2): ext4_release_dquot:6825: comm kworker/u4:8: Failed to release dquot type 1
[  216.620820][ T2936] loop2: detected capacity change from 0 to 1024
[  216.703301][ T2936] EXT4-fs error (device loop2): __ext4_fill_super:5377: inode #2: comm syz.2.744: casefold flag without casefold feature
[  216.716411][ T2936] EXT4-fs (loop2): get root inode failed
[  216.729560][ T2936] EXT4-fs (loop2): mount failed
[  216.919688][ T2943] random: crng reseeded on system resumption
[  217.181521][  T303] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[  217.575285][ T2947] netlink: 4 bytes leftover after parsing attributes in process `syz.2.744'.
[  218.083345][ T2954] random: crng reseeded on system resumption
[  218.569607][  T303] usb 5-1: device descriptor read/all, error -71
[  218.734515][   T39] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  218.961853][   T39] usb 3-1: Using ep0 maxpacket: 8
[  218.969001][   T39] usb 3-1: config 1 has an invalid interface number: 128 but max is 1
[  219.048707][   T39] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  219.067846][   T39] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  219.085693][   T39] usb 3-1: config 1 has no interface number 0
[  219.101695][   T39] usb 3-1: config 1 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  219.114020][   T39] usb 3-1: config 1 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  219.132138][   T39] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  219.165263][   T39] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.237971][   T39] usb 3-1: Product: syz
[  219.252764][   T39] usb 3-1: Manufacturer: syz
[  219.259487][   T39] usb 3-1: SerialNumber: syz
[  219.358778][ T2978] FAULT_INJECTION: forcing a failure.
[  219.358778][ T2978] name failslab, interval 1, probability 0, space 0, times 0
[  219.371501][ T2978] CPU: 0 PID: 2978 Comm: syz.0.754 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  219.381226][ T2978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  219.391289][ T2978] Call Trace:
[  219.394572][ T2978]  <TASK>
[  219.397507][ T2978]  __dump_stack+0x21/0x24
[  219.401858][ T2978]  dump_stack_lvl+0xee/0x150
[  219.406462][ T2978]  ? __cfi_dump_stack_lvl+0x8/0x8
[  219.411505][ T2978]  dump_stack+0x15/0x24
[  219.415673][ T2978]  should_fail_ex+0x3d4/0x520
[  219.420360][ T2978]  __should_failslab+0xac/0xf0
[  219.425135][ T2978]  ? rtm_new_nexthop+0x1a69/0x6150
[  219.430265][ T2978]  should_failslab+0x9/0x20
[  219.434789][ T2978]  __kmem_cache_alloc_node+0x3d/0x2c0
[  219.440173][ T2978]  ? kasan_save_alloc_info+0x25/0x30
[  219.445481][ T2978]  ? rtm_new_nexthop+0x1a69/0x6150
[  219.450621][ T2978]  kmalloc_trace+0x29/0xb0
[  219.455065][ T2978]  rtm_new_nexthop+0x1a69/0x6150
[  219.460036][ T2978]  ? irqentry_exit+0x37/0x40
[  219.464634][ T2978]  ? sysvec_call_function_single+0x61/0xc0
[  219.470453][ T2978]  ? asm_sysvec_call_function_single+0x1b/0x20
[  219.476617][ T2978]  ? __cfi_rtm_new_nexthop+0x10/0x10
[  219.481921][ T2978]  ? avc_has_perm_noaudit+0x251/0x460
[  219.487311][ T2978]  ? avc_has_perm_noaudit+0x35e/0x460
[  219.492712][ T2978]  ? memcpy+0x56/0x70
[  219.496722][ T2978]  ? avc_has_perm_noaudit+0x2f4/0x460
[  219.502119][ T2978]  ? __cfi_avc_has_perm_noaudit+0x10/0x10
[  219.507865][ T2978]  ? selinux_capable+0x29c/0x380
[  219.512842][ T2978]  ? __cfi_selinux_capable+0x10/0x10
[  219.518147][ T2978]  ? cap_capable+0x1aa/0x230
[  219.522754][ T2978]  ? ns_capable+0x8c/0xf0
[  219.527089][ T2978]  ? netlink_net_capable+0x125/0x160
[  219.532393][ T2978]  ? __cfi_rtm_new_nexthop+0x10/0x10
[  219.537698][ T2978]  rtnetlink_rcv_msg+0x9f4/0xcf0
[  219.542647][ T2978]  ? 0xffffffffa00009e4
[  219.546808][ T2978]  ? __cfi_rtnetlink_rcv_msg+0x10/0x10
[  219.552277][ T2978]  ? __kernel_text_address+0xd/0x30
[  219.557486][ T2978]  ? unwind_get_return_address+0x4d/0x90
[  219.563127][ T2978]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  219.569293][ T2978]  ? memcpy+0x56/0x70
[  219.573291][ T2978]  ? avc_has_perm_noaudit+0x2f4/0x460
[  219.578680][ T2978]  ? __cfi_avc_has_perm_noaudit+0x10/0x10
[  219.584435][ T2978]  ? slab_post_alloc_hook+0x4f/0x2d0
[  219.589738][ T2978]  ? avc_has_perm+0x158/0x240
[  219.594424][ T2978]  ? ____sys_sendmsg+0x5a9/0x990
[  219.599378][ T2978]  ? ___sys_sendmsg+0x21c/0x290
[  219.604245][ T2978]  ? __cfi_avc_has_perm+0x10/0x10
[  219.609288][ T2978]  ? selinux_nlmsg_lookup+0x416/0x4c0
[  219.614683][ T2978]  netlink_rcv_skb+0x1f2/0x440
[  219.619463][ T2978]  ? __cfi_rtnetlink_rcv_msg+0x10/0x10
[  219.624941][ T2978]  ? __cfi_netlink_rcv_skb+0x10/0x10
[  219.630260][ T2978]  ? __netlink_lookup+0x387/0x3b0
[  219.635316][ T2978]  rtnetlink_rcv+0x1c/0x20
[  219.639749][ T2978]  netlink_unicast+0x8b1/0xa30
[  219.644527][ T2978]  netlink_sendmsg+0x8aa/0xbc0
[  219.649306][ T2978]  ? irqentry_exit+0x37/0x40
[  219.653912][ T2978]  ? __cfi_netlink_sendmsg+0x10/0x10
[  219.659219][ T2978]  ? security_socket_sendmsg+0x93/0xb0
[  219.664694][ T2978]  ? __cfi_netlink_sendmsg+0x10/0x10
[  219.670012][ T2978]  ____sys_sendmsg+0x5a9/0x990
[  219.674797][ T2978]  ? __sys_sendmsg_sock+0x40/0x40
[  219.679841][ T2978]  ? import_iovec+0x7c/0xb0
[  219.684360][ T2978]  ___sys_sendmsg+0x21c/0x290
[  219.689059][ T2978]  ? __sys_sendmsg+0x270/0x270
[  219.693860][ T2978]  ? __kasan_record_aux_stack+0xb6/0xc0
[  219.699429][ T2978]  ? __kasan_check_write+0x14/0x20
[  219.704554][ T2978]  ? proc_fail_nth_write+0x17a/0x1f0
[  219.709868][ T2978]  ? vfs_write+0x9d6/0xca0
[  219.714310][ T2978]  ? __fdget+0x19c/0x220
[  219.718573][ T2978]  __x64_sys_sendmsg+0x1f0/0x2c0
[  219.723531][ T2978]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[  219.729012][ T2978]  ? fpregs_assert_state_consistent+0xb1/0xe0
[  219.735093][ T2978]  x64_sys_call+0x171/0x9a0
[  219.739781][ T2978]  do_syscall_64+0x4c/0xa0
[  219.744245][ T2978]  ? clear_bhb_loop+0x15/0x70
[  219.748942][ T2978]  ? clear_bhb_loop+0x15/0x70
[  219.753627][ T2978]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  219.759553][ T2978] RIP: 0033:0x7faebeb8e969
[  219.763973][ T2978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.783940][ T2978] RSP: 002b:00007faebf98d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  219.792452][ T2978] RAX: ffffffffffffffda RBX: 00007faebedb6160 RCX: 00007faebeb8e969
[  219.800428][ T2978] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 000000000000000a
[  219.808576][ T2978] RBP: 00007faebf98d090 R08: 0000000000000000 R09: 0000000000000000
[  219.816554][ T2978] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  219.824530][ T2978] R13: 0000000000000000 R14: 00007faebedb6160 R15: 00007fff3002a398
[  219.832515][ T2978]  </TASK>
[  220.146796][ T2978] device batadv_slave_0 entered promiscuous mode
[  220.546926][ T2986] random: crng reseeded on system resumption
[  222.466748][   T39] cdc_wdm 3-1:1.128: skipping garbage
[  222.561230][ T2994] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  222.764505][   T39] cdc_wdm 3-1:1.128: cdc-wdm0: USB WDM device
[  222.782942][   T39] usb 3-1: USB disconnect, device number 12
[  223.124217][ T3003] loop2: detected capacity change from 0 to 16
[  223.150737][ T3005] FAULT_INJECTION: forcing a failure.
[  223.150737][ T3005] name failslab, interval 1, probability 0, space 0, times 0
[  223.155123][ T3003] erofs: (device loop2): z_erofs_load_lz4_config: invalid lz4 cfgs, size=4
[  223.177016][ T3005] CPU: 0 PID: 3005 Comm: syz.4.763 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  223.186785][ T3005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  223.196847][ T3005] Call Trace:
[  223.200167][ T3005]  <TASK>
[  223.203096][ T3005]  __dump_stack+0x21/0x24
[  223.207439][ T3005]  dump_stack_lvl+0xee/0x150
[  223.212040][ T3005]  ? __cfi_dump_stack_lvl+0x8/0x8
[  223.217071][ T3005]  dump_stack+0x15/0x24
[  223.221226][ T3005]  should_fail_ex+0x3d4/0x520
[  223.225905][ T3005]  ? security_file_alloc+0x33/0x130
[  223.231099][ T3005]  __should_failslab+0xac/0xf0
[  223.235861][ T3005]  should_failslab+0x9/0x20
[  223.240366][ T3005]  kmem_cache_alloc+0x3b/0x330
[  223.245142][ T3005]  ? __alloc_file+0x28/0x2a0
[  223.249731][ T3005]  security_file_alloc+0x33/0x130
[  223.254752][ T3005]  __alloc_file+0xb5/0x2a0
[  223.259193][ T3005]  alloc_empty_file+0x97/0x180
[  223.263955][ T3005]  alloc_file+0x59/0x640
[  223.268205][ T3005]  alloc_file_pseudo+0x17a/0x1f0
[  223.273164][ T3005]  ? __cfi_alloc_file_pseudo+0x10/0x10
[  223.278651][ T3005]  ? _raw_spin_unlock+0x4c/0x70
[  223.283523][ T3005]  ? alloc_fd+0x4e6/0x590
[  223.287861][ T3005]  sock_alloc_file+0xba/0x270
[  223.292543][ T3005]  __sys_socket+0x135/0x1a0
[  223.297047][ T3005]  __x64_sys_socket+0x7a/0x90
[  223.301723][ T3005]  x64_sys_call+0x449/0x9a0
[  223.306228][ T3005]  do_syscall_64+0x4c/0xa0
[  223.310644][ T3005]  ? clear_bhb_loop+0x15/0x70
[  223.315318][ T3005]  ? clear_bhb_loop+0x15/0x70
[  223.320013][ T3005]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  223.325918][ T3005] RIP: 0033:0x7f3634f8e969
[  223.330331][ T3005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.349933][ T3005] RSP: 002b:00007f3635e12038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  223.358343][ T3005] RAX: ffffffffffffffda RBX: 00007f36351b5fa0 RCX: 00007f3634f8e969
[  223.366312][ T3005] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[  223.374275][ T3005] RBP: 00007f3635e12090 R08: 0000000000000000 R09: 0000000000000000
[  223.382242][ T3005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  223.390208][ T3005] R13: 0000000000000000 R14: 00007f36351b5fa0 R15: 00007fff1357b488
[  223.398264][ T3005]  </TASK>
[  223.432547][ T2769] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  223.553626][ T3012] FAULT_INJECTION: forcing a failure.
[  223.553626][ T3012] name failslab, interval 1, probability 0, space 0, times 0
[  223.578463][ T3012] CPU: 1 PID: 3012 Comm: syz.0.766 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  223.580984][ T3014] loop4: detected capacity change from 0 to 512
[  223.588221][ T3012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  223.588235][ T3012] Call Trace:
[  223.588242][ T3012]  <TASK>
[  223.588249][ T3012]  __dump_stack+0x21/0x24
[  223.588281][ T3012]  dump_stack_lvl+0xee/0x150
[  223.588308][ T3012]  ? __cfi_dump_stack_lvl+0x8/0x8
[  223.601701][ T1259] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  223.604585][ T3012]  ? __kasan_check_read+0x11/0x20
[  223.637228][ T3012]  dump_stack+0x15/0x24
[  223.641407][ T3012]  should_fail_ex+0x3d4/0x520
[  223.646096][ T3012]  ? skb_clone+0x1f5/0x380
[  223.650535][ T3012]  __should_failslab+0xac/0xf0
[  223.652171][ T3014] ext4: Unknown parameter 'uid<00000000000000000000'
[  223.655312][ T3012]  should_failslab+0x9/0x20
[  223.666463][ T3012]  kmem_cache_alloc+0x3b/0x330
[  223.671236][ T3012]  skb_clone+0x1f5/0x380
[  223.675488][ T3012]  bpf_clone_redirect+0xa7/0x3c0
[  223.680425][ T3012]  ? __kasan_check_write+0x14/0x20
[  223.685537][ T3012]  ? __switch_to+0x51f/0xe30
[  223.690124][ T3012]  bpf_prog_6893982b85ceadf7+0x56/0x5b
[  223.695578][ T3012]  ? __cfi___switch_to+0x10/0x10
[  223.700604][ T3012]  ? _raw_spin_unlock+0x4c/0x70
[  223.705461][ T3012]  ? finish_task_switch+0x16b/0x7b0
[  223.710668][ T3012]  ? __switch_to_asm+0x3a/0x60
[  223.715435][ T3012]  ? __schedule+0xb8f/0x14e0
[  223.720029][ T3012]  ? ktime_get+0x141/0x170
[  223.724446][ T3012]  bpf_test_run+0x349/0x8d0
[  223.728945][ T3012]  ? __kasan_check_read+0x11/0x20
[  223.733976][ T3012]  ? convert___skb_to_skb+0x5b0/0x5b0
[  223.739352][ T3012]  ? convert___skb_to_skb+0x40/0x5b0
[  223.744634][ T3012]  bpf_prog_test_run_skb+0xaec/0x1290
[  223.750011][ T3012]  ? __cfi_bpf_prog_test_run_skb+0x10/0x10
[  223.755814][ T3012]  bpf_prog_test_run+0x3e3/0x630
[  223.760749][ T3012]  ? bpf_prog_query+0x270/0x270
[  223.765591][ T3012]  ? selinux_bpf+0xce/0xf0
[  223.770007][ T3012]  ? security_bpf+0x93/0xb0
[  223.774514][ T3012]  __sys_bpf+0x56d/0x780
[  223.778757][ T3012]  ? __kasan_check_read+0x11/0x20
[  223.783899][ T3012]  ? bpf_link_show_fdinfo+0x320/0x320
[  223.789278][ T3012]  ? sysvec_reschedule_ipi+0x78/0x80
[  223.794821][ T3012]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[  223.800466][ T3012]  __x64_sys_bpf+0x7c/0x90
[  223.804885][ T3012]  x64_sys_call+0x488/0x9a0
[  223.809388][ T3012]  do_syscall_64+0x4c/0xa0
[  223.813809][ T3012]  ? clear_bhb_loop+0x15/0x70
[  223.818483][ T3012]  ? clear_bhb_loop+0x15/0x70
[  223.823156][ T3012]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  223.829054][ T3012] RIP: 0033:0x7faebeb8e969
[  223.833464][ T3012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.853066][ T3012] RSP: 002b:00007faebf9cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  223.861563][ T3012] RAX: ffffffffffffffda RBX: 00007faebedb5fa0 RCX: 00007faebeb8e969
[  223.869533][ T3012] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a
[  223.877507][ T3012] RBP: 00007faebf9cf090 R08: 0000000000000000 R09: 0000000000000000
[  223.885479][ T3012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  223.893460][ T3012] R13: 0000000000000000 R14: 00007faebedb5fa0 R15: 00007fff3002a398
[  223.901483][ T3012]  </TASK>
[  224.002930][ T1259] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  224.027991][ T1259] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  224.414001][ T1259] usb 2-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  224.423468][ T1259] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  224.433236][ T1259] usb 2-1: config 0 descriptor??
