last executing test programs:

13.281390652s ago: executing program 1 (id=699):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYRES16=0x0, @ANYRES32=0x0], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x1c, 0xc, &(0x7f0000002040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%-010d \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x26, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = syz_io_uring_setup(0x952, &(0x7f0000000240)={0x0, 0x0, 0x2000}, &(0x7f0000000140)=<r3=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x40, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r4 = eventfd2(0x0, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD(r2, 0x4, &(0x7f0000000000)=r4, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
readv(r4, &(0x7f00000005c0)=[{&(0x7f0000000340)=""/134, 0x86}], 0x1)
io_uring_enter(r2, 0x47fa, 0x0, 0x0, 0x0, 0xff0b)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc00000000000000", @ANYRES32, @ANYBLOB="00000000000000a84400"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000400"/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f00000004c0)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x76, 0x0, 0x0, 0x41000, 0x24, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000000)=0xf)
ioctl$TCFLSH(r5, 0x400455c8, 0x40000000004)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000180)=0x33)

9.975268907s ago: executing program 4 (id=711):
syz_open_dev$usbfs(&(0x7f0000000080), 0x76, 0x40702)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x143042, 0x0)
sendfile(r0, r0, 0x0, 0x7a680003)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000640), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x74ed00, 0x0, 0x0, 0x40f00, 0x13, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x80000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeea, 0x11, r0, 0xece7f000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r3, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x0, 0x0, @loopback={0xffffff91}}, 0x1c)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
r4 = socket$netlink(0x10, 0x3, 0x8000000004)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x100080, 0x0)
dup(0xffffffffffffffff)
writev(r4, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b4560a117fffffff81000e220e227f000001925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1)
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r5, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b4560a117fffffff81000e220e227f000001925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1)
r6 = openat(r5, &(0x7f0000000500)='.\x00', 0x840, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r6, 0xc020660b, &(0x7f0000000040)={0x1000000, 0x10000002000003, 0x0, 0x0, 0x300})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000002e00)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg(r7, &(0x7f0000004440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000003400)=ANY=[@ANYBLOB="08040000000000000100000001000000b55e038a5043ce716c74e29ae4f3ca22988daf7d5017cb80f5ed153f2f00a3650e2352cf97cfc54eb708b5119f6018826972e1b429cc7318482af501c7f515c0be9ff471d9c0ca1584395745fcef641dd643f22eb10e41494963912e8966ca7260ecf6bb46cf95c3875147163e646f87c8553882fc9f1990a6937b5b7109c415bab335f05fc48c431adf0ecc7b9fd544ca90741d41872ced1655138022c37a43fbd2fd92a44993d49c8cd180691ae27b5e31d22c4c57b3fba933d1a0e6336e59694a082c5a9f1770cd49baa3e657413642500f04d77f21a7ac72687c61095da37de8a58a2312d281777ff933b7eb26f21511049ac294c9326f3aeaebb0a44b288afb8db6df9dd782d6661bdb17c7f4008cd7523d8b940b3ee80adbddb1c2938ee28c338e29a1038af7542c83019c496c91131fe9bcbb0318d08c80f757da66a07070a9b5441557edee674cf1eb911750496f3e442db94ce2a3e3e01d6bfcb070491ca985ddf6393c5ad7baedd7a294e3880653fb02814e1fb9f1c58cad0a7404723c18ff186c5580ec8e86273cfb8517d459957dad460b816c9ef644e93d39c7b61e19e875607091131ecda892d65e2dc34d068722ddb03fe3cc952460eb6d45031b947961a3a79a40b70a267a9886c08a54c2a73f4726db305b2b2c24a1b6d1a93fb8636a28bc55a8ab5db1fddc02f52ec6194ed0604bed0be22f468aee2475765fd34d1b337772603eec39e6e0e320a00994c30b6e5eb5e7b72290f957c0f1aee55f59f37e3b282db3b6ac9071359cb3b16d76db43340ac8e521778c3dff1b2df0a52571aa8ab215f306913be45b02ebe7ccae4cfa8f88fb2ab857867ec410361e48fef999f99ca9772f2a6f16e9ed7a07a207dbd5eacbc7d005286e0364edc58cdd7654f042cc8c859eabe2904d1d52bc43b7c9ca6e3e785b8fbbc3e4f2334d5a108aeabbb604698d0113cc23de1b91297e06de31a73f26d7a61fefa814c29d4a165bc0a5d94f59747228a0bc5d760918d548af52036b2783d1ea3447132696cf1f521b5d89ae071e718140a5c4794bed3b8a61fdcc05e97d47ea837d451cd8aa254b20fdada3a0078c63182bd458e3d0c81d55488e1689d10c36f38ac73b61d74be5d31045ded78e6394f875b8ca4e526248fe7da24efaae2b36a5c42920c3a6c77e7a7505c8d4fb555c6278eda466557ba0b3288a288998c96dac16fb22f7ec73a4018a8523933913c333642f86a3c400d53288c39ba0336f8356f2188637e798b626c492a6cee0a192a8665b3f5466fd4e1f09345824797405f7d37cdf34a205b2f50df7278a5bff739be050eee4bea42c346f99ac3ea6e7d8ceb9fb80b075b18459da33298e469097e47c561e36a2bd5274c0bd46a5da6001aec7f958fb21ed2f00000000000000"], 0x408}, 0x4048004)

9.974897986s ago: executing program 4 (id=712):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x9031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
rename(&(0x7f0000000400)='./bus\x00', 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r4}, 0x18)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x400, &(0x7f0000000180)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54da0e13047e9f62fbb85ccc774b3ec4c81a1a985232d16d0d934460e920a59172e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9ae"], 0xfd, 0x274, &(0x7f0000000500)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
r5 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r5, 0x89f3, &(0x7f0000000040)={'syztnl2\x00', &(0x7f0000000240)={'ip6tnl0\x00', 0x0, 0x29, 0x2, 0x0, 0x6d, 0x8, @private1={0xfc, 0x1, '\x00', 0x1}, @empty, 0x80, 0x20, 0x100, 0xffffffff}})
r6 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x58, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x2}, @IFLA_XFRM_LINK={0x8, 0x1, 0x4}]}}}, @IFLA_IFNAME={0x14, 0x3, 'xfrm0\x00'}]}, 0x58}}, 0x4048010)
rename(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000140)='./file1\x00')
write$uinput_user_dev(r0, &(0x7f00000000c0)={'syz0\x00', {0x9, 0x2, 0x4, 0x8}, 0x52, [0x9, 0x5, 0x6a5, 0xb, 0x9, 0x1000, 0x4, 0x4, 0x7, 0x2, 0xfffffffd, 0x9, 0x6, 0x8, 0x10000, 0x401, 0x800, 0x88000000, 0xefd5, 0x0, 0x1, 0x922, 0x7, 0xd5a, 0x8, 0x5, 0x1, 0x400d, 0x7, 0x9, 0x9, 0xfffffff7, 0x6, 0x9, 0xfffffc00, 0x0, 0x7585, 0x4, 0x2, 0x7, 0x3, 0x1, 0x6, 0xd, 0xe, 0x5eb2, 0xc, 0x7, 0x9, 0xffff, 0x1, 0x7, 0x8000, 0x1, 0x6, 0x7f, 0x1, 0x0, 0x9, 0x9, 0x6, 0x9, 0xb, 0x3], [0x2, 0x1, 0x9d5d, 0x58, 0x94, 0x0, 0x1, 0x8001, 0x7f, 0x5, 0xffffffc0, 0xfd0, 0x5, 0x1, 0x0, 0x2, 0x332, 0xfffff87a, 0x4, 0x9, 0x5, 0x76fd, 0x8, 0x1, 0xe2, 0x9, 0x7, 0x9, 0x4, 0x62e, 0x2, 0x4, 0x7fffffff, 0xdd09, 0xfffff1d7, 0xa0c, 0x5b1f, 0x4, 0x7, 0x7, 0xe79, 0x6, 0x2, 0x7, 0x81, 0xad3, 0x6, 0xbb, 0x9, 0x9, 0x5, 0x7, 0x4, 0x9, 0x3, 0x5, 0x4, 0x5, 0xf3f, 0x9, 0x800, 0x1b8b, 0x40, 0x6], [0x3, 0x6, 0xa, 0x7, 0x8, 0x4, 0x2, 0xd, 0x0, 0x6, 0x3, 0xf7f, 0x8, 0x4, 0x7f, 0x4, 0x9, 0x0, 0xffffff72, 0x0, 0x7fff, 0x1, 0x4, 0xb, 0x319, 0xffff, 0x4, 0x0, 0xa8, 0x8, 0x200, 0x3, 0x8, 0xb3, 0x9, 0x200, 0x9, 0x0, 0xa800, 0x2, 0xfffffff9, 0x0, 0x6, 0x2, 0x5, 0x2, 0x4f05, 0x2, 0xfffffffe, 0x401, 0x5, 0x6, 0x1, 0x7, 0x2, 0x0, 0xcd86, 0x6, 0x7fff, 0x7, 0x8, 0x1, 0xe, 0xff], [0x8, 0x7, 0x4, 0x3, 0x0, 0x3, 0x81, 0x6, 0x0, 0xb, 0x0, 0xfff, 0x1, 0x10, 0x8, 0x6, 0x3, 0x0, 0x3723, 0x81, 0xffffffff, 0xfff, 0xa9f, 0xc, 0x4, 0x2, 0x2, 0x7, 0x1, 0xc, 0x3, 0x0, 0x2, 0x4, 0x0, 0x8, 0xe2, 0x3, 0x3, 0x7, 0xffffffff, 0x4169, 0x0, 0x5, 0x80000000, 0x1, 0x9, 0xfffffffe, 0x3, 0x5, 0xfffffbff, 0x93b267d2, 0x400, 0x7, 0x800, 0xfffffff9, 0xfffffff9, 0x8, 0x1, 0x80000000, 0x4, 0x4, 0x7, 0x6]}, 0x45c)

8.833477289s ago: executing program 3 (id=714):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x32, 0x0, &(0x7f0000000400)=[@increfs], 0xfffffcb0, 0x0, 0x0})
r4 = dup3(r3, r2, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000640)={0x54, 0x0, &(0x7f00000005c0)=[@increfs, @release={0x40046306, 0x2}, @transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x58, 0x18, &(0x7f00000004c0)={@fda={0x66646185, 0x1, 0x1, 0x38}, @flat=@weak_handle={0x77682a85, 0xa, 0x2}, @fda={0x66646185, 0x0, 0x0, 0x16}}, &(0x7f00000001c0)={0x0, 0x20, 0x38}}}], 0x33, 0x0, &(0x7f0000000300)="1109b4903366fa114567e4694f79d43d6b58ecc3d52e9e5796e7382ec7f2f2c78677a49aed3ae74020be2fdc44795b355e3093"})
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r7, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r7, &(0x7f00000021c0)={0x2020, 0x0, <r8=>0x0}, 0x2020)
write$FUSE_INIT(r7, &(0x7f0000000040)={0x50, 0x0, r8, {0x7, 0x1f, 0x4, 0x10400, 0x6, 0x0, 0x0, 0xc981, 0x0, 0x0, 0x0, 0x6}}, 0x50)
syz_fuse_handle_req(r7, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r7, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ccc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6b3f0000f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784753f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a748cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d9f95e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x8000}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r9 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
syz_fuse_handle_req(r7, &(0x7f0000006380)="c66dd220cbdeb68f27c1f98bf43fd861bcf841572658a3308737983b31a434673f1003eeeb6d9b934bcd19cf754f4882114d61e15354449f763f772e86c9e2252731f7a098faad2accca3e470845b32918bcf530f9474d3cd610d9028cb7b247d3a73d887719f70554d8976c10784c8073e521a80b5ebe7501d6c3b6b5cf9a498a1e97b8201ac756e5f35d71bdd4d196e73cae0cc34c7140cde8380de823e8c76662f0844f549818b5ef6c732b8f412b79273508b69f2e6a653709b4d9bded080b6c15ca5c5b8ff23309e05d460dfb40403f60a3e5a0e1d4e1aa59d53823a047427673267e79d40fdd6f12ef696fe22887d24087373f64987e48ba20e7f47d1f08871e0c22a02593156648fc106c4529d8cf17c71d473f4ad43992b1cdbf5cfaaf1ce401d5ad8b9c6bdc3c60a88a91c52f5aae74a5d25e0cd738fd80169a98b84d4d24a7e86c9d8e4c3e3ff1a9fc44a87558aeb7acbfec13a26a4b121b2cb9ae628c682aa4c44311c45a673bab25880665d6cdf589e5c5415794c4fd6b940e7a44df93a34a684183581c850fbe97ef8c1de852ea836e0db1a104b498d6dd8fdf65c606e772de2e9dfe46a418fac3c0bdd72916c951e3df04f2ae85839305be2a86aebcf4898b6e49c27df6033ad2b8651279ceb20c779716240d3d0fef3bb6c417a8c6f75398a91942d8ab11f21f5795767650a96e246c7244f8e4935e9c01349616a098ae810487d657fd095beee05a36812f39f4266f25f4508e80f19a4aec7116f1d8bc48bc2c1f0f96ff34b66a965d428852766b78f1e7eb0260bbb355cc0859af6988ff7efa0b3fede3d5f2f2147ffae4a5eb58a7585b596270334c360a1547787a95634e13d59bf53f51f48e75a6a3e48f8348f4cb495d9699dfdf8cc71668c5b9622578100f7163394cb3171fc8a6c1e7f88f08b8c3cf4b0cd9a1bc16bd1488ebe43199d97cdf4bbcde8a06a79c5af6ff2ebf1a04add74830cfac0b946514b18de249e934dd8a1a96fce085320fa857c853480170208533acd3d41c4384a932eeccd4ce7d09827efae4c0d19d00c5b48943c4d877017be59434dae6bef767fb9ffd073c2261b06c0f23a0c77a5bcb1f5738dceb6abee00bd7c649f6ebc64b4b8b948319a22ed4add48eedda8a2cd1bad6799e1d9ed778e5ce22d5fead0cd06806cb4b7b5661f9db6bcf9ddcdc9e49e0e6a8ec98fc42c660d5d75311fb9c9d06074611ebbdbea45672dd78760ed92d0e95c1d5ae234d674dc3ffaeef3d928aa4b93c0fe55fa886bd3f2371a5bb22c4dd6b8bc13250490cf279d4e56b646dec4eaa53951d55f602c1f4081d49316f6bcb35aad0453b44c7f266e99838683404859bc372d1df5f1512f35558b3706b32093b72a78a40c8a188852a0b5aca11a34ba23195cb598ca595f243c260392cd793b65dda856f81be1b54d873a0366407ac26687262d6bda693e058f598bde80e304c83dd0c2fd0e634ff15e1ca4e2918bfa8e3a626aee7b5e445aa7fae096595fe58032c993eb06ce49c1045b1f132f2c90d6e23b76076838ad7ed7a6a74245d7ad72b38bdc04e458d3908d1d272f23fe18f68ad746e5440cfbcc3b7ad477dccd6fb2db536df0e4d24480d2765e724ca06cbde7e01cd32e36681796a454c801adc1b25b501cc4aaae778f3783dad15d12e656b09bb3d8f37efc86cc7faea5e51913902faed79ae5973f4413e275f78e7e66099f9e41bd73a07445a780dde0b189308e3b83d1a3cf5aef2d3e11fcad930eb6c60ebb899b22cdbd539412b2371d28a4331394d8f29d8b16f94ffd91d4eb5c278e7f6b4024fcc7af9dfde1b3c915b06dae683760fad05d6638c6389fdd19a9b12956c11e9b9ea7d30e09b13d9f681e012f1e41746341a61b71ac6c333b29883ca2cd1aaa3c02e66c85de1e3b2b7e77b0dd1469ab9db5c17beb2d33862db20fd77de685a1e70ba55b0d9cf4b2d3d1196196b5317324e5f189605baa37493c9586b7e475865b4bb21b335e8b291b9dea17f6afc1cd84618b189567817511de821a866a00b62c62516b716cf55dcf7f5b7d7520306fe03f00cc61b7dc297886459d74bedb8ac1d05cc506db74d018c877da735481c318224fd06f349b59f69b0d2d017c817e5a1f934d263789d418eb69c772d923b01a6a4a6afbba4a6980fbf7cddd84f8e4392eaccb98cdd30488919ea6d492d32f9ca4233649117474f4116f6ca4cb762d524c0f92bbb40d3f430dbd50dba20adda8b4170a73c3b66257c412311a7bd3ea3ecca0da47a7a00ef0a464ee0a4b2402b61db833f3cfe1847b9630de47f331d575f6e3c6fb44a9021700c6d8055ea982a05a5ba6a91a41e7445fdba7ac09202fee733a5c216b3c3090991225b98178508d1985832f8e7dae58482ec0fa2215c935bd0ef9f03c0ed3caf97bf4de023605aa8535f1e88e841471bd8842084c6715a3fd3acd07ec9c43f635e5f868d82cdc6f9424ed978d39e72cc92535c2637164f15e9a67770389535ba46cbf786189562908872274ba126b313bd1c0780e9d0ca38956d1277b58f04eaa1f97ed8c6c83d9c05df0df8b43da930707a84662e480a33d1868edc9ff65368d51fda828ad29ecbd3b2cc0ddb0aad251b4736f872ba5f066617a9e9675ed7f80685544af44c677b9d39a1a353984ea4ccbf36d759b490f8dcd5621e573baaa2c03ef367f543ca5d36d1c9d33d4762bb0b1e02ec67d3511582d69b06a57d15f5260fab5ed8d9361948eabf88d9e776a18c5c4f2d42bb46373861b613db9a91ccff8fbd563ddb37f0738fa1723c23c85cac0f9eb53a41d115fe0339eed3167f59b2f2f0739cf9c0ba5769b18a213d5809bccadecee6e781811bf584c22a6557516d12bd58420f5c67c673fdf0888ab31edcee3198927b5b87a63f89f7a07d1da8cb946f0a87e7d3bb455c888f394d17694378446c9073e54368564dc546b6c930ae17afcc8360cb2e31d87ad8923f60033aa637a399707398ffa51645ab1d9963c29375c834746004ac16d24d8f006e9674e45da3d938de524857c57fd39b22678f39096309527ed22c41677a65a67dc0998a8babc9cb688a56628d09a732773d9019d92399415e93852a12d66ccbfa571837b7689c7cc50026ed643a89c8f1bdef6d01016e6e1c21bb779db52c2254f5dae40ff173943ba62ce343ec035d93d5c92c64884d654777cf6995dd0c485c7c132db383769ae1f35f1980654d2b47e92b1862f653eeb81ada4eed6c9d0fe9da3d7db5dfb4d66b2d576676beddc4394ade2acf55f9ec24aee7c4c77138e799f62deb19367ce226a66715da515479b176c9ca06c739566d279142ce2163b8835c840a3de6e2d275b5d5a948b26ec8faa6cf322c5038fc00fb0a27f0b76b5e305780c9145e99feadf571bf8d87dc93ea0f8ff3bc246b16d4e43256507abc7ccc92e113a037ab13855058ba1e0770b90f52e0740c157d68963b3d236f681454589385c6124bddf948c5aa2e147a3543c301dc6d82acb504f76239c890b7d3d76dbd7c26445ab6fe66f9f71d95f4f0d6c51533ce4b05353ef27178f6b6813366189ff4cc19cc5c9f7aca4d6b6f3b5b213e828cbf8b8b5cacb42ade1fa2594cc4ccd3457a45a5b19926f17b9061c9072fdce96afbd3f2bbecc6dfbdf9d9b3e1a621e65a7cdf0a97cb0223b220b39a88b7414ce91e5fb52f3c9c7e10199ffc8fad826d40a798ecaebbd8881c1605f986bb0af06f416280f63f3a3c28d399d13c21e6d79501cbbfcc9483a73a931e91358807fbebefd39b466cb9f251fa4fc7d5f4fd2d87d4604c9750593d3a801b963085ad7aaa91e023977742b728d292b046d0bd49f81717a686f10096e154681b85aeb81a26fa8f46bf3dfdf5dc7c7ca37aa3da37e53a105be5935640baff476453f53ffcf786894eac35d1933a5e97fb9b6d975f9fbe7914d09dc948d305005eb4aba3a9b8cdefb30dbb3300f46041db06567956ba4327280721addb17425a2b223e81bc41467cb413cebbe16818468eeb5b24b6cd79ec4787f693f3c301e5dd10747bea13bf042d6fde42d18c48fec0e3e43454799da1d5501130fc98917fed27d696ae85a39debdb67d5b3d70a82a2097095476e24211757626c91a29e917796766bc4016456c4acf0436b6c02055778ce7f34e605264f7d6d1321072c4ba341866ac6f78e9b99a30478eb7f09a17f4fb3e23184e878c2f60d2c18617185007841778c7c256750a287ec0bbdd20bd37ab50538e43a5929456d336fb46a04593765b2692ba15e7b71b97788970a7903e12088211098bd356132862a4d586508b4aac077d3acd4f77c67d9066b436d14b20d3e2870cb19cdad5581de2e08da761fc95755c43cf0dc2cff84e6a3a8fa2d0390fcfee285a133b37ac7b2fefd0d3665b1705784187e228579680be97982194329136fb72d8b61cdeaa88f3dfc835ae22167c0130529fe81043b0e1c3aebccb1f4aadc28cb484f850158504439d389d1e559ff424217dc031d422a8b7b51731db75dc541e16fed8fae14f58c1f9c8d0fb91a685245ba558c1aeb243aa728db51c3f3aa6d8f7a4a547b8d95018402283a59a45173e7696f02304954ebfb43c2215f180c8e47e433e5262e279fdb63405c81b0f128b7d6a095ff5f85690331d94d34923a3e8beef5cccbf7b208b2a0aa898f9a32b2f1bb55aca4eaaefcdf09acd871f4b88feb535be87dfdbb5ad45ff3c26a2765230011d90baa4b5d5baaac5519f9013c8fd497d57083403ee6eb0c4e23428cf3846bd34d69840d021196f9a9a4fc101016fe2d4fbf4ec23c11e9d737c5e6d2cc3da7e0981c00ea9df07ed88ab05b7821033b2d311f2fe0525176660d0a33b0eb23a57f5b1d41e2c1698ac7bfe5f59c27792f899fd39610052b705862e798a27084450edfccd180a13d8adf8072430e9305f41b0a67bd1784b6ba9450b1e872794e0b7b55b22a2f649f83270b98d0a0137694fec0d16ec2ebf37c72d9398d231a71e40c912428929a29a433dc0fdcb697f64e07540da92067b1b5a7735fb7fb8ac8da2591fa44b676bbaa32ef5e6cc11f1b2ab3b262d9bc4b2082e081ee50fe71def63cf6e2d588bb8d66a8daa8c8a30ca07d2956463e1affc76003e4bacc632cdeee50098fe80cd7485fefed6eab639d8c42a1357fefae5a5a779fad536474e3bdebf6aab699552e807ffd8a44030f439756748dee9ddf19a6cbf5f75307b03c5ef4185a31a41583fb4ca3699e06319371c5d932d6e5f4e1bf77c02c70564d2140f7510e183ba2fa7ead8a9b8cfb085a9d0fa7dbca7561bd9dc1e5c1a1da0322982ff29c0fa2cc33bea18646445cc59b44965a01570b7b739d730df8f1f2cfe3558e7102de13994d6745ef8f91965265fbe0d29c3f381e1eb9c63242962a4409ddb0a4946ef9ce5b0eda90f8365362681943247a0d87d9b7fbbdd26d4902be34068499b6e2ab2ea746634402e1065c8cb9c32a211d10fc2796f1a7045c59b9cbc4771dbf56a5c38303f93951194d06a1b8cce31dd4869a148ae90a797d09de168e47974ed9699eab3a6424781f481d03cf1046df28b454af02df72c0f56c693343a82f7f383afb3ac452200ff155444010f6c988de71e3fb6f079bc6ac2bfab6ff451242b7e3e70578b8206529816764206d47115cda77b3e356e54f825ec745017ea8c3dcb412523b754b951d19fc075ec66012cceff51da925af9079f547e840c3f2774239cce5fd6533f3ee8d194812de2d4499ef18c4bebfa8d7273307d7aa0ac09e6ebfd95ba99946a585a4bd4afef8bb0b52857e8415a32b42e0a9ccb0749599d7a43cec793b22c96b3de91534c905456b25a5972124b83c7d8f0520cd71c5544e49afab26cccacdb7e112f0af1acbcb2b68760c7538aa6c990814d7cf7bde5ddd618bfd55bfbdd968e53e28f94042fafa2796b5bf2d1be612c81dbafbf90b0728b4b06fe216aab91b8898780ab06cff75be5239c39ac836dbdb5482222e61ff5971ea492c5b5ef509720fc886f8a07a9232653d427d176574c99d65244f1618fdaab109f732e1e1295391a25f9b750c9761bbceb81d316d9f9dcd555afb762191b7e173f06a4d8f4d97ab88b9ae19f6c85c361b8b5cbe91a3493cae594063ed457f3be99772485b34d3308da4e751e58a14cf7c771d8e5be77f88c7567af095caae1eb83d259cea709ea5441047ce96f0e21faf89ed491bba5d0dcc6bc33a07237fbef2fe671447ce14e16a1cae4361938767ce65ecfe0c63e1261cce5fbf603a2537d21b50c9a3a3ed6a7cf112a0586a653b43f813912a226aa4722f7edaf8dda5553efb22721dc71924aa73bf232c2439b1d806d3beaf157442643c81ce2b551b82d63cbcd4195029e2f63aef127ed4df0bffd41665d86213512557ce90ee54fcd01078a6a19085bde6a0343595f540b1ff610bd7a5a2d695bdc5e508cbf544d15cf5920b3e405ef4e10e6651c5ffff039adde2f805143b78916188fec05cadac443c93447d23bb25b0a0cfc787754a20f7efcdee5798de939b758f238f15c23f2622b8ed682378017c8f251dda0261baa33c6262d42d6365e68e85d43a46d92aaf04acee203c09487755df49f07ea1129782b1be0feb6f011bb914266fe2cf5361c377fe33a491089f701ac61bcab2bfa3bbe8bf7b0b834dba1bf187ab78fca751b57f1bddfc670c80d83c34c3461d823d7762b45ff0accc3af21b38137276d4e4d7a5d0a075902865f17f084cfa94cc28f70ee7296e216401b172184df0e060dd61be91efcdbeb03b4a6699c88a16ebb18f3e938cb458a377e29a3f3cbdaaf121e278b691c02b6f0dc790510840b3970b1f905b421a1cb376043cc7511e70e94cc63941ed0f864b4118592878538e12e986b9abaaf2ed588ad5f0e5e0851ffc29ef21aed080eb6f35fa10052f27767d0ddf3fea5a08c14657d68a9c3e6cba422d93a6aff222c40eee9f3c9fcb03a310453b616a80c48646f7d196433736fedcfc2ff4fa1a43bf9f8fc0a0660cf9f79fd0d8e106591a2319cff5eb0a5be578d178e0e184a9eca92991ca63bf1e9c5b1c56dba3c836975a74d9eb9b763ce7c5dc753cde77fb2d048e3656a15f9aa7f9dea249c4a3dc0456b64533513e69861fcb9f4348d78acd5b8ce1f3c41271b8551ba4d5754fbb123862236bc94192a5306c29adb2b0b053cd7d4deaa1be6c61f75bca27b53765a7356dd34a48437d5e5b356d48db64749243fea9b1f44e4625fe7ce820dc9f1a6022d77198e6e917cd4f5e23622d5b3b2fafd4f9be0b85db21371f5d35c7c651a616a8351a02dbfa74f9d273a0eb7d2ab9fca254bd28509b3d6f5420108cabc42d9a5670779dfdfb78afe74cd87fdf8e3be937e6c6981eb88156f5cbc91e4b92f8d65a151ee3307cce381dc189c54a29d21c9fa9f512c50dbc9f1c0ddb43b6b10d5190b8169f9e06f7c60a2103c9c3fa3fe0d1cab8358cf4ddf95d5e26fbed636b2f1f474b7d10426afb5aa21948f7486e0df5275ffa6c091c46c3868703c4e30e1a15a8d27a708b6d5fa7d123f1524c221fb93b5f9f8d87b0286de38c6112a05d1f07706923b531e335db326ff756acf6cf9a5e5352953d112a842d7b2f05d296f644b01bca413f2686dbdea6b2cc6dd8115e22d832af742eb801ee61f6b90f93d227b694fe474385125801d6eb58867c15246faa6c0a1cae0b05f104fb2e97476c73a79185796e0c26bb1b59527aba4b79db6ec99f1650898b996e068329d17b94730cd6ab79a3d77d80e5ed78eecc7d680b5425231357f24c46fd01732052eb18737634915131c7ffcdb0b48a35d8761c402ff5b56aa1a9080b46836e4a888c86d7a260fb6cc2f3b9f68d52201531220bbfe0e7b2890a390acb33831fa1126b88dceb126a555181edbfa4680cadb08d38abe00c91980ce68ab58274ec28eaa697f8a4d7d6db744d8c9daac2035d40a5eb565e12c8be5c2bc1d725f713d45a03ac14ceaf91bb1c5dddcac87553b9d22e23d738742e3bf994412ab153f66ddea53a35c9ec19c555a49ae1aea112a70ddc10201258536ba93ae0dc7fb60d51ffbbe9e96eb8eeea6878e3784dcd686fc0db4516249cdfcb9f6d880fdcf8f86cdadd23ea7455b3b7e3a0e8affc9b61be59814f8e32175c869adaf7dbb5acb4c994e2269d2657011e8751c5c0e6e97e9eda4e8e6c309e842c8ea01c20de3c5f4f6372cc8cb7cdf2b0e3519155e4c662fc8572c36d9d3b7eb3ee19e985bfab9eb20e077c20dec4172e584357cc54f9cd49742e0b31d1fed87812f19efa9ae81ebebb021df0c280aa9790d2f1acb94b38f268ca7861b1da63cbb86daaeac3a5b067c86fc532a1db230a29578563f16dee5b4267f9d474c81c9ad762216452cb3a37c8ed44cbaab2e4b9a9583b134da3a64390fe5f76946879a1757d127e6e10b3b3042de48189350d844ede16134c770dba47cf56483cc14e2cfc93fc11f47cd33b06b720f531efdd1ff1254966b68fc46645ec3b45c2a60427e69ba1d710f25571522ba90622315f9f0cad33f8b1a1053a45aa07964892621ecc9256b7c4e21716e546c235fdb618f339b55c377a30b61a9add4e3b5657e3433a6feaff5b67ef34771ae6d04449b5228b6b99ce7237996b307613d14602d76f21a58a55cdc71a1f348ca18265634f094012bf4eae241df634d7424de578eb4c4199de382f2795c17eefa11ac2ad4625be7263373de4bbe189d42fa51953652d433323b9e6110f00c7cb44e4e7df1e6e1cc421c5cc5e78eac4009824d73b4bf0a0340ebd883acb90e928f6034d6a44edee021abc40726df358ef83429351f46aaf10b63b0a5f4c68bdf4e425f8ce7c6a8ad95dc4874836a56a298f586a602ad7b33350fabaacfda30b80210432dc6b59cb807d50782399624d624bbb5e759c09daec8ab3afbff204f62f94754e377cca96b00ba4842d52d8f12a5ce7d1dd81b760c1c5392f739d91f8bdc8c290090fc6e3221ee69abd2648b6c7a818e8a0d04ffd83464f7b26002e4d5614392848205fc0e766713e4c65f46ec2f9d221e98fdeaa5c329d8a0e7481690164fa1ad829ce9dd2eec2fe92231b33415c3f564161353ea7f823e3dc97c9e905f40d693082be719aff77b3b35a832ed3fc16e3bf57305fbabfbbadea1d33ece1f05ba482d3dcc391e0c709c02c335a6289a8deb035fd5b99edde61f0d936631e21251eb65c1dc23574a7a8f9ba8fd0b6c958ee146954cdab3daf90c17ffe92aef5390b4e19d32fef469e9e60ef8ea16af6b66dab7de1d6ddfeeb602cd69d8f32e4d5f06bfaebe7f000d62abc793ad34d77d1369c63785e93c2ff205769589011208ed6affc73dda9287bc8f4d9e27d33038b699431f56285f92fd9f02e78745fcdca4a4840dcfc307bf8f1806146d954ed5ccc8a66edf2179e2a5356624b3b30f8f78839ddc9940794acce40290e5eb73dbb52fe1c633e88d1492aedc69b351912a0890b63eda0d8756a5b7c47c740fcd73a0f419fa363fbf0cd3fcdd38f0fd055627932c998421f086ee0cbe0520b2f2fd6d38fce1575a2c90fef9f81aa23fc7c4c5625d6f46fbfd02ac31cd1620a92c43b7884e4a050e5ef5bb9b8f9825a159bb0370c828519ef71090e09ab43ff2bd2cc75563fb9073eadcfd869f0d9b6986e4320b1986ce3f19a3f5dce202f8c13757726e5d6a9fc9e2b0b357625362fb873709fb307ee51bc58494857fdd3811f6a8aee0086b0a62da4e327c698e5639e373567d5eefc76e0d6725272527cdbc01a2b40e7511ac986e32bb7e48558756dca3b944855fd9dfdbb2358a52e53769817cad50af13d8a5941c41f6bd121cb267acdc461c500855c6f6c0750367c62dd32fa41595a6070e728f1915bab951e5536ff8230a0608ac96c2e19a5c1415209a3774c091174f575bc937d544d495370294aaffc5e6be76364c7a212bbb4ec7f3bd38db75a159b68e2b3075ae6bb68ffa02e6bfb42553b505da20f133b2855572b7e6f8f3de240d9ab1ff32b3d9825f087774f4932024be806b78f059d4b3b40414df456aef405d1cffb2f3604834dae38932d830298df7045d404f005f5edf81061850808d4998f6ce80bc7569081765875d908d4b6a0edcb434317543a4f5954a5e0e5b7c4da75cb369e2810e2aebf950b973ad3380bca5d0de8311e59a6ed3f01d8f7c1b39060fddc7ac1febe659626ed7ad27dcee7b3d409b9f84e4f55ceb2e462f55627857f8c485c35c9abdc2fa87c4281365790ecdf1971f3a285ea0bb2038ae91d927729f4bf847bf0fc724b002cb029d2a57b89218bd4a763ab01902b7b48cb609cf3b9ad8fb568aef0ceff20c5def1a4faee11d33d304e2227b83f3ab06f0b9fa5502b1d9c6fe2a34bf9abb9a5b13928800149488cead47e48c754c75a061d5ea8a515f7f55611b0c048b88c9772ca4b1eb3d6fc931801990f1611e9b1171223527dceccfe8cfd72600a88a8486e088e21c30b997af1b60b55bc5443cecb18c2dcf54dbca3ac34f10ad2be9d755679519bb674b42904be579df62436bcf06de4cfd636d592840d674d11195edeb4dfe61370e9a9453378957fdecf2115ee008224fb8c97fcd051ddb1ed8d0419b950f2cd085bf1debaafb2a46cf65be863939cffde741797fdf64c17f3b447464be0e6bb90324c4c65b3cf66958a15d537a1675dffbc4e41f7a6c92ed27c5ef0dd0dcce6f96225b4e0ece510ce00f9611e395215e116026499dce3417cee3fbde0106b2a6fbd5937423124f6549c2206afc2ad1df5bedcc5e1371ed2b9f09f76576589450b09dd990811c59c3f848c1a4fccdfe686968903edffbc010eb73f55ac5a675fa3db70db12c826c8b7360617d8abeacefa6e2a8da62e4f304543cc9217fe1b0ec4fb044ca849802c4a140b91cc056d566c8670e4600941a54b2eb8643ff206c3401c0bd9838a025545227ae3e6bcb47fa3dcd1b40d8a0917f63744fb1ec2b72211c6cfda13248b2d0b4232e4fe7015cc42d4928f07ca9161640102f22236cca7ca3b81ffc81c4ff20532b5203e0d94771b8d0ec70e637135fdbb788fa8b4704e11d3c6083a45f51efd8560c0e63435516586aa82eaa998c140767d3ce35491e301c12f74583c61cd4d2ef1caa6fea3e353637cdeb3332d964155c9d32f826829a7174ab06c44e32063e46ce742b7027cffb8999302b602949c60496a0bf3c7cdf859d4ba51102674414867af614cffb88ac177dfbdb6131f7370dcb851002cec1742fb1561257716850c9ed3b075a6c023bcf05b5d580ac8e5d7ab7e5b1723212c681989e5f91958b635e0d076634584920c1b98d7f6ea0ddded6be9eb74de778b3c57c36b18e0c56c3a051014e09fac70ce6a7b0f042f5eeca8b8885e500bcb41f6fd974e5f6888859abdf3600706a3de9fce060c3069600c63106aff24210461c5d3423fa4e350041fd166902ad86bdba8cf965917f7e3ab019e1911d8013dad576465319c4e04b89b5ee1d07f54705718592d6aa453558294743daa8dba33159fb0e291829ac220562b007597e067e5f65841563673b69cc1d549f50e9efbdf256d797fe8c7d09596c167a45d", 0x2000, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x18, 0xfffffffffffffff5, 0xffffffff, {0x4}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
writev(r9, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0x56000}], 0x1)
close_range(r5, 0xffffffffffffffff, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0xe0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})