[  224.461255][ T3026] loop0: detected capacity change from 0 to 256
[  224.560298][ T3026] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  224.682963][ T3031] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  224.836629][ T3036] random: crng reseeded on system resumption
[  225.478199][ T3050] netlink: 60 bytes leftover after parsing attributes in process `syz.4.777'.
[  225.522977][ T1259] hid-led: probe of 0003:27B8:01ED.0009 failed with error -71
[  225.541392][ T1259] usb 2-1: USB disconnect, device number 14
[  226.616156][ T3058] 9pnet_fd: Insufficient options for proto=fd
[  226.624326][ T3058] syz.2.780[3058] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  226.624428][ T3058] syz.2.780[3058] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  226.636832][   T28] audit: type=1400 audit(1748677497.242:616): avc:  denied  { read } for  pid=3057 comm="syz.2.780" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  226.643819][ T3058] fuse: Unknown parameter '00000000000000000009'
[  227.613285][ T3058] syz.2.780[3058] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  227.613391][ T3058] syz.2.780[3058] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  227.658202][   T28] audit: type=1400 audit(1748677498.282:617): avc:  denied  { create } for  pid=3067 comm="syz.4.784" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  227.661344][ T3066] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  227.698022][ T3069] syz.2.780[3069] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  227.698131][ T3069] syz.2.780[3069] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  227.742920][ T3068] loop4: detected capacity change from 0 to 128
[  227.748030][ T3064] mmap: syz.3.782 (3064) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  227.765765][   T28] audit: type=1400 audit(1748677498.372:618): avc:  denied  { ioctl } for  pid=3063 comm="syz.3.782" path="socket:[24380]" dev="sockfs" ino=24380 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  227.798218][   T28] audit: type=1326 audit(1748677498.412:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3063 comm="syz.3.782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0593d8e969 code=0x7ffc0000
[  227.832606][ T2769] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  227.861690][   T28] audit: type=1326 audit(1748677498.412:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3063 comm="syz.3.782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7f0593d8e969 code=0x7ffc0000
[  227.921184][   T28] audit: type=1326 audit(1748677498.412:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3063 comm="syz.3.782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0593d8e969 code=0x7ffc0000
[  228.472656][ T3077] fuse: Bad value for 'fd'
[  228.488807][ T3068] SELinux: ebitmap: truncated map
[  228.498912][   T28] audit: type=1326 audit(1748677498.412:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3063 comm="syz.3.782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0593d8e969 code=0x7ffc0000
[  228.499500][ T3068] SELinux: failed to load policy
[  228.527267][   T28] audit: type=1326 audit(1748677498.412:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3063 comm="syz.3.782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0593d8e969 code=0x7ffc0000
[  228.552073][   T28] audit: type=1326 audit(1748677498.412:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3063 comm="syz.3.782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0593d8e969 code=0x7ffc0000
[  228.576075][   T28] audit: type=1326 audit(1748677498.412:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3063 comm="syz.3.782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0593d8e969 code=0x7ffc0000
[  228.576142][ T3068] SELinux:  policydb magic number 0x2e202123 does not match expected magic number 0xf97cff8c
[  228.609639][ T3068] SELinux: failed to load policy
[  228.621762][ T1259] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  228.811715][ T1259] usb 3-1: Using ep0 maxpacket: 32
[  228.830977][ T1259] usb 3-1: config 64 has an invalid interface number: 129 but max is 1
[  228.839502][ T1259] usb 3-1: config 64 contains an unexpected descriptor of type 0x1, skipping
[  228.848589][ T1259] usb 3-1: config 64 has an invalid interface number: 226 but max is 1
[  228.857155][ T1259] usb 3-1: config 64 contains an unexpected descriptor of type 0x1, skipping
[  228.870575][ T1259] usb 3-1: config 64 contains an unexpected descriptor of type 0x2, skipping
[  228.891721][   T39] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  229.091739][   T39] usb 4-1: Using ep0 maxpacket: 8
[  229.101132][   T39] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  229.155686][   T39] usb 4-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  229.165596][ T1259] usb 3-1: config 64 has an invalid descriptor of length 0, skipping remainder of the config
[  229.175839][ T1259] usb 3-1: config 64 has no interface number 0
[  229.182056][ T1259] usb 3-1: config 64 has no interface number 1
[  229.182221][   T39] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  229.188237][ T1259] usb 3-1: config 64 interface 129 altsetting 7 endpoint 0x4 has invalid maxpacket 512, setting to 64
[  229.188276][ T1259] usb 3-1: config 64 interface 129 altsetting 7 has an invalid endpoint with address 0x0, skipping
[  229.211435][   T39] usb 4-1: Product: syz
[  229.222749][   T39] usb 4-1: Manufacturer: syz
[  229.227449][   T39] usb 4-1: SerialNumber: syz
[  229.231672][ T1259] usb 3-1: config 64 interface 129 altsetting 7 has a duplicate endpoint with address 0xE, skipping
[  229.242987][ T1259] usb 3-1: config 64 interface 129 altsetting 7 has a duplicate endpoint with address 0x4, skipping
[  229.246597][   T39] usb 4-1: config 0 descriptor??
[  229.254041][ T1259] usb 3-1: config 64 interface 129 altsetting 7 has an invalid endpoint with address 0xFD, skipping
[  229.269717][ T1259] usb 3-1: config 64 interface 129 altsetting 7 endpoint 0x9 has invalid maxpacket 1024, setting to 64
[  229.280966][ T1259] usb 3-1: config 64 interface 129 altsetting 7 has 8 endpoint descriptors, different from the interface descriptor's value: 7
[  229.294301][ T1259] usb 3-1: config 64 interface 226 altsetting 9 has an invalid endpoint with address 0x64, skipping
[  229.305256][ T1259] usb 3-1: config 64 interface 226 altsetting 9 has a duplicate endpoint with address 0xB, skipping
[  229.316211][ T1259] usb 3-1: config 64 interface 226 altsetting 9 endpoint 0x7 has invalid maxpacket 1023, setting to 64
[  229.327432][ T1259] usb 3-1: config 64 interface 226 altsetting 9 has an invalid endpoint with address 0x80, skipping
[  229.338405][ T1259] usb 3-1: config 64 interface 226 altsetting 9 endpoint 0x8 has invalid maxpacket 512, setting to 64
[  229.349533][ T1259] usb 3-1: config 64 interface 226 altsetting 9 has an invalid endpoint with address 0x80, skipping
[  229.360471][ T1259] usb 3-1: config 64 interface 226 altsetting 9 has a duplicate endpoint with address 0xE, skipping
[  229.371646][ T1259] usb 3-1: config 64 interface 226 altsetting 9 has a duplicate endpoint with address 0xF, skipping
[  229.382591][ T1259] usb 3-1: config 64 interface 129 has no altsetting 0
[  229.389476][ T1259] usb 3-1: config 64 interface 226 has no altsetting 0
[  229.398177][ T1259] usb 3-1: New USB device found, idVendor=1199, idProduct=9091, bcdDevice=9e.25
[  229.407504][ T1259] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  229.415665][ T1259] usb 3-1: Product: syz
[  229.419908][ T1259] usb 3-1: Manufacturer: syz
[  229.424805][ T1259] usb 3-1: SerialNumber: syz
[  229.507277][  T287] usb 4-1: USB disconnect, device number 7
[  229.636296][ T3094] netlink: 60 bytes leftover after parsing attributes in process `syz.4.792'.
[  229.664722][ T1259] usb 3-1: USB disconnect, device number 13
[  231.007767][ T3106] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  231.271944][ T3119] FAULT_INJECTION: forcing a failure.
[  231.271944][ T3119] name failslab, interval 1, probability 0, space 0, times 0
[  231.311752][   T39] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  231.346927][ T3119] CPU: 1 PID: 3119 Comm: syz.0.801 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  231.356694][ T3119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  231.366758][ T3119] Call Trace:
[  231.370044][ T3119]  <TASK>
[  231.373077][ T3119]  __dump_stack+0x21/0x24
[  231.377425][ T3119]  dump_stack_lvl+0xee/0x150
[  231.382033][ T3119]  ? __cfi_dump_stack_lvl+0x8/0x8
[  231.387089][ T3119]  ? dump_stack_lvl+0xd/0x150
[  231.391781][ T3119]  dump_stack+0x15/0x24
[  231.395955][ T3119]  should_fail_ex+0x3d4/0x520
[  231.400662][ T3119]  __should_failslab+0xac/0xf0
[  231.405451][ T3119]  should_failslab+0x9/0x20
[  231.406498][ T3121] loop3: detected capacity change from 0 to 1024
[  231.409985][ T3119]  kmem_cache_alloc_node+0x42/0x340
[  231.410013][ T3119]  ? __alloc_skb+0xdf/0x7e0
[  231.426027][ T3119]  __alloc_skb+0xdf/0x7e0
[  231.430404][ T3119]  netlink_ack+0x372/0x1100
[  231.434942][ T3119]  ? genl_rcv_msg+0x278/0x770
[  231.436792][ T3121] EXT4-fs error (device loop3): __ext4_fill_super:5377: inode #2: comm syz.3.802: casefold flag without casefold feature
[  231.439658][ T3119]  ? __cfi_genl_rcv_msg+0x10/0x10
[  231.452582][ T3121] EXT4-fs (loop3): get root inode failed
[  231.457256][ T3119]  ? __cfi_netlink_ack+0x10/0x10
[  231.463282][ T3121] EXT4-fs (loop3): mount failed
[  231.467815][ T3119]  ? selinux_nlmsg_lookup+0x33c/0x4c0
[  231.478022][ T3119]  netlink_rcv_skb+0x277/0x440
[  231.482811][ T3119]  ? __cfi_genl_rcv_msg+0x10/0x10
[  231.487938][ T3119]  ? __cfi_netlink_rcv_skb+0x10/0x10
[  231.493235][ T3119]  ? down_read+0xa0/0xf0
[  231.497478][ T3119]  ? __cfi_down_read+0x10/0x10
[  231.502246][ T3119]  ? netlink_unicast+0x502/0xa30
[  231.507188][ T3119]  genl_rcv+0x28/0x40
[  231.511179][ T3119]  netlink_unicast+0x8b1/0xa30
[  231.515951][ T3119]  netlink_sendmsg+0x8aa/0xbc0
[  231.520713][ T3119]  ? sysvec_reschedule_ipi+0x78/0x80
[  231.525997][ T3119]  ? __cfi_netlink_sendmsg+0x10/0x10
[  231.531286][ T3119]  ? ____sys_sendmsg+0x61/0x990
[  231.536145][ T3119]  ? security_socket_sendmsg+0x93/0xb0
[  231.541608][ T3119]  ? __cfi_netlink_sendmsg+0x10/0x10
[  231.546907][ T3119]  ____sys_sendmsg+0x5a9/0x990
[  231.551676][ T3119]  ? __sys_sendmsg_sock+0x40/0x40
[  231.556708][ T3119]  ? import_iovec+0x7c/0xb0
[  231.561216][ T3119]  ___sys_sendmsg+0x21c/0x290
[  231.565899][ T3119]  ? __sys_sendmsg+0x270/0x270
[  231.570672][ T3119]  ? __cfi___switch_to+0x10/0x10
[  231.575616][ T3119]  ? __fdget+0x19c/0x220
[  231.579898][ T3119]  __x64_sys_sendmsg+0x1f0/0x2c0
[  231.584856][ T3119]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[  231.590363][ T3119]  ? __bpf_trace_sys_enter+0x62/0x70
[  231.595648][ T3119]  ? trace_sys_enter+0x3d/0x50
[  231.600411][ T3119]  x64_sys_call+0x171/0x9a0
[  231.604921][ T3119]  do_syscall_64+0x4c/0xa0
[  231.609340][ T3119]  ? clear_bhb_loop+0x15/0x70
[  231.614016][ T3119]  ? clear_bhb_loop+0x15/0x70
[  231.618694][ T3119]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  231.624631][ T3119] RIP: 0033:0x7faebeb8e969
[  231.629071][ T3119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  231.648679][ T3119] RSP: 002b:00007faebf9cf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  231.657106][ T3119] RAX: ffffffffffffffda RBX: 00007faebedb5fa0 RCX: 00007faebeb8e969
[  231.665076][ T3119] RDX: 0000000000005040 RSI: 00002000000001c0 RDI: 0000000000000004
[  231.673048][ T3119] RBP: 00007faebf9cf090 R08: 0000000000000000 R09: 0000000000000000
[  231.681019][ T3119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  231.688992][ T3119] R13: 0000000000000000 R14: 00007faebedb5fa0 R15: 00007fff3002a398
[  231.696972][ T3119]  </TASK>
[  231.853011][   T39] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  231.863612][   T39] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  232.376288][   T39] usb 2-1: config 1 interface 1 altsetting 1 has an invalid endpoint with address 0xB7, skipping
[  232.387404][   T39] usb 2-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  232.415795][   T39] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  232.436548][   T39] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  232.437765][ T3131] netlink: 4 bytes leftover after parsing attributes in process `syz.3.802'.