8.817826489s ago: executing program 1 (id=716):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
syz_kvm_setup_cpu$x86(r2, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x68, 0x0, 0x0)
ioctl$KVM_X86_SET_MSR_FILTER(r2, 0x4188aec6, &(0x7f0000001e00)={0x0, [{0x0, 0x0, 0x86, 0x0}, {0x0, 0x0, 0x17, 0x0}, {0x2, 0x0, 0x400, 0x0}, {0x3, 0x0, 0x9, 0x0}, {0x3, 0x0, 0x77a, 0x0}, {0x1, 0x0, 0x10, 0x0}, {0x2, 0x0, 0x3c8f, 0x0}, {0x0, 0x0, 0xa6, 0x0}, {0x2, 0x0, 0xf, 0x0}, {0x1, 0x0, 0x3eb77bdf, &(0x7f0000000600)}, {0x1, 0x0, 0xd0, 0x0}, {0x2, 0x0, 0xfffff015, 0x0}, {0x1, 0x0, 0x800, 0x0}, {0x1, 0x0, 0x5, 0x0}, {0x2, 0x1ab0, 0x10, &(0x7f0000000d00)="eb892d2697664b32177ed15cdbccf2fe4fdefadfbd81886ef67fbe7edd65c0afa54f3ef1598d1b56f55839d3a0e98da692af20166545e1c39bea58d36e54c8a136e7987decbbc55c0cc58206aa50ce2b587f7d740bd0003dbcc71169f948d9e4449b610289da3f96de18b17a3b490f3bda806350adf1643ef677fd8787e5f1ad4b5d254648e05b506d8738f1a2a714d72d6552c0b72632a17accea4992c2dea6c0e51fd7a6a5b1065ef47b285a9f03a2c1fc8150afb7106e04d456261521ab697ed5bfb05b97b9657729034d8ec66c8ad7f33d0630d6b4c61a69474f31c75196311913926dd86e1408a4905c06ba2133bcb6a55428933c53a3654d9edb3a8102aef9a7835d9571e0de03f4bd41d100967b39a28b9a96e01b52fc63206b1ff323b136c96b4b98ed6ee0891dea39b84963737f59011604bbd00e75afb23b1776606d1ddeccdadedef9a7be4d735fbd1079561a3a59ba5c6a5b789d3907d22750f9446e430253dc0703753f262c5e5150a4bb8550d7ee226ca5d79cb0a507485828b1cf99cfeac1fb5e075c16a80bf659777afb105908c1cd10c588a2b6e614e345146577d240bbc04862192fd34353f5f630c7b3dd5ee10e583936c7b924fa973b863a975150c798676487495d49db4997ca9a8497bc3ea7408b08c8323cf8904a7022499d75c448b528e98dd685096cbcc14a41b48a483049bf9831053b42e8841235b2179e3280c30dd31f7236d3cd576cc1f0d9b98f0a884fd1c7c1c16be8fa6173146d0f21650ad4799b0cd85cc947ea83a1121a083bdb5686e6d121246b7c94587ad73c495fcebac07eb65445571e7060c607813ba9f03f2b7806018dddfb028341d1bf058f82da4af915d4c5259fd83e4d0083db4afd8234bd03911e00f6f4f976aa64097961fe1070508e95eeead8d1e6ff14cb8597485f3084fdd3978f5e1278fc14ce1ddad6488f4c06b53f3bc492d982a240f87d107482281b1d383a9191c93cb79e77ed70ebb00203343571bce98b4443b5068fdf610ed1433b8995f4f0e1cd77178f14c8c3fa6bda50d0bdb0c3e301c4a765c3811332209963b02da2e122e85a3c4e8f3e3ac08ca43ee5a981948561cfaea0849863fa3593e23d4c2d2b714b7173f482b2531e55872df5bfee9f794444c3e880741cc9cdd329f3fa60fd160fea891d437fe7e3ed8c425728333aada26b79"}, {0x3, 0x0, 0x0, 0x0}]})

7.831104998s ago: executing program 4 (id=720):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x800)
write$P9_RVERSION(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
write$P9_RSTAT(r0, &(0x7f00000004c0)=ANY=[@ANYBLOB="4e0000007d0100000047000b004b0f00db6f2db200000000000000000000000008000000007123010000000000000000000003003970000a008973797a6b616c6c657200000007002425402b2629280e25356e47cb08d1974b86e59f9e9550f262a64ee414bbcc0928d31c0d8fd492bbd8a49a323bc26f60041b09a07982f4361680066b13a8a7748b6f23c16a49c19bf470cb9c85f4a123cbad2255bb322f74b08a5029eafed2a04a0c19261e60caa18920d85bd3a7c6b2514803526321289b8e43c815ca12d993dfd6a5b17c71073d9bd7cc65fccb65b63acbc01a5168667b12300587082466e484f35758e91fa310010293ac7331afe115765b3a2b6dbd2c3a5532b76d045cc74dc4eb5f2af093c53c2a60a13ebf4bfcd2b2e2df3f249471a621528b3490d0b2f61fd466e48c"], 0x4e)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = userfaultfd(0x801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))
syz_io_uring_setup(0x50cf, &(0x7f0000000000)={0x0, 0xfffffffc, 0x40000, 0x2, 0x333}, &(0x7f0000000080), &(0x7f0000ff4000))
sendmsg$ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, 0x0, 0x48085)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setxattr$security_evm(0x0, 0x0, &(0x7f0000000400)=ANY=[], 0x3a6, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffea4, 0x0, 0x0, 0x0}, 0x90)
add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050000000181100", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
dup(r0)

7.750071939s ago: executing program 1 (id=721):
keyctl$clear(0x7, 0xfffffffffffffffb)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000003f64ecb21ed7d74b542e43ae9f57f61af1c5b6016901992307df92d7c26b05a7da0582d208fd1f57c41cee38c7023e71dc864ab49f7894dd5ee29721d0625ee50c8aeca9b5090d85ff1c5df40229"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x20c9}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff})
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000440)={0x0, r0}, 0x10)

7.70230517s ago: executing program 4 (id=722):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000005c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0xffffffff}, 0x50)
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r1 = openat(0xffffffffffffff9c, 0x0, 0xc4042, 0x1ff)
sendfile(r1, 0xffffffffffffffff, 0x0, 0xfffe82)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
eventfd2(0xff, 0x1)
fstat(0xffffffffffffffff, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x2000)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x10, 0x3, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r6}, 0x10)
r7 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r8 = fcntl$dupfd(r7, 0x0, r7)
ioctl$USBDEVFS_REAPURB(r8, 0x4008550c, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x10)

7.265425929s ago: executing program 0 (id=723):
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) (async)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="008429bd7000fedbdfbb5bca319d40e29f64f1f3ad16759b2d25"], 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x41) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000001000)={&(0x7f0000000240)=ANY=[@ANYBLOB="d8010000", @ANYRES16=r1, @ANYBLOB="010000000000fbdbdf2501000000080005000100000006000600234e0000140002007767320000000000000000000000000024000300a0cb879a47f5bc644c0e690100000001000000b6e901b9ff2f518c78042fb5427c0108"], 0x1d8}}, 0x0)

7.143080881s ago: executing program 0 (id=724):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
ioctl$sock_SIOCGIFCONF(r1, 0x8912, &(0x7f0000000280)=@req={0x28, &(0x7f0000000040)={'pimreg\x00', @ifru_mtu=0xc855}})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000004080)={{r3}, &(0x7f0000004000), &(0x7f0000004040)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r5, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)

6.851171017s ago: executing program 1 (id=725):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x32, 0x0, &(0x7f0000000400)=[@increfs], 0xfffffcb0, 0x0, 0x0})
r4 = dup3(r3, r2, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000640)={0x54, 0x0, &(0x7f00000005c0)=[@increfs, @release={0x40046306, 0x2}, @transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x58, 0x18, &(0x7f00000004c0)={@fda={0x66646185, 0x1, 0x1, 0x38}, @flat=@weak_handle={0x77682a85, 0xa, 0x2}, @fda={0x66646185, 0x0, 0x0, 0x16}}, &(0x7f00000001c0)={0x0, 0x20, 0x38}}}], 0x33, 0x0, &(0x7f0000000300)="1109b4903366fa114567e4694f79d43d6b58ecc3d52e9e5796e7382ec7f2f2c78677a49aed3ae74020be2fdc44795b355e3093"})
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r7, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r7, &(0x7f00000021c0)={0x2020, 0x0, <r8=>0x0}, 0x2020)
write$FUSE_INIT(r7, &(0x7f0000000040)={0x50, 0x0, r8, {0x7, 0x1f, 0x4, 0x10400, 0x6, 0x0, 0x0, 0xc981, 0x0, 0x0, 0x0, 0x6}}, 0x50)
syz_fuse_handle_req(r7, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r7, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ccc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6b3f0000f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784753f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a748cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d9f95e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x8000}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r9 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
syz_fuse_handle_req(r7, &(0x7f0000006380)="c66dd220cbdeb68f27c1f98bf43fd861bcf841572658a3308737983b31a434673f1003eeeb6d9b934bcd19cf754f4882114d61e15354449f763f772e86c9e2252731f7a098faad2accca3e470845b32918bcf530f9474d3cd610d9028cb7b247d3a73d887719f70554d8976c10784c8073e521a80b5ebe7501d6c3b6b5cf9a498a1e97b8201ac756e5f35d71bdd4d196e73cae0cc34c7140cde8380de823e8c76662f0844f549818b5ef6c732b8f412b79273508b69f2e6a653709b4d9bded080b6c15ca5c5b8ff23309e05d460dfb40403f60a3e5a0e1d4e1aa59d53823a047427673267e79d40fdd6f12ef696fe22887d24087373f64987e48ba20e7f47d1f08871e0c22a02593156648fc106c4529d8cf17c71d473f4ad43992b1cdbf5cfaaf1ce401d5ad8b9c6bdc3c60a88a91c52f5aae74a5d25e0cd738fd80169a98b84d4d24a7e86c9d8e4c3e3ff1a9fc44a87558aeb7acbfec13a26a4b121b2cb9ae628c682aa4c44311c45a673bab25880665d6cdf589e5c5415794c4fd6b940e7a44df93a34a684183581c850fbe97ef8c1de852ea836e0db1a104b498d6dd8fdf65c606e772de2e9dfe46a418fac3c0bdd72916c951e3df04f2ae85839305be2a86aebcf4898b6e49c27df6033ad2b8651279ceb20c779716240d3d0fef3bb6c417a8c6f75398a91942d8ab11f21f5795767650a96e246c7244f8e4935e9c01349616a098ae810487d657fd095beee05a36812f39f4266f25f4508e80f19a4aec7116f1d8bc48bc2c1f0f96ff34b66a965d428852766b78f1e7eb0260bbb355cc0859af6988ff7efa0b3fede3d5f2f2147ffae4a5eb58a7585b596270334c360a1547787a95634e13d59bf53f51f48e75a6a3e48f8348f4cb495d9699dfdf8cc71668c5b9622578100f7163394cb3171fc8a6c1e7f88f08b8c3cf4b0cd9a1bc16bd1488ebe43199d97cdf4bbcde8a06a79c5af6ff2ebf1a04add74830cfac0b946514b18de249e934dd8a1a96fce085320fa857c853480170208533acd3d41c4384a932eeccd4ce7d09827efae4c0d19d00c5b48943c4d877017be59434dae6bef767fb9ffd073c2261b06c0f23a0c77a5bcb1f5738dceb6abee00bd7c649f6ebc64b4b8b948319a22ed4add48eedda8a2cd1bad6799e1d9ed778e5ce22d5fead0cd06806cb4b7b5661f9db6bcf9ddcdc9e49e0e6a8ec98fc42c660d5d75311fb9c9d06074611ebbdbea45672dd78760ed92d0e95c1d5ae234d674dc3ffaeef3d928aa4b93c0fe55fa886bd3f2371a5bb22c4dd6b8bc13250490cf279d4e56b646dec4eaa53951d55f602c1f4081d49316f6bcb35aad0453b44c7f266e99838683404859bc372d1df5f1512f35558b3706b32093b72a78a40c8a188852a0b5aca11a34ba23195cb598ca595f243c260392cd793b65dda856f81be1b54d873a0366407ac26687262d6bda693e058f598bde80e304c83dd0c2fd0e634ff15e1ca4e2918bfa8e3a626aee7b5e445aa7fae096595fe58032c993eb06ce49c1045b1f132f2c90d6e23b76076838ad7ed7a6a74245d7ad72b38bdc04e458d3908d1d272f23fe18f68ad746e5440cfbcc3b7ad477dccd6fb2db536df0e4d24480d2765e724ca06cbde7e01cd32e36681796a454c801adc1b25b501cc4aaae778f3783dad15d12e656b09bb3d8f37efc86cc7faea5e51913902faed79ae5973f4413e275f78e7e66099f9e41bd73a07445a780dde0b189308e3b83d1a3cf5aef2d3e11fcad930eb6c60ebb899b22cdbd539412b2371d28a4331394d8f29d8b16f94ffd91d4eb5c278e7f6b4024fcc7af9dfde1b3c915b06dae683760fad05d6638c6389fdd19a9b12956c11e9b9ea7d30e09b13d9f681e012f1e41746341a61b71ac6c333b29883ca2cd1aaa3c02e66c85de1e3b2b7e77b0dd1469ab9db5c17beb2d33862db20fd77de685a1e70ba55b0d9cf4b2d3d1196196b5317324e5f189605baa37493c9586b7e475865b4bb21b335e8b291b9dea17f6afc1cd84618b189567817511de821a866a00b62c62516b716cf55dcf7f5b7d7520306fe03f00cc61b7dc297886459d74bedb8ac1d05cc506db74d018c877da735481c318224fd06f349b59f69b0d2d017c817e5a1f934d263789d418eb69c772d923b01a6a4a6afbba4a6980fbf7cddd84f8e4392eaccb98cdd30488919ea6d492d32f9ca4233649117474f4116f6ca4cb762d524c0f92bbb40d3f430dbd50dba20adda8b4170a73c3b66257c412311a7bd3ea3ecca0da47a7a00ef0a464ee0a4b2402b61db833f3cfe1847b9630de47f331d575f6e3c6fb44a9021700c6d8055ea982a05a5ba6a91a41e7445fdba7ac09202fee733a5c216b3c3090991225b98178508d1985832f8e7dae58482ec0fa2215c935bd0ef9f03c0ed3caf97bf4de023605aa8535f1e88e841471bd8842084c6715a3fd3acd07ec9c43f635e5f868d82cdc6f9424ed978d39e72cc92535c2637164f15e9a67770389535ba46cbf786189562908872274ba126b313bd1c0780e9d0ca38956d1277b58f04eaa1f97ed8c6c83d9c05df0df8b43da930707a84662e480a33d1868edc9ff65368d51fda828ad29ecbd3b2cc0ddb0aad251b4736f872ba5f066617a9e9675ed7f80685544af44c677b9d39a1a353984ea4ccbf36d759b490f8dcd5621e573baaa2c03ef367f543ca5d36d1c9d33d4762bb0b1e02ec67d3511582d69b06a57d15f5260fab5ed8d9361948eabf88d9e776a18c5c4f2d42bb46373861b613db9a91ccff8fbd563ddb37f0738fa1723c23c85cac0f9eb53a41d115fe0339eed3167f59b2f2f0739cf9c0ba5769b18a213d5809bccadecee6e781811bf584c22a6557516d12bd58420f5c67c673fdf0888ab31edcee3198927b5b87a63f89f7a07d1da8cb946f0a87e7d3bb455c888f394d17694378446c9073e54368564dc546b6c930ae17afcc8360cb2e31d87ad8923f60033aa637a399707398ffa51645ab1d9963c29375c834746004ac16d24d8f006e9674e45da3d938de524857c57fd39b22678f39096309527ed22c41677a65a67dc0998a8babc9cb688a56628d09a732773d9019d92399415e93852a12d66ccbfa571837b7689c7cc50026ed643a89c8f1bdef6d01016e6e1c21bb779db52c2254f5dae40ff173943ba62ce343ec035d93d5c92c64884d654777cf6995dd0c485c7c132db383769ae1f35f1980654d2b47e92b1862f653eeb81ada4eed6c9d0fe9da3d7db5dfb4d66b2d576676beddc4394ade2acf55f9ec24aee7c4c77138e799f62deb19367ce226a66715da515479b176c9ca06c739566d279142ce2163b8835c840a3de6e2d275b5d5a948b26ec8faa6cf322c5038fc00fb0a27f0b76b5e305780c9145e99feadf571bf8d87dc93ea0f8ff3bc246b16d4e43256507abc7ccc92e113a037ab13855058ba1e0770b90f52e0740c157d68963b3d236f681454589385c6124bddf948c5aa2e147a3543c301dc6d82acb504f76239c890b7d3d76dbd7c26445ab6fe66f9f71d95f4f0d6c51533ce4b05353ef27178f6b6813366189ff4cc19cc5c9f7aca4d6b6f3b5b213e828cbf8b8b5cacb42ade1fa2594cc4ccd3457a45a5b19926f17b9061c9072fdce96afbd3f2bbecc6dfbdf9d9b3e1a621e65a7cdf0a97cb0223b220b39a88b7414ce91e5fb52f3c9c7e10199ffc8fad826d40a798ecaebbd8881c1605f986bb0af06f416280f63f3a3c28d399d13c21e6d79501cbbfcc9483a73a931e91358807fbebefd39b466cb9f251fa4fc7d5f4fd2d87d4604c9750593d3a801b963085ad7aaa91e023977742b728d292b046d0bd49f81717a686f10096e154681b85aeb81a26fa8f46bf3dfdf5dc7c7ca37aa3da37e53a105be5935640baff476453f53ffcf786894eac35d1933a5e97fb9b6d975f9fbe7914d09dc948d305005eb4aba3a9b8cdefb30dbb3300f46041db06567956ba4327280721addb17425a2b223e81bc41467cb413cebbe16818468eeb5b24b6cd79ec4787f693f3c301e5dd10747bea13bf042d6fde42d18c48fec0e3e43454799da1d5501130fc98917fed27d696ae85a39debdb67d5b3d70a82a2097095476e24211757626c91a29e917796766bc4016456c4acf0436b6c02055778ce7f34e605264f7d6d1321072c4ba341866ac6f78e9b99a30478eb7f09a17f4fb3e23184e878c2f60d2c18617185007841778c7c256750a287ec0bbdd20bd37ab50538e43a5929456d336fb46a04593765b2692ba15e7b71b97788970a7903e12088211098bd356132862a4d586508b4aac077d3acd4f77c67d9066b436d14b20d3e2870cb19cdad5581de2e08da761fc95755c43cf0dc2cff84e6a3a8fa2d0390fcfee285a133b37ac7b2fefd0d3665b1705784187e228579680be97982194329136fb72d8b61cdeaa88f3dfc835ae22167c0130529fe81043b0e1c3aebccb1f4aadc28cb484f850158504439d389d1e559ff424217dc031d422a8b7b51731db75dc541e16fed8fae14f58c1f9c8d0fb91a685245ba558c1aeb243aa728db51c3f3aa6d8f7a4a547b8d95018402283a59a45173e7696f02304954ebfb43c2215f180c8e47e433e5262e279fdb63405c81b0f128b7d6a095ff5f85690331d94d34923a3e8beef5cccbf7b208b2a0aa898f9a32b2f1bb55aca4eaaefcdf09acd871f4b88feb535be87dfdbb5ad45ff3c26a2765230011d90baa4b5d5baaac5519f9013c8fd497d57083403ee6eb0c4e23428cf3846bd34d69840d021196f9a9a4fc101016fe2d4fbf4ec23c11e9d737c5e6d2cc3da7e0981c00ea9df07ed88ab05b7821033b2d311f2fe0525176660d0a33b0eb23a57f5b1d41e2c1698ac7bfe5f59c27792f899fd39610052b705862e798a27084450edfccd180a13d8adf8072430e9305f41b0a67bd1784b6ba9450b1e872794e0b7b55b22a2f649f83270b98d0a0137694fec0d16ec2ebf37c72d9398d231a71e40c912428929a29a433dc0fdcb697f64e07540da92067b1b5a7735fb7fb8ac8da2591fa44b676bbaa32ef5e6cc11f1b2ab3b262d9bc4b2082e081ee50fe71def63cf6e2d588bb8d66a8daa8c8a30ca07d2956463e1affc76003e4bacc632cdeee50098fe80cd7485fefed6eab639d8c42a1357fefae5a5a779fad536474e3bdebf6aab699552e807ffd8a44030f439756748dee9ddf19a6cbf5f75307b03c5ef4185a31a41583fb4ca3699e06319371c5d932d6e5f4e1bf77c02c70564d2140f7510e183ba2fa7ead8a9b8cfb085a9d0fa7dbca7561bd9dc1e5c1a1da0322982ff29c0fa2cc33bea18646445cc59b44965a01570b7b739d730df8f1f2cfe3558e7102de13994d6745ef8f91965265fbe0d29c3f381e1eb9c63242962a4409ddb0a4946ef9ce5b0eda90f8365362681943247a0d87d9b7fbbdd26d4902be34068499b6e2ab2ea746634402e1065c8cb9c32a211d10fc2796f1a7045c59b9cbc4771dbf56a5c38303f93951194d06a1b8cce31dd4869a148ae90a797d09de168e47974ed9699eab3a6424781f481d03cf1046df28b454af02df72c0f56c693343a82f7f383afb3ac452200ff155444010f6c988de71e3fb6f079bc6ac2bfab6ff451242b7e3e70578b8206529816764206d47115cda77b3e356e54f825ec745017ea8c3dcb412523b754b951d19fc075ec66012cceff51da925af9079f547e840c3f2774239cce5fd6533f3ee8d194812de2d4499ef18c4bebfa8d7273307d7aa0ac09e6ebfd95ba99946a585a4bd4afef8bb0b52857e8415a32b42e0a9ccb0749599d7a43cec793b22c96b3de91534c905456b25a5972124b83c7d8f0520cd71c5544e49afab26cccacdb7e112f0af1acbcb2b68760c7538aa6c990814d7cf7bde5ddd618bfd55bfbdd968e53e28f94042fafa2796b5bf2d1be612c81dbafbf90b0728b4b06fe216aab91b8898780ab06cff75be5239c39ac836dbdb5482222e61ff5971ea492c5b5ef509720fc886f8a07a9232653d427d176574c99d65244f1618fdaab109f732e1e1295391a25f9b750c9761bbceb81d316d9f9dcd555afb762191b7e173f06a4d8f4d97ab88b9ae19f6c85c361b8b5cbe91a3493cae594063ed457f3be99772485b34d3308da4e751e58a14cf7c771d8e5be77f88c7567af095caae1eb83d259cea709ea5441047ce96f0e21faf89ed491bba5d0dcc6bc33a07237fbef2fe671447ce14e16a1cae4361938767ce65ecfe0c63e1261cce5fbf603a2537d21b50c9a3a3ed6a7cf112a0586a653b43f813912a226aa4722f7edaf8dda5553efb22721dc71924aa73bf232c2439b1d806d3beaf157442643c81ce2b551b82d63cbcd4195029e2f63aef127ed4df0bffd41665d86213512557ce90ee54fcd01078a6a19085bde6a0343595f540b1ff610bd7a5a2d695bdc5e508cbf544d15cf5920b3e405ef4e10e6651c5ffff039adde2f805143b78916188fec05cadac443c93447d23bb25b0a0cfc787754a20f7efcdee5798de939b758f238f15c23f2622b8ed682378017c8f251dda0261baa33c6262d42d6365e68e85d43a46d92aaf04acee203c09487755df49f07ea1129782b1be0feb6f011bb914266fe2cf5361c377fe33a491089f701ac61bcab2bfa3bbe8bf7b0b834dba1bf187ab78fca751b57f1bddfc670c80d83c34c3461d823d7762b45ff0accc3af21b38137276d4e4d7a5d0a075902865f17f084cfa94cc28f70ee7296e216401b172184df0e060dd61be91efcdbeb03b4a6699c88a16ebb18f3e938cb458a377e29a3f3cbdaaf121e278b691c02b6f0dc790510840b3970b1f905b421a1cb376043cc7511e70e94cc63941ed0f864b4118592878538e12e986b9abaaf2ed588ad5f0e5e0851ffc29ef21aed080eb6f35fa10052f27767d0ddf3fea5a08c14657d68a9c3e6cba422d93a6aff222c40eee9f3c9fcb03a310453b616a80c48646f7d196433736fedcfc2ff4fa1a43bf9f8fc0a0660cf9f79fd0d8e106591a2319cff5eb0a5be578d178e0e184a9eca92991ca63bf1e9c5b1c56dba3c836975a74d9eb9b763ce7c5dc753cde77fb2d048e3656a15f9aa7f9dea249c4a3dc0456b64533513e69861fcb9f4348d78acd5b8ce1f3c41271b8551ba4d5754fbb123862236bc94192a5306c29adb2b0b053cd7d4deaa1be6c61f75bca27b53765a7356dd34a48437d5e5b356d48db64749243fea9b1f44e4625fe7ce820dc9f1a6022d77198e6e917cd4f5e23622d5b3b2fafd4f9be0b85db21371f5d35c7c651a616a8351a02dbfa74f9d273a0eb7d2ab9fca254bd28509b3d6f5420108cabc42d9a5670779dfdfb78afe74cd87fdf8e3be937e6c6981eb88156f5cbc91e4b92f8d65a151ee3307cce381dc189c54a29d21c9fa9f512c50dbc9f1c0ddb43b6b10d5190b8169f9e06f7c60a2103c9c3fa3fe0d1cab8358cf4ddf95d5e26fbed636b2f1f474b7d10426afb5aa21948f7486e0df5275ffa6c091c46c3868703c4e30e1a15a8d27a708b6d5fa7d123f1524c221fb93b5f9f8d87b0286de38c6112a05d1f07706923b531e335db326ff756acf6cf9a5e5352953d112a842d7b2f05d296f644b01bca413f2686dbdea6b2cc6dd8115e22d832af742eb801ee61f6b90f93d227b694fe474385125801d6eb58867c15246faa6c0a1cae0b05f104fb2e97476c73a79185796e0c26bb1b59527aba4b79db6ec99f1650898b996e068329d17b94730cd6ab79a3d77d80e5ed78eecc7d680b5425231357f24c46fd01732052eb18737634915131c7ffcdb0b48a35d8761c402ff5b56aa1a9080b46836e4a888c86d7a260fb6cc2f3b9f68d52201531220bbfe0e7b2890a390acb33831fa1126b88dceb126a555181edbfa4680cadb08d38abe00c91980ce68ab58274ec28eaa697f8a4d7d6db744d8c9daac2035d40a5eb565e12c8be5c2bc1d725f713d45a03ac14ceaf91bb1c5dddcac87553b9d22e23d738742e3bf994412ab153f66ddea53a35c9ec19c555a49ae1aea112a70ddc10201258536ba93ae0dc7fb60d51ffbbe9e96eb8eeea6878e3784dcd686fc0db4516249cdfcb9f6d880fdcf8f86cdadd23ea7455b3b7e3a0e8affc9b61be59814f8e32175c869adaf7dbb5acb4c994e2269d2657011e8751c5c0e6e97e9eda4e8e6c309e842c8ea01c20de3c5f4f6372cc8cb7cdf2b0e3519155e4c662fc8572c36d9d3b7eb3ee19e985bfab9eb20e077c20dec4172e584357cc54f9cd49742e0b31d1fed87812f19efa9ae81ebebb021df0c280aa9790d2f1acb94b38f268ca7861b1da63cbb86daaeac3a5b067c86fc532a1db230a29578563f16dee5b4267f9d474c81c9ad762216452cb3a37c8ed44cbaab2e4b9a9583b134da3a64390fe5f76946879a1757d127e6e10b3b3042de48189350d844ede16134c770dba47cf56483cc14e2cfc93fc11f47cd33b06b720f531efdd1ff1254966b68fc46645ec3b45c2a60427e69ba1d710f25571522ba90622315f9f0cad33f8b1a1053a45aa07964892621ecc9256b7c4e21716e546c235fdb618f339b55c377a30b61a9add4e3b5657e3433a6feaff5b67ef34771ae6d04449b5228b6b99ce7237996b307613d14602d76f21a58a55cdc71a1f348ca18265634f094012bf4eae241df634d7424de578eb4c4199de382f2795c17eefa11ac2ad4625be7263373de4bbe189d42fa51953652d433323b9e6110f00c7cb44e4e7df1e6e1cc421c5cc5e78eac4009824d73b4bf0a0340ebd883acb90e928f6034d6a44edee021abc40726df358ef83429351f46aaf10b63b0a5f4c68bdf4e425f8ce7c6a8ad95dc4874836a56a298f586a602ad7b33350fabaacfda30b80210432dc6b59cb807d50782399624d624bbb5e759c09daec8ab3afbff204f62f94754e377cca96b00ba4842d52d8f12a5ce7d1dd81b760c1c5392f739d91f8bdc8c290090fc6e3221ee69abd2648b6c7a818e8a0d04ffd83464f7b26002e4d5614392848205fc0e766713e4c65f46ec2f9d221e98fdeaa5c329d8a0e7481690164fa1ad829ce9dd2eec2fe92231b33415c3f564161353ea7f823e3dc97c9e905f40d693082be719aff77b3b35a832ed3fc16e3bf57305fbabfbbadea1d33ece1f05ba482d3dcc391e0c709c02c335a6289a8deb035fd5b99edde61f0d936631e21251eb65c1dc23574a7a8f9ba8fd0b6c958ee146954cdab3daf90c17ffe92aef5390b4e19d32fef469e9e60ef8ea16af6b66dab7de1d6ddfeeb602cd69d8f32e4d5f06bfaebe7f000d62abc793ad34d77d1369c63785e93c2ff205769589011208ed6affc73dda9287bc8f4d9e27d33038b699431f56285f92fd9f02e78745fcdca4a4840dcfc307bf8f1806146d954ed5ccc8a66edf2179e2a5356624b3b30f8f78839ddc9940794acce40290e5eb73dbb52fe1c633e88d1492aedc69b351912a0890b63eda0d8756a5b7c47c740fcd73a0f419fa363fbf0cd3fcdd38f0fd055627932c998421f086ee0cbe0520b2f2fd6d38fce1575a2c90fef9f81aa23fc7c4c5625d6f46fbfd02ac31cd1620a92c43b7884e4a050e5ef5bb9b8f9825a159bb0370c828519ef71090e09ab43ff2bd2cc75563fb9073eadcfd869f0d9b6986e4320b1986ce3f19a3f5dce202f8c13757726e5d6a9fc9e2b0b357625362fb873709fb307ee51bc58494857fdd3811f6a8aee0086b0a62da4e327c698e5639e373567d5eefc76e0d6725272527cdbc01a2b40e7511ac986e32bb7e48558756dca3b944855fd9dfdbb2358a52e53769817cad50af13d8a5941c41f6bd121cb267acdc461c500855c6f6c0750367c62dd32fa41595a6070e728f1915bab951e5536ff8230a0608ac96c2e19a5c1415209a3774c091174f575bc937d544d495370294aaffc5e6be76364c7a212bbb4ec7f3bd38db75a159b68e2b3075ae6bb68ffa02e6bfb42553b505da20f133b2855572b7e6f8f3de240d9ab1ff32b3d9825f087774f4932024be806b78f059d4b3b40414df456aef405d1cffb2f3604834dae38932d830298df7045d404f005f5edf81061850808d4998f6ce80bc7569081765875d908d4b6a0edcb434317543a4f5954a5e0e5b7c4da75cb369e2810e2aebf950b973ad3380bca5d0de8311e59a6ed3f01d8f7c1b39060fddc7ac1febe659626ed7ad27dcee7b3d409b9f84e4f55ceb2e462f55627857f8c485c35c9abdc2fa87c4281365790ecdf1971f3a285ea0bb2038ae91d927729f4bf847bf0fc724b002cb029d2a57b89218bd4a763ab01902b7b48cb609cf3b9ad8fb568aef0ceff20c5def1a4faee11d33d304e2227b83f3ab06f0b9fa5502b1d9c6fe2a34bf9abb9a5b13928800149488cead47e48c754c75a061d5ea8a515f7f55611b0c048b88c9772ca4b1eb3d6fc931801990f1611e9b1171223527dceccfe8cfd72600a88a8486e088e21c30b997af1b60b55bc5443cecb18c2dcf54dbca3ac34f10ad2be9d755679519bb674b42904be579df62436bcf06de4cfd636d592840d674d11195edeb4dfe61370e9a9453378957fdecf2115ee008224fb8c97fcd051ddb1ed8d0419b950f2cd085bf1debaafb2a46cf65be863939cffde741797fdf64c17f3b447464be0e6bb90324c4c65b3cf66958a15d537a1675dffbc4e41f7a6c92ed27c5ef0dd0dcce6f96225b4e0ece510ce00f9611e395215e116026499dce3417cee3fbde0106b2a6fbd5937423124f6549c2206afc2ad1df5bedcc5e1371ed2b9f09f76576589450b09dd990811c59c3f848c1a4fccdfe686968903edffbc010eb73f55ac5a675fa3db70db12c826c8b7360617d8abeacefa6e2a8da62e4f304543cc9217fe1b0ec4fb044ca849802c4a140b91cc056d566c8670e4600941a54b2eb8643ff206c3401c0bd9838a025545227ae3e6bcb47fa3dcd1b40d8a0917f63744fb1ec2b72211c6cfda13248b2d0b4232e4fe7015cc42d4928f07ca9161640102f22236cca7ca3b81ffc81c4ff20532b5203e0d94771b8d0ec70e637135fdbb788fa8b4704e11d3c6083a45f51efd8560c0e63435516586aa82eaa998c140767d3ce35491e301c12f74583c61cd4d2ef1caa6fea3e353637cdeb3332d964155c9d32f826829a7174ab06c44e32063e46ce742b7027cffb8999302b602949c60496a0bf3c7cdf859d4ba51102674414867af614cffb88ac177dfbdb6131f7370dcb851002cec1742fb1561257716850c9ed3b075a6c023bcf05b5d580ac8e5d7ab7e5b1723212c681989e5f91958b635e0d076634584920c1b98d7f6ea0ddded6be9eb74de778b3c57c36b18e0c56c3a051014e09fac70ce6a7b0f042f5eeca8b8885e500bcb41f6fd974e5f6888859abdf3600706a3de9fce060c3069600c63106aff24210461c5d3423fa4e350041fd166902ad86bdba8cf965917f7e3ab019e1911d8013dad576465319c4e04b89b5ee1d07f54705718592d6aa453558294743daa8dba33159fb0e291829ac220562b007597e067e5f65841563673b69cc1d549f50e9efbdf256d797fe8c7d09596c167a45d", 0x2000, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x18, 0xfffffffffffffff5, 0xffffffff, {0x4}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
writev(r9, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0x56000}], 0x1)
close_range(r5, 0xffffffffffffffff, 0x0)
r10 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r10, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r10, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0xe0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})

6.824742608s ago: executing program 4 (id=726):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYRES16=0x0, @ANYRES32=0x0], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x1c, 0xc, &(0x7f0000002040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%-010d \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x26, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = syz_io_uring_setup(0x952, &(0x7f0000000240)={0x0, 0x0, 0x2000}, &(0x7f0000000140)=<r3=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x40, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r4 = eventfd2(0x0, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD(r2, 0x4, &(0x7f0000000000)=r4, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
readv(r4, &(0x7f00000005c0)=[{&(0x7f0000000340)=""/134, 0x86}], 0x1)
io_uring_enter(r2, 0x47fa, 0x0, 0x0, 0x0, 0xff0b)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc00000000000000", @ANYRES32, @ANYBLOB="00000000000000a84400"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000400"/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f00000004c0)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x76, 0x0, 0x0, 0x41000, 0x24, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000000)=0xf)
ioctl$TCFLSH(r5, 0x400455c8, 0x40000000004)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000180)=0x33)

6.305424157s ago: executing program 0 (id=727):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000004d00000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/17], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r3, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x10a)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x18e)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
setsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, 0x0, 0x0)
open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r5, 0x2000002, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a40)={r6, 0x27, 0x82, 0x0, &(0x7f0000000240)="f8ad48cc02cb29dcc8007f5b86dd", 0x0, 0x4000, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50)

5.699948679s ago: executing program 3 (id=728):
keyctl$clear(0x7, 0xfffffffffffffffb)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000003f64ecb21ed7d74b542e43ae9f57f61af1c5b6016901992307df92d7c26b05a7da05"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x20c9}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r1}, 0x18)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x2}, 0x2, r3}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000440)={0x0, r0}, 0x10)

5.696358399s ago: executing program 2 (id=729):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000003"], 0x48)
ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)