[  232.451855][   T39] usb 2-1: Product: syz
[  232.473302][   T39] usb 2-1: Manufacturer: syz
[  232.495196][   T39] usb 2-1: SerialNumber: syz
[  232.613074][ T3139] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  232.663481][ T3143] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  232.743301][   T39] cdc_ncm 2-1:1.0: bind() failure
[  232.749613][   T39] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  232.765118][   T39] cdc_ncm 2-1:1.1: bind() failure
[  232.789073][   T39] usb 2-1: USB disconnect, device number 15
[  232.930351][ T2777] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  233.065697][ T3169] random: crng reseeded on system resumption
[  233.503671][ T2777] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  233.539500][ T2777] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  233.601530][ T2777] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  234.230265][ T2777] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  234.687241][ T2777] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.767542][ T2777] usb 3-1: config 0 descriptor??
[  234.769084][ T3177] loop1: detected capacity change from 0 to 1024
[  234.833689][ T3177] EXT4-fs error (device loop1): __ext4_fill_super:5377: inode #2: comm syz.1.817: casefold flag without casefold feature
[  234.858433][ T3177] EXT4-fs (loop1): get root inode failed
[  234.865606][ T3177] EXT4-fs (loop1): mount failed
[  234.984122][ T3141] x_tables: duplicate underflow at hook 4
[  235.474231][ T3141] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  235.492282][ T3185] netlink: 4 bytes leftover after parsing attributes in process `syz.1.817'.
[  235.564606][ T3141] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  235.631562][ T2777] usbhid 3-1:0.0: can't add hid device: -71
[  235.638984][ T2777] usbhid: probe of 3-1:0.0 failed with error -71
[  235.649361][ T2777] usb 3-1: USB disconnect, device number 14
[  235.681729][ T3190] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  235.768511][ T3197] netlink: 60 bytes leftover after parsing attributes in process `syz.4.819'.
[  235.815581][ T3199] FAULT_INJECTION: forcing a failure.
[  235.815581][ T3199] name failslab, interval 1, probability 0, space 0, times 0
[  235.848586][ T3199] CPU: 0 PID: 3199 Comm: syz.0.824 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  235.858359][ T3199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  235.868445][ T3199] Call Trace:
[  235.871740][ T3199]  <TASK>
[  235.874679][ T3199]  __dump_stack+0x21/0x24
[  235.879033][ T3199]  dump_stack_lvl+0xee/0x150
[  235.883646][ T3199]  ? __cfi_dump_stack_lvl+0x8/0x8
[  235.888693][ T3199]  ? avc_has_perm_noaudit+0x2f4/0x460
[  235.894089][ T3199]  dump_stack+0x15/0x24
[  235.898270][ T3199]  should_fail_ex+0x3d4/0x520
[  235.902970][ T3199]  __should_failslab+0xac/0xf0
[  235.907756][ T3199]  ? alloc_fs_context+0x64/0x7b0
[  235.912712][ T3199]  should_failslab+0x9/0x20
[  235.917245][ T3199]  __kmem_cache_alloc_node+0x3d/0x2c0
[  235.922641][ T3199]  ? selinux_capable+0x29c/0x380
[  235.927606][ T3199]  ? alloc_fs_context+0x64/0x7b0
[  235.932569][ T3199]  kmalloc_trace+0x29/0xb0
[  235.937016][ T3199]  alloc_fs_context+0x64/0x7b0
[  235.941811][ T3199]  ? _raw_read_unlock+0x25/0x40
[  235.946695][ T3199]  fs_context_for_mount+0x22/0x30
[  235.951752][ T3199]  do_new_mount+0x122/0xa20
[  235.956274][ T3199]  path_mount+0x675/0x1010
[  235.960737][ T3199]  ? user_path_at_empty+0x161/0x1c0
[  235.965949][ T3199]  __se_sys_mount+0x318/0x380
[  235.970643][ T3199]  ? __x64_sys_mount+0xd0/0xd0
[  235.975421][ T3199]  ? __cfi_ksys_write+0x10/0x10
[  235.980278][ T3199]  __x64_sys_mount+0xbf/0xd0
[  235.984872][ T3199]  x64_sys_call+0x65d/0x9a0
[  235.989422][ T3199]  do_syscall_64+0x4c/0xa0
[  235.993849][ T3199]  ? clear_bhb_loop+0x15/0x70
[  235.998539][ T3199]  ? clear_bhb_loop+0x15/0x70
[  236.003230][ T3199]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  236.009138][ T3199] RIP: 0033:0x7faebeb8e969
[  236.013549][ T3199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  236.033150][ T3199] RSP: 002b:00007faebf9cf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  236.041563][ T3199] RAX: ffffffffffffffda RBX: 00007faebedb5fa0 RCX: 00007faebeb8e969
[  236.049530][ T3199] RDX: 0000200000000040 RSI: 0000200000000000 RDI: 0000000000000000
[  236.057506][ T3199] RBP: 00007faebf9cf090 R08: 0000200000000140 R09: 0000000000000000
[  236.065471][ T3199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  236.073462][ T3199] R13: 0000000000000000 R14: 00007faebedb5fa0 R15: 00007fff3002a398
[  236.081555][ T3199]  </TASK>
[  236.115427][ T3203] loop0: detected capacity change from 0 to 1024
[  236.124186][ T3203] EXT4-fs: Ignoring removed bh option
[  236.129729][ T3203] EXT4-fs: Ignoring removed nomblk_io_submit option
[  236.192279][ T3203] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  236.656812][   T39] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  236.853741][   T39] usb 1-1: config 0 has an invalid interface number: 64 but max is 0
[  236.871126][   T39] usb 1-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config
[  237.006654][   T39] usb 1-1: config 0 has no interface number 0
[  237.014400][ T3211] loop2: detected capacity change from 0 to 40427
[  237.035211][ T3211] F2FS-fs (loop2): invalid crc value
[  237.265637][   T39] usb 1-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  237.291747][ T3211] F2FS-fs (loop2): Found nat_bits in checkpoint
[  237.349618][   T39] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  237.462334][ T3211] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  237.478901][   T39] usb 1-1: Product: syz
[  237.485512][ T3229] loop4: detected capacity change from 0 to 1024
[  237.507998][   T39] usb 1-1: Manufacturer: syz
[  237.513984][ T3229] EXT4-fs error (device loop4): __ext4_fill_super:5377: inode #2: comm syz.4.831: casefold flag without casefold feature
[  237.519402][   T39] usb 1-1: SerialNumber: syz
[  237.534961][ T3229] EXT4-fs (loop4): get root inode failed
[  237.541757][ T3229] EXT4-fs (loop4): mount failed
[  237.550526][   T39] usb 1-1: config 0 descriptor??
[  238.632644][ T3236] overlayfs: conflicting lowerdir path
[  238.751710][ T3235] netlink: 4 bytes leftover after parsing attributes in process `syz.4.831'.
[  238.759089][   T28] kauditd_printk_skb: 12 callbacks suppressed
[  238.759114][   T28] audit: type=1400 audit(1748677509.252:638): avc:  denied  { mounton } for  pid=3210 comm="syz.2.827" path="/168/file0/bus" dev="loop2" ino=17 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  239.023272][   T39] hid-generic 0000:0004:0000.000A: unknown main item tag 0x0
[  239.051919][   T39] hid-generic 0000:0004:0000.000A: unknown main item tag 0x0
[  239.163553][  T286] syz-executor: attempt to access beyond end of device
[  239.163553][  T286] loop2: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[  239.171735][   T39] hid-generic 0000:0004:0000.000A: unknown main item tag 0x0
[  239.185238][   T28] audit: type=1400 audit(1748677509.252:639): avc:  denied  { rename } for  pid=3210 comm="syz.2.827" name="#76" dev="loop2" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  239.207739][   T39] hid-generic 0000:0004:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  239.296523][   T28] audit: type=1400 audit(1748677509.262:640): avc:  denied  { unlink } for  pid=3210 comm="syz.2.827" name="#77" dev="loop2" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  239.955719][ T3252] loop1: detected capacity change from 0 to 1024
[  240.027185][ T3252] EXT4-fs error (device loop1): __ext4_fill_super:5377: inode #2: comm syz.1.836: casefold flag without casefold feature
[  240.057252][ T3252] EXT4-fs (loop1): get root inode failed
[  240.070044][ T3252] EXT4-fs (loop1): mount failed
[  240.217738][  T287] usb 1-1: USB disconnect, device number 17
[  240.223652][ T3262] 9pnet_fd: Insufficient options for proto=fd
[  240.234950][  T284] EXT4-fs (loop0): unmounting filesystem.
[  241.602494][ T3275] random: crng reseeded on system resumption
[  241.988482][ T3284] 9pnet_fd: Insufficient options for proto=fd
[  242.967389][ T3290] random: crng reseeded on system resumption
[  243.988432][ T3307] loop2: detected capacity change from 0 to 1024
[  244.008852][ T3309] netlink: 36 bytes leftover after parsing attributes in process `syz.3.851'.
[  244.122565][ T3307] EXT4-fs error (device loop2): __ext4_fill_super:5377: inode #2: comm syz.2.852: casefold flag without casefold feature
[  244.406739][ T3315] netlink: 60 bytes leftover after parsing attributes in process `syz.0.853'.
[  244.627979][ T3307] EXT4-fs (loop2): get root inode failed
[  244.635117][ T3307] EXT4-fs (loop2): mount failed
[  244.695695][   T28] audit: type=1400 audit(1748677515.322:641): avc:  denied  { write } for  pid=3321 comm="syz.0.856" path="socket:[25760]" dev="sockfs" ino=25760 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  245.017182][ T3330] netlink: 4 bytes leftover after parsing attributes in process `syz.2.852'.
[  245.515271][ T3346] netlink: 28 bytes leftover after parsing attributes in process `syz.3.859'.
[  245.524263][ T3346] netlink: 28 bytes leftover after parsing attributes in process `syz.3.859'.
[  245.534788][   T28] audit: type=1400 audit(1748677516.172:642): avc:  denied  { block_suspend } for  pid=3339 comm="syz.3.859" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  245.618233][ T3349] binder: BINDER_SET_CONTEXT_MGR already set
[  245.624459][ T3349] binder: 3347:3349 ioctl 4018620d 200000000040 returned -16
[  245.645801][ T3352] loop4: detected capacity change from 0 to 1024
[  245.658502][ T3354] loop1: detected capacity change from 0 to 256
[  245.677245][ T3354] FAULT_INJECTION: forcing a failure.
[  245.677245][ T3354] name failslab, interval 1, probability 0, space 0, times 0
[  245.697839][ T3352] EXT4-fs: Ignoring removed nobh option
[  245.713368][ T3354] CPU: 1 PID: 3354 Comm: syz.1.864 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  245.723131][ T3354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  245.733219][ T3354] Call Trace:
[  245.736509][ T3354]  <TASK>
[  245.739449][ T3354]  __dump_stack+0x21/0x24
[  245.743089][ T3352] EXT4-fs: Ignoring removed bh option
[  245.743800][ T3354]  dump_stack_lvl+0xee/0x150
[  245.753753][ T3354]  ? __cfi_dump_stack_lvl+0x8/0x8
[  245.758795][ T3354]  ? kasan_set_track+0x60/0x70
[  245.759451][ T3352] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  245.763560][ T3354]  ? kasan_save_free_info+0x31/0x50
[  245.763589][ T3354]  ? ____kasan_slab_free+0x132/0x180
[  245.785331][ T3354]  ? __kasan_slab_free+0x11/0x20
[  245.790288][ T3354]  ? kmem_cache_free+0x12d/0x300
[  245.795237][ T3354]  ? fat_search_long+0x102a/0x1120
[  245.800382][ T3354]  ? vfat_lookup+0x1a8/0x560
[  245.804997][ T3354]  ? path_openat+0xff3/0x2f50
[  245.809707][ T3354]  dump_stack+0x15/0x24
[  245.813980][ T3354]  should_fail_ex+0x3d4/0x520
[  245.818685][ T3354]  __should_failslab+0xac/0xf0
[  245.823462][ T3354]  ? vfat_add_entry+0x1e0/0x2d30
[  245.828433][ T3354]  should_failslab+0x9/0x20
[  245.832953][ T3354]  __kmem_cache_alloc_node+0x3d/0x2c0
[  245.838343][ T3354]  ? vfat_add_entry+0x1e0/0x2d30
[  245.841697][  T303] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  245.843301][ T3354]  kmalloc_trace+0x29/0xb0
[  245.855192][ T3354]  vfat_add_entry+0x1e0/0x2d30
[  245.859991][ T3354]  ? debug_smp_processor_id+0x17/0x20
[  245.865382][ T3354]  ? kasan_quarantine_put+0x34/0x190
[  245.870706][ T3354]  ? kmem_cache_free+0x12d/0x300
[  245.875758][ T3354]  ? vfat_rename2+0x1c10/0x1c10
[  245.880641][ T3354]  ? _raw_spin_lock_irqsave+0xb0/0x110
[  245.886209][ T3354]  ? __cfi__raw_spin_lock_irqsave+0x10/0x10
[  245.892127][ T3354]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[  245.897967][ T3354]  ? __wake_up+0x11b/0x190
[  245.898942][ T3352] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  245.902407][ T3354]  ? __cfi___wake_up+0x10/0x10
[  245.902439][ T3354]  ? __kasan_check_write+0x14/0x20
[  245.902468][ T3354]  ? ktime_get_coarse_real_ts64+0x11b/0x130
[  245.902492][ T3354]  ? current_time+0x197/0x2b0
[  245.931737][ T3354]  ? __kasan_check_write+0x14/0x20
[  245.936882][ T3354]  ? __cfi_current_time+0x10/0x10
[  245.941912][ T3354]  vfat_create+0x12c/0x240
[  245.946329][ T3354]  ? __cfi_vfat_create+0x10/0x10
[  245.951263][ T3354]  ? selinux_inode_create+0x22/0x30
[  245.956465][ T3354]  ? security_inode_create+0xd2/0x120
[  245.961842][ T3354]  ? __cfi_vfat_create+0x10/0x10
[  245.966806][ T3354]  path_openat+0x11e3/0x2f50
[  245.971397][ T3354]  ? do_filp_open+0x3c0/0x3c0
[  245.976068][ T3354]  do_filp_open+0x1c1/0x3c0
[  245.980571][ T3354]  ? __cfi_do_filp_open+0x10/0x10
[  245.985607][ T3354]  ? alloc_fd+0x4e6/0x590
[  245.989965][ T3354]  do_sys_openat2+0x185/0x7e0
[  245.994681][ T3354]  ? __kasan_check_write+0x14/0x20
[  245.999826][ T3354]  ? do_sys_open+0xe0/0xe0
[  246.004242][ T3354]  ? ksys_write+0x1eb/0x240
[  246.008745][ T3354]  ? __cfi_ksys_write+0x10/0x10
[  246.013599][ T3354]  __x64_sys_openat+0x136/0x160
[  246.018455][ T3354]  x64_sys_call+0x783/0x9a0
[  246.022955][ T3354]  do_syscall_64+0x4c/0xa0
[  246.027375][ T3354]  ? clear_bhb_loop+0x15/0x70
[  246.032051][ T3354]  ? clear_bhb_loop+0x15/0x70
[  246.036813][ T3354]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  246.042717][ T3354] RIP: 0033:0x7f117398e969
[  246.047131][ T3354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.066865][ T3354] RSP: 002b:00007f1174714038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  246.075303][ T3354] RAX: ffffffffffffffda RBX: 00007f1173bb5fa0 RCX: 00007f117398e969
[  246.083288][ T3354] RDX: 000000000000275a RSI: 0000200000000400 RDI: ffffffffffffff9c
[  246.091366][ T3354] RBP: 00007f1174714090 R08: 0000000000000000 R09: 0000000000000000
[  246.099335][ T3354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  246.107302][ T3354] R13: 0000000000000000 R14: 00007f1173bb5fa0 R15: 00007fff7b92d858
[  246.115274][ T3354]  </TASK>
[  246.123107][  T303] usb 4-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[  246.124015][  T285] EXT4-fs (loop4): unmounting filesystem.