5.687618319s ago: executing program 1 (id=730):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x9031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
rename(&(0x7f0000000400)='./bus\x00', 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r4}, 0x18)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x400, &(0x7f0000000180)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54da0e13047e9f62fbb85ccc774b3ec4c81a1a985232d16d0d934460e920a59172e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9ae"], 0xfd, 0x274, &(0x7f0000000500)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
r5 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r5, 0x89f3, &(0x7f0000000040)={'syztnl2\x00', &(0x7f0000000240)={'ip6tnl0\x00', 0x0, 0x29, 0x2, 0x0, 0x6d, 0x8, @private1={0xfc, 0x1, '\x00', 0x1}, @empty, 0x80, 0x20, 0x100, 0xffffffff}})
r6 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00'}, 0x10)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x58, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x2}, @IFLA_XFRM_LINK={0x8, 0x1, 0x4}]}}}, @IFLA_IFNAME={0x14, 0x3, 'xfrm0\x00'}]}, 0x58}}, 0x4048010)
rename(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000140)='./file1\x00')
write$uinput_user_dev(r0, &(0x7f00000000c0)={'syz0\x00', {0x9, 0x2, 0x4, 0x8}, 0x52, [0x9, 0x5, 0x6a5, 0xb, 0x9, 0x1000, 0x4, 0x4, 0x7, 0x2, 0xfffffffd, 0x9, 0x6, 0x8, 0x10000, 0x401, 0x800, 0x88000000, 0xefd5, 0x0, 0x1, 0x922, 0x7, 0xd5a, 0x8, 0x5, 0x1, 0x400d, 0x7, 0x9, 0x9, 0xfffffff7, 0x6, 0x9, 0xfffffc00, 0x0, 0x7585, 0x4, 0x2, 0x7, 0x3, 0x1, 0x6, 0xd, 0xe, 0x5eb2, 0xc, 0x7, 0x9, 0xffff, 0x1, 0x7, 0x8000, 0x1, 0x6, 0x7f, 0x1, 0x0, 0x9, 0x9, 0x6, 0x9, 0xb, 0x3], [0x2, 0x1, 0x9d5d, 0x58, 0x94, 0x0, 0x1, 0x8001, 0x7f, 0x5, 0xffffffc0, 0xfd0, 0x5, 0x1, 0x0, 0x2, 0x332, 0xfffff87a, 0x4, 0x9, 0x5, 0x76fd, 0x8, 0x1, 0xe2, 0x9, 0x7, 0x9, 0x4, 0x62e, 0x2, 0x4, 0x7fffffff, 0xdd09, 0xfffff1d7, 0xa0c, 0x5b1f, 0x4, 0x7, 0x7, 0xe79, 0x6, 0x2, 0x7, 0x81, 0xad3, 0x6, 0xbb, 0x9, 0x9, 0x5, 0x7, 0x4, 0x9, 0x3, 0x5, 0x4, 0x5, 0xf3f, 0x9, 0x800, 0x1b8b, 0x40, 0x6], [0x3, 0x6, 0xa, 0x7, 0x8, 0x4, 0x2, 0xd, 0x0, 0x6, 0x3, 0xf7f, 0x8, 0x4, 0x7f, 0x4, 0x9, 0x0, 0xffffff72, 0x0, 0x7fff, 0x1, 0x4, 0xb, 0x319, 0xffff, 0x4, 0x0, 0xa8, 0x8, 0x200, 0x3, 0x8, 0xb3, 0x9, 0x200, 0x9, 0x0, 0xa800, 0x2, 0xfffffff9, 0x0, 0x6, 0x2, 0x5, 0x2, 0x4f05, 0x2, 0xfffffffe, 0x401, 0x5, 0x6, 0x1, 0x7, 0x2, 0x0, 0xcd86, 0x6, 0x7fff, 0x7, 0x8, 0x1, 0xe, 0xff], [0x8, 0x7, 0x4, 0x3, 0x0, 0x3, 0x81, 0x6, 0x0, 0xb, 0x0, 0xfff, 0x1, 0x10, 0x8, 0x6, 0x3, 0x0, 0x3723, 0x81, 0xffffffff, 0xfff, 0xa9f, 0xc, 0x4, 0x2, 0x2, 0x7, 0x1, 0xc, 0x3, 0x0, 0x2, 0x4, 0x0, 0x8, 0xe2, 0x3, 0x3, 0x7, 0xffffffff, 0x4169, 0x0, 0x5, 0x80000000, 0x1, 0x9, 0xfffffffe, 0x3, 0x5, 0xfffffbff, 0x93b267d2, 0x400, 0x7, 0x800, 0xfffffff9, 0xfffffff9, 0x8, 0x1, 0x80000000, 0x4, 0x4, 0x7, 0x6]}, 0x45c)

5.63662711s ago: executing program 2 (id=731):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x401, 0xfffffffc, 0x80, {0x0, 0x0, 0x0, 0x0, 0x1503}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)

5.63620388s ago: executing program 2 (id=732):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x800)
write$P9_RVERSION(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
write$P9_RSTAT(r0, &(0x7f00000004c0)=ANY=[@ANYBLOB="4e0000007d0100000047000b004b0f00db6f2db200000000000000000000000008000000007123010000000000000000000003003970000a008973797a6b616c6c657200000007002425402b2629280e25356e47cb08d1974b86e59f9e9550f262a64ee414bbcc0928d31c0d8fd492bbd8a49a323bc26f60041b09a07982f4361680066b13a8a7748b6f23c16a49c19bf470cb9c85f4a123cbad2255bb322f74b08a5029eafed2a04a0c19261e60caa18920d85bd3a7c6b2514803526321289b8e43c815ca12d993dfd6a5b17c71073d9bd7cc65fccb65b63acbc01a5168667b12300587082466e484f35758e91fa310010293ac7331afe115765b3a2b6dbd2c3a5532b76d045cc74dc4eb5f2af093c53c2a60a13ebf4bfcd2b2e2df3f249471a621528b3490d0b2f61fd466e48c"], 0x4e)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = userfaultfd(0x801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))
syz_io_uring_setup(0x50cf, &(0x7f0000000000)={0x0, 0xfffffffc, 0x40000, 0x2, 0x333}, &(0x7f0000000080), &(0x7f0000ff4000))
sendmsg$ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, 0x0, 0x48085)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setxattr$security_evm(0x0, 0x0, &(0x7f0000000400)=ANY=[], 0x3a6, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffea4, 0x0, 0x0, 0x0}, 0x90)
add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
dup(r0)

5.593171591s ago: executing program 2 (id=733):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x17, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x2, 0x0, 0x0, 0xffffffff}, [@printk={@s}, @call={0x85, 0x0, 0x0, 0x7d}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1000000000021, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r5}, 0x18)
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file1\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c00a3a2a4e7417e941910c27d130b55ac2d5f7a61e59ec6d5de07239091924c32eeb367d16409d6d3ec1fb755f9a7989ebc4e96918e268f0b7acebf67c07bc4731250f87d27b5e9e61000e70f0c6a4e2432073d0d3e18f864e9ef64637d14e5485f36e53c821cb5898685c055a367ea51b653eff6581710f6c3824bc667bd24219163c60803099f985567be0d978e301b4f6603628606afadb04eee58f42f1853f2e8598a5e250e0f4c9a"], 0x1, 0x14fe, &(0x7f0000002ac0)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r6}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc"], 0x50)

5.437743744s ago: executing program 0 (id=734):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000004d00000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

4.318609406s ago: executing program 4 (id=735):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x2, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000400)=@nameseq={0x1e, 0x1, 0x3, {0x42, 0x0, 0x2}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000001c0)={0x42, 0x1}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d)
bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x4}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
bind$tipc(r0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00', r5}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0))
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000340)={0x3f, 0x3, 0x9, 0x4}, 0x10)
ioctl$KVM_CAP_X86_GUEST_MODE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000240))
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
ioctl$KVM_CREATE_PIT2(r7, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x0, 0x180, 0x4, 0x10, 0xf1, 0x50, 0x7fffffffffffe, 0x5, 0x0, 0x9, 0x0, 0x6, 0x0, 0xbdb], 0xffff1001, 0x120182})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r7, 0x8048ae66, &(0x7f0000000100)={[{0x5, 0xc003, 0x3, 0x5, 0x0, 0x0, 0x7, 0xd, 0xb9, 0x0, 0xe, 0xfc, 0x204}, {0x804, 0x1, 0x4, 0x45, 0x7, 0xff, 0x2, 0xff, 0x0, 0x5, 0x4, 0x7b, 0x20c}, {0x1, 0x6, 0x18, 0x5, 0x8, 0xfd, 0x3, 0x2, 0x0, 0x70, 0x4, 0x7}], 0xfbffffff})
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'ip6erspan0\x00'})
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f00000003c0)={[0x5ffffffffff, 0x1000000000, 0x0, 0x43, 0x2000001, 0x0, 0x2004cb, 0x0, 0x1000000, 0x68ff, 0x5, 0x9, 0x4, 0x3], 0x1, 0x202})
ioctl$KVM_SET_PIT(r7, 0x8048ae66, &(0x7f00000005c0)={[{0x9570000, 0x3, 0x0, 0x0, 0x85, 0x1, 0xfd, 0x2, 0x6, 0x4, 0x47, 0xf, 0x4}, {0x9f83, 0xa, 0xe, 0x5a, 0x81, 0x4, 0x9, 0x81, 0x7, 0x5, 0x80, 0x3, 0x1}, {0x96, 0x1005, 0x9, 0xa, 0x6, 0x1, 0xf8, 0x53, 0xc, 0x98, 0x1a, 0x1, 0x81}], 0x2442})
ioctl$KVM_RUN(r8, 0xae80, 0x0)

4.317613776s ago: executing program 0 (id=745):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x9031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
rename(&(0x7f0000000400)='./bus\x00', 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r4}, 0x18)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x400, &(0x7f0000000180)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54da0e13047e9f62fbb85ccc774b3ec4c81a1a985232d16d0d934460e920a59172e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9ae"], 0xfd, 0x274, &(0x7f0000000500)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
r5 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r5, 0x89f3, &(0x7f0000000040)={'syztnl2\x00', &(0x7f0000000240)={'ip6tnl0\x00', 0x0, 0x29, 0x2, 0x0, 0x6d, 0x8, @private1={0xfc, 0x1, '\x00', 0x1}, @empty, 0x80, 0x20, 0x100, 0xffffffff}})
r6 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00'}, 0x10)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x58, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x2}, @IFLA_XFRM_LINK={0x8, 0x1, 0x4}]}}}, @IFLA_IFNAME={0x14, 0x3, 'xfrm0\x00'}]}, 0x58}}, 0x4048010)
rename(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000140)='./file1\x00')
write$uinput_user_dev(r0, &(0x7f00000000c0)={'syz0\x00', {0x9, 0x2, 0x4, 0x8}, 0x52, [0x9, 0x5, 0x6a5, 0xb, 0x9, 0x1000, 0x4, 0x4, 0x7, 0x2, 0xfffffffd, 0x9, 0x6, 0x8, 0x10000, 0x401, 0x800, 0x88000000, 0xefd5, 0x0, 0x1, 0x922, 0x7, 0xd5a, 0x8, 0x5, 0x1, 0x400d, 0x7, 0x9, 0x9, 0xfffffff7, 0x6, 0x9, 0xfffffc00, 0x0, 0x7585, 0x4, 0x2, 0x7, 0x3, 0x1, 0x6, 0xd, 0xe, 0x5eb2, 0xc, 0x7, 0x9, 0xffff, 0x1, 0x7, 0x8000, 0x1, 0x6, 0x7f, 0x1, 0x0, 0x9, 0x9, 0x6, 0x9, 0xb, 0x3], [0x2, 0x1, 0x9d5d, 0x58, 0x94, 0x0, 0x1, 0x8001, 0x7f, 0x5, 0xffffffc0, 0xfd0, 0x5, 0x1, 0x0, 0x2, 0x332, 0xfffff87a, 0x4, 0x9, 0x5, 0x76fd, 0x8, 0x1, 0xe2, 0x9, 0x7, 0x9, 0x4, 0x62e, 0x2, 0x4, 0x7fffffff, 0xdd09, 0xfffff1d7, 0xa0c, 0x5b1f, 0x4, 0x7, 0x7, 0xe79, 0x6, 0x2, 0x7, 0x81, 0xad3, 0x6, 0xbb, 0x9, 0x9, 0x5, 0x7, 0x4, 0x9, 0x3, 0x5, 0x4, 0x5, 0xf3f, 0x9, 0x800, 0x1b8b, 0x40, 0x6], [0x3, 0x6, 0xa, 0x7, 0x8, 0x4, 0x2, 0xd, 0x0, 0x6, 0x3, 0xf7f, 0x8, 0x4, 0x7f, 0x4, 0x9, 0x0, 0xffffff72, 0x0, 0x7fff, 0x1, 0x4, 0xb, 0x319, 0xffff, 0x4, 0x0, 0xa8, 0x8, 0x200, 0x3, 0x8, 0xb3, 0x9, 0x200, 0x9, 0x0, 0xa800, 0x2, 0xfffffff9, 0x0, 0x6, 0x2, 0x5, 0x2, 0x4f05, 0x2, 0xfffffffe, 0x401, 0x5, 0x6, 0x1, 0x7, 0x2, 0x0, 0xcd86, 0x6, 0x7fff, 0x7, 0x8, 0x1, 0xe, 0xff], [0x8, 0x7, 0x4, 0x3, 0x0, 0x3, 0x81, 0x6, 0x0, 0xb, 0x0, 0xfff, 0x1, 0x10, 0x8, 0x6, 0x3, 0x0, 0x3723, 0x81, 0xffffffff, 0xfff, 0xa9f, 0xc, 0x4, 0x2, 0x2, 0x7, 0x1, 0xc, 0x3, 0x0, 0x2, 0x4, 0x0, 0x8, 0xe2, 0x3, 0x3, 0x7, 0xffffffff, 0x4169, 0x0, 0x5, 0x80000000, 0x1, 0x9, 0xfffffffe, 0x3, 0x5, 0xfffffbff, 0x93b267d2, 0x400, 0x7, 0x800, 0xfffffff9, 0xfffffff9, 0x8, 0x1, 0x80000000, 0x4, 0x4, 0x7, 0x6]}, 0x45c)

3.665904929s ago: executing program 2 (id=736):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(r0, 0x8983, &(0x7f0000000000)={0x7, 'virt_wifi0\x00', {0xfffffff7}, 0x7})

3.665540219s ago: executing program 2 (id=737):
rt_sigqueueinfo(0x0, 0x9, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
inotify_init1(0x800)
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
r1 = epoll_create1(0x0)
syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x200408, &(0x7f0000000280)=ANY=[@ANYBLOB='nodots,nodots,dots,dots,nodots,errors=continue,time_offset=0xfffffffffffffa93,dots,showexec,nodots,dots,gid=', @ANYRESHEX=0xee00, @ANYBLOB="2c646f74732c646f74732c6e66732c6e6f646f74732c646f74732c6e6f646f74732c646f74732c646f74732c6e6f646f74732c646f74732c646f74732c646f74732c636865636b3d72656c617865642c74696d655f6f66667365743d3078303030303030303030303030303437612c646f6e745f686173682c7365636c6162656c2c667373c322e2a50762a3d3fcae283b43ea02757569643d31643067586564382d353166312d62326634"], 0x1, 0x1d3, &(0x7f0000001a00)="$eJzs3cFqE1EUBuAzsTapIHYniOCAG1dBfYKKRBAHRCULXSm0bhoRks3oxvoWPqAPIF11IyNmxsaWZGxjzJj0+zb5yTmTey+ESTY5eX3z3f7u+9Hbr9e/RKeTRGsnduIoie1oxS8HAQCsk6OiiG9FsdH0PgCA5ak+/8dmtHyvu94XBwBYPS9evnryIMt6z9O0E3F4kPfzfvlY1h89znp307HtyVWHed6/dFy/V9bTk/XLcSUitiLr3Z9a34w7t8fXf/5Ze/g0O1Vvx+6/Pz4AAAAAAAAAAAAAAAAAAAAAADSimx6bOt+n251VL9Nv84FOze/ZiBuGAwIAAAAAAAAAAAAAAAAAAMCZjD583H8zGOwNJ6EdESefmS8U12YuMS2kEfH3i543tGJ5a61aSP6PbZwzRDV1oqbn1mLe4c+u/qkn5nvlzYio79mqP+AiwuQe0W7m1gQAAAAAAAAAAAAAAAAAABdO9VvfZDhqeicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Jzy//8He8N5wqeIOENztVTS8FEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABYYz8CAAD//x8yIRo=")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c3042, 0x0)
fstat(r2, &(0x7f0000009680))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000340)={0x2})
ppoll(&(0x7f0000000400)=[{r1, 0x102}], 0x1, &(0x7f0000000780)={0x0, 0x3938700}, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200002100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000eb3b63e132f63c2f00"/28], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYRES16], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r4}, 0x18)
ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, &(0x7f0000000000)={0x5, 0x7})
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x0)
r6 = socket(0x10, 0x80003, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0x2}, {0xffff, 0xffff}, {0xfff3}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x6, 0x1, 0x3, 0x0, 0xba}, 0x7, 0x0, 0x5, 0xffffffff, 0x2, 0x1, 0x10, 0x19, 0xfd, 0x87, {0x3, 0x7, 0x2, 0x0, 0xe9ac, 0x5}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x2000000}, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="02002000000000005b0800000000000006000000000000200902000000000000ffffffffffffffff"])
r9 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005938d74010973077339600000001090212000100001e000904"], 0x0)
syz_usb_control_io$hid(r9, 0x0, 0x0)
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0)
io_setup(0x7, &(0x7f00000002c0)=<r10=>0x0)
io_destroy(r10)
io_submit(r10, 0x0, 0x0)
syz_usb_control_io$hid(r9, 0x0, 0x0)
syz_usb_control_io(r9, 0x0, 0x0)

3.59635185s ago: executing program 3 (id=738):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000004d00000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/17], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r3, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x10a)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x18e)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
setsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, 0x0, 0x0)
open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r5, 0x2000002, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a40)={r6, 0x27, 0x82, 0x0, &(0x7f0000000240)="f8ad48cc02cb29dcc8007f5b86dd", 0x0, 0x4000, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50)

3.59363992s ago: executing program 1 (id=749):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x9031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
rename(&(0x7f0000000400)='./bus\x00', 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r4}, 0x18)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x400, &(0x7f0000000180)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54da0e13047e9f62fbb85ccc774b3ec4c81a1a985232d16d0d934460e920a59172e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9ae"], 0xfd, 0x274, &(0x7f0000000500)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
r5 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r5, 0x89f3, &(0x7f0000000040)={'syztnl2\x00', &(0x7f0000000240)={'ip6tnl0\x00', 0x0, 0x29, 0x2, 0x0, 0x6d, 0x8, @private1={0xfc, 0x1, '\x00', 0x1}, @empty, 0x80, 0x20, 0x100, 0xffffffff}})
r6 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00'}, 0x10)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x58, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x2}, @IFLA_XFRM_LINK={0x8, 0x1, 0x4}]}}}, @IFLA_IFNAME={0x14, 0x3, 'xfrm0\x00'}]}, 0x58}}, 0x4048010)
rename(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000140)='./file1\x00')
write$uinput_user_dev(r0, &(0x7f00000000c0)={'syz0\x00', {0x9, 0x2, 0x4, 0x8}, 0x52, [0x9, 0x5, 0x6a5, 0xb, 0x9, 0x1000, 0x4, 0x4, 0x7, 0x2, 0xfffffffd, 0x9, 0x6, 0x8, 0x10000, 0x401, 0x800, 0x88000000, 0xefd5, 0x0, 0x1, 0x922, 0x7, 0xd5a, 0x8, 0x5, 0x1, 0x400d, 0x7, 0x9, 0x9, 0xfffffff7, 0x6, 0x9, 0xfffffc00, 0x0, 0x7585, 0x4, 0x2, 0x7, 0x3, 0x1, 0x6, 0xd, 0xe, 0x5eb2, 0xc, 0x7, 0x9, 0xffff, 0x1, 0x7, 0x8000, 0x1, 0x6, 0x7f, 0x1, 0x0, 0x9, 0x9, 0x6, 0x9, 0xb, 0x3], [0x2, 0x1, 0x9d5d, 0x58, 0x94, 0x0, 0x1, 0x8001, 0x7f, 0x5, 0xffffffc0, 0xfd0, 0x5, 0x1, 0x0, 0x2, 0x332, 0xfffff87a, 0x4, 0x9, 0x5, 0x76fd, 0x8, 0x1, 0xe2, 0x9, 0x7, 0x9, 0x4, 0x62e, 0x2, 0x4, 0x7fffffff, 0xdd09, 0xfffff1d7, 0xa0c, 0x5b1f, 0x4, 0x7, 0x7, 0xe79, 0x6, 0x2, 0x7, 0x81, 0xad3, 0x6, 0xbb, 0x9, 0x9, 0x5, 0x7, 0x4, 0x9, 0x3, 0x5, 0x4, 0x5, 0xf3f, 0x9, 0x800, 0x1b8b, 0x40, 0x6], [0x3, 0x6, 0xa, 0x7, 0x8, 0x4, 0x2, 0xd, 0x0, 0x6, 0x3, 0xf7f, 0x8, 0x4, 0x7f, 0x4, 0x9, 0x0, 0xffffff72, 0x0, 0x7fff, 0x1, 0x4, 0xb, 0x319, 0xffff, 0x4, 0x0, 0xa8, 0x8, 0x200, 0x3, 0x8, 0xb3, 0x9, 0x200, 0x9, 0x0, 0xa800, 0x2, 0xfffffff9, 0x0, 0x6, 0x2, 0x5, 0x2, 0x4f05, 0x2, 0xfffffffe, 0x401, 0x5, 0x6, 0x1, 0x7, 0x2, 0x0, 0xcd86, 0x6, 0x7fff, 0x7, 0x8, 0x1, 0xe, 0xff], [0x8, 0x7, 0x4, 0x3, 0x0, 0x3, 0x81, 0x6, 0x0, 0xb, 0x0, 0xfff, 0x1, 0x10, 0x8, 0x6, 0x3, 0x0, 0x3723, 0x81, 0xffffffff, 0xfff, 0xa9f, 0xc, 0x4, 0x2, 0x2, 0x7, 0x1, 0xc, 0x3, 0x0, 0x2, 0x4, 0x0, 0x8, 0xe2, 0x3, 0x3, 0x7, 0xffffffff, 0x4169, 0x0, 0x5, 0x80000000, 0x1, 0x9, 0xfffffffe, 0x3, 0x5, 0xfffffbff, 0x93b267d2, 0x400, 0x7, 0x800, 0xfffffff9, 0xfffffff9, 0x8, 0x1, 0x80000000, 0x4, 0x4, 0x7, 0x6]}, 0x45c)

809.940734ms ago: executing program 3 (id=739):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="09000000070000000080000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000340), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000d0039000000000000b4a518110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000300)='./file0\x00', 0x2204080, &(0x7f0000000040)=ANY=[@ANYBLOB="6e6f646f74732c73686f77657865632c6e6f646f74732c6e66733d6e6f7374616c655f726f2c0030a66d3a1127e03fc4ec7721f7c77d616ce2d9a9b0ef6cf77d486df06aac6920f6f13474bc77836cb851c86e0cc5dc8611db21e0dafe4caa2c5b34"], 0x1, 0x28d, &(0x7f0000000640)="$eJzs3b9qFF0cBuCTTUI+8pGQStDGg1Y2Q5LaIkESCC4omhVUECZkosuOu2Fni51gEWsbwdI7EEs7QbyB3IVdmpAqlRGd/DEBq5DdIs/TzMu8c+D8GDhTzu7d969bG0WykfZCbWEk1BZCqB2MhJlQC8e2w50Pbz++e/z02f3Fen3pUYzLi6tz8zHG6Zvfnr/5fOt77/8nX6a/ToSdmRe7e/M/dq7tXN/9ufqqWcRmEdudXkzjWqfTS9fyLK43i1YS48M8S4ssNttF1j3Tb+Sdzc0ypu31qcnNblYUMW2XsZWVsdeJvW4Z05dpsx2TJIlTk4GLaHw6ODwMe4eVYe+GwfP+r7a/DvX/Qtjf7jf6jepa9csr9aXZ+Mf46ar9fr8xetLPVX0824+HyaN+/nx//Gm5XfW/u3sP6ufWT4T1S54dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAqyuJJ2ZO7+73+43Rqk/+1VdpeaW+NHv0wNl+LNwYG9gYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAhRbnVSvM86wqCIJyEYZ9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMHinP/0e9k4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpqLcaqV5nnUvMQx7RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4qF8BAAD//3nQbMU=")
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=@newlink={0x4c, 0x10, 0x401, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3114}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_LIMIT={0x5, 0x6, 0xee}, @IFLA_IPTUN_ENCAP_TYPE={0x6}, @IFLA_IPTUN_TTL={0x5, 0x4, 0x3}]}}}]}, 0x4c}}, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000180)={@private, @dev, <r3=>0x0}, &(0x7f0000000200)=0xc)
socket$pppl2tp(0x18, 0x1, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYBLOB], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
unshare(0x20000400)
io_uring_setup(0x0, 0x0)
r7 = io_uring_setup(0x4f73, &(0x7f00000000c0)={0x0, 0xec19, 0x80, 0x1000000, 0x4})
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r7, 0x18, &(0x7f0000000000), 0x1)
sendmsg$nl_route_sched(r2, &(0x7f0000000540)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0xb516e0f9387c0243}, 0xc, &(0x7f0000000240)={&(0x7f0000000380)=@gettfilter={0x54, 0x2e, 0x100, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x4, 0x5}, {0x0, 0x6}, {0x2, 0xffed}}, [{0x8, 0xb, 0x3}, {0x8, 0xb, 0x84}, {0x8, 0xb, 0x4}, {0x8, 0xb, 0x5}, {0x8, 0xb, 0x1}, {0x8, 0xb, 0xfffffe00}]}, 0x54}, 0x1, 0x0, 0x0, 0x4048004}, 0x40000)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