[  246.169510][  T303] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.186096][  T303] usb 4-1: Product: syz
[  246.190304][  T303] usb 4-1: Manufacturer: syz
[  246.195025][  T303] usb 4-1: SerialNumber: syz
[  246.221219][  T303] r8152-cfgselector 4-1: config 0 descriptor??
[  246.232922][ T3369] capability: warning: `syz.0.868' uses 32-bit capabilities (legacy support in use)
[  246.254904][   T28] audit: type=1400 audit(1748677516.882:643): avc:  denied  { write } for  pid=3372 comm="syz.1.870" name="ppp" dev="devtmpfs" ino=158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  246.293843][ T3374] loop4: detected capacity change from 0 to 1024
[  246.426728][ T3369] loop0: detected capacity change from 0 to 4096
[  246.527162][ T3374] EXT4-fs error (device loop4): __ext4_fill_super:5377: inode #2: comm syz.4.871: casefold flag without casefold feature
[  246.625685][  T303] r8152-cfgselector 4-1: Unknown version 0x0000
[  246.633798][  T303] r8152-cfgselector 4-1: Unknown version 0x6ce0
[  246.640674][ T3374] EXT4-fs (loop4): get root inode failed
[  246.646424][ T3374] EXT4-fs (loop4): mount failed
[  246.890623][ T3381] netlink: 4 bytes leftover after parsing attributes in process `syz.4.871'.
[  246.921767][  T934] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  247.151730][  T934] usb 1-1: Using ep0 maxpacket: 32
[  247.158050][  T934] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  247.177271][  T934] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  247.246402][  T934] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00
[  247.255890][  T934] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.265897][  T934] usb 1-1: config 0 descriptor??
[  247.692302][  T934] koneplus 0003:1E7D:2D51.000B: unknown main item tag 0x0
[  247.699611][  T934] koneplus 0003:1E7D:2D51.000B: unknown main item tag 0x0
[  247.708089][  T934] koneplus 0003:1E7D:2D51.000B: unknown main item tag 0x0
[  247.715346][  T934] koneplus 0003:1E7D:2D51.000B: unknown main item tag 0x0
[  247.716428][ T3396] tipc: Started in network mode
[  247.722811][  T934] koneplus 0003:1E7D:2D51.000B: unknown main item tag 0x0
[  247.727686][ T3396] tipc: Node identity ac14140f, cluster identity 4711
[  247.735994][  T934] koneplus 0003:1E7D:2D51.000B: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.0-1/input0
[  247.742499][ T3396] tipc: New replicast peer: 255.255.255.255
[  247.759100][ T3396] tipc: Enabled bearer <udp:syz2>, priority 10
[  247.936901][ T3403] loop1: detected capacity change from 0 to 2048
[  247.950248][ T3402] SELinux:  Context Ü is not valid (left unmapped).
[  248.080711][ T2777] usb 1-1: USB disconnect, device number 18
[  248.496762][ T3422] netlink: 24 bytes leftover after parsing attributes in process `syz.2.882'.
[  248.937543][  T287] tipc: Node number set to 2886997007
[  248.955183][  T287] r8152-cfgselector 4-1: USB disconnect, device number 8
[  250.575924][ T3436] loop2: detected capacity change from 0 to 512
[  250.596344][ T3439] loop3: detected capacity change from 0 to 256
[  250.624609][ T3439] FAT-fs (loop3): Directory bread(block 64) failed
[  250.641528][ T3439] FAT-fs (loop3): Directory bread(block 65) failed
[  250.648588][ T3439] FAT-fs (loop3): Directory bread(block 66) failed
[  251.096985][ T3439] FAT-fs (loop3): Directory bread(block 67) failed
[  251.219790][ T3436] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  251.396541][ T3439] FAT-fs (loop3): Directory bread(block 68) failed
[  251.808406][ T3436] ext4 filesystem being mounted at /182/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  251.828311][ T3439] FAT-fs (loop3): Directory bread(block 69) failed
[  251.849811][ T3439] FAT-fs (loop3): Directory bread(block 70) failed
[  251.878193][ T3439] FAT-fs (loop3): Directory bread(block 71) failed
[  251.900304][ T3439] FAT-fs (loop3): Directory bread(block 72) failed
[  251.965446][ T3455] xt_ecn: cannot match TCP bits for non-tcp packets
[  251.972180][ T3439] FAT-fs (loop3): Directory bread(block 73) failed
[  252.014358][ T3455] loop4: detected capacity change from 0 to 512
[  252.102763][  T286] EXT4-fs (loop2): unmounting filesystem.
[  252.139545][ T3455] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.893: invalid indirect mapped block 10 (level 1)
[  252.143240][ T3463] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  252.393935][ T3455] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.893: invalid indirect mapped block 8 (level 1)
[  252.492792][ T3455] EXT4-fs (loop4): 1 truncate cleaned up
[  252.498545][ T3455] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  252.548904][  T285] EXT4-fs (loop4): unmounting filesystem.
[  252.555667][   T28] audit: type=1400 audit(1748677523.162:644): avc:  denied  { ioctl } for  pid=3454 comm="syz.4.893" path="/193/file0/cpu.stat" dev="loop4" ino=18 ioctlcmd=0x583b scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  254.177605][ T3475] loop4: detected capacity change from 0 to 16
[  254.531522][ T3487] xt_hashlimit: max too large, truncated to 1048576
[  255.384069][ T3496] netlink: 60 bytes leftover after parsing attributes in process `syz.1.905'.
[  255.449279][ T3501] netlink: 8 bytes leftover after parsing attributes in process `syz.3.897'.
[  255.465424][ T3501] netlink: 24 bytes leftover after parsing attributes in process `syz.3.897'.
[  255.565895][ T3507] xt_CT: No such helper "pptp"
[  257.377194][ T3540] random: crng reseeded on system resumption
[  259.694280][ T3560] netlink: 60 bytes leftover after parsing attributes in process `syz.2.918'.
[  260.698035][ T3568] random: crng reseeded on system resumption
[  261.320462][ T3590] random: crng reseeded on system resumption
[  261.368132][ T3587] loop3: detected capacity change from 0 to 1024
[  261.689164][ T3587] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  261.704379][   T28] audit: type=1400 audit(1748677532.332:645): avc:  denied  { link } for  pid=3573 comm="syz.3.927" name="file0" dev="incremental-fs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  261.728188][ T3587] incfs: Unexpected inode type
[  261.925505][  T283] EXT4-fs (loop3): unmounting filesystem.
[  262.024915][   T28] audit: type=1400 audit(1748677532.332:646): avc:  denied  { link } for  pid=3573 comm="syz.3.927" name="file0" dev="loop3" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  262.454762][   T28] audit: type=1400 audit(1748677533.082:647): avc:  denied  { validate_trans } for  pid=3600 comm="syz.0.932" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  262.981304][ T3626] netlink: 60 bytes leftover after parsing attributes in process `syz.3.935'.
[  263.335198][ T3635] loop0: detected capacity change from 0 to 1024
[  263.448051][ T3635] ext4: Unknown parameter 'fowner>00000000000000000000'
[  264.042872][ T3642] wireguard: wg2: Could not create IPv6 socket
[  264.057406][ T3642] device wg2 entered promiscuous mode
[  264.126664][ T3644] netlink: 28 bytes leftover after parsing attributes in process `syz.4.943'.
[  264.214936][ T3647] loop4: detected capacity change from 0 to 512
[  264.240521][ T3647] EXT4-fs (loop4): orphan cleanup on readonly fs
[  264.248686][ T3647] EXT4-fs error (device loop4): ext4_orphan_get:1426: comm syz.4.943: bad orphan inode 13
[  264.264516][ T3642] fuse: Bad value for 'user_id'
[  264.270860][ T3642] netlink: 36 bytes leftover after parsing attributes in process `syz.1.944'.
[  264.280227][ T3647] ext4_test_bit(bit=12, block=18) = 1
[  264.301823][ T3647] is_bad_inode(inode)=0
[  264.307253][ T3647] NEXT_ORPHAN(inode)=2130706432
[  264.351354][ T3647] max_ino=32
[  264.402058][ T3647] i_nlink=1
[  264.447601][ T3654] loop1: detected capacity change from 0 to 512
[  264.459428][ T3647] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  264.530361][ T3654] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  264.690189][   T28] audit: type=1400 audit(1748677535.312:648): avc:  denied  { execute } for  pid=3643 comm="syz.4.943" name="file2" dev="loop4" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  264.712972][ T2777] usb 1-1: new low-speed USB device number 19 using dummy_hcd
[  264.728791][ T3654] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  264.864520][ T3654] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  264.891689][ T2777] usb 1-1: device descriptor read/64, error -71
[  264.995972][ T3654] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  265.024989][ T3654] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c042e01c, mo2=0000]
[  265.168442][ T3654] EXT4-fs (loop1): orphan cleanup on readonly fs
[  265.188775][ T3654] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.944: bg 0: block 34: padding at end of block bitmap is not set
[  265.211687][ T2777] usb 1-1: device descriptor read/64, error -71
[  265.218737][  T285] EXT4-fs (loop4): unmounting filesystem.
[  265.232153][ T3654] Quota error (device loop1): write_blk: dquota write failed
[  265.243429][ T3654] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  265.321718][ T3654] EXT4-fs error (device loop1): ext4_acquire_dquot:6789: comm syz.1.944: Failed to acquire dquot type 1
[  265.349847][ T3654] EXT4-fs (loop1): 1 truncate cleaned up
[  265.353481][ T3672] loop3: detected capacity change from 0 to 256
[  265.362487][ T3654] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  265.392434][ T3654] syz.1.944 (3654) used greatest stack depth: 20480 bytes left
[  265.436711][ T3674] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  265.475522][ T3663] loop2: detected capacity change from 0 to 40427
[  265.492364][ T2777] usb 1-1: new low-speed USB device number 20 using dummy_hcd
[  265.494049][  T282] EXT4-fs (loop1): unmounting filesystem.
[  265.576780][ T3663] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  265.584885][ T3663] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  265.625228][ T3663] F2FS-fs (loop2): Found nat_bits in checkpoint
[  265.651675][ T2777] usb 1-1: device descriptor read/64, error -71
[  265.677253][ T3663] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  265.684504][ T3663] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  265.704526][ T3687] device vlan2 entered promiscuous mode
[  265.777866][ T3687] device bridge0 entered promiscuous mode
[  265.795376][ T3688] netlink: 60 bytes leftover after parsing attributes in process `syz.4.956'.
[  265.811807][ T3679] netlink: 152 bytes leftover after parsing attributes in process `syz.1.957'.
[  265.827393][ T3690] FAULT_INJECTION: forcing a failure.
[  265.827393][ T3690] name failslab, interval 1, probability 0, space 0, times 0
[  265.840096][ T3690] CPU: 1 PID: 3690 Comm: syz.2.950 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  265.849843][ T3690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  265.859949][ T3690] Call Trace:
[  265.863241][ T3690]  <TASK>
[  265.866190][ T3690]  __dump_stack+0x21/0x24
[  265.870538][ T3690]  dump_stack_lvl+0xee/0x150
[  265.875151][ T3690]  ? __cfi_dump_stack_lvl+0x8/0x8
[  265.880211][ T3690]  dump_stack+0x15/0x24
[  265.884408][ T3690]  should_fail_ex+0x3d4/0x520
[  265.889115][ T3690]  __should_failslab+0xac/0xf0
[  265.893982][ T3690]  ? bpf_prog_alloc_no_stats+0x9a/0x3f0
[  265.899535][ T3690]  should_failslab+0x9/0x20
[  265.904047][ T3690]  __kmem_cache_alloc_node+0x3d/0x2c0
[  265.909422][ T3690]  ? bpf_prog_alloc_no_stats+0x9a/0x3f0
[  265.914972][ T3690]  kmalloc_trace+0x29/0xb0
[  265.919444][ T3690]  bpf_prog_alloc_no_stats+0x9a/0x3f0
[  265.924831][ T3690]  bpf_prog_alloc+0x22/0x1c0
[  265.929433][ T3690]  bpf_prog_load+0x7c6/0x15a0
[  265.934107][ T3690]  ? map_freeze+0x390/0x390
[  265.938618][ T3690]  ? selinux_bpf+0xc7/0xf0
[  265.943041][ T3690]  ? security_bpf+0x93/0xb0
[  265.947576][ T3690]  __sys_bpf+0x504/0x780
[  265.951838][ T3690]  ? bpf_link_show_fdinfo+0x320/0x320
[  265.957227][ T3690]  ? __cfi_ksys_write+0x10/0x10
[  265.962091][ T3690]  ? debug_smp_processor_id+0x17/0x20
[  265.967558][ T3690]  __x64_sys_bpf+0x7c/0x90
[  265.971983][ T3690]  x64_sys_call+0x488/0x9a0
[  265.976577][ T3690]  do_syscall_64+0x4c/0xa0
[  265.980994][ T3690]  ? clear_bhb_loop+0x15/0x70
[  265.985668][ T3690]  ? clear_bhb_loop+0x15/0x70
[  265.990342][ T3690]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  265.996247][ T3690] RIP: 0033:0x7fe12838e969
[  266.000657][ T3690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  266.020265][ T3690] RSP: 002b:00007fe1292c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  266.028699][ T3690] RAX: ffffffffffffffda RBX: 00007fe1285b6080 RCX: 00007fe12838e969
[  266.036677][ T3690] RDX: 0000000000000080 RSI: 0000200000000300 RDI: 0000000000000005
[  266.044650][ T3690] RBP: 00007fe1292c0090 R08: 0000000000000000 R09: 0000000000000000
[  266.052649][ T3690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  266.060629][ T3690] R13: 0000000000000000 R14: 00007fe1285b6080 R15: 00007ffc83102748
[  266.068610][ T3690]  </TASK>
[  266.151656][ T2777] usb 1-1: device descriptor read/64, error -71
[  266.281749][ T2777] usb usb1-port1: attempt power cycle
[  266.341743][  T287] usb 3-1: new full-speed USB device number 15 using dummy_hcd
[  266.533060][  T287] usb 3-1: unable to get BOS descriptor or descriptor too short
[  266.541271][  T287] usb 3-1: not running at top speed; connect to a high speed hub
[  266.551156][  T287] usb 3-1: config 5 interface 0 has no altsetting 0
[  266.560448][  T287] usb 3-1: New USB device found, idVendor=0582, idProduct=0074, bcdDevice=2a.70
[  266.569718][  T287] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  266.578046][  T287] usb 3-1: Product: syz
[  266.583310][  T287] usb 3-1: Manufacturer: syz
[  266.587978][  T287] usb 3-1: SerialNumber: syz
[  266.680138][ T3705] loop4: detected capacity change from 0 to 40427
[  266.689977][ T3705] F2FS-fs (loop4): Unrecognized mount option "background_gc" or missing value
[  266.701656][ T2777] usb 1-1: new low-speed USB device number 21 using dummy_hcd
[  266.734139][ T2777] usb 1-1: device descriptor read/8, error -71
[  266.882783][ T2777] usb 1-1: device descriptor read/8, error -71
[  266.981652][  T450] usb 5-1: new full-speed USB device number 10 using dummy_hcd
[  267.151660][ T2777] usb 1-1: new low-speed USB device number 22 using dummy_hcd
[  267.163112][  T450] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  267.182603][  T450] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  267.199069][  T450] usb 5-1: New USB device found, idVendor=05ac, idProduct=0264, bcdDevice= 0.00
[  267.207698][ T2777] usb 1-1: device descriptor read/8, error -71
[  267.208775][  T450] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.449347][ T3714] random: crng reseeded on system resumption
[  267.844060][  T450] usb 5-1: config 0 descriptor??