745.277825ms ago: executing program 0 (id=740):
socket$nl_route(0x10, 0x3, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x141042, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
syz_clone3(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x75b08000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x88ce359bdb02163c, 0x0)
ioctl$TIOCSETD(r4, 0x5423, 0x0)
ioctl$TCFLSH(r4, 0x400455c8, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, 0x0, 0x0)

488.2µs ago: executing program 3 (id=741):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000003"], 0x48)
ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)

0s ago: executing program 3 (id=742):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000008000000001", @ANYRES16=r0], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x18)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x2121)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000300)='sys_enter\x00', r5}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000040)=ANY=[@ANYRES32=0x1, @ANYRES32, @ANYBLOB="1c00000000000000", @ANYRES32, @ANYBLOB="95"], 0x20)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x0, 0x4004080)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(0x0, 0x0)
pipe2$9p(&(0x7f00000000c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r9}})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r11}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.60' (ED25519) to the list of known hosts.
[   24.908586][   T28] audit: type=1400 audit(1757054995.701:64): avc:  denied  { mounton } for  pid=275 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   24.910054][  T275] cgroup: Unknown subsys name 'net'
[   24.931334][   T28] audit: type=1400 audit(1757054995.701:65): avc:  denied  { mount } for  pid=275 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   24.958636][   T28] audit: type=1400 audit(1757054995.741:66): avc:  denied  { unmount } for  pid=275 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   24.958831][  T275] cgroup: Unknown subsys name 'devices'
[   25.105804][  T275] cgroup: Unknown subsys name 'hugetlb'
[   25.111430][  T275] cgroup: Unknown subsys name 'rlimit'
[   25.217625][   T28] audit: type=1400 audit(1757054996.011:67): avc:  denied  { setattr } for  pid=275 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   25.240812][   T28] audit: type=1400 audit(1757054996.011:68): avc:  denied  { mounton } for  pid=275 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   25.263035][  T277] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   25.265814][   T28] audit: type=1400 audit(1757054996.011:69): avc:  denied  { mount } for  pid=275 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   25.297214][   T28] audit: type=1400 audit(1757054996.071:70): avc:  denied  { relabelto } for  pid=277 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   25.303426][  T275] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   25.322642][   T28] audit: type=1400 audit(1757054996.071:71): avc:  denied  { write } for  pid=277 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   25.356964][   T28] audit: type=1400 audit(1757054996.091:72): avc:  denied  { read } for  pid=275 comm="syz-executor" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   25.382516][   T28] audit: type=1400 audit(1757054996.091:73): avc:  denied  { open } for  pid=275 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   26.758340][  T287] bridge0: port 1(bridge_slave_0) entered blocking state
[   26.765525][  T287] bridge0: port 1(bridge_slave_0) entered disabled state
[   26.773013][  T287] device bridge_slave_0 entered promiscuous mode
[   26.789448][  T283] bridge0: port 1(bridge_slave_0) entered blocking state
[   26.796710][  T283] bridge0: port 1(bridge_slave_0) entered disabled state
[   26.804231][  T283] device bridge_slave_0 entered promiscuous mode
[   26.812964][  T287] bridge0: port 2(bridge_slave_1) entered blocking state
[   26.820073][  T287] bridge0: port 2(bridge_slave_1) entered disabled state
[   26.827525][  T287] device bridge_slave_1 entered promiscuous mode
[   26.842649][  T283] bridge0: port 2(bridge_slave_1) entered blocking state
[   26.849749][  T283] bridge0: port 2(bridge_slave_1) entered disabled state
[   26.857296][  T283] device bridge_slave_1 entered promiscuous mode
[   26.887027][  T285] bridge0: port 1(bridge_slave_0) entered blocking state
[   26.894133][  T285] bridge0: port 1(bridge_slave_0) entered disabled state
[   26.901515][  T285] device bridge_slave_0 entered promiscuous mode
[   26.921174][  T285] bridge0: port 2(bridge_slave_1) entered blocking state
[   26.928294][  T285] bridge0: port 2(bridge_slave_1) entered disabled state
[   26.935760][  T285] device bridge_slave_1 entered promiscuous mode
[   26.993560][  T286] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.000762][  T286] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.008285][  T286] device bridge_slave_0 entered promiscuous mode
[   27.025372][  T286] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.032431][  T286] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.039917][  T286] device bridge_slave_1 entered promiscuous mode
[   27.057624][  T284] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.064724][  T284] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.072146][  T284] device bridge_slave_0 entered promiscuous mode
[   27.097211][  T284] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.104323][  T284] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.111796][  T284] device bridge_slave_1 entered promiscuous mode
[   27.244476][  T287] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.251540][  T287] bridge0: port 2(bridge_slave_1) entered forwarding state
[   27.277892][  T285] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.284990][  T285] bridge0: port 2(bridge_slave_1) entered forwarding state
[   27.292291][  T285] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.299401][  T285] bridge0: port 1(bridge_slave_0) entered forwarding state
[   27.330403][  T283] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.337490][  T283] bridge0: port 2(bridge_slave_1) entered forwarding state
[   27.344961][  T283] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.351986][  T283] bridge0: port 1(bridge_slave_0) entered forwarding state
[   27.369671][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.377315][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.385228][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.392388][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.399848][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.408328][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   27.416065][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   27.429675][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   27.438087][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   27.446405][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.453431][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[   27.468161][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   27.476411][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.483433][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[   27.503310][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   27.521855][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   27.541414][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   27.557163][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   27.565340][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.572735][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[   27.580317][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   27.588810][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.595890][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[   27.618481][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   27.626563][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   27.634902][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.641926][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[   27.649524][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   27.657927][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.664981][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[   27.672761][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   27.691090][  T287] device veth0_vlan entered promiscuous mode
[   27.708701][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   27.717169][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   27.725501][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   27.733008][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   27.740798][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   27.749000][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   27.757240][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   27.764845][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   27.772975][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.780026][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[   27.787471][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   27.795800][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.803059][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[   27.811662][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   27.821487][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   27.829097][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   27.842364][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   27.850598][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   27.860775][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   27.869571][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   27.892462][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   27.900711][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   27.908942][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   27.917245][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   27.925375][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   27.934162][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   27.942296][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.949348][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[   27.956761][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   27.965152][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   27.973286][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.980336][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[   27.987790][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   27.996062][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   28.006337][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   28.014832][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   28.023430][  T287] device veth1_macvtap entered promiscuous mode
[   28.046936][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   28.054923][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   28.063251][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   28.071929][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   28.080296][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   28.088565][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   28.096839][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   28.105069][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   28.113378][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   28.125720][  T286] device veth0_vlan entered promiscuous mode
[   28.134316][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   28.142307][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   28.150843][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   28.159450][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   28.168505][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   28.176200][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   28.194052][  T285] device veth0_vlan entered promiscuous mode
[   28.200993][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   28.209137][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   28.217522][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   28.225865][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   28.234253][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   28.242470][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   28.251142][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   28.258761][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   28.273197][  T283] device veth0_vlan entered promiscuous mode
[   28.281988][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   28.290554][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   28.299233][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   28.307478][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   28.315826][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   28.323299][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   28.331434][  T286] device veth1_macvtap entered promiscuous mode
[   28.342925][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   28.350789][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   28.358937][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   28.371033][  T283] device veth1_macvtap entered promiscuous mode
[   28.382680][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   28.390858][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   28.398664][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   28.407053][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   28.415358][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   28.424374][  T284] device veth0_vlan entered promiscuous mode
[   28.434264][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   28.442952][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   28.451714][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   28.460175][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   28.471127][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   28.479563][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   28.494494][  T287] request_module fs-gadgetfs succeeded, but still no fs?
[   28.505889][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   28.515847][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   28.526118][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   28.534574][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   28.549724][  T285] device veth1_macvtap entered promiscuous mode
[   28.561538][  T284] device veth1_macvtap entered promiscuous mode
[   28.568965][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   28.581223][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   28.589926][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   28.594753][  T337] binder: 335:337 unknown command 0
[   28.599513][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   28.603142][  T337] binder: 335:337 ioctl c0306201 200000000080 returned -22
[   28.623325][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   28.639440][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   28.650821][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   28.659415][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   28.690759][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   28.699684][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   28.710298][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   28.719092][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   28.807160][  T347] binder: 346:347 unknown command 0
[   28.814398][  T347] binder: 346:347 ioctl c0306201 200000000080 returned -22
[   28.824961][  T350] Driver unsupported XDP return value 0 on prog  (id 3) dev N/A, expect packet loss!
[   28.890063][  T337] binder_alloc: 335: binder_alloc_buf, no vma
[   29.037967][  T356] overlayfs: failed to resolve './file0': -2
[   29.542406][  T358] device bridge0 entered promiscuous mode
[   29.548442][  T358] device macsec1 entered promiscuous mode
[   29.555165][  T358] bridge0: port 3(macsec1) entered blocking state
[   29.561844][  T358] bridge0: port 3(macsec1) entered disabled state
[   29.570152][  T358] device bridge0 left promiscuous mode
[   29.576131][  T360] binder: 359:360 unknown command 0
[   29.581422][  T360] binder: 359:360 ioctl c0306201 200000000080 returned -22
[   29.618830][  T358] syz.4.6 (358) used greatest stack depth: 22112 bytes left
[   29.640143][  T364] binder: 363:364 unknown command 0
[   29.645606][  T364] binder: 363:364 ioctl c0306201 200000000080 returned -22
[   29.709330][  T369] device bridge0 entered promiscuous mode
[   29.715371][  T369] device macsec1 entered promiscuous mode
[   29.721544][  T369] bridge0: port 3(macsec1) entered blocking state
[   29.728065][  T369] bridge0: port 3(macsec1) entered disabled state
[   29.735614][  T369] device bridge0 left promiscuous mode
[   29.792358][  T373] loop2: detected capacity change from 0 to 512
[   29.799201][  T360] binder_alloc: 359: binder_alloc_buf, no vma
[   29.994557][   T28] kauditd_printk_skb: 43 callbacks suppressed
[   29.994571][   T28] audit: type=1400 audit(1757055000.791:117): avc:  denied  { create } for  pid=372 comm="syz.2.10" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   30.667978][   T28] audit: type=1400 audit(1757055001.461:118): avc:  denied  { unmount } for  pid=284 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   30.954539][  T381] loop2: detected capacity change from 0 to 256
[   31.031842][  T381] FAT-fs (loop2): Directory bread(block 64) failed
[   31.038547][  T381] FAT-fs (loop2): Directory bread(block 65) failed
[   31.045362][  T381] FAT-fs (loop2): Directory bread(block 66) failed
[   31.051971][  T381] FAT-fs (loop2): Directory bread(block 67) failed
[   31.058767][  T381] FAT-fs (loop2): Directory bread(block 68) failed
[   31.065398][  T381] FAT-fs (loop2): Directory bread(block 69) failed
[   31.072155][  T381] FAT-fs (loop2): Directory bread(block 70) failed
[   31.078776][  T381] FAT-fs (loop2): Directory bread(block 71) failed
[   31.085581][  T381] FAT-fs (loop2): Directory bread(block 72) failed
[   31.092193][  T381] FAT-fs (loop2): Directory bread(block 73) failed
[   31.778233][   T28] audit: type=1400 audit(1757055002.571:119): avc:  denied  { unmount } for  pid=286 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[   31.845743][   T28] audit: type=1400 audit(1757055002.641:120): avc:  denied  { create } for  pid=387 comm="syz.3.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   31.896208][  T392] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[   32.146097][  T392] kernel profiling enabled (shift: 17)
[   32.265513][   T28] audit: type=1400 audit(1757055002.671:121): avc:  denied  { write } for  pid=387 comm="syz.3.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   32.291465][   T28] audit: type=1400 audit(1757055002.671:122): avc:  denied  { read } for  pid=387 comm="syz.3.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   32.311795][   T28] audit: type=1400 audit(1757055002.681:123): avc:  denied  { read } for  pid=388 comm="syz.0.16" name="usbmon2" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   32.335036][   T28] audit: type=1400 audit(1757055002.681:124): avc:  denied  { open } for  pid=388 comm="syz.0.16" path="/dev/usbmon2" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   32.377487][   T28] audit: type=1400 audit(1757055002.681:125): avc:  denied  { create } for  pid=387 comm="syz.3.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   32.482671][   T28] audit: type=1400 audit(1757055002.681:126): avc:  denied  { ioctl } for  pid=387 comm="syz.3.17" path="socket:[15698]" dev="sockfs" ino=15698 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   33.067285][  T413] device bridge0 entered promiscuous mode
[   33.079352][  T413] device macsec1 entered promiscuous mode
[   33.094908][  T413] bridge0: port 3(macsec1) entered blocking state
[   33.110744][  T413] bridge0: port 3(macsec1) entered disabled state
[   33.118743][  T413] device bridge0 left promiscuous mode
[   33.231388][  T422] binder: 421:422 unknown command 0
[   33.237401][  T422] binder: 421:422 ioctl c0306201 200000000080 returned -22
[   33.254849][  T420] loop3: detected capacity change from 0 to 512
[   34.459477][  T428] loop2: detected capacity change from 0 to 256
[   34.546776][  T428] FAT-fs (loop2): Directory bread(block 64) failed
[   34.553432][  T428] FAT-fs (loop2): Directory bread(block 65) failed
[   34.560280][  T428] FAT-fs (loop2): Directory bread(block 66) failed
[   34.566991][  T428] FAT-fs (loop2): Directory bread(block 67) failed
[   34.573948][  T428] FAT-fs (loop2): Directory bread(block 68) failed
[   34.580619][  T428] FAT-fs (loop2): Directory bread(block 69) failed
[   34.587427][  T428] FAT-fs (loop2): Directory bread(block 70) failed
[   34.594050][  T428] FAT-fs (loop2): Directory bread(block 71) failed
[   34.600808][  T428] FAT-fs (loop2): Directory bread(block 72) failed
[   34.607433][  T428] FAT-fs (loop2): Directory bread(block 73) failed
[   34.893993][  T432] binder: 431:432 unknown command 0
[   34.922041][  T434] binder: 433:434 unknown command 0
[   34.934094][  T432] binder: 431:432 ioctl c0306201 200000000080 returned -22
[   34.945117][  T434] binder: 433:434 ioctl c0306201 200000000080 returned -22
[   36.025182][  T446] overlayfs: failed to resolve './file0': -2
[   36.909014][  T451] device bridge0 entered promiscuous mode
[   36.916127][  T451] device macsec1 entered promiscuous mode
[   36.922587][  T451] bridge0: port 3(macsec1) entered blocking state
[   36.929856][  T451] bridge0: port 3(macsec1) entered disabled state
[   36.937602][  T451] device bridge0 left promiscuous mode
[   37.026925][  T459] device bridge0 entered promiscuous mode
[   37.032774][  T459] device macsec1 entered promiscuous mode
[   37.039245][  T459] bridge0: port 3(macsec1) entered blocking state
[   37.053838][  T459] bridge0: port 3(macsec1) entered disabled state
[   37.095478][  T459] device bridge0 left promiscuous mode
[   37.203771][  T464] binder: 463:464 unknown command 0
[   37.209183][  T464] binder: 463:464 ioctl c0306201 200000000080 returned -22
[   37.353677][  T474] loop2: detected capacity change from 0 to 512
[   38.031488][  T488] device bridge0 entered promiscuous mode
[   38.045595][  T488] device macsec1 entered promiscuous mode
[   38.059194][  T488] bridge0: port 3(macsec1) entered blocking state
[   38.089736][  T488] bridge0: port 3(macsec1) entered disabled state
[   38.104875][  T488] device bridge0 left promiscuous mode
[   38.543323][   T28] kauditd_printk_skb: 2 callbacks suppressed
[   38.543339][   T28] audit: type=1400 audit(1757055009.331:129): avc:  denied  { write } for  pid=497 comm="syz.3.48" name="wireless" dev="proc" ino=4026532559 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   39.325225][  T516] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[   39.713286][  T528] binder: 527:528 unknown command 0
[   39.721005][  T528] binder: 527:528 ioctl c0306201 200000000080 returned -22
[   40.810859][  T543] loop0: detected capacity change from 0 to 512
[   41.077550][  T552] overlayfs: failed to resolve './file0': -2
[   41.393690][  T517] Bluetooth: hci0: command 0x1003 tx timeout
[   41.393694][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   41.956190][  T560] loop0: detected capacity change from 0 to 512
[   43.411233][  T581] loop0: detected capacity change from 0 to 256
[   43.497171][  T581] FAT-fs (loop0): Directory bread(block 64) failed
[   43.503883][  T581] FAT-fs (loop0): Directory bread(block 65) failed
[   43.510654][  T581] FAT-fs (loop0): Directory bread(block 66) failed
[   43.517338][  T581] FAT-fs (loop0): Directory bread(block 67) failed
[   43.524232][  T581] FAT-fs (loop0): Directory bread(block 68) failed
[   43.530842][  T581] FAT-fs (loop0): Directory bread(block 69) failed
[   43.537733][  T581] FAT-fs (loop0): Directory bread(block 70) failed
[   43.544396][  T581] FAT-fs (loop0): Directory bread(block 71) failed
[   43.551201][  T581] FAT-fs (loop0): Directory bread(block 72) failed
[   43.558040][  T581] FAT-fs (loop0): Directory bread(block 73) failed
[   43.877707][  T583] binder: BINDER_SET_CONTEXT_MGR already set
[   43.884345][  T583] binder: 576:583 ioctl 4018620d 200000000040 returned -16
[   44.533626][    C0] sched: RT throttling activated
[   44.689510][  T595] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[   44.704725][  T597] binder: 596:597 unknown command 0
[   44.724292][  T597] binder: 596:597 ioctl c0306201 200000000080 returned -22
[   45.228833][  T605] overlayfs: failed to resolve './file0': -2
[   45.933354][  T610] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[   45.977041][  T614] binder: 613:614 unknown command 0
[   45.982330][  T614] binder: 613:614 ioctl c0306201 200000000080 returned -22
[   46.516337][  T625] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[   46.544566][  T623] loop1: detected capacity change from 0 to 512
[   46.551587][  T627] binder: 626:627 unknown command 0
[   46.563529][  T627] binder: 626:627 ioctl c0306201 200000000080 returned -22
[   47.426287][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   47.438813][  T631] device bridge0 entered promiscuous mode
[   47.448242][  T631] device macsec1 entered promiscuous mode
[   47.456334][  T631] bridge0: port 3(macsec1) entered blocking state
[   47.462909][  T631] bridge0: port 3(macsec1) entered disabled state
[   47.470833][  T631] device bridge0 left promiscuous mode
[   47.829690][  T641] device bridge0 entered promiscuous mode
[   47.835806][  T641] device macsec1 entered promiscuous mode
[   47.842072][  T641] bridge0: port 3(macsec1) entered blocking state
[   47.946748][  T627] binder: BINDER_SET_CONTEXT_MGR already set
[   47.956524][  T627] binder: 626:627 ioctl 4018620d 200000000040 returned -16
[   47.963890][  T641] bridge0: port 3(macsec1) entered disabled state
[   47.975223][  T641] device bridge0 left promiscuous mode
[   47.990855][  T646] device bridge0 entered promiscuous mode
[   47.997763][  T646] device macsec1 entered promiscuous mode