[  267.847756][ T2777] usb 1-1: device descriptor read/8, error -71
[  268.078827][  T287] usb 3-1: bad CDC descriptors
[  268.084672][  T287] usb 3-1: USB disconnect, device number 15
[  268.090707][ T3705] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  268.167863][ T3716] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  268.786518][  T450] apple 0003:05AC:0264.000C: item fetching failed at offset 5/7
[  268.798716][  T450] apple 0003:05AC:0264.000C: parse failed
[  268.813094][ T2777] usb usb1-port1: unable to enumerate USB device
[  268.831839][  T450] apple: probe of 0003:05AC:0264.000C failed with error -22
[  268.891484][ T3735] FAULT_INJECTION: forcing a failure.
[  268.891484][ T3735] name failslab, interval 1, probability 0, space 0, times 0
[  268.918844][ T3735] CPU: 0 PID: 3735 Comm: syz.2.965 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  268.928702][ T3735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  268.938782][ T3735] Call Trace:
[  268.942083][ T3735]  <TASK>
[  268.945021][ T3735]  __dump_stack+0x21/0x24
[  268.949371][ T3735]  dump_stack_lvl+0xee/0x150
[  268.953980][ T3735]  ? __cfi_dump_stack_lvl+0x8/0x8
[  268.959026][ T3735]  ? stack_trace_save+0x98/0xe0
[  268.963895][ T3735]  dump_stack+0x15/0x24
[  268.968066][ T3735]  should_fail_ex+0x3d4/0x520
[  268.972844][ T3735]  ? __nf_conntrack_alloc+0xf3/0x3c0
[  268.978151][ T3735]  __should_failslab+0xac/0xf0
[  268.982927][ T3735]  should_failslab+0x9/0x20
[  268.987451][ T3735]  kmem_cache_alloc+0x3b/0x330
[  268.992236][ T3735]  ? x64_sys_call+0xad/0x9a0
[  268.996847][ T3735]  __nf_conntrack_alloc+0xf3/0x3c0
[  269.001979][ T3735]  init_conntrack+0x26a/0xb90
[  269.006750][ T3735]  ? early_drop+0x720/0x720
[  269.011263][ T3735]  ? nf_conntrack_find_get+0x250/0x250
[  269.016736][ T3735]  ? __siphash_unaligned+0x26a/0x3b0
[  269.022044][ T3735]  nf_conntrack_in+0x5ab/0xf50
[  269.026916][ T3735]  ? __cfi_nf_conntrack_in+0x10/0x10
[  269.032223][ T3735]  ? ipt_do_table+0x2ae/0x15d0
[  269.037003][ T3735]  ? __cfi_ipt_do_table+0x10/0x10
[  269.042044][ T3735]  ipv4_conntrack_local+0x12c/0x200
[  269.048305][ T3735]  ? __cfi_ipv4_conntrack_local+0x10/0x10
[  269.054055][ T3735]  nf_hook_slow+0xca/0x210
[  269.058504][ T3735]  __ip_local_out+0x3a1/0x3c0
[  269.063203][ T3735]  ? __cfi___ip_local_out+0x10/0x10
[  269.068428][ T3735]  ? __cfi_dst_output+0x10/0x10
[  269.073305][ T3735]  ip_push_pending_frames+0x8d/0x1a0
[  269.078619][ T3735]  raw_sendmsg+0xdcb/0x12e0
[  269.083140][ T3735]  ? __cfi_raw_sendmsg+0x10/0x10
[  269.088093][ T3735]  ? 0xffffffffa0000950
[  269.092259][ T3735]  ? selinux_socket_sendmsg+0x208/0x2e0
[  269.097840][ T3735]  ? inet_send_prepare+0x60/0x4d0
[  269.102895][ T3735]  inet_sendmsg+0xb6/0xd0
[  269.107247][ T3735]  sock_write_iter+0x2ca/0x3b0
[  269.112003][ T3735]  ? __cfi_sock_write_iter+0x10/0x10
[  269.117288][ T3735]  ? fsnotify_perm+0x67/0x5b0
[  269.121959][ T3735]  ? security_file_permission+0x8a/0xb0
[  269.127501][ T3735]  do_iter_write+0x650/0xb10
[  269.132091][ T3735]  ? _copy_from_user+0x8f/0xc0
[  269.136845][ T3735]  ? vfs_iter_write+0xa0/0xa0
[  269.141517][ T3735]  ? import_iovec+0x7c/0xb0
[  269.146034][ T3735]  vfs_writev+0x30b/0x590
[  269.150353][ T3735]  ? do_writev+0x2b0/0x2b0
[  269.154759][ T3735]  ? vfs_write+0x9d6/0xca0
[  269.159176][ T3735]  ? __fdget_pos+0x1f2/0x380
[  269.163766][ T3735]  ? do_writev+0x76/0x2b0
[  269.168082][ T3735]  do_writev+0x14a/0x2b0
[  269.172310][ T3735]  ? do_readv+0x3e0/0x3e0
[  269.176625][ T3735]  ? debug_smp_processor_id+0x17/0x20
[  269.182077][ T3735]  __x64_sys_writev+0x7d/0x90
[  269.186753][ T3735]  x64_sys_call+0xad/0x9a0
[  269.191157][ T3735]  do_syscall_64+0x4c/0xa0
[  269.195564][ T3735]  ? clear_bhb_loop+0x15/0x70
[  269.200230][ T3735]  ? clear_bhb_loop+0x15/0x70
[  269.204893][ T3735]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  269.210784][ T3735] RIP: 0033:0x7fe12838e969
[  269.215185][ T3735] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.234781][ T3735] RSP: 002b:00007fe1292c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  269.243182][ T3735] RAX: ffffffffffffffda RBX: 00007fe1285b6080 RCX: 00007fe12838e969
[  269.251160][ T3735] RDX: 0000000000000002 RSI: 0000200000000100 RDI: 0000000000000004
[  269.259119][ T3735] RBP: 00007fe1292c0090 R08: 0000000000000000 R09: 0000000000000000
[  269.267078][ T3735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.275038][ T3735] R13: 0000000000000000 R14: 00007fe1285b6080 R15: 00007ffc83102748
[  269.283008][ T3735]  </TASK>
[  269.299620][  T450] usb 5-1: USB disconnect, device number 10
[  270.611400][ T3753] netlink: 96 bytes leftover after parsing attributes in process `syz.1.976'.
[  271.273510][ T3756] random: crng reseeded on system resumption
[  271.302613][  T303] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  271.353028][ T3760] loop0: detected capacity change from 0 to 256
[  271.363940][ T3760] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x89cb6648, utbl_chksum : 0xe619d30d)
[  271.444560][ T3759] loop2: detected capacity change from 0 to 8192
[  271.563701][  T303] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  271.580452][   T28] audit: type=1400 audit(1748677542.202:649): avc:  denied  { ioctl } for  pid=3761 comm="syz.1.980" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=27280 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  271.614636][  T303] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  271.624791][  T303] usb 4-1: New USB device found, idVendor=046d, idProduct=c534, bcdDevice= 0.00
[  271.634922][  T303] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  271.649254][  T303] usb 4-1: config 0 descriptor??
[  272.225812][  T303] logitech-djreceiver 0003:046D:C534.000D: collection stack underflow
[  272.234694][  T303] logitech-djreceiver 0003:046D:C534.000D: item 0 4 0 12 parsing failed
[  272.243534][  T303] logitech-djreceiver 0003:046D:C534.000D: logi_dj_probe: parse failed
[  272.255970][  T303] logitech-djreceiver: probe of 0003:046D:C534.000D failed with error -22
[  272.325879][ T3742] Bluetooth: hci0: received HCILL_GO_TO_SLEEP_ACK in state 2
[  272.334621][ T1997] Bluetooth: hci0: Frame reassembly failed (-84)
[  272.342072][  T287] usb 4-1: USB disconnect, device number 9
[  273.298173][ T3781] random: crng reseeded on system resumption
[  273.823414][ T3793] netlink: 100 bytes leftover after parsing attributes in process `syz.4.989'.
[  274.710107][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[  274.786750][ T3802] random: crng reseeded on system resumption
[  274.862082][ T1830] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  274.911746][   T39] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  275.198478][   T28] audit: type=1400 audit(1748677545.822:650): avc:  denied  { bpf } for  pid=3808 comm="syz.0.995" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  275.238658][ T3810] loop0: detected capacity change from 0 to 1024
[  275.274070][   T28] audit: type=1400 audit(1748677545.852:651): avc:  denied  { prog_load } for  pid=3808 comm="syz.0.995" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  275.371144][   T39] usb 3-1: config 0 has no interfaces?
[  275.382406][   T39] usb 3-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[  275.397355][   T28] audit: type=1400 audit(1748677545.852:652): avc:  denied  { read write } for  pid=285 comm="syz-executor" name="loop4" dev="devtmpfs" ino=122 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  275.401720][   T39] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  275.583522][ T3792] loop1: detected capacity change from 0 to 40427
[  275.619738][   T39] usb 3-1: Product: syz
[  275.625002][   T39] usb 3-1: Manufacturer: syz
[  275.629795][   T39] usb 3-1: SerialNumber: syz
[  275.636008][ T3792] F2FS-fs (loop1): Wrong SSA boundary, start(3584) end(4096) blocks(0)
[  275.715484][   T28] audit: type=1400 audit(1748677545.852:653): avc:  denied  { open } for  pid=285 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=122 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  275.773359][   T39] r8152-cfgselector 3-1: config 0 descriptor??
[  275.780085][ T3792] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  275.799911][ T3792] F2FS-fs (loop1): fault_type options not supported
[  275.813915][ T3792] F2FS-fs (loop1): Image doesn't support compression
[  275.821625][   T28] audit: type=1400 audit(1748677545.852:654): avc:  denied  { ioctl } for  pid=285 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=122 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  275.832182][ T3792] F2FS-fs (loop1): invalid crc value
[  275.862291][ T3792] F2FS-fs (loop1): Found nat_bits in checkpoint
[  275.872582][   T28] audit: type=1400 audit(1748677545.872:655): avc:  denied  { map_create } for  pid=3814 comm="syz.4.996" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  275.904169][   T28] audit: type=1400 audit(1748677545.872:656): avc:  denied  { map_read } for  pid=3814 comm="syz.4.996" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  275.927695][   T28] audit: type=1400 audit(1748677545.872:657): avc:  denied  { perfmon } for  pid=3814 comm="syz.4.996" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  275.927822][ T3792] F2FS-fs (loop1): Start checkpoint disabled!
[  275.954728][   T28] audit: type=1400 audit(1748677545.932:658): avc:  denied  { execmem } for  pid=3816 comm="syz.4.998" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  275.988799][ T3792] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  275.995923][ T3792] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  276.009355][ T3789] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  276.030519][ T3789] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  276.190825][ T3833] loop3: detected capacity change from 0 to 512
[  276.208060][ T3835] netlink: 'syz.0.1001': attribute type 6 has an invalid length.
[  276.221032][   T10] usb 3-1: config 0 descriptor??
[  276.235790][ T3833] EXT4-fs: Ignoring removed mblk_io_submit option
[  276.253025][  T303] usb 3-1: USB disconnect, device number 16
[  276.259023][   T10] usb 3-1: can't set config #0, error -71
[  276.275571][ T3833] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.1000: invalid indirect mapped block 10 (level 1)
[  276.289786][ T3833] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.1000: invalid indirect mapped block 8 (level 1)
[  276.303663][ T3833] EXT4-fs (loop3): 1 truncate cleaned up
[  276.309331][ T3833] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  276.678040][  T283] EXT4-fs (loop3): unmounting filesystem.
[  276.693719][   T28] kauditd_printk_skb: 36 callbacks suppressed
[  276.693736][   T28] audit: type=1400 audit(1748677547.322:695): avc:  denied  { create } for  pid=3841 comm="syz.3.1003" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  276.695766][ T3319] kworker/u4:11: attempt to access beyond end of device
[  276.695766][ T3319] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  276.821674][ T2777] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  276.910275][ T3848] random: crng reseeded on system resumption
[  277.183013][   T28] audit: type=1400 audit(1748677547.532:696): avc:  denied  { write } for  pid=3841 comm="syz.3.1003" name="snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  277.207831][ T3846] cgroup: fork rejected by pids controller in /syz2
[  277.222765][   T28] audit: type=1400 audit(1748677547.532:697): avc:  denied  { open } for  pid=3841 comm="syz.3.1003" path="/dev/snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  277.235542][ T3851] serio: Serial port ptm0
[  277.251464][   T28] audit: type=1400 audit(1748677547.852:698): avc:  denied  { unmount } for  pid=285 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  277.314379][ T2777] usb 1-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[  277.321274][ T3956] loop4: detected capacity change from 0 to 1024
[  277.323571][   T28] audit: type=1400 audit(1748677547.942:699): avc:  denied  { module_request } for  pid=3954 comm="syz.4.1007" kmod="netdev-syzkaller0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  277.353119][ T2777] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  277.362413][ T2777] usb 1-1: Product: syz
[  277.368383][ T3956] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  277.376920][ T2777] usb 1-1: Manufacturer: syz
[  277.387115][ T2777] usb 1-1: SerialNumber: syz
[  277.395425][   T28] audit: type=1400 audit(1748677548.022:700): avc:  denied  { read } for  pid=3954 comm="syz.4.1007" name="file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  277.397748][ T2777] r8152-cfgselector 1-1: config 0 descriptor??