[   48.071319][  T651] overlayfs: failed to resolve './file0': -2
[   48.284782][  T648] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[   48.338528][  T660] binder: 659:660 unknown command 0
[   48.344533][  T658] binder: 657:658 unknown command 0
[   48.344995][  T660] binder: 659:660 ioctl c0306201 200000000080 returned -22
[   48.355002][  T658] binder: 657:658 ioctl c0306201 200000000080 returned -22
[   50.403035][   T28] audit: type=1400 audit(1757055021.191:130): avc:  denied  { mount } for  pid=672 comm="syz.1.98" name="/" dev="overlay" ino=129 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   50.521611][  T681] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[   50.634306][  T685] device bridge0 entered promiscuous mode
[   50.640095][  T685] device macsec1 entered promiscuous mode
[   50.646379][  T685] bridge0: port 3(macsec1) entered blocking state
[   50.652809][  T685] bridge0: port 3(macsec1) entered disabled state
[   50.660011][  T685] device bridge0 left promiscuous mode
[   50.754503][  T692] device bridge0 entered promiscuous mode
[   50.760302][  T692] device macsec1 entered promiscuous mode
[   50.766880][  T692] bridge0: port 3(macsec1) entered blocking state
[   50.773330][  T692] bridge0: port 3(macsec1) entered disabled state
[   50.781255][  T692] device bridge0 left promiscuous mode
[   50.839513][  T695] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[   51.141831][  T703] overlayfs: failed to resolve './file0': -2
[   51.581704][  T708] overlayfs: failed to resolve './file0': -2
[   51.861797][  T717] binder: 715:717 unknown command 0
[   51.869405][  T717] binder: 715:717 ioctl c0306201 200000000080 returned -22
[   51.884790][  T716] loop1: detected capacity change from 0 to 512
[   52.593912][  T518] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   52.593943][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[   52.605158][  T730] device bridge0 entered promiscuous mode
[   52.661223][  T730] device macsec1 entered promiscuous mode
[   52.668193][  T730] bridge0: port 3(macsec1) entered blocking state
[   52.675020][  T730] bridge0: port 3(macsec1) entered disabled state
[   52.683124][  T730] device bridge0 left promiscuous mode
[   52.823078][  T739] binder: 738:739 unknown command 0
[   52.828496][  T739] binder: 738:739 ioctl c0306201 200000000080 returned -22
[   52.869733][  T743] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[   52.934694][  T745] binder: 744:745 unknown command 0
[   52.950141][  T745] binder: 744:745 ioctl c0306201 200000000080 returned -22
[   53.326316][  T760] overlayfs: failed to resolve './file0': -2
[   53.649273][  T764] binder: 763:764 unknown command 0
[   53.654591][  T764] binder: 763:764 ioctl c0306201 200000000080 returned -22
[   53.727137][  T766] overlayfs: failed to resolve './file0': -2
[   54.649978][  T778] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[   54.929858][  T780] device bridge0 entered promiscuous mode
[   54.935746][  T780] device macsec1 entered promiscuous mode
[   54.941904][  T780] bridge0: port 3(macsec1) entered blocking state
[   54.948560][  T780] bridge0: port 3(macsec1) entered disabled state
[   54.956023][  T780] device bridge0 left promiscuous mode
[   55.020952][  T783] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[   55.750263][  T795] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready
[   56.086794][  T804] binder: 803:804 unknown command 0
[   56.095319][  T804] binder: 803:804 ioctl c0306201 200000000080 returned -22
[   56.291677][  T811] overlayfs: failed to resolve './file0': -2
[   56.851538][  T813] loop4: detected capacity change from 0 to 512
[   56.862164][  T813] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   56.875457][  T813] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   56.896853][  T813] EXT4-fs (loop4): 1 truncate cleaned up
[   56.902626][  T813] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   57.027787][   T28] audit: type=1400 audit(1757055027.771:131): avc:  denied  { write } for  pid=796 comm="syz.4.137" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   57.643325][  T817] binder_alloc: 803: binder_alloc_buf, no vma
[   57.762336][   T28] audit: type=1400 audit(1757055027.771:132): avc:  denied  { add_name } for  pid=796 comm="syz.4.137" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   57.851639][  T822] overlayfs: failed to resolve './file0': -2
[   58.110869][  T825] device bridge0 entered promiscuous mode
[   58.120430][  T286] EXT4-fs (loop4): unmounting filesystem.
[   58.123391][   T28] audit: type=1400 audit(1757055027.781:133): avc:  denied  { create } for  pid=796 comm="syz.4.137" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   58.146473][   T28] audit: type=1400 audit(1757055027.791:134): avc:  denied  { create } for  pid=796 comm="syz.4.137" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   58.166166][  T825] device macsec1 entered promiscuous mode
[   58.172340][   T28] audit: type=1400 audit(1757055027.801:135): avc:  denied  { setopt } for  pid=796 comm="syz.4.137" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   58.192755][  T825] bridge0: port 3(macsec1) entered blocking state
[   58.219374][  T825] bridge0: port 3(macsec1) entered disabled state
[   58.226811][  T825] device bridge0 left promiscuous mode
[   58.235404][  T828] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[   58.265988][  T832] binder: 831:832 unknown command 0
[   58.271287][  T832] binder: 831:832 ioctl c0306201 200000000080 returned -22
[   58.311192][  T834] binder: 833:834 unknown command 0
[   58.316818][  T834] binder: 833:834 ioctl c0306201 200000000080 returned -22
[   58.845163][  T840] binder: BINDER_SET_CONTEXT_MGR already set
[   58.845220][  T840] binder: 835:840 ioctl 4018620d 200000000040 returned -16
[   58.875275][  T853] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[   59.490808][  T859] overlayfs: failed to resolve './file0': -2
[   60.198911][  T861] binder: 860:861 unknown command 0
[   60.204362][  T861] binder: 860:861 ioctl c0306201 200000000080 returned -22
[   60.469014][  T862] binder_alloc: 860: binder_alloc_buf, no vma
[   60.913727][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[   60.913832][  T518] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   61.404024][  T869] loop2: detected capacity change from 0 to 512
[   61.458480][  T874] loop3: detected capacity change from 0 to 512
[   66.167294][  T903] overlayfs: failed to resolve './file0': -2
[   67.256744][  T909] binder: 901:909 unknown command 0
[   67.263165][  T906] Zero length message leads to an empty skb
[   67.293138][  T909] binder: 901:909 ioctl c0306201 200000000080 returned -22
[   67.337461][   T28] audit: type=1400 audit(1757055038.131:136): avc:  denied  { ioctl } for  pid=913 comm="syz.3.169" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=17534 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   67.655644][  T919] overlayfs: failed to resolve './file0': -2
[   70.498227][  T925] device bridge0 entered promiscuous mode
[   70.625915][  T935] binder: 934:935 unknown command 0
[   70.692827][  T938] loop0: detected capacity change from 0 to 256
[   70.726415][  T938] FAT-fs (loop0): Directory bread(block 64) failed
[   70.733036][  T938] FAT-fs (loop0): Directory bread(block 65) failed
[   70.739905][  T938] FAT-fs (loop0): Directory bread(block 66) failed
[   70.746546][  T938] FAT-fs (loop0): Directory bread(block 67) failed
[   70.753358][  T938] FAT-fs (loop0): Directory bread(block 68) failed
[   70.760011][  T938] FAT-fs (loop0): Directory bread(block 69) failed
[   70.766799][  T938] FAT-fs (loop0): Directory bread(block 70) failed
[   70.773408][  T938] FAT-fs (loop0): Directory bread(block 71) failed
[   70.780210][  T938] FAT-fs (loop0): Directory bread(block 72) failed
[   70.787911][  T938] FAT-fs (loop0): Directory bread(block 73) failed
[   70.992686][  T925] device macsec1 entered promiscuous mode
[   70.999035][  T935] binder: 934:935 ioctl c0306201 200000000080 returned -22
[   71.262486][  T925] bridge0: port 3(macsec1) entered blocking state
[   71.269054][  T925] bridge0: port 3(macsec1) entered disabled state
[   71.276571][  T925] device bridge0 left promiscuous mode
[   71.290747][  T937] device bridge0 entered promiscuous mode
[   71.296833][  T937] device macsec1 entered promiscuous mode
[   71.303179][  T937] bridge0: port 3(macsec1) entered blocking state
[   71.319221][  T937] bridge0: port 3(macsec1) entered disabled state
[   71.327166][  T937] device bridge0 left promiscuous mode
[   71.372393][   T28] audit: type=1400 audit(1757055042.161:137): avc:  denied  { read } for  pid=941 comm="syz.0.174" dev="nsfs" ino=4026532292 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   71.395103][   T28] audit: type=1400 audit(1757055042.191:138): avc:  denied  { open } for  pid=941 comm="syz.0.174" path="net:[4026532292]" dev="nsfs" ino=4026532292 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   71.447255][   T28] audit: type=1400 audit(1757055042.191:139): avc:  denied  { create } for  pid=941 comm="syz.0.174" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   71.514133][  T955] loop3: detected capacity change from 0 to 512
[   71.538500][  T949] binder: 948:949 unknown command 0
[   71.544049][  T949] binder: 948:949 ioctl c0306201 200000000080 returned -22
[   72.996083][  T956] overlayfs: failed to resolve './file0': -2
[   74.611660][  T969] overlayfs: failed to resolve './file0': -2
[   74.778971][  T973] binder: 970:973 unknown command 0
[   74.779974][  T972] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[   74.800261][  T973] binder: 970:973 ioctl c0306201 200000000080 returned -22
[   74.823847][  T975] device bridge0 entered promiscuous mode
[   74.829707][  T975] device macsec1 entered promiscuous mode
[   74.836076][  T975] bridge0: port 3(macsec1) entered blocking state
[   74.842565][  T975] bridge0: port 3(macsec1) entered disabled state
[   74.849895][  T975] device bridge0 left promiscuous mode
[   74.922847][  T980] binder: 979:980 unknown command 0
[   74.928160][  T980] binder: 979:980 ioctl c0306201 200000000080 returned -22
[   75.347631][  T987] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[   75.563528][  T993] binder: 992:993 unknown command 0
[   75.571302][  T995] binder: 991:995 unknown command 0
[   75.576649][  T993] binder: 992:993 ioctl c0306201 200000000080 returned -22
[   75.583999][  T995] binder: 991:995 ioctl c0306201 200000000080 returned -22
[   75.588288][  T997] binder: 996:997 unknown command 0
[   75.599897][  T997] binder: 996:997 ioctl c0306201 200000000080 returned -22
[   75.621674][  T999] binder: 998:999 unknown command 0
[   75.631687][ T1001] binder: 1000:1001 unknown command 0
[   75.632311][  T999] binder: 998:999 ioctl c0306201 200000000080 returned -22
[   75.637263][ T1001] binder: 1000:1001 ioctl c0306201 200000000080 returned -22
[   75.855278][  T999] binder_alloc: 998: binder_alloc_buf, no vma
[   76.051798][ T1011] binder: 1010:1011 unknown command 0
[   76.057327][ T1011] binder: 1010:1011 ioctl c0306201 200000000080 returned -22
[   78.719415][ T1017] binder: 1014:1017 unknown command 0
[   78.733471][ T1016] binder: 1015:1016 unknown command 0
[   78.737819][ T1017] binder: 1014:1017 ioctl c0306201 200000000080 returned -22
[   78.746668][ T1020] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[   78.763434][ T1016] binder: 1015:1016 ioctl c0306201 200000000080 returned -22
[   78.786417][ T1023] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[   78.886089][ T1036] binder: 1033:1036 unknown command 0
[   78.891573][ T1036] binder: 1033:1036 ioctl c0306201 200000000080 returned -22
[   78.900389][ T1037] binder: 1035:1037 unknown command 0
[   78.906012][ T1037] binder: 1035:1037 ioctl c0306201 200000000080 returned -22
[   79.214992][ T1044] binder: 1043:1044 unknown command 0
[   79.220419][ T1044] binder: 1043:1044 ioctl c0306201 200000000080 returned -22
[   80.772857][ T1062] loop3: detected capacity change from 0 to 512
[   80.783132][ T1062] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   80.838704][ T1062] EXT4-fs (loop3): 1 truncate cleaned up
[   80.844483][ T1062] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   82.626083][ T1076] binder: 1075:1076 unknown command 0
[   82.631639][ T1076] binder: 1075:1076 ioctl c0306201 200000000080 returned -22
[   82.761265][ T1079] binder: 1078:1079 ioctl c0306201 0 returned -14
[   82.804395][  T287] EXT4-fs (loop3): unmounting filesystem.
[   82.866783][ T1088] binder: 1087:1088 unknown command 0
[   82.874365][ T1088] binder: 1087:1088 ioctl c0306201 200000000080 returned -22
[   84.177074][ T1104] loop4: detected capacity change from 0 to 512
[   84.187492][ T1104] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   84.332080][ T1104] EXT4-fs (loop4): 1 truncate cleaned up
[   84.337878][ T1104] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   84.837496][  T286] EXT4-fs (loop4): unmounting filesystem.
[   84.852764][ T1111] binder: 1110:1111 unknown command 0
[   84.858356][ T1111] binder: 1110:1111 ioctl c0306201 200000000080 returned -22
[   85.006184][ T1115] device bridge0 entered promiscuous mode
[   85.012044][ T1115] device macsec1 entered promiscuous mode
[   85.018336][ T1115] bridge0: port 3(macsec1) entered blocking state
[   85.025159][ T1115] bridge0: port 3(macsec1) entered disabled state
[   85.032383][ T1115] device bridge0 left promiscuous mode
[   85.090483][ T1120] binder: 1119:1120 unknown command 0
[   85.095967][ T1120] binder: 1119:1120 ioctl c0306201 200000000080 returned -22
[   85.937286][ T1130] binder: 1129:1130 unknown command 0
[   85.942830][ T1130] binder: 1129:1130 ioctl c0306201 200000000080 returned -22
[   85.975303][ T1133] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[   85.996100][ T1134] device bridge0 entered promiscuous mode
[   86.025488][ T1134] device macsec1 entered promiscuous mode
[   86.031912][ T1134] bridge0: port 3(macsec1) entered blocking state
[   86.038764][ T1134] bridge0: port 3(macsec1) entered disabled state
[   86.046794][ T1134] device bridge0 left promiscuous mode
[   86.829827][ T1147] loop3: detected capacity change from 0 to 512
[   87.631114][ T1148] loop4: detected capacity change from 0 to 256
[   87.687290][ T1147] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   87.736634][ T1148] FAT-fs (loop4): Directory bread(block 64) failed
[   87.743307][ T1148] FAT-fs (loop4): Directory bread(block 65) failed
[   87.750130][ T1148] FAT-fs (loop4): Directory bread(block 66) failed
[   87.756822][ T1148] FAT-fs (loop4): Directory bread(block 67) failed
[   87.763613][ T1148] FAT-fs (loop4): Directory bread(block 68) failed
[   87.770202][ T1148] FAT-fs (loop4): Directory bread(block 69) failed
[   87.777052][ T1148] FAT-fs (loop4): Directory bread(block 70) failed
[   87.783670][ T1148] FAT-fs (loop4): Directory bread(block 71) failed
[   87.790408][ T1148] FAT-fs (loop4): Directory bread(block 72) failed
[   87.797113][ T1148] FAT-fs (loop4): Directory bread(block 73) failed
[   88.527291][ T1147] EXT4-fs (loop3): 1 truncate cleaned up
[   88.533018][ T1147] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   88.708140][  T287] EXT4-fs (loop3): unmounting filesystem.
[   88.802630][ T1162] binder: 1161:1162 unknown command 0
[   88.813660][ T1162] binder: 1161:1162 ioctl c0306201 200000000080 returned -22
[   88.977703][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready
[   89.028978][ T1172] binder: 1171:1172 unknown command 0
[   89.042024][ T1172] binder: 1171:1172 ioctl c0306201 200000000080 returned -22
[   89.615675][ T1181] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[   89.651389][ T1183] device bridge0 entered promiscuous mode
[   89.657341][ T1183] device macsec1 entered promiscuous mode
[   89.663556][ T1183] bridge0: port 3(macsec1) entered blocking state
[   89.670337][ T1183] bridge0: port 3(macsec1) entered disabled state
[   89.677820][ T1183] device bridge0 left promiscuous mode
[   89.749074][ T1191] device bridge0 entered promiscuous mode
[   89.760508][ T1191] device macsec1 entered promiscuous mode
[   89.767628][ T1191] bridge0: port 3(macsec1) entered blocking state
[   89.774252][ T1191] bridge0: port 3(macsec1) entered disabled state
[   89.792794][ T1191] device bridge0 left promiscuous mode
[   89.969923][ T1199] overlayfs: failed to resolve './file0': -2
[   90.844461][ T1197] device bridge0 entered promiscuous mode
[   90.850403][ T1197] device macsec1 entered promiscuous mode
[   91.166929][ T1204] loop2: detected capacity change from 0 to 512
[   91.215828][ T1197] bridge0: port 3(macsec1) entered blocking state
[   91.222418][ T1197] bridge0: port 3(macsec1) entered disabled state
[   91.232793][ T1204] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   91.289230][ T1194] overlayfs: failed to resolve './file0': -2
[   91.380669][ T1204] EXT4-fs (loop2): 1 truncate cleaned up
[   91.386476][ T1204] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   91.417803][ T1197] device bridge0 left promiscuous mode
[   91.995441][  T284] EXT4-fs (loop2): unmounting filesystem.
[   92.122692][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[   92.175349][ T1219] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[   92.415832][ T1228] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[   92.538296][ T1233] binder: 1232:1233 unknown command 0
[   92.563754][ T1233] binder: 1232:1233 ioctl c0306201 200000000080 returned -22
[   92.786709][ T1238] binder: 1237:1238 unknown command 0
[   92.792137][ T1238] binder: 1237:1238 ioctl c0306201 200000000080 returned -22
[   92.812844][ T1240] binder: 1239:1240 unknown command 0
[   92.818508][ T1240] binder: 1239:1240 ioctl c0306201 200000000080 returned -22
[   94.307914][ T1252] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[   95.011865][ T1254] device bridge0 entered promiscuous mode
[   95.017730][ T1254] device macsec1 entered promiscuous mode
[   95.024045][ T1254] bridge0: port 3(macsec1) entered blocking state
[   95.030472][ T1254] bridge0: port 3(macsec1) entered disabled state
[   95.037700][ T1254] device bridge0 left promiscuous mode
[   95.154419][ T1258] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[   95.316899][ T1262] device bridge0 entered promiscuous mode
[   95.330063][ T1262] device macsec1 entered promiscuous mode
[   95.338028][   T28] audit: type=1400 audit(1757055066.131:140): avc:  denied  { remount } for  pid=1260 comm="syz.0.267" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   95.339648][ T1262] bridge0: port 3(macsec1) entered blocking state
[   95.365491][ T1262] bridge0: port 3(macsec1) entered disabled state
[   95.374818][ T1262] device bridge0 left promiscuous mode
[   95.386795][ T1264] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[   95.547838][ T1277] loop3: detected capacity change from 0 to 512
[   96.457494][ T1285] device bridge0 entered promiscuous mode
[   96.463301][ T1285] device macsec1 entered promiscuous mode
[   96.472854][ T1288] binder: 1286:1288 unknown command 0
[   96.479655][ T1288] binder: 1286:1288 ioctl c0306201 200000000080 returned -22
[   96.490842][ T1285] bridge0: port 3(macsec1) entered blocking state
[   96.497484][ T1285] bridge0: port 3(macsec1) entered disabled state
[   96.505158][ T1285] device bridge0 left promiscuous mode
[   96.571804][ T1294] binder: 1293:1294 unknown command 0
[   96.577290][ T1294] binder: 1293:1294 ioctl c0306201 200000000080 returned -22
[   96.761476][ T1301] overlayfs: failed to resolve './file0': -2
[   96.854303][ T1303] binder: 1302:1303 unknown command 0
[   96.859768][ T1303] binder: 1302:1303 ioctl c0306201 200000000080 returned -22
[   97.233631][  T518] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   97.233640][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[   97.262096][ T1307] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[   97.531630][ T1317] IPv6: ADDRCONF(NETDEV_CHANGE): gre3: link becomes ready
[   98.404161][ T1321] IPv6: ADDRCONF(NETDEV_CHANGE): gre4: link becomes ready
[   99.611288][ T1329] loop1: detected capacity change from 0 to 512
[  100.711165][ T1335] overlayfs: failed to resolve './file0': -2
[  101.569029][ T1343] device bridge0 entered promiscuous mode
[  101.579803][ T1343] device macsec1 entered promiscuous mode
[  101.587132][ T1343] bridge0: port 3(macsec1) entered blocking state
[  101.670034][ T1348] loop2: detected capacity change from 0 to 512
[  101.680504][ T1343] bridge0: port 3(macsec1) entered disabled state
[  101.695017][ T1348] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  101.771062][ T1343] device bridge0 left promiscuous mode
[  101.838299][ T1348] EXT4-fs (loop2): 1 truncate cleaned up
[  101.844085][ T1348] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  102.565516][ T1356] binder: 1355:1356 unknown command 0
[  102.571046][ T1356] binder: 1355:1356 ioctl c0306201 200000000080 returned -22
[  102.584932][ T1345] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  102.721384][  T284] EXT4-fs (loop2): unmounting filesystem.
[  102.734472][ T1364] binder: 1363:1364 unknown command 0
[  102.740002][ T1364] binder: 1363:1364 ioctl c0306201 200000000080 returned -22
[  102.767694][ T1368] binder: 1367:1368 unknown command 0
[  102.773293][ T1368] binder: 1367:1368 ioctl c0306201 200000000080 returned -22
[  102.838448][ T1371] overlayfs: failed to resolve './file0': -2
[  103.191536][ T1377] binder: 1376:1377 unknown command 0
[  103.208463][ T1377] binder: 1376:1377 ioctl c0306201 200000000080 returned -22
[  103.214312][ T1382] binder: 1378:1382 unknown command 0
[  103.226231][ T1382] binder: 1378:1382 ioctl c0306201 200000000080 returned -22
[  103.227387][ T1381] loop0: detected capacity change from 0 to 512
[  103.272264][ T1384] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  103.619741][ T1386] binder_alloc: 1378: binder_alloc_buf, no vma
[  103.661910][ T1392] binder: 1391:1392 unknown command 0
[  103.667454][ T1392] binder: 1391:1392 ioctl c0306201 200000000080 returned -22
[  104.272652][ T1398] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  105.149464][ T1402] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready
[  105.313669][  T517] Bluetooth: hci0: command 0x1003 tx timeout
[  105.313687][  T518] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  105.352209][ T1406] device bridge0 entered promiscuous mode
[  105.358078][ T1406] device macsec1 entered promiscuous mode
[  105.364655][ T1406] bridge0: port 3(macsec1) entered blocking state
[  105.371094][ T1406] bridge0: port 3(macsec1) entered disabled state
[  105.378192][ T1406] device bridge0 left promiscuous mode
[  105.449231][ T1409] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  105.490741][ T1413] loop3: detected capacity change from 0 to 512
[  105.921175][ T1417] binder: 1416:1417 unknown command 0
[  105.926791][ T1417] binder: 1416:1417 ioctl c0306201 200000000080 returned -22
[  106.349524][ T1426] loop1: detected capacity change from 0 to 512
[  106.357273][ T1423] binder: 1421:1423 unknown command 0
[  106.362693][ T1423] binder: 1421:1423 ioctl c0306201 200000000080 returned -22
[  106.442433][ T1431] binder: 1428:1431 unknown command 0
[  106.482895][ T1431] binder: 1428:1431 ioctl c0306201 200000000080 returned -22
[  107.608026][ T1434] overlayfs: failed to resolve './file0': -2
[  107.996213][ T1441] binder_alloc: 1428: binder_alloc_buf, no vma
[  108.196173][ T1453] device bridge0 entered promiscuous mode
[  108.202050][ T1453] device macsec1 entered promiscuous mode
[  108.208305][ T1453] bridge0: port 3(macsec1) entered blocking state
[  108.215593][ T1453] bridge0: port 3(macsec1) entered disabled state
[  108.286230][ T1458] overlayfs: failed to resolve './file0': -2
[  108.482133][ T1453] device bridge0 left promiscuous mode
[  108.495625][ T1454] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  108.583458][ T1465] binder: 1464:1465 unknown command 0
[  108.589588][ T1465] binder: 1464:1465 ioctl c0306201 200000000080 returned -22
[  108.641839][ T1467] binder: 1466:1467 unknown command 0
[  108.647406][ T1467] binder: 1466:1467 ioctl c0306201 200000000080 returned -22
[  108.962908][ T1475] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  108.971107][  T517] Bluetooth: hci0: sending frame failed (-49)
[  108.977285][  T518] Bluetooth: hci0: Opcode 0x1003 failed: -49
[  109.036428][ T1479] loop2: detected capacity change from 0 to 512
[  109.536030][ T1483] loop1: detected capacity change from 0 to 256
[  109.559959][ T1483] FAT-fs (loop1): Directory bread(block 64) failed
[  109.566751][ T1483] FAT-fs (loop1): Directory bread(block 65) failed
[  109.573649][ T1483] FAT-fs (loop1): Directory bread(block 66) failed
[  109.580278][ T1483] FAT-fs (loop1): Directory bread(block 67) failed
[  109.587106][ T1483] FAT-fs (loop1): Directory bread(block 68) failed
[  109.593782][ T1483] FAT-fs (loop1): Directory bread(block 69) failed
[  109.600552][ T1483] FAT-fs (loop1): Directory bread(block 70) failed
[  109.607277][ T1483] FAT-fs (loop1): Directory bread(block 71) failed
[  109.614128][ T1483] FAT-fs (loop1): Directory bread(block 72) failed
[  109.620809][ T1483] FAT-fs (loop1): Directory bread(block 73) failed
[  110.113241][ T1494] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  110.146039][ T1495] loop2: detected capacity change from 0 to 512
[  110.209069][ T1499] device bridge0 entered promiscuous mode
[  110.225378][ T1499] device macsec1 entered promiscuous mode
[  110.254861][ T1501] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  110.264641][ T1499] bridge0: port 3(macsec1) entered blocking state
[  110.271094][ T1499] bridge0: port 3(macsec1) entered disabled state
[  110.329676][ T1499] device bridge0 left promiscuous mode
[  110.426987][ T1508] FAULT_INJECTION: forcing a failure.
[  110.426987][ T1508] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  110.440120][ T1508] CPU: 1 PID: 1508 Comm: syz.1.343 Not tainted syzkaller #0
[  110.447439][ T1508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  110.457537][ T1508] Call Trace:
[  110.460842][ T1508]  <TASK>
[  110.463801][ T1508]  __dump_stack+0x21/0x24
[  110.468171][ T1508]  dump_stack_lvl+0xee/0x150
[  110.472773][ T1508]  ? __cfi_dump_stack_lvl+0x8/0x8
[  110.477835][ T1508]  ? migrate_enable+0x19c/0x280
[  110.482875][ T1508]  dump_stack+0x15/0x24
[  110.487057][ T1508]  should_fail_ex+0x3d4/0x520
[  110.491737][ T1508]  should_fail+0xb/0x10
[  110.495895][ T1508]  should_fail_usercopy+0x1a/0x20
[  110.500925][ T1508]  _copy_to_user+0x1e/0x90
[  110.505452][ T1508]  bpf_test_finish+0x1a8/0x6b0
[  110.510216][ T1508]  ? convert_skb_to___skb+0x430/0x430
[  110.515686][ T1508]  bpf_prog_test_run_skb+0xce1/0x1290
[  110.521102][ T1508]  ? __cfi_bpf_prog_test_run_skb+0x10/0x10
[  110.526921][ T1508]  bpf_prog_test_run+0x3e3/0x630
[  110.531867][ T1508]  ? slab_free_freelist_hook+0xc2/0x190
[  110.537437][ T1508]  ? bpf_prog_query+0x270/0x270
[  110.542297][ T1508]  ? selinux_bpf+0xce/0xf0
[  110.546722][ T1508]  ? security_bpf+0x93/0xb0
[  110.551234][ T1508]  __sys_bpf+0x56d/0x780
[  110.555482][ T1508]  ? bpf_link_show_fdinfo+0x320/0x320
[  110.560866][ T1508]  ? __cfi_ksys_write+0x10/0x10
[  110.565732][ T1508]  ? debug_smp_processor_id+0x17/0x20
[  110.571110][ T1508]  __x64_sys_bpf+0x7c/0x90
[  110.575545][ T1508]  x64_sys_call+0x488/0x9a0
[  110.580053][ T1508]  do_syscall_64+0x4c/0xa0
[  110.584476][ T1508]  ? clear_bhb_loop+0x30/0x80
[  110.589156][ T1508]  ? clear_bhb_loop+0x30/0x80
[  110.593837][ T1508]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  110.599750][ T1508] RIP: 0033:0x7f2ac4d8ebe9
[  110.604166][ T1508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.623784][ T1508] RSP: 002b:00007f2ac5b49038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  110.632206][ T1508] RAX: ffffffffffffffda RBX: 00007f2ac4fc5fa0 RCX: 00007f2ac4d8ebe9
[  110.640181][ T1508] RDX: 0000000000000050 RSI: 00002000000003c0 RDI: 000000000000000a
[  110.648152][ T1508] RBP: 00007f2ac5b49090 R08: 0000000000000000 R09: 0000000000000000
[  110.656122][ T1508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.664103][ T1508] R13: 00007f2ac4fc6038 R14: 00007f2ac4fc5fa0 R15: 00007ffdd0711568
[  110.672080][ T1508]  </TASK>
[  110.940155][ T1519] binder: 1518:1519 unknown command 0
[  111.125150][ T1522] overlayfs: failed to resolve './file0': -2
[  111.309603][ T1519] binder: 1518:1519 ioctl c0306201 200000000080 returned -22
[  111.652245][ T1529] binder: 1528:1529 unknown command 0
[  111.659286][ T1529] binder: 1528:1529 ioctl c0306201 200000000080 returned -22
[  111.942041][ T1538] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready
[  112.254892][ T1540] binder: 1539:1540 unknown command 0
[  112.260300][ T1540] binder: 1539:1540 ioctl c0306201 200000000080 returned -22
[  112.273703][  T518] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  113.346431][ T1556] IPv6: ADDRCONF(NETDEV_CHANGE): gre5: link becomes ready
[  113.745827][ T1560] IPv6: ADDRCONF(NETDEV_CHANGE): gre3: link becomes ready
[  114.181202][ T1567] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  114.188489][ T1575] binder: 1574:1575 unknown command 0
[  114.194232][ T1575] binder: 1574:1575 ioctl c0306201 200000000080 returned -22
[  114.263434][ T1577] overlayfs: failed to resolve './file0': -2
[  114.714748][ T1584] IPv6: ADDRCONF(NETDEV_CHANGE): gre4: link becomes ready
[  114.747015][ T1576] binder_alloc: 1574: binder_alloc_buf, no vma
[  115.156801][ T1593] IPv6: ADDRCONF(NETDEV_CHANGE): gre3: link becomes ready
[  115.192143][ T1595] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  115.236770][ T1597] binder: 1596:1597 unknown command 0
[  115.242228][ T1597] binder: 1596:1597 ioctl c0306201 200000000080 returned -22
[  115.442483][ T1601] binder: 1600:1601 unknown command 0
[  115.448126][ T1601] binder: 1600:1601 ioctl c0306201 200000000080 returned -22
[  115.860897][ T1605] binder: 1604:1605 unknown command 0
[  115.866359][ T1605] binder: 1604:1605 ioctl c0306201 200000000080 returned -22
[  116.193718][  T517] Bluetooth: hci0: command 0x1003 tx timeout
[  116.193782][  T518] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  116.278850][ T1610] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  117.374153][ T1614] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  117.401195][ T1619] loop1: detected capacity change from 0 to 512
[  117.420715][ T1619] journal_path: Lookup failure for './file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
[  117.463679][ T1619] EXT4-fs: error: could not find journal device path
[  117.497695][ T1619] loop1: detected capacity change from 0 to 512
[  117.519232][ T1619] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  117.538485][ T1626] device bridge0 entered promiscuous mode
[  117.547301][ T1619] EXT4-fs (loop1): 1 truncate cleaned up
[  117.553160][ T1619] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  117.553676][ T1626] device macsec1 entered promiscuous mode
[  117.617782][ T1626] bridge0: port 3(macsec1) entered blocking state
[  117.642302][ T1626] bridge0: port 3(macsec1) entered disabled state
[  117.671185][ T1626] device bridge0 left promiscuous mode
[  117.689699][ T1631] IPv6: ADDRCONF(NETDEV_CHANGE): gre5: link becomes ready
[  117.770108][ T1637] FAULT_INJECTION: forcing a failure.
[  117.770108][ T1637] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  117.783251][ T1637] CPU: 1 PID: 1637 Comm: syz.1.377 Not tainted syzkaller #0
[  117.790566][ T1637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  117.800632][ T1637] Call Trace:
[  117.803922][ T1637]  <TASK>
[  117.806873][ T1637]  __dump_stack+0x21/0x24
[  117.811221][ T1637]  dump_stack_lvl+0xee/0x150
[  117.815839][ T1637]  ? __cfi_dump_stack_lvl+0x8/0x8
[  117.820892][ T1637]  dump_stack+0x15/0x24
[  117.825058][ T1637]  should_fail_ex+0x3d4/0x520
[  117.829756][ T1637]  should_fail+0xb/0x10
[  117.833926][ T1637]  should_fail_usercopy+0x1a/0x20
[  117.839142][ T1637]  copyin+0x20/0xa0
[  117.842962][ T1637]  _copy_from_iter+0x3e2/0xfd0
[  117.847745][ T1637]  ? __cfi__copy_from_iter+0x10/0x10
[  117.853049][ T1637]  ? __check_object_size+0x461/0x600
[  117.858362][ T1637]  ? __check_object_size+0x1c7/0x600
[  117.863669][ T1637]  ? __check_object_size+0x45a/0x600
[  117.868980][ T1637]  netlink_sendmsg+0x72c/0xbc0
[  117.873766][ T1637]  ? __cfi_netlink_sendmsg+0x10/0x10
[  117.879076][ T1637]  ? security_socket_sendmsg+0x93/0xb0
[  117.884553][ T1637]  ? __cfi_netlink_sendmsg+0x10/0x10
[  117.889860][ T1637]  ____sys_sendmsg+0x5a9/0x990
[  117.894641][ T1637]  ? __sys_sendmsg_sock+0x40/0x40
[  117.899691][ T1637]  ? import_iovec+0x7c/0xb0
[  117.904227][ T1637]  ___sys_sendmsg+0x21c/0x290
[  117.909013][ T1637]  ? __sys_sendmsg+0x270/0x270
[  117.913810][ T1637]  ? __fdget+0x19c/0x220
[  117.918066][ T1637]  __x64_sys_sendmsg+0x1f0/0x2c0
[  117.923029][ T1637]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[  117.928507][ T1637]  ? __kasan_check_write+0x14/0x20
[  117.933648][ T1637]  ? fpregs_restore_userregs+0x128/0x260
[  117.939297][ T1637]  ? switch_fpu_return+0xe/0x10
[  117.944169][ T1637]  x64_sys_call+0x171/0x9a0
[  117.948796][ T1637]  do_syscall_64+0x4c/0xa0
[  117.953229][ T1637]  ? clear_bhb_loop+0x30/0x80
[  117.957930][ T1637]  ? clear_bhb_loop+0x30/0x80
[  117.962633][ T1637]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  117.968552][ T1637] RIP: 0033:0x7f2ac4d8ebe9
[  117.972997][ T1637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.992622][ T1637] RSP: 002b:00007f2ac37f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  118.001064][ T1637] RAX: ffffffffffffffda RBX: 00007f2ac4fc6180 RCX: 00007f2ac4d8ebe9
[  118.009052][ T1637] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000004
[  118.017038][ T1637] RBP: 00007f2ac37f7090 R08: 0000000000000000 R09: 0000000000000000
[  118.025020][ T1637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  118.032992][ T1637] R13: 00007f2ac4fc6218 R14: 00007f2ac4fc6180 R15: 00007ffdd0711568
[  118.040971][ T1637]  </TASK>
[  118.274695][  T285] EXT4-fs (loop1): unmounting filesystem.
[  118.310965][ T1647] binder: 1646:1647 unknown command 0
[  118.316622][ T1647] binder: 1646:1647 ioctl c0306201 200000000080 returned -22
[  118.353639][  T517] Bluetooth: hci0: command 0x1003 tx timeout
[  118.359719][  T518] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  118.390291][ T1649] IPv6: ADDRCONF(NETDEV_CHANGE): gre3: link becomes ready
[  118.413726][ T1652] binder: 1651:1652 unknown command 0
[  118.429644][ T1652] binder: 1651:1652 ioctl c0306201 200000000080 returned -22
[  118.520066][ T1656] binder: 1655:1656 unknown command 0
[  118.525562][ T1656] binder: 1655:1656 ioctl c0306201 200000000080 returned -22
[  118.973922][ T1661] binder: 1660:1661 unknown command 0
[  118.979413][ T1661] binder: 1660:1661 ioctl c0306201 200000000080 returned -22
[  119.044807][ T1664] loop0: detected capacity change from 0 to 512
[  119.249175][ T1663] binder_alloc: 1660: binder_alloc_buf, no vma
[  120.004677][ T1673] loop0: detected capacity change from 0 to 512
[  121.066457][ T1681] overlayfs: failed to resolve './file0': -2
[  121.519819][ T1693] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  121.824312][ T1698] loop1: detected capacity change from 0 to 256
[  121.918123][ T1698] FAT-fs (loop1): Directory bread(block 64) failed
[  121.924880][ T1698] FAT-fs (loop1): Directory bread(block 65) failed
[  121.931706][ T1698] FAT-fs (loop1): Directory bread(block 66) failed
[  121.938395][ T1698] FAT-fs (loop1): Directory bread(block 67) failed
[  121.945192][ T1698] FAT-fs (loop1): Directory bread(block 68) failed
[  121.951849][ T1698] FAT-fs (loop1): Directory bread(block 69) failed
[  121.958721][ T1698] FAT-fs (loop1): Directory bread(block 70) failed
[  121.965370][ T1698] FAT-fs (loop1): Directory bread(block 71) failed
[  121.972153][ T1698] FAT-fs (loop1): Directory bread(block 72) failed
[  121.978969][ T1698] FAT-fs (loop1): Directory bread(block 73) failed
[  123.118639][ T1708] device bridge0 entered promiscuous mode
[  123.124548][   T28] audit: type=1400 audit(1757055093.921:141): avc:  denied  { read write } for  pid=1706 comm="syz.2.405" name="uinput" dev="devtmpfs" ino=262 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  123.133678][ T1708] device macsec1 entered promiscuous mode
[  123.158027][ T1709] loop2: detected capacity change from 0 to 512
[  123.191268][   T28] audit: type=1400 audit(1757055093.951:142): avc:  denied  { open } for  pid=1706 comm="syz.2.405" path="/dev/uinput" dev="devtmpfs" ino=262 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  123.316196][ T1709] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  123.325393][ T1709] ext4 filesystem being mounted at /84/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.326966][ T1716] binder: 1714:1716 unknown command 0
[  123.344026][ T1716] binder: 1714:1716 ioctl c0306201 200000000080 returned -22
[  123.356673][   T28] audit: type=1400 audit(1757055094.151:143): avc:  denied  { create } for  pid=1706 comm="syz.2.405" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  123.379710][   T28] audit: type=1400 audit(1757055094.181:144): avc:  denied  { read write open } for  pid=1706 comm="syz.2.405" path="/84/file0/bus" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  123.505552][ T1719] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready
[  123.563786][  T518] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  123.594426][ T1724] syz.2.405[1724] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  123.594769][ T1724] syz.2.405[1724] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  123.743734][   T28] audit: type=1400 audit(1757055094.471:145): avc:  denied  { remove_name } for  pid=1706 comm="syz.2.405" name="file0" dev="loop2" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  123.927054][ T1726] binder: 1725:1726 unknown command 0
[  124.454005][ T1726] binder: 1725:1726 ioctl c0306201 200000000080 returned -22
[  124.487321][ T1729] binder: 1728:1729 unknown command 0
[  124.492757][ T1729] binder: 1728:1729 ioctl c0306201 200000000080 returned -22
[  124.514017][   T28] audit: type=1400 audit(1757055094.471:146): avc:  denied  { rename } for  pid=1706 comm="syz.2.405" name="file0" dev="loop2" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  124.661848][  T284] EXT4-fs (loop2): unmounting filesystem.
[  124.688734][   T28] audit: type=1400 audit(1757055095.481:147): avc:  denied  { create } for  pid=1738 comm="syz.2.412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  124.711094][   T28] audit: type=1400 audit(1757055095.501:148): avc:  denied  { read write } for  pid=1738 comm="syz.2.412" name="vhost-vsock" dev="devtmpfs" ino=268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  124.735348][   T28] audit: type=1400 audit(1757055095.501:149): avc:  denied  { open } for  pid=1738 comm="syz.2.412" path="/dev/vhost-vsock" dev="devtmpfs" ino=268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  124.794061][   T28] audit: type=1400 audit(1757055095.501:150): avc:  denied  { ioctl } for  pid=1738 comm="syz.2.412" path="/dev/vhost-vsock" dev="devtmpfs" ino=268 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  125.005966][ T1730] binder_alloc: 1728: binder_alloc_buf, no vma
[  126.539806][ T1767] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  126.923189][ T1771] loop0: detected capacity change from 0 to 256
[  127.020340][ T1771] FAT-fs (loop0): Directory bread(block 64) failed
[  127.027117][ T1771] FAT-fs (loop0): Directory bread(block 65) failed
[  127.034052][ T1771] FAT-fs (loop0): Directory bread(block 66) failed
[  127.040781][ T1771] FAT-fs (loop0): Directory bread(block 67) failed
[  127.047632][ T1771] FAT-fs (loop0): Directory bread(block 68) failed
[  127.054307][ T1771] FAT-fs (loop0): Directory bread(block 69) failed
[  127.061188][ T1771] FAT-fs (loop0): Directory bread(block 70) failed
[  127.067850][ T1771] FAT-fs (loop0): Directory bread(block 71) failed
[  127.074744][ T1771] FAT-fs (loop0): Directory bread(block 72) failed
[  127.081422][ T1771] FAT-fs (loop0): Directory bread(block 73) failed
[  128.461704][ T1782] loop0: detected capacity change from 0 to 512
[  129.247097][  T517] Bluetooth: hci0: command 0x1003 tx timeout
[  129.254196][  T518] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  129.361188][ T1789] binder: 1788:1789 unknown command 0
[  129.373666][ T1789] binder: 1788:1789 ioctl c0306201 200000000080 returned -22
[  129.392443][ T1794] binder: 1793:1794 unknown command 0
[  129.412318][ T1794] binder: 1793:1794 ioctl c0306201 200000000080 returned -22
[  129.837383][ T1804] binder: 1802:1804 unknown command 0
[  129.842834][ T1804] binder: 1802:1804 ioctl c0306201 200000000080 returned -22
[  130.284319][ T1814] loop0: detected capacity change from 0 to 256
[  130.352842][ T1814] FAT-fs (loop0): Directory bread(block 64) failed
[  130.359612][ T1814] FAT-fs (loop0): Directory bread(block 65) failed
[  130.366879][ T1814] FAT-fs (loop0): Directory bread(block 66) failed
[  130.373503][ T1814] FAT-fs (loop0): Directory bread(block 67) failed
[  130.380780][ T1814] FAT-fs (loop0): Directory bread(block 68) failed
[  130.387404][ T1814] FAT-fs (loop0): Directory bread(block 69) failed
[  130.394702][ T1814] FAT-fs (loop0): Directory bread(block 70) failed
[  130.401322][ T1814] FAT-fs (loop0): Directory bread(block 71) failed
[  130.408570][ T1814] FAT-fs (loop0): Directory bread(block 72) failed
[  130.415179][ T1814] FAT-fs (loop0): Directory bread(block 73) failed
[  131.137945][ T1829] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  132.436650][ T1839] binder: 1838:1839 unknown command 0
[  132.442223][ T1839] binder: 1838:1839 ioctl c0306201 200000000080 returned -22
[  132.557997][ T1848] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  132.600239][ T1853] binder: 1852:1853 unknown command 0
[  132.607035][ T1853] binder: 1852:1853 ioctl c0306201 200000000080 returned -22
[  132.708016][ T1842] binder_alloc: 1838: binder_alloc_buf, no vma
[  133.163624][  T517] Bluetooth: hci0: command 0x1003 tx timeout
[  133.163635][  T518] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  133.373830][ T1865] loop0: detected capacity change from 0 to 256
[  133.421105][   T28] audit: type=1400 audit(1757055104.211:151): avc:  denied  { read write } for  pid=1862 comm="syz.2.448" name="raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  133.493661][ T1865] FAT-fs (loop0): Directory bread(block 64) failed
[  133.500341][ T1865] FAT-fs (loop0): Directory bread(block 65) failed
[  133.507203][ T1865] FAT-fs (loop0): Directory bread(block 66) failed
[  133.513836][ T1865] FAT-fs (loop0): Directory bread(block 67) failed
[  133.520611][ T1865] FAT-fs (loop0): Directory bread(block 68) failed
[  133.527219][ T1865] FAT-fs (loop0): Directory bread(block 69) failed
[  133.534043][ T1865] FAT-fs (loop0): Directory bread(block 70) failed
[  133.540632][ T1865] FAT-fs (loop0): Directory bread(block 71) failed
[  133.547463][ T1865] FAT-fs (loop0): Directory bread(block 72) failed
[  133.554183][ T1865] FAT-fs (loop0): Directory bread(block 73) failed
[  133.733761][  T986] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[  133.770472][   T28] audit: type=1400 audit(1757055104.241:152): avc:  denied  { open } for  pid=1862 comm="syz.2.448" path="/dev/raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  133.886492][   T28] audit: type=1400 audit(1757055104.251:153): avc:  denied  { ioctl } for  pid=1862 comm="syz.2.448" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  133.935555][  T986] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  133.964906][  T986] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[  134.025597][  T986] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1c23, bcdDevice= 0.00
[  134.142735][  T986] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.165103][  T986] usb 3-1: config 0 descriptor??
[  134.170621][ T1863] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  134.251476][   T28] audit: type=1400 audit(1757055105.041:154): avc:  denied  { bind } for  pid=1868 comm="syz.3.450" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  134.262445][ T1869] binder: 1868:1869 ioctl 89f2 200000000240 returned -22
[  134.272585][   T28] audit: type=1400 audit(1757055105.041:155): avc:  denied  { name_bind } for  pid=1868 comm="syz.3.450" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  134.299309][   T28] audit: type=1400 audit(1757055105.041:156): avc:  denied  { node_bind } for  pid=1868 comm="syz.3.450" saddr=::ffff:0.0.0.0 src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  134.322206][   T28] audit: type=1400 audit(1757055105.051:157): avc:  denied  { setopt } for  pid=1868 comm="syz.3.450" laddr=::ffff:0.0.0.0 lport=20001 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  134.344689][   T28] audit: type=1400 audit(1757055105.081:158): avc:  denied  { connect } for  pid=1868 comm="syz.3.450" laddr=::ffff:0.0.0.0 lport=20001 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  134.368170][   T28] audit: type=1400 audit(1757055105.081:159): avc:  denied  { write } for  pid=1868 comm="syz.3.450" laddr=::ffff:127.0.0.1 lport=20001 faddr=::ffff:127.0.0.1 fport=20001 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  134.394411][   T28] audit: type=1400 audit(1757055105.081:160): avc:  denied  { read } for  pid=1868 comm="syz.3.450" laddr=::ffff:127.0.0.1 lport=20001 faddr=::ffff:127.0.0.1 fport=20001 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  134.400634][ T1872] binder: 1871:1872 unknown command 0
[  134.425769][ T1872] binder: 1871:1872 ioctl c0306201 200000000080 returned -22
[  134.507264][ T1875] binder: 1874:1875 unknown command 0
[  134.512711][ T1875] binder: 1874:1875 ioctl c0306201 200000000080 returned -22
[  134.596984][  T986] hid-generic 0003:1B1C:1C23.0001: unbalanced collection at end of report description
[  134.607014][  T986] hid-generic: probe of 0003:1B1C:1C23.0001 failed with error -22
[  134.818378][ T1863] loop2: detected capacity change from 0 to 8192
[  134.874210][  T885] I/O error, dev loop2, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  134.886830][   T60] usb 3-1: USB disconnect, device number 2
[  135.425287][ T1883] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  136.112070][ T1899] loop3: detected capacity change from 0 to 512
[  136.133714][ T1899] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  136.235644][ T1897] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  136.277308][ T1899] EXT4-fs (loop3): 1 truncate cleaned up
[  136.283086][ T1899] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  136.513902][ T1902] IPv6: ADDRCONF(NETDEV_CHANGE): gre3: link becomes ready
[  136.542056][ T1907] binder: 1906:1907 unknown command 0
[  136.570257][ T1907] binder: 1906:1907 ioctl c0306201 200000000080 returned -22
[  136.604616][ T1905] IPv6: ADDRCONF(NETDEV_CHANGE): gre4: link becomes ready
[  137.228111][ T1911] binder: 1910:1911 unknown command 0
[  137.246003][  T287] EXT4-fs (loop3): unmounting filesystem.
[  137.246138][ T1911] binder: 1910:1911 ioctl c0306201 200000000080 returned -22
[  137.394989][ T1909] binder_alloc: 1906: binder_alloc_buf, no vma
[  138.306180][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[  138.314125][  T518] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  138.697740][   T28] kauditd_printk_skb: 3 callbacks suppressed
[  138.697755][   T28] audit: type=1400 audit(1757055109.251:164): avc:  denied  { unlink } for  pid=1918 comm="syz.0.463" name="#49" dev="tmpfs" ino=587 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  138.730656][ T1915] binder_alloc: 1910: binder_alloc_buf, no vma
[  139.968507][ T1933] loop0: detected capacity change from 0 to 512
[  140.866211][   T28] audit: type=1400 audit(1757055111.661:165): avc:  denied  { create } for  pid=1944 comm="syz.2.471" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  141.777544][ T1955] IPv6: ADDRCONF(NETDEV_CHANGE): gre5: link becomes ready
[  141.818297][ T1962] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  141.910645][ T1968] loop2: detected capacity change from 0 to 256
[  141.935279][ T1968] =======================================================
[  141.935279][ T1968] WARNING: The mand mount option has been deprecated and
[  141.935279][ T1968]          and is ignored by this kernel. Remove the mand
[  141.935279][ T1968]          option from the mount to silence this warning.
[  141.935279][ T1968] =======================================================
[  142.071614][ T1968] FAT-fs (loop2): Directory bread(block 64) failed
[  142.087826][ T1968] FAT-fs (loop2): Directory bread(block 65) failed
[  142.104314][ T1968] FAT-fs (loop2): Directory bread(block 66) failed
[  142.122242][ T1968] FAT-fs (loop2): Directory bread(block 67) failed
[  142.138497][ T1968] FAT-fs (loop2): Directory bread(block 68) failed
[  142.149548][ T1968] FAT-fs (loop2): Directory bread(block 69) failed
[  142.159586][ T1968] FAT-fs (loop2): Directory bread(block 70) failed
[  142.170610][ T1968] FAT-fs (loop2): Directory bread(block 71) failed
[  142.190308][ T1968] FAT-fs (loop2): Directory bread(block 72) failed
[  142.199395][ T1968] FAT-fs (loop2): Directory bread(block 73) failed
[  142.563726][   T28] audit: type=1400 audit(1757055113.311:166): avc:  denied  { map } for  pid=1967 comm="syz.2.477" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=20891 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  142.639401][   T28] audit: type=1400 audit(1757055113.311:167): avc:  denied  { read write } for  pid=1967 comm="syz.2.477" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=20891 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  142.690637][ T1977] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  142.793739][ T1982] device bridge0 entered promiscuous mode
[  142.799696][ T1982] device macsec1 entered promiscuous mode
[  142.806503][ T1982] bridge0: port 3(macsec1) entered blocking state
[  142.835860][ T1982] bridge0: port 3(macsec1) entered disabled state
[  142.882790][ T1984] overlayfs: failed to resolve './file0': -2
[  143.084249][ T1985] loop2: detected capacity change from 0 to 1024
[  143.093327][ T1982] device bridge0 left promiscuous mode
[  143.138213][ T1985] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  143.153627][   T28] audit: type=1400 audit(1757055113.941:168): avc:  denied  { read write } for  pid=1983 comm="syz.2.483" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  143.166459][ T1985] SELinux:  Context @ is not valid (left unmapped).
[  143.177264][   T28] audit: type=1400 audit(1757055113.941:169): avc:  denied  { open } for  pid=1983 comm="syz.2.483" path="/99/file1/file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  143.225886][   T28] audit: type=1400 audit(1757055113.961:170): avc:  denied  { append } for  pid=1983 comm="syz.2.483" path="/99/file1/cgroup.controllers" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  143.254225][   T28] audit: type=1400 audit(1757055114.001:171): avc:  denied  { relabelto } for  pid=1983 comm="syz.2.483" name="cgroup.controllers" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="@"
[  143.295950][  T284] EXT4-fs (loop2): unmounting filesystem.
[  145.556336][  T518] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  145.788124][ T2006] device bridge0 entered promiscuous mode
[  145.807328][ T2006] device macsec1 entered promiscuous mode
[  145.813875][ T2006] bridge0: port 3(macsec1) entered blocking state
[  145.820379][ T2006] bridge0: port 3(macsec1) entered disabled state
[  145.828096][ T2006] device bridge0 left promiscuous mode
[  145.837635][ T2013] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  145.942802][ T2023] loop4: detected capacity change from 0 to 512
[  145.975597][ T2023] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  145.984709][ T2023] ext4 filesystem being mounted at /95/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.329797][ T2038] overlayfs: failed to resolve './file0': -2
[  147.004231][ T2040] syz.4.496[2040] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.004308][ T2040] syz.4.496[2040] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.948658][ T2051] binder: 2050:2051 unknown command 0