[  277.424857][   T28] audit: type=1400 audit(1748677548.052:701): avc:  denied  { map } for  pid=3954 comm="syz.4.1007" path="socket:[27435]" dev="sockfs" ino=27435 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  277.450867][   T28] audit: type=1400 audit(1748677548.052:702): avc:  denied  { read } for  pid=3954 comm="syz.4.1007" path="socket:[27435]" dev="sockfs" ino=27435 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  277.476378][   T28] audit: type=1400 audit(1748677548.052:703): avc:  denied  { read } for  pid=3954 comm="syz.4.1007" dev="nsfs" ino=4026532554 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  277.498085][   T28] audit: type=1400 audit(1748677548.052:704): avc:  denied  { open } for  pid=3954 comm="syz.4.1007" path="net:[4026532554]" dev="nsfs" ino=4026532554 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  277.551488][  T285] EXT4-fs (loop4): unmounting filesystem.
[  277.714331][ T2777] r8152-cfgselector 1-1: Unknown version 0x0000
[  277.723103][ T3968] loop1: detected capacity change from 0 to 512
[  277.730906][ T3968] EXT4-fs: Ignoring removed mblk_io_submit option
[  277.737749][ T3968] EXT4-fs: Ignoring removed bh option
[  277.744018][ T3968] EXT4-fs: Invalid want_extra_isize 15
[  278.082993][ T2777] r8152-cfgselector 1-1: Unknown version 0x0000
[  278.090964][ T2777] r8152-cfgselector 1-1: USB disconnect, device number 23
[  278.111125][ T3966] bridge0: port 1(bridge_slave_0) entered blocking state
[  278.118246][ T3966] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.126022][ T3966] device bridge_slave_0 entered promiscuous mode
[  278.133220][ T3966] bridge0: port 2(bridge_slave_1) entered blocking state
[  278.140401][ T3966] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.150515][ T3966] device bridge_slave_1 entered promiscuous mode
[  278.406658][ T2925] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  278.416363][ T2925] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  278.495447][ T1997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  278.505129][ T1997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  278.522850][ T3980] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  278.526219][ T1997] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  278.541353][ T1997] bridge0: port 1(bridge_slave_0) entered blocking state
[  278.548451][ T1997] bridge0: port 1(bridge_slave_0) entered forwarding state
[  278.629140][ T1997] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  278.818896][ T1997] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  278.840613][ T1997] bridge0: port 2(bridge_slave_1) entered blocking state
[  278.847903][ T1997] bridge0: port 2(bridge_slave_1) entered forwarding state
[  278.855586][ T1997] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  278.863902][ T1997] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  278.878517][ T3966] device veth0_vlan entered promiscuous mode
[  278.894766][ T3966] device veth1_macvtap entered promiscuous mode
[  278.976871][ T1997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  278.987382][ T1997] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  278.996381][ T1997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  278.999893][ T3987] loop0: detected capacity change from 0 to 512
[  279.005269][ T1997] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  279.018582][ T1997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  279.019837][ T3987] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  279.232601][ T3987] EXT4-fs (loop0): 1 truncate cleaned up
[  279.242153][ T3987] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  279.377971][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  279.396059][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  279.405356][ T3238] tipc: Left network mode
[  279.410813][ T3987] SELinux:  policydb magic number 0x6572666b does not match expected magic number 0xf97cff8c
[  279.421259][ T3987] SELinux: failed to load policy
[  279.501484][  T284] EXT4-fs (loop0): unmounting filesystem.
[  280.146202][ T1651] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  280.202819][ T3238] device bridge_slave_1 left promiscuous mode
[  280.209233][ T3238] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.219817][ T3238] device bridge_slave_0 left promiscuous mode
[  280.227602][ T3238] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.246152][ T3238] device veth1_macvtap left promiscuous mode
[  280.253178][ T3238] device veth0_vlan left promiscuous mode
[  280.560338][ T4021] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  280.640116][ T1651] usb 2-1: Using ep0 maxpacket: 32
[  280.648819][ T1651] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[  280.657138][ T1651] usb 2-1: config 0 has no interface number 0
[  280.666771][ T1651] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  280.675869][ T1651] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  280.684389][ T1651] usb 2-1: Product: syz
[  280.688606][ T1651] usb 2-1: Manufacturer: syz
[  280.693688][ T1651] usb 2-1: SerialNumber: syz
[  281.050669][ T1651] usb 2-1: config 0 descriptor??
[  281.068776][ T1651] smsc95xx v2.0.0
[  282.188921][   T28] kauditd_printk_skb: 28 callbacks suppressed
[  282.188938][   T28] audit: type=1400 audit(1748677552.812:733): avc:  denied  { write } for  pid=4039 comm="syz.4.1030" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  282.216681][   T28] audit: type=1400 audit(1748677552.812:734): avc:  denied  { setattr } for  pid=4039 comm="syz.4.1030" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  282.239762][   T28] audit: type=1400 audit(1748677552.872:735): avc:  denied  { unmount } for  pid=285 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  282.301995][  T303] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  282.314294][ T4042] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1031'.
[  282.327084][   T28] audit: type=1400 audit(1748677552.952:736): avc:  denied  { read write } for  pid=4043 comm="syz.2.1032" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  282.342946][ T4042] FAULT_INJECTION: forcing a failure.
[  282.342946][ T4042] name failslab, interval 1, probability 0, space 0, times 0
[  282.362914][ T4042] CPU: 1 PID: 4042 Comm: syz.4.1031 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  282.372743][ T4042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  282.374731][   T28] audit: type=1400 audit(1748677552.962:737): avc:  denied  { ioctl open } for  pid=4043 comm="syz.2.1032" path="/dev/kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  282.382981][ T4042] Call Trace:
[  282.382989][ T4042]  <TASK>
[  282.382997][ T4042]  __dump_stack+0x21/0x24
[  282.383030][ T4042]  dump_stack_lvl+0xee/0x150
[  282.407846][ T4047] fuse: Bad value for 'fd'
[  282.409860][ T4042]  ? __cfi_dump_stack_lvl+0x8/0x8
[  282.418494][   T28] audit: type=1400 audit(1748677552.962:738): avc:  denied  { watch } for  pid=4045 comm="syz.0.1033" path="/208/file0" dev="incremental-fs" ino=1236 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  282.421700][ T4042]  dump_stack+0x15/0x24
[  282.426197][   T28] audit: type=1400 audit(1748677552.962:739): avc:  denied  { read } for  pid=4045 comm="syz.0.1033" name=".pending_reads" dev="incremental-fs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  282.431225][ T4042]  should_fail_ex+0x3d4/0x520
[  282.431256][ T4042]  __should_failslab+0xac/0xf0
[  282.455990][   T28] audit: type=1400 audit(1748677552.962:740): avc:  denied  { open } for  pid=4045 comm="syz.0.1033" path="/208/file0/.pending_reads" dev="incremental-fs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  282.459066][ T4042]  ? cls_bpf_init+0x51/0x150
[  282.520884][ T4042]  should_failslab+0x9/0x20
[  282.525427][ T4042]  __kmem_cache_alloc_node+0x3d/0x2c0
[  282.530836][ T4042]  ? tcf_proto_create+0x66/0x310
[  282.535804][ T4042]  ? cls_bpf_init+0x51/0x150
[  282.540421][ T4042]  kmalloc_trace+0x29/0xb0
[  282.544890][ T4042]  cls_bpf_init+0x51/0x150
[  282.549323][ T4042]  tcf_proto_create+0x213/0x310
[  282.554197][ T4042]  tc_new_tfilter+0xe0e/0x1900
[  282.558987][ T4042]  ? __cfi_tc_new_tfilter+0x10/0x10
[  282.564210][ T4042]  ? security_capable+0x99/0xc0
[  282.569087][ T4042]  ? ns_capable+0x8c/0xf0
[  282.571652][  T303] usb 4-1: Using ep0 maxpacket: 32
[  282.573428][ T4042]  ? netlink_net_capable+0x125/0x160
[  282.579708][  T303] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  282.583817][ T4042]  ? __cfi_tc_new_tfilter+0x10/0x10
[  282.583854][ T4042]  rtnetlink_rcv_msg+0x973/0xcf0
[  282.583876][ T4042]  ? 0xffffffffa0002610
[  282.595693][  T303] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  282.599893][ T4042]  ? __cfi_rtnetlink_rcv_msg+0x10/0x10
[  282.605161][  T303] usb 4-1: config 0 interface 0 has no altsetting 0
[  282.608969][ T4042]  ? __kernel_text_address+0xd/0x30
[  282.609002][ T4042]  ? unwind_get_return_address+0x4d/0x90
[  282.630582][  T303] usb 4-1: New USB device found, idVendor=056a, idProduct=00d0, bcdDevice= 0.00
[  282.630719][ T4042]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  282.636169][  T303] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.641545][ T4042]  ? memcpy+0x56/0x70
[  282.655898][  T303] usb 4-1: config 0 descriptor??
[  282.656749][ T4042]  ? avc_has_perm_noaudit+0x2f4/0x460
[  282.678990][ T4042]  ? __cfi_avc_has_perm_noaudit+0x10/0x10
[  282.684814][ T4042]  ? slab_post_alloc_hook+0x4f/0x2d0
[  282.690103][ T4042]  ? avc_has_perm+0x158/0x240
[  282.694780][ T4042]  ? ____sys_sendmsg+0x5a9/0x990
[  282.699720][ T4042]  ? ___sys_sendmsg+0x21c/0x290
[  282.704578][ T4042]  ? __cfi_avc_has_perm+0x10/0x10
[  282.709616][ T4042]  ? selinux_nlmsg_lookup+0x416/0x4c0
[  282.714998][ T4042]  netlink_rcv_skb+0x1f2/0x440
[  282.719777][ T4042]  ? __cfi_rtnetlink_rcv_msg+0x10/0x10
[  282.725231][ T4042]  ? __cfi_netlink_rcv_skb+0x10/0x10
[  282.730520][ T4042]  ? __netlink_lookup+0x387/0x3b0
[  282.735551][ T4042]  rtnetlink_rcv+0x1c/0x20
[  282.739968][ T4042]  netlink_unicast+0x8b1/0xa30
[  282.744747][ T4042]  netlink_sendmsg+0x8aa/0xbc0
[  282.749514][ T4042]  ? __cfi_netlink_sendmsg+0x10/0x10
[  282.754811][ T4042]  ? security_socket_sendmsg+0x93/0xb0
[  282.760294][ T4042]  ? __cfi_netlink_sendmsg+0x10/0x10
[  282.765593][ T4042]  ____sys_sendmsg+0x5a9/0x990
[  282.770371][ T4042]  ? __sys_sendmsg_sock+0x40/0x40
[  282.775410][ T4042]  ? import_iovec+0x7c/0xb0
[  282.779931][ T4042]  ___sys_sendmsg+0x21c/0x290
[  282.784624][ T4042]  ? __sys_sendmsg+0x270/0x270
[  282.789409][ T4042]  ? __kasan_check_write+0x14/0x20
[  282.794526][ T4042]  ? proc_fail_nth_write+0x17a/0x1f0
[  282.799827][ T4042]  ? vfs_write+0x9d6/0xca0
[  282.804255][ T4042]  ? __fdget+0x19c/0x220
[  282.808677][ T4042]  __x64_sys_sendmsg+0x1f0/0x2c0
[  282.813620][ T4042]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[  282.819091][ T4042]  ? fpregs_assert_state_consistent+0xb1/0xe0
[  282.825161][ T4042]  x64_sys_call+0x171/0x9a0
[  282.829690][ T4042]  do_syscall_64+0x4c/0xa0
[  282.834111][ T4042]  ? clear_bhb_loop+0x15/0x70
[  282.838792][ T4042]  ? clear_bhb_loop+0x15/0x70
[  282.843468][ T4042]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  282.849368][ T4042] RIP: 0033:0x7f3634f8e969
[  282.853779][ T4042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  282.873385][ T4042] RSP: 002b:00007f3635e12038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  282.881798][ T4042] RAX: ffffffffffffffda RBX: 00007f36351b5fa0 RCX: 00007f3634f8e969
[  282.889861][ T4042] RDX: 0000000020004804 RSI: 0000200000000000 RDI: 0000000000000004
[  282.897831][ T4042] RBP: 00007f3635e12090 R08: 0000000000000000 R09: 0000000000000000
[  282.905806][ T4042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  282.913784][ T4042] R13: 0000000000000000 R14: 00007f36351b5fa0 R15: 00007fff1357b488
[  282.921772][ T4042]  </TASK>
[  282.926613][  T940] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  282.934555][ T1651] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  282.951766][ T1651] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  283.026330][   T28] audit: type=1400 audit(1748677553.652:741): avc:  denied  { execute } for  pid=4057 comm="syz.4.1035" path="/223/bus" dev="tmpfs" ino=1297 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  283.075734][ T4060] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  283.131279][  T303] wacom 0003:056A:00D0.000E: Unknown device_type for 'HID 056a:00d0'. Assuming pen.
[  283.141731][  T303] wacom 0003:056A:00D0.000E: hidraw0: USB HID v0.00 Device [HID 056a:00d0] on usb-dummy_hcd.3-1/input0
[  283.154296][  T940] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  283.167064][  T303] input: Wacom Bamboo 2FG Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:056A:00D0.000E/input/input12
[  283.179232][  T940] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  283.188770][  T940] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  283.189479][   T28] audit: type=1400 audit(1748677553.812:742): avc:  denied  { read } for  pid=87 comm="acpid" name="event3" dev="devtmpfs" ino=1199 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  283.204453][  T940] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  283.233278][  T940] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.241310][  T940] usb 3-1: Product: syz
[  283.245731][  T940] usb 3-1: Manufacturer: syz
[  283.250381][  T940] usb 3-1: SerialNumber: syz
[  283.262110][  T940] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found
[  283.268949][  T940] cdc_ncm 3-1:1.0: bind() failure
[  283.347586][ T4033] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  283.363111][ T4033] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  283.371876][ T1651] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  283.382869][ T1651] smsc95xx: probe of 2-1:0.67 failed with error -71
[  283.394341][ T1651] usb 2-1: USB disconnect, device number 16
[  283.402844][  T303] usb 4-1: USB disconnect, device number 10
[  283.458574][  T940] usb 3-1: USB disconnect, device number 17
[  283.808843][ T4067] loop0: detected capacity change from 0 to 512
[  283.815509][ T4067] ext4: Unknown parameter 'nouser_xattr'
[  284.101004][ T4088] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  284.508391][ T4090] 9pnet: Could not find request transport: ft
[  284.731728][ T4100] bridge0: port 3(gretap0) entered blocking state
[  284.745396][ T4100] bridge0: port 3(gretap0) entered disabled state
[  284.758918][ T4100] device gretap0 entered promiscuous mode
[  284.771799][ T4100] bridge0: port 3(gretap0) entered blocking state
[  284.778270][ T4100] bridge0: port 3(gretap0) entered forwarding state
[  285.005090][ T4104] loop0: detected capacity change from 0 to 40427
[  285.012415][ T4104] F2FS-fs (loop0): fault_injection options not supported
[  285.061954][ T2769] I/O error, dev loop0, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  286.456288][ T4116] loop4: detected capacity change from 0 to 512
[  287.630726][ T4116] EXT4-fs (loop4): 1 orphan inode deleted
[  287.632325][ T4120] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1055'.
[  287.637263][ T4116] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  287.645574][ T4120] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1055'.
[  287.645596][ T4120] tc_dump_action: action bad kind
[  287.646821][ T4120] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  287.655226][   T10] __quota_error: 16 callbacks suppressed
[  287.655244][   T10] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  287.699463][ T4116] ext4 filesystem being mounted at /230/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  287.717953][   T10] EXT4-fs error (device loop4): ext4_release_dquot:6825: comm kworker/u4:1: Failed to release dquot type 1
[  287.829605][ T4126] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  287.902808][  T285] EXT4-fs (loop4): unmounting filesystem.
[  287.970551][ T4132] FAULT_INJECTION: forcing a failure.
[  287.970551][ T4132] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  287.983776][ T4132] CPU: 1 PID: 4132 Comm: syz.3.1057 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  287.993606][ T4132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  288.003668][ T4132] Call Trace:
[  288.006950][ T4132]  <TASK>
[  288.009881][ T4132]  __dump_stack+0x21/0x24
[  288.014231][ T4132]  dump_stack_lvl+0xee/0x150
[  288.018834][ T4132]  ? __cfi_dump_stack_lvl+0x8/0x8
[  288.023872][ T4132]  ? preempt_schedule_irq+0xbb/0x110
[  288.029174][ T4132]  ? __cfi_preempt_schedule_irq+0x10/0x10
[  288.034908][ T4132]  dump_stack+0x15/0x24
[  288.039087][ T4132]  should_fail_ex+0x3d4/0x520
[  288.043776][ T4132]  should_fail+0xb/0x10
[  288.047941][ T4132]  should_fail_usercopy+0x1a/0x20
[  288.052984][ T4132]  _copy_to_user+0x1e/0x90
[  288.057409][ T4132]  simple_read_from_buffer+0xe9/0x160
[  288.062805][ T4132]  proc_fail_nth_read+0x19a/0x210
[  288.067849][ T4132]  ? __cfi_proc_fail_nth_read+0x10/0x10
[  288.073408][ T4132]  ? security_file_permission+0x94/0xb0
[  288.078965][ T4132]  ? __cfi_proc_fail_nth_read+0x10/0x10
[  288.084530][ T4132]  vfs_read+0x26e/0x8c0
[  288.088718][ T4132]  ? __cfi_vfs_read+0x10/0x10
[  288.093413][ T4132]  ? __kasan_check_write+0x14/0x20
[  288.098544][ T4132]  ? mutex_lock+0x8d/0x1a0
[  288.102982][ T4132]  ? __cfi_mutex_lock+0x10/0x10
[  288.107854][ T4132]  ? __fdget_pos+0x2cd/0x380
[  288.112460][ T4132]  ? ksys_read+0x71/0x240
[  288.116805][ T4132]  ksys_read+0x140/0x240
[  288.121065][ T4132]  ? __cfi_ksys_read+0x10/0x10
[  288.125849][ T4132]  ? fpregs_restore_userregs+0x128/0x260
[  288.131495][ T4132]  __x64_sys_read+0x7b/0x90
[  288.136021][ T4132]  x64_sys_call+0x2f/0x9a0
[  288.140460][ T4132]  do_syscall_64+0x4c/0xa0
[  288.144891][ T4132]  ? clear_bhb_loop+0x15/0x70
[  288.149580][ T4132]  ? clear_bhb_loop+0x15/0x70
[  288.154270][ T4132]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  288.160202][ T4132] RIP: 0033:0x7f0593d8d37c
[  288.164628][ T4132] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  288.184247][ T4132] RSP: 002b:00007f0594c1c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  288.192687][ T4132] RAX: ffffffffffffffda RBX: 00007f0593fb6160 RCX: 00007f0593d8d37c
[  288.200679][ T4132] RDX: 000000000000000f RSI: 00007f0594c1c0a0 RDI: 0000000000000008
[  288.208668][ T4132] RBP: 00007f0594c1c090 R08: 0000000000000000 R09: 0000000000000000
[  288.216670][ T4132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  288.224664][ T4132] R13: 0000000000000000 R14: 00007f0593fb6160 R15: 00007ffefa4068c8
[  288.232660][ T4132]  </TASK>
[  288.366467][   T28] audit: type=1326 audit(1748677558.992:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4144 comm="syz.2.1064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc70438e969 code=0x7ffc0000
[  288.412741][ T4145] serio: Serial port ptm0
[  288.418537][   T28] audit: type=1326 audit(1748677559.012:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4144 comm="syz.2.1064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc70438e969 code=0x7ffc0000
[  288.703227][   T28] audit: type=1326 audit(1748677559.012:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4144 comm="syz.2.1064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=306 compat=0 ip=0x7fc70438e969 code=0x7ffc0000
[  288.742533][   T28] audit: type=1326 audit(1748677559.012:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4144 comm="syz.2.1064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc70438e969 code=0x7ffc0000
[  288.773661][   T28] audit: type=1326 audit(1748677559.012:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4144 comm="syz.2.1064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc70438e969 code=0x7ffc0000
[  288.797093][   T28] audit: type=1326 audit(1748677559.022:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4144 comm="syz.2.1064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc70438e969 code=0x7ffc0000
[  288.820740][   T28] audit: type=1326 audit(1748677559.022:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4144 comm="syz.2.1064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc70438e969 code=0x7ffc0000
[  288.844528][   T28] audit: type=1326 audit(1748677559.022:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4144 comm="syz.2.1064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc70438e969 code=0x7ffc0000
[  288.870802][   T28] audit: type=1326 audit(1748677559.022:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4144 comm="syz.2.1064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc70438e969 code=0x7ffc0000
[  288.895613][ T4156] loop2: detected capacity change from 0 to 128
[  288.906935][ T4156] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  288.916161][ T4156] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  289.481749][ T4166] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  289.879672][ T4177] loop4: detected capacity change from 0 to 512
[  289.891273][ T4177] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  289.923405][ T4177] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  289.932588][ T4177] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.1074: invalid indirect mapped block 2683928664 (level 1)
[  289.947669][ T4177] EXT4-fs (loop4): Remounting filesystem read-only
[  289.954430][ T4177] EXT4-fs (loop4): 1 truncate cleaned up
[  289.960124][ T4177] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  290.140676][ T3966] EXT4-fs (loop2): unmounting filesystem.
[  290.144128][  T934] usb 4-1: new full-speed USB device number 11 using dummy_hcd
[  290.246746][ T4184] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2195: inode #15: comm syz.4.1074: corrupted in-inode xattr
[  290.260403][ T4184] EXT4-fs (loop4): Remounting filesystem read-only
[  290.269738][ T4184] EXT4-fs error (device loop4): ext4_find_dest_de:2115: inode #2: block 13: comm syz.4.1074: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0
[  290.290406][ T4184] EXT4-fs (loop4): Remounting filesystem read-only
[  290.299754][ T4184] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2195: inode #15: comm syz.4.1074: corrupted in-inode xattr
[  290.360158][ T4185] random: crng reseeded on system resumption
[  290.642649][ T4184] EXT4-fs (loop4): Remounting filesystem read-only
[  290.834194][  T285] EXT4-fs (loop4): unmounting filesystem.
[  290.889713][ T4191] loop2: detected capacity change from 0 to 128
[  290.972674][  T934] usb 4-1: unable to get BOS descriptor or descriptor too short
[  290.989592][  T934] usb 4-1: not running at top speed; connect to a high speed hub
[  291.035378][ T4201] loop0: detected capacity change from 0 to 512
[  291.043402][ T4201] EXT4-fs: Ignoring removed nobh option
[  291.077574][  T934] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  291.083313][ T4201] EXT4-fs error (device loop0): ext4_acquire_dquot:6789: comm syz.0.1082: Failed to acquire dquot type 0
[  291.097297][  T934] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  291.107770][ T4201] EXT4-fs (loop0): Remounting filesystem read-only
[  291.107957][  T934] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  291.121756][ T4201] EXT4-fs error (device loop0): ext4_acquire_dquot:6789: comm syz.0.1082: Failed to acquire dquot type 0
[  291.124205][  T934] usb 4-1: config 1 interface 0 altsetting 0 has an invalid endpoint descriptor of length 2, skipping
[  291.145907][  T934] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  291.178671][  T934] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  291.219807][  T934] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  291.248322][  T934] usb 4-1: Product: syz
[  291.255143][ T4201] EXT4-fs (loop0): Remounting filesystem read-only
[  291.275294][ T4208] random: crng reseeded on system resumption
[  291.431043][ T4201] EXT4-fs error (device loop0): ext4_acquire_dquot:6789: comm syz.0.1082: Failed to acquire dquot type 0
[  291.448073][ T4206] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1079'.
[  291.466900][  T934] usb 4-1: Manufacturer: syz
[  291.476933][  T934] usb 4-1: SerialNumber: syz
[  291.497998][ T4201] EXT4-fs (loop0): Remounting filesystem read-only
[  291.525382][ T4201] EXT4-fs (loop0): 1 orphan inode deleted
[  291.531758][ T4201] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  291.539467][ T4210] loop2: detected capacity change from 0 to 2048
[  291.545956][ T4201] ext4 filesystem being mounted at /218/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  291.547866][ T4210] EXT4-fs: Ignoring removed nomblk_io_submit option
[  291.659309][ T4210] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  291.679037][ T4210] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz.2.1083: bg 0: block 2: invalid block bitmap
[  291.695292][ T4210] EXT4-fs (loop2): Remounting filesystem read-only
[  291.702571][  T934] usb 4-1: 0:2 : does not exist
[  291.743029][  T934] usb 4-1: USB disconnect, device number 11
[  291.817287][ T4210] xt_hashlimit: size too large, truncated to 1048576
[  292.160104][  T284] EXT4-fs (loop0): unmounting filesystem.
[  292.166252][ T4217] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  292.262181][ T2769] udevd[2769]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  292.305915][ T4224] xt_hashlimit: size too large, truncated to 1048576
[  292.319305][ T4223] loop4: detected capacity change from 0 to 1024
[  293.689995][ T4243] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1090'.
[  293.964816][ T4245] random: crng reseeded on system resumption
[  294.761870][ T4253] loop3: detected capacity change from 0 to 512
[  294.789235][ T3966] EXT4-fs (loop2): unmounting filesystem.
[  294.867656][ T4259] random: crng reseeded on system resumption
[  295.265350][ T4262] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  295.278766][ T4253] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  295.347774][ T4253] ext4 filesystem being mounted at /191/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  295.491670][  T940] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  295.608519][ T4271] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1098'.
[  295.682929][  T940] usb 1-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  295.704989][  T940] usb 1-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  295.733798][  T940] usb 1-1: config 0 interface 0 has no altsetting 0
[  295.733835][  T940] usb 1-1: New USB device found, idVendor=0419, idProduct=0001, bcdDevice= 0.00
[  295.733861][  T940] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.744974][  T940] usb 1-1: config 0 descriptor??
[  295.848925][ T4275] loop1: detected capacity change from 0 to 512
[  295.877905][ T4275] EXT4-fs: Ignoring removed mblk_io_submit option
[  295.892688][ T4275] EXT4-fs: Ignoring removed bh option
[  295.898662][ T4275] EXT4-fs: Mount option(s) incompatible with ext3
[  295.981476][ T4275] netlink: 'syz.1.1101': attribute type 27 has an invalid length.
[  296.008711][  T283] EXT4-fs (loop3): unmounting filesystem.
[  296.072631][ T4275] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.079805][ T4275] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.162792][ T4275] device wg2 left promiscuous mode
[  296.323850][ T4275] device ip6gre1 left promiscuous mode
[  296.353877][  T940] usbhid 1-1:0.0: can't add hid device: -71
[  296.359856][  T940] usbhid: probe of 1-1:0.0 failed with error -71
[  296.380286][  T940] usb 1-1: USB disconnect, device number 24
[  296.386735][ T4275] device vlan2 left promiscuous mode
[  296.457323][ T4275] device bridge0 left promiscuous mode
[  296.677108][ T4289] loop4: detected capacity change from 0 to 256
[  296.683970][   T28] kauditd_printk_skb: 27 callbacks suppressed
[  296.683985][   T28] audit: type=1400 audit(1748677567.312:789): avc:  denied  { remount } for  pid=4288 comm="syz.4.1105" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  297.045876][ T4295] loop0: detected capacity change from 0 to 512
[  297.066268][ T4295] EXT4-fs: Ignoring removed oldalloc option
[  297.076840][ T4293] loop2: detected capacity change from 0 to 8192
[  297.089869][ T4295] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802c02c, mo2=0002]
[  297.102969][ T4295] System zones: 1-12
[  297.108275][ T4295] EXT4-fs error (device loop0): ext4_xattr_inode_iget:400: comm syz.0.1108: Parent and EA inode have the same ino 15
[  297.110960][ T4293] FAT-fs (loop2): error, clusters badly computed (2 != 1)
[  297.122309][ T4295] EXT4-fs (loop0): Remounting filesystem read-only
[  297.134636][ T4295] EXT4-fs error (device loop0): ext4_xattr_inode_iget:400: comm syz.0.1108: Parent and EA inode have the same ino 15
[  297.151861][ T4295] EXT4-fs (loop0): Remounting filesystem read-only
[  297.163118][ T4293] FAT-fs (loop2): Filesystem has been set read-only
[  297.175454][ T4295] EXT4-fs (loop0): 1 orphan inode deleted
[  297.185548][ T4295] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  297.193310][ T4298] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  297.299291][   T28] audit: type=1400 audit(1748677567.922:790): avc:  denied  { add_name } for  pid=4294 comm="syz.0.1108" name=".pending_reads" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  297.321764][   T28] audit: type=1400 audit(1748677567.922:791): avc:  denied  { associate } for  pid=4294 comm="syz.0.1108" name=".pending_reads" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  297.347122][   T28] audit: type=1400 audit(1748677567.922:792): avc:  denied  { append } for  pid=4294 comm="syz.0.1108" name=".pending_reads" dev="incremental-fs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  297.371174][   T28] audit: type=1400 audit(1748677567.922:793): avc:  denied  { ioctl } for  pid=4294 comm="syz.0.1108" path="/223/file0/file0/.pending_reads" dev="incremental-fs" ino=2 ioctlcmd=0x671e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  297.398289][   T28] audit: type=1400 audit(1748677567.922:794): avc:  denied  { write } for  pid=4294 comm="syz.0.1108" name=".index" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  297.592844][ T4309] random: crng reseeded on system resumption
[  297.870649][   T28] audit: type=1400 audit(1748677567.922:795): avc:  denied  { add_name } for  pid=4294 comm="syz.0.1108" name="00000000000000000000000000000000" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  297.893505][   T28] audit: type=1400 audit(1748677567.922:796): avc:  denied  { setattr } for  pid=4294 comm="syz.0.1108" name="00000000000000000000000000000000" dev="loop0" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  297.917913][   T28] audit: type=1400 audit(1748677567.922:797): avc:  denied  { link } for  pid=4294 comm="syz.0.1108" name="00000000000000000000000000000000" dev="loop0" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  297.942257][   T28] audit: type=1400 audit(1748677567.922:798): avc:  denied  { write } for  pid=4294 comm="syz.0.1108" name="00000000000000000000000000000000" dev="incremental-fs" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  298.011719][ T1259] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  298.117392][ T4320] netlink: 'syz.1.1114': attribute type 12 has an invalid length.
[  298.212740][ T1259] usb 1-1: config 0 has an invalid interface number: 8 but max is 0
[  298.224050][ T1259] usb 1-1: config 0 has no interface number 0
[  298.237523][ T4327] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1116'.
[  298.246791][ T1259] usb 1-1: New USB device found, idVendor=1de1, idProduct=c102, bcdDevice=7d.08
[  298.266623][ T1259] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  298.288948][ T1259] usb 1-1: Product: syz
[  298.301621][ T1259] usb 1-1: Manufacturer: syz
[  298.306238][ T1259] usb 1-1: SerialNumber: syz
[  298.321747][ T1259] usb 1-1: config 0 descriptor??
[  298.327702][ T1259] usb-storage 1-1:0.8: USB Mass Storage device detected
[  298.354597][ T1259] usb-storage 1-1:0.8: device ignored
[  298.545119][  T287] usb 1-1: USB disconnect, device number 25
[  298.636031][ T4332] FAULT_INJECTION: forcing a failure.
[  298.636031][ T4332] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  298.649169][ T4332] CPU: 0 PID: 4332 Comm: syz.1.1120 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  298.658988][ T4332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  298.669035][ T4332] Call Trace:
[  298.672307][ T4332]  <TASK>
[  298.675235][ T4332]  __dump_stack+0x21/0x24
[  298.679577][ T4332]  dump_stack_lvl+0xee/0x150
[  298.684184][ T4332]  ? __cfi_dump_stack_lvl+0x8/0x8
[  298.689207][ T4332]  ? __kmalloc_node+0xb2/0x1e0
[  298.693980][ T4332]  dump_stack+0x15/0x24
[  298.698150][ T4332]  should_fail_ex+0x3d4/0x520
[  298.702837][ T4332]  should_fail+0xb/0x10
[  298.707266][ T4332]  should_fail_usercopy+0x1a/0x20
[  298.712312][ T4332]  _copy_from_user+0x1e/0xc0
[  298.716925][ T4332]  map_update_elem+0x440/0x660
[  298.721719][ T4332]  __sys_bpf+0x448/0x780
[  298.723887][ T4334] netlink: 'syz.3.1121': attribute type 3 has an invalid length.
[  298.725994][ T4332]  ? bpf_link_show_fdinfo+0x320/0x320
[  298.726037][ T4332]  ? __cfi_ksys_write+0x10/0x10
[  298.743941][ T4332]  ? debug_smp_processor_id+0x17/0x20
[  298.749317][ T4332]  __x64_sys_bpf+0x7c/0x90
[  298.753739][ T4332]  x64_sys_call+0x488/0x9a0
[  298.758241][ T4332]  do_syscall_64+0x4c/0xa0
[  298.762657][ T4332]  ? clear_bhb_loop+0x15/0x70
[  298.767325][ T4332]  ? clear_bhb_loop+0x15/0x70
[  298.771995][ T4332]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  298.777964][ T4332] RIP: 0033:0x7f117398e969
[  298.782388][ T4332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  298.802028][ T4332] RSP: 002b:00007f1174714038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  298.810453][ T4332] RAX: ffffffffffffffda RBX: 00007f1173bb5fa0 RCX: 00007f117398e969
[  298.818443][ T4332] RDX: 0000000000000020 RSI: 0000200000000940 RDI: 0000000000000002
[  298.826407][ T4332] RBP: 00007f1174714090 R08: 0000000000000000 R09: 0000000000000000
[  298.834422][ T4332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  298.842420][ T4332] R13: 0000000000000000 R14: 00007f1173bb5fa0 R15: 00007fff7b92d858
[  298.850401][ T4332]  </TASK>
[  298.884178][ T4338] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  298.984514][ T4345] overlayfs: unrecognized mount option "mask=^MAY_WRITE" or missing value
[  299.020224][ T4343] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1126'.
[  299.498434][ T4355] FAULT_INJECTION: forcing a failure.
[  299.498434][ T4355] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  299.511714][ T4355] CPU: 0 PID: 4355 Comm: syz.3.1128 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  299.521529][ T4355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  299.531599][ T4355] Call Trace:
[  299.534897][ T4355]  <TASK>
[  299.537831][ T4355]  __dump_stack+0x21/0x24
[  299.542182][ T4355]  dump_stack_lvl+0xee/0x150
[  299.546785][ T4355]  ? __cfi_dump_stack_lvl+0x8/0x8
[  299.551824][ T4355]  ? kasan_set_track+0x60/0x70
[  299.556598][ T4355]  ? kasan_save_alloc_info+0x25/0x30
[  299.561898][ T4355]  ? __kasan_slab_alloc+0x72/0x80
[  299.566936][ T4355]  ? slab_post_alloc_hook+0x4f/0x2d0
[  299.572233][ T4355]  dump_stack+0x15/0x24
[  299.576404][ T4355]  should_fail_ex+0x3d4/0x520
[  299.581094][ T4355]  should_fail_alloc_page+0x61/0x90
[  299.586304][ T4355]  prepare_alloc_pages+0x148/0x5f0
[  299.591436][ T4355]  ? __alloc_pages_bulk+0x9c0/0x9c0
[  299.596648][ T4355]  __alloc_pages+0x115/0x3a0
[  299.601250][ T4355]  ? __cfi___alloc_pages+0x10/0x10
[  299.606381][ T4355]  ? __kasan_check_write+0x14/0x20
[  299.611514][ T4355]  ? lockref_get+0x123/0x1b0
[  299.616109][ T4355]  ? __kasan_check_write+0x14/0x20
[  299.621233][ T4355]  __get_free_pages+0xe/0x30
[  299.625835][ T4355]  selinux_genfs_get_sid+0x59/0x250
[  299.631048][ T4355]  inode_doinit_with_dentry+0x86e/0xd70
[  299.636607][ T4355]  ? ktime_get_coarse_real_ts64+0x11b/0x130
[  299.642509][ T4355]  ? sb_finish_set_opts+0x9d0/0x9d0
[  299.647719][ T4355]  ? __cfi_current_time+0x10/0x10
[  299.652755][ T4355]  selinux_d_instantiate+0x27/0x40
[  299.657879][ T4355]  security_d_instantiate+0xb3/0x110
[  299.663182][ T4355]  d_splice_alias+0x6d/0x390
[  299.667784][ T4355]  proc_sys_lookup+0x517/0x610
[  299.672566][ T4355]  __lookup_slow+0x2c7/0x3f0
[  299.677174][ T4355]  ? lookup_one_len+0x2d0/0x2d0
[  299.682063][ T4355]  ? down_read+0xa0/0xf0
[  299.686339][ T4355]  ? __cfi_down_read+0x10/0x10
[  299.691201][ T4355]  lookup_slow+0x57/0x70
[  299.695475][ T4355]  link_path_walk+0x936/0xe50
[  299.700175][ T4355]  ? handle_lookup_down+0x130/0x130
[  299.705393][ T4355]  path_openat+0x285/0x2f50
[  299.709906][ T4355]  ? kasan_set_track+0x4b/0x70
[  299.714677][ T4355]  ? getname_flags+0xb9/0x500
[  299.719372][ T4355]  ? getname+0x19/0x20
[  299.723453][ T4355]  ? do_sys_openat2+0xcb/0x7e0
[  299.728227][ T4355]  ? x64_sys_call+0x783/0x9a0
[  299.732918][ T4355]  ? do_syscall_64+0x4c/0xa0
[  299.737532][ T4355]  ? do_filp_open+0x3c0/0x3c0
[  299.742221][ T4355]  do_filp_open+0x1c1/0x3c0
[  299.746735][ T4355]  ? __cfi_do_filp_open+0x10/0x10
[  299.751769][ T4355]  ? alloc_fd+0x4e6/0x590
[  299.756116][ T4355]  do_sys_openat2+0x185/0x7e0
[  299.760805][ T4355]  ? __kasan_check_write+0x14/0x20
[  299.765928][ T4355]  ? do_sys_open+0xe0/0xe0
[  299.770351][ T4355]  ? ksys_write+0x1eb/0x240
[  299.774871][ T4355]  ? __cfi_ksys_write+0x10/0x10
[  299.779739][ T4355]  __x64_sys_openat+0x136/0x160
[  299.784620][ T4355]  x64_sys_call+0x783/0x9a0
[  299.789139][ T4355]  do_syscall_64+0x4c/0xa0
[  299.793574][ T4355]  ? clear_bhb_loop+0x15/0x70
[  299.798263][ T4355]  ? clear_bhb_loop+0x15/0x70
[  299.802964][ T4355]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  299.808881][ T4355] RIP: 0033:0x7f0593d8e969
[  299.813306][ T4355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  299.832930][ T4355] RSP: 002b:00007f0594c1c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  299.841367][ T4355] RAX: ffffffffffffffda RBX: 00007f0593fb6160 RCX: 00007f0593d8e969
[  299.849357][ T4355] RDX: 0000000000000001 RSI: 00002000000001c0 RDI: ffffffffffffff9c
[  299.857346][ T4355] RBP: 00007f0594c1c090 R08: 0000000000000000 R09: 0000000000000000
[  299.865330][ T4355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  299.873320][ T4355] R13: 0000000000000000 R14: 00007f0593fb6160 R15: 00007ffefa4068c8
[  299.881316][ T4355]  </TASK>
[  299.886672][ T4353] random: crng reseeded on system resumption
[  300.523254][  T284] EXT4-fs error (device loop0): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  300.580528][  T284] EXT4-fs (loop0): Remounting filesystem read-only
[  300.628944][ T4363] random: crng reseeded on system resumption
[  300.664038][ T4367] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  300.711486][  T284] ------------[ cut here ]------------
[  300.717142][  T284] kernel BUG at fs/namei.c:2954!
[  300.725517][  T284] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  300.731617][  T284] CPU: 1 PID: 284 Comm: syz-executor Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  300.741521][  T284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  300.752028][  T284] RIP: 0010:may_delete+0x701/0x710
[  300.757154][  T284] Code: ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 84 fe ff ff 48 89 df e8 30 19 f4 ff e9 77 fe ff ff e8 c6 c0 af ff 0f 0b e8 bf c0 af ff <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 55 48 89 e5 41 56 53
[  300.776758][  T284] RSP: 0018:ffffc90000d87c20 EFLAGS: 00010293
[  300.782826][  T284] RAX: ffffffff81c03051 RBX: ffff8881005f4660 RCX: ffff888109810000
[  300.790796][  T284] RDX: 0000000000000000 RSI: 0000000000200000 RDI: 0000000000000000
[  300.798759][  T284] RBP: ffffc90000d87c88 R08: 0000000000000004 R09: 0000000000000003
[  300.806731][  T284] R10: fffff520001b0f64 R11: 1ffff920001b0f64 R12: dffffc0000000000
[  300.814783][  T284] R13: 0000000000000001 R14: ffff88813314b8b0 R15: 1ffff110200be8cc
[  300.822753][  T284] FS:  000055559139f500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  300.831937][  T284] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  300.838522][  T284] CR2: 00007fff13579f68 CR3: 000000012fb82000 CR4: 00000000003506a0
[  300.846688][  T284] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  300.854747][  T284] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  300.862761][  T284] Call Trace:
[  300.866043][  T284]  <TASK>
[  300.868979][  T284]  vfs_rmdir+0x32/0x500
[  300.873165][  T284]  incfs_kill_sb+0x105/0x220
[  300.877758][  T284]  deactivate_locked_super+0xb5/0x120
[  300.883129][  T284]  deactivate_super+0xaf/0xe0
[  300.887812][  T284]  cleanup_mnt+0x45f/0x4e0
[  300.892247][  T284]  __cleanup_mnt+0x19/0x20
[  300.896682][  T284]  task_work_run+0x1db/0x240
[  300.901285][  T284]  ? __cfi_task_work_run+0x10/0x10
[  300.906542][  T284]  ? __x64_sys_umount+0x125/0x160
[  300.911745][  T284]  ? __cfi___x64_sys_umount+0x10/0x10
[  300.917123][  T284]  exit_to_user_mode_loop+0x9b/0xb0
[  300.922402][  T284]  exit_to_user_mode_prepare+0x5a/0xa0
[  300.927856][  T284]  syscall_exit_to_user_mode+0x1a/0x30
[  300.933312][  T284]  do_syscall_64+0x58/0xa0
[  300.937731][  T284]  ? clear_bhb_loop+0x15/0x70
[  300.942403][  T284]  ? clear_bhb_loop+0x15/0x70
[  300.947082][  T284]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  300.952980][  T284] RIP: 0033:0x7faebeb8fc97
[  300.957388][  T284] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  300.976987][  T284] RSP: 002b:00007fff30028538 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  300.985394][  T284] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007faebeb8fc97
[  300.993366][  T284] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff300285f0
[  301.001350][  T284] RBP: 00007fff300285f0 R08: 0000000000000000 R09: 0000000000000000
[  301.009324][  T284] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff300296e0
[  301.017297][  T284] R13: 00007faebec1089d R14: 00000000000495b0 R15: 00007fff3002a7b0
[  301.025282][  T284]  </TASK>
[  301.028315][  T284] Modules linked in:
[  301.038463][  T284] ---[ end trace 0000000000000000 ]---
[  301.057548][  T284] RIP: 0010:may_delete+0x701/0x710
[  301.068018][  T284] Code: ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 84 fe ff ff 48 89 df e8 30 19 f4 ff e9 77 fe ff ff e8 c6 c0 af ff 0f 0b e8 bf c0 af ff <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 55 48 89 e5 41 56 53
[  301.110920][  T284] RSP: 0018:ffffc90000d87c20 EFLAGS: 00010293
[  301.123261][  T284] RAX: ffffffff81c03051 RBX: ffff8881005f4660 RCX: ffff888109810000
[  301.137346][  T284] RDX: 0000000000000000 RSI: 0000000000200000 RDI: 0000000000000000
[  301.146741][  T284] RBP: ffffc90000d87c88 R08: 0000000000000004 R09: 0000000000000003
[  301.154933][  T284] R10: fffff520001b0f64 R11: 1ffff920001b0f64 R12: dffffc0000000000
[  301.163471][  T284] R13: 0000000000000001 R14: ffff88813314b8b0 R15: 1ffff110200be8cc
[  301.171540][  T284] FS:  000055559139f500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  301.180898][  T284] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  301.187820][  T284] CR2: 00007fff13579f68 CR3: 000000012fb82000 CR4: 00000000003506b0
[  301.196064][  T284] Kernel panic - not syncing: Fatal exception
[  301.202421][  T284] Kernel Offset: disabled
[  301.206739][  T284] Rebooting in 86400 seconds..