[  147.976544][ T2051] binder: 2050:2051 ioctl c0306201 200000000080 returned -22
[  149.090820][ T2058] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  149.140310][  T286] EXT4-fs (loop4): unmounting filesystem.
[  149.200795][ T2065] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  149.250295][ T2067] binder: 2066:2067 unknown command 0
[  149.257507][ T2067] binder: 2066:2067 ioctl c0306201 200000000080 returned -22
[  149.611246][ T2075] overlayfs: failed to resolve './file0': -2
[  150.148363][ T2085] loop3: detected capacity change from 0 to 512
[  150.494304][ T2090] IPv6: ADDRCONF(NETDEV_CHANGE): gre6: link becomes ready
[  150.646321][ T2096] loop1: detected capacity change from 0 to 512
[  150.665637][ T2096] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  150.674711][ T2096] ext4 filesystem being mounted at /87/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  150.844241][ T2101] syz.1.516[2101] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  150.844672][ T2101] syz.1.516[2101] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  151.153779][  T518] Bluetooth: hci0: command 0x1003 tx timeout
[  151.153808][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  152.228814][ T2110] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  152.326236][   T28] audit: type=1400 audit(1757055123.121:172): avc:  denied  { read write } for  pid=2114 comm="syz.0.521" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  152.352250][ T2116] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  152.389846][   T28] audit: type=1400 audit(1757055123.151:173): avc:  denied  { open } for  pid=2114 comm="syz.0.521" path="/dev/kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  152.412842][   T28] audit: type=1400 audit(1757055123.151:174): avc:  denied  { ioctl } for  pid=2114 comm="syz.0.521" path="/dev/kvm" dev="devtmpfs" ino=83 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  152.550812][   T28] audit: type=1400 audit(1757055123.341:175): avc:  denied  { name_bind } for  pid=2114 comm="syz.0.521" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  152.551483][  T285] EXT4-fs (loop1): unmounting filesystem.
[  152.588142][   T28] audit: type=1400 audit(1757055123.371:176): avc:  denied  { node_bind } for  pid=2114 comm="syz.0.521" saddr=224.0.0.1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  152.624872][   T28] audit: type=1400 audit(1757055123.421:177): avc:  denied  { block_suspend } for  pid=2114 comm="syz.0.521" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  152.636293][ T2126] device bridge0 entered promiscuous mode
[  152.652691][ T2126] device macsec1 entered promiscuous mode
[  152.659138][ T2126] bridge0: port 3(macsec1) entered blocking state
[  152.665690][ T2126] bridge0: port 3(macsec1) entered disabled state
[  152.673156][ T2126] device bridge0 left promiscuous mode
[  152.734496][ T2116] netlink: 4 bytes leftover after parsing attributes in process `syz.0.521'.
[  152.766223][ T2135] device bridge0 entered promiscuous mode
[  152.772066][ T2135] device macsec1 entered promiscuous mode
[  152.779993][ T2135] bridge0: port 3(macsec1) entered blocking state
[  152.786605][ T2135] bridge0: port 3(macsec1) entered disabled state
[  152.803771][ T2135] device bridge0 left promiscuous mode
[  152.896520][ T2141] binder: 2140:2141 unknown command 0
[  152.902316][ T2141] binder: 2140:2141 ioctl c0306201 200000000080 returned -22
[  153.192203][ T2143] binder_alloc: 2140: binder_alloc_buf, no vma
[  153.356411][ T2153] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  153.457017][ T2158] netlink: 96 bytes leftover after parsing attributes in process `syz.0.535'.
[  153.466540][ T2158] IPv6: NLM_F_CREATE should be specified when creating new route
[  153.474882][   T28] audit: type=1400 audit(1757055124.271:178): avc:  denied  { ioctl } for  pid=2157 comm="syz.0.535" path="/dev/uinput" dev="devtmpfs" ino=262 ioctlcmd=0x552c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  154.773300][ T2183] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  154.867439][ T2189] IPv6: ADDRCONF(NETDEV_CHANGE): gre6: link becomes ready
[  156.404296][ T2211] binder: 2210:2211 unknown command 0
[  156.409813][ T2211] binder: 2210:2211 ioctl c0306201 200000000080 returned -22
[  156.499272][ T2216] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  156.970502][ T2235] overlayfs: failed to resolve './file0': -2
[  158.243816][ T2234] loop4: detected capacity change from 0 to 256
[  160.103279][ T2266] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  160.198685][ T2270] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  160.310730][   T28] audit: type=1400 audit(1757055131.101:179): avc:  denied  { read } for  pid=2275 comm="syz.3.574" name="ppp" dev="devtmpfs" ino=158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  160.434732][   T28] audit: type=1400 audit(1757055131.101:180): avc:  denied  { open } for  pid=2275 comm="syz.3.574" path="/dev/ppp" dev="devtmpfs" ino=158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  160.724619][   T28] audit: type=1400 audit(1757055131.161:181): avc:  denied  { ioctl } for  pid=2275 comm="syz.3.574" path="/dev/ppp" dev="devtmpfs" ino=158 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  160.844670][ T2290] binder: 2289:2290 unknown command 0
[  160.850137][ T2290] binder: 2289:2290 ioctl c0306201 200000000080 returned -22
[  161.393800][ T2304] loop1: detected capacity change from 0 to 512
[  161.401446][ T2304] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  161.451511][ T2294] binder_alloc: 2289: binder_alloc_buf, no vma
[  161.508997][ T2304] EXT4-fs (loop1): 1 truncate cleaned up
[  161.514756][ T2304] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  161.938823][ T2315] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  162.271340][ T2324] loop0: detected capacity change from 0 to 512
[  162.279389][ T2324] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  162.300756][  T285] EXT4-fs (loop1): unmounting filesystem.
[  162.318138][ T2324] EXT4-fs (loop0): 1 truncate cleaned up
[  162.323988][ T2324] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  163.254231][ T2333] binder: 2332:2333 unknown command 0
[  163.275266][ T2333] binder: 2332:2333 ioctl c0306201 200000000080 returned -22
[  163.332600][  T283] EXT4-fs (loop0): unmounting filesystem.
[  163.388779][ T2337] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  163.729662][ T2346] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  164.004293][ T2352] netlink: 'syz.4.596': attribute type 4 has an invalid length.
[  164.012186][ T2352] netlink: 8 bytes leftover after parsing attributes in process `syz.4.596'.
[  164.077817][   T28] audit: type=1326 audit(1757055134.871:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2351 comm="syz.4.596" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f71e1f8ebe9 code=0x0
[  164.180617][ T2355] IPv6: ADDRCONF(NETDEV_CHANGE): gre4: link becomes ready
[  164.296012][   T28] audit: type=1400 audit(1757055135.091:183): avc:  denied  { mount } for  pid=2351 comm="syz.4.596" name="/" dev="configfs" ino=13451 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  164.318999][   T28] audit: type=1400 audit(1757055135.091:184): avc:  denied  { search } for  pid=2351 comm="syz.4.596" name="/" dev="configfs" ino=13451 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  164.803162][ T2363] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  164.839808][ T2365] loop3: detected capacity change from 0 to 512
[  165.393635][ T2102] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  165.393702][  T518] Bluetooth: hci0: command 0x1003 tx timeout
[  165.419879][ T2376] device bridge0 entered promiscuous mode
[  165.425717][ T2376] device macsec1 entered promiscuous mode
[  165.431838][ T2376] bridge0: port 3(macsec1) entered blocking state
[  165.438343][ T2376] bridge0: port 3(macsec1) entered disabled state
[  165.445840][ T2376] device bridge0 left promiscuous mode
[  165.523685][  T293] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  165.643515][ T2382] netlink: 9 bytes leftover after parsing attributes in process `syz.0.605'.
[  165.652797][ T2382] device gretap0 entered promiscuous mode
[  165.660088][ T2382] netlink: 5 bytes leftover after parsing attributes in process `syz.0.605'.
[  165.668992][ T2382] 0ªX¹¦D: renamed from gretap0
[  165.703161][ T2382] device 
30ªX¹¦D left promiscuous mode
[  165.709622][ T2382] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  165.725732][ T2384] binder: 2383:2384 unknown command 0
[  165.726663][  T293] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  165.732604][ T2384] binder: 2383:2384 ioctl c0306201 200000000080 returned -22
[  165.750088][  T293] usb 5-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=69.cf
[  165.769880][  T293] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.782522][  T293] usb 5-1: Product: syz
[  165.793718][ T2102] Bluetooth: hci1: command 0x1003 tx timeout
[  165.794375][  T517] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  165.799804][  T293] usb 5-1: Manufacturer: syz
[  165.814467][  T293] usb 5-1: SerialNumber: syz
[  165.820586][  T293] usb 5-1: config 0 descriptor??
[  165.835335][ T2382] syz.0.605 (2382) used greatest stack depth: 21512 bytes left
[  165.845621][   T28] audit: type=1400 audit(1757055136.641:185): avc:  denied  { create } for  pid=2388 comm="syz.0.608" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  165.865653][   T28] audit: type=1400 audit(1757055136.641:186): avc:  denied  { write } for  pid=2388 comm="syz.0.608" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  165.870752][  T293] usb 5-1: Found UVC 0.00 device syz (18ec:3288)
[  165.900785][  T293] usb 5-1: No valid video chain found.
[  165.915947][ T2396] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  165.968028][ T2403] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  166.371897][ T2407] loop4: detected capacity change from 0 to 256
[  166.378541][ T2407] exfat: Deprecated parameter 'utf8'
[  166.383940][ T2407] exfat: Unknown parameter 'til�bƒù¤Ó�me_offset'
[  166.639001][ T2409] binder: 2408:2409 unknown command 0
[  166.644489][ T2409] binder: 2408:2409 ioctl c0306201 200000000080 returned -22
[  166.943673][ T1485] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[  167.124694][ T1485] usb 3-1: config 7 has an invalid interface number: 39 but max is 0
[  167.132864][ T1485] usb 3-1: config 7 has no interface number 0
[  167.139009][ T1485] usb 3-1: config 7 interface 39 has no altsetting 0
[  167.147206][ T1485] usb 3-1: New USB device found, idVendor=05ac, idProduct=8514, bcdDevice=96.c2
[  167.156288][ T1485] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.164313][ T1485] usb 3-1: Product: syz
[  167.168489][ T1485] usb 3-1: Manufacturer: syz
[  167.173071][ T1485] usb 3-1: SerialNumber: syz
[  167.380026][   T28] audit: type=1400 audit(1757055138.171:187): avc:  denied  { mounton } for  pid=2410 comm="syz.2.615" path="/proc/393/task" dev="proc" ino=21790 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  167.405083][ T1485] usb 3-1: Found UVC 0.00 device syz (05ac:8514)
[  167.411441][ T1485] usb 3-1: No valid video chain found.
[  167.417735][ T1485] usb 3-1: USB disconnect, device number 3
[  167.962744][ T2429] loop0: detected capacity change from 0 to 512
[  168.024409][ T2429] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  168.053646][  T517] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  168.230733][ T2429] EXT4-fs (loop0): 1 truncate cleaned up
[  168.236620][ T2429] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  168.342322][  T704] usb 5-1: USB disconnect, device number 2
[  168.690460][ T2438] FAULT_INJECTION: forcing a failure.
[  168.690460][ T2438] name failslab, interval 1, probability 0, space 0, times 0
[  168.703222][ T2438] CPU: 1 PID: 2438 Comm: syz.4.623 Not tainted syzkaller #0
[  168.710522][ T2438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  168.720593][ T2438] Call Trace:
[  168.723879][ T2438]  <TASK>
[  168.726818][ T2438]  __dump_stack+0x21/0x24
[  168.731165][ T2438]  dump_stack_lvl+0xee/0x150
[  168.735866][ T2438]  ? __cfi_dump_stack_lvl+0x8/0x8
[  168.740912][ T2438]  ? __kasan_check_read+0x11/0x20
[  168.745958][ T2438]  ? preempt_schedule_irq+0xbb/0x110
[  168.751254][ T2438]  dump_stack+0x15/0x24
[  168.755416][ T2438]  should_fail_ex+0x3d4/0x520
[  168.760112][ T2438]  __should_failslab+0xac/0xf0
[  168.764976][ T2438]  ? sidtab_sid2str_get+0x120/0x2c0
[  168.770207][ T2438]  should_failslab+0x9/0x20
[  168.774715][ T2438]  __kmem_cache_alloc_node+0x3d/0x2c0
[  168.780102][ T2438]  ? sidtab_sid2str_get+0x120/0x2c0
[  168.785312][ T2438]  __kmalloc_node_track_caller+0xa0/0x1e0
[  168.791062][ T2438]  kmemdup+0x2b/0x60
[  168.794976][ T2438]  sidtab_sid2str_get+0x120/0x2c0
[  168.800015][ T2438]  security_sid_to_context_core+0x2ac/0x480
[  168.805934][ T2438]  security_sid_to_context+0x33/0x40
[  168.811255][ T2438]  avc_audit_post_callback+0x1cc/0x820
[  168.816823][ T2438]  ? irqentry_exit+0x37/0x40
[  168.821428][ T2438]  ? __cfi_avc_audit_post_callback+0x10/0x10
[  168.827426][ T2438]  ? __cfi_avc_audit_post_callback+0x10/0x10
[  168.833523][ T2438]  ? common_lsm_audit+0x12c1/0x16d0
[  168.838751][ T2438]  ? __cfi_avc_audit_post_callback+0x10/0x10
[  168.844752][ T2438]  common_lsm_audit+0x12d7/0x16d0
[  168.849800][ T2438]  ? __cfi_avc_audit_post_callback+0x10/0x10
[  168.855802][ T2438]  ? __cfi_common_lsm_audit+0x10/0x10
[  168.861231][ T2438]  ? sysvec_call_function_single+0x61/0xc0
[  168.867061][ T2438]  slow_avc_audit+0x1ac/0x220
[  168.871758][ T2438]  ? __cfi_slow_avc_audit+0x10/0x10
[  168.876971][ T2438]  ? avc_has_perm_noaudit+0x2f4/0x460
[  168.882371][ T2438]  ? __schedule+0xb8f/0x14e0
[  168.886979][ T2438]  avc_has_perm+0x1e6/0x240
[  168.891941][ T2438]  ? __cfi_avc_has_perm+0x10/0x10
[  168.896984][ T2438]  ? __kasan_check_read+0x11/0x20
[  168.902034][ T2438]  ? preempt_schedule_irq+0xbb/0x110
[  168.907336][ T2438]  selinux_socket_setsockopt+0x1ff/0x300
[  168.912992][ T2438]  ? __cfi_selinux_socket_setsockopt+0x10/0x10
[  168.919257][ T2438]  ? irqentry_exit+0x37/0x40
[  168.923866][ T2438]  ? sysvec_reschedule_ipi+0x78/0x80
[  168.929171][ T2438]  ? __cfi_selinux_socket_setsockopt+0x10/0x10
[  168.935357][ T2438]  security_socket_setsockopt+0x83/0xb0
[  168.940918][ T2438]  __sys_setsockopt+0x189/0x4e0
[  168.945781][ T2438]  ? __cfi___sys_setsockopt+0x10/0x10
[  168.951164][ T2438]  ? ksys_write+0x1eb/0x240
[  168.955690][ T2438]  ? __kasan_check_write+0x14/0x20
[  168.960910][ T2438]  ? fpregs_restore_userregs+0x128/0x260
[  168.966650][ T2438]  __x64_sys_setsockopt+0xbf/0xd0
[  168.971689][ T2438]  x64_sys_call+0x124/0x9a0
[  168.976212][ T2438]  do_syscall_64+0x4c/0xa0
[  168.980641][ T2438]  ? clear_bhb_loop+0x30/0x80
[  168.985337][ T2438]  ? clear_bhb_loop+0x30/0x80
[  168.990126][ T2438]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  168.996123][ T2438] RIP: 0033:0x7f71e1f8ebe9
[  169.000561][ T2438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.020191][ T2438] RSP: 002b:00007f71e2e9a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  169.028647][ T2438] RAX: ffffffffffffffda RBX: 00007f71e21c6180 RCX: 00007f71e1f8ebe9
[  169.036644][ T2438] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000006
[  169.044661][ T2438] RBP: 00007f71e2e9a090 R08: 0000000000000010 R09: 0000000000000000
[  169.052751][ T2438] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  169.054526][   T28] audit: type=1400 audit(1757055139.481:188): avc:  denied  { bind } for  pid=2435 comm="syz.4.623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  169.060748][ T2438] R13: 00007f71e21c6218 R14: 00007f71e21c6180 R15: 00007ffe0b3be3d8
[  169.060773][ T2438]  </TASK>
[  169.092282][ T2437] fuse: Unknown parameter '®æLêllüx{Æ A�Ë~Ìy¤³ÏÃ�—i!Å;eάà›OСhoÆ#KË;çL@‡ûæ]1>[§}f7t£?÷ô«#¸ÊyÖ·æ½;æeë?¯M9Ò)Œ+­¥Ÿ†Ë#˜Ë«Y´‰
£üîj
[  169.092282][ T2437] 8N[1�L‘@0x0000000000000007'
[  169.134275][   T28] audit: type=1400 audit(1757055139.481:189): avc:  denied  { setopt } for  pid=2435 comm="syz.4.623" scontext=root:sysadm_r:sysadm_t tsid=135 tclass=tipc_socket permissive=1
[  169.624887][  T283] EXT4-fs (loop0): unmounting filesystem.
[  169.718709][ T2453] block device autoloading is deprecated and will be removed.
[  169.760391][   T28] audit: type=1400 audit(1757055140.551:190): avc:  denied  { create } for  pid=2441 comm="syz.2.625" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  169.789042][   T28] audit: type=1400 audit(1757055140.551:191): avc:  denied  { write } for  pid=2441 comm="syz.2.625" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  170.030655][ T2464] loop4: detected capacity change from 0 to 512
[  170.142848][ T2464] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  170.152006][ T2464] ext4 filesystem being mounted at /118/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  170.165965][ T2473] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  171.058907][ T2483] syz.4.633[2483] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  171.059066][ T2483] syz.4.633[2483] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  171.283201][ T2484] overlayfs: failed to resolve './file0': -2
[  172.390934][ T2102] Bluetooth: hci0: command 0x1003 tx timeout
[  173.062686][ T2491] binder: 2490:2491 unknown command 0
[  173.074817][  T517] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  173.107480][ T2491] binder: 2490:2491 ioctl c0306201 200000000080 returned -22
[  173.118641][ T2497] loop0: detected capacity change from 0 to 512
[  173.126795][ T2497] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  173.150127][ T2500] loop2: detected capacity change from 0 to 128
[  173.179585][ T2497] EXT4-fs (loop0): 1 truncate cleaned up
[  173.185510][ T2497] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  173.205511][ T2498] loop3: detected capacity change from 0 to 512
[  173.223709][ T2500] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  173.233048][ T2500] ext4 filesystem being mounted at /123/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  173.253350][  T286] EXT4-fs (loop4): unmounting filesystem.
[  173.257924][ T2498] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  173.268643][ T2498] ext4 filesystem being mounted at /140/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  173.270575][  T284] EXT4-fs (loop2): unmounting filesystem.
[  173.399510][  T283] EXT4-fs (loop0): unmounting filesystem.
[  173.442459][ T2513] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  173.495993][ T2513] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  173.507871][ T2517] syz.3.640[2517] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  173.508174][ T2517] syz.3.640[2517] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  173.720409][ T2515] loop0: detected capacity change from 0 to 512
[  173.746253][ T2513] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  173.805423][ T2513] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  173.855768][ T2519] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  174.313877][ T2519] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  174.383137][   T28] audit: type=1400 audit(1757055145.171:192): avc:  denied  { append } for  pid=2522 comm="syz.0.647" name="urandom" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[  174.475044][  T287] EXT4-fs (loop3): unmounting filesystem.
[  174.477186][ T2530] fuse: Bad value for 'fd'
[  174.488678][   T28] audit: type=1400 audit(1757055145.281:193): avc:  denied  { bind } for  pid=2529 comm="syz.4.650" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  174.522425][   T28] audit: type=1400 audit(1757055145.281:194): avc:  denied  { write } for  pid=2529 comm="syz.4.650" path="socket:[21967]" dev="sockfs" ino=21967 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  174.614394][ T2535] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  174.623658][    T6] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  175.004758][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  175.015755][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  175.025537][    T6] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  175.034633][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.043276][    T6] usb 3-1: config 0 descriptor??
[  175.118873][ T2539] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  175.251753][    T6] usbhid 3-1:0.0: can't add hid device: -71
[  175.257813][    T6] usbhid: probe of 3-1:0.0 failed with error -71
[  175.265254][    T6] usb 3-1: USB disconnect, device number 4
[  175.857428][ T2550] loop2: detected capacity change from 0 to 512
[  176.294060][ T2554] loop3: detected capacity change from 0 to 512
[  176.516837][  T517] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  176.516872][ T2540] Bluetooth: hci0: command 0x1003 tx timeout
[  176.683625][   T45] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  176.683645][  T518] Bluetooth: hci1: command 0x1003 tx timeout
[  176.727832][ T2558] loop0: detected capacity change from 0 to 128
[  176.739371][ T2558] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  176.804661][ T2558] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  176.817216][ T2558] ext4 filesystem being mounted at /151/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  176.837339][  T283] EXT4-fs (loop0): unmounting filesystem.
[  176.975342][   T28] audit: type=1400 audit(1757055147.771:195): avc:  denied  { create } for  pid=2572 comm="syz.0.664" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  177.080101][ T2577] loop4: detected capacity change from 0 to 512
[  177.095918][ T2577] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  177.105018][ T2577] ext4 filesystem being mounted at /125/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  178.475022][ T2587] syz.4.666[2587] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  178.475393][ T2587] syz.4.666[2587] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  179.315576][   T45] Bluetooth: hci2: command 0x1003 tx timeout
[  182.536405][ T2102] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  182.654833][  T286] EXT4-fs (loop4): unmounting filesystem.
[  182.708073][ T2598] tipc: Failed to remove unknown binding: 66,1,1/0:782561788/782561790
[  183.865972][ T2605] loop4: detected capacity change from 0 to 512
[  183.868957][   T28] audit: type=1400 audit(1757055154.661:196): avc:  denied  { bind } for  pid=2603 comm="syz.4.671" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  183.914714][ T1879] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  183.971446][ T2601] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  184.163355][ T2622] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  184.177311][ T2622] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.199605][ T2622] syz.0.677 (2622) used greatest stack depth: 20960 bytes left
[  184.210475][ T2628] binder: 2627:2628 unknown command 0
[  184.216388][ T2628] binder: 2627:2628 ioctl c0306201 200000000080 returned -22
[  184.880082][ T2639] overlayfs: failed to resolve './file0': -2
[  185.180662][   T28] audit: type=1400 audit(1757055155.971:197): avc:  denied  { create } for  pid=2642 comm="syz.2.683" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  185.201155][ T2643] netlink: 96 bytes leftover after parsing attributes in process `syz.2.683'.
[  185.210214][   T28] audit: type=1400 audit(1757055155.991:198): avc:  denied  { write } for  pid=2642 comm="syz.2.683" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  185.231442][   T28] audit: type=1400 audit(1757055155.991:199): avc:  denied  { nlmsg_write } for  pid=2642 comm="syz.2.683" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  185.253023][ T2643] netlink: 'syz.2.683': attribute type 5 has an invalid length.
[  185.753533][ T2654] loop4: detected capacity change from 0 to 512
[  185.765797][ T2654] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  185.775181][ T2654] ext4 filesystem being mounted at /132/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  186.821861][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  186.989947][ T2668] syz.4.687[2668] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  186.990029][ T2668] syz.4.687[2668] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  188.234338][   T28] audit: type=1400 audit(1757055159.031:200): avc:  denied  { unmount } for  pid=287 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  188.489125][  T286] EXT4-fs (loop4): unmounting filesystem.
[  188.587044][ T2686] binder: 2684:2686 unknown command 0
[  188.607202][ T2686] binder: 2684:2686 ioctl c0306201 200000000080 returned -22
[  189.454616][ T2694] overlayfs: failed to resolve './file0': -2
[  190.406089][ T2701] binder: 2700:2701 unknown command 0
[  190.418132][ T2703] loop0: detected capacity change from 0 to 512
[  190.421414][ T2701] binder: 2700:2701 ioctl c0306201 200000000080 returned -22
[  190.451696][ T2705] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  190.550791][   T28] audit: type=1400 audit(1757055161.341:201): avc:  denied  { read } for  pid=2704 comm="syz.2.703" path="socket:[22327]" dev="sockfs" ino=22327 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  190.976173][ T2719] overlayfs: failed to resolve './file0': -2
[  191.559064][ T2727] FAULT_INJECTION: forcing a failure.
[  191.559064][ T2727] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  191.572681][ T2727] CPU: 0 PID: 2727 Comm: syz.4.710 Not tainted syzkaller #0
[  191.580000][ T2727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  191.590074][ T2727] Call Trace:
[  191.593348][ T2727]  <TASK>
[  191.596271][ T2727]  __dump_stack+0x21/0x24
[  191.600608][ T2727]  dump_stack_lvl+0xee/0x150
[  191.605198][ T2727]  ? __cfi_dump_stack_lvl+0x8/0x8
[  191.610220][ T2727]  ? __kasan_check_write+0x14/0x20
[  191.615343][ T2727]  dump_stack+0x15/0x24
[  191.619556][ T2727]  should_fail_ex+0x3d4/0x520
[  191.624244][ T2727]  should_fail_alloc_page+0x61/0x90
[  191.629455][ T2727]  prepare_alloc_pages+0x148/0x5f0
[  191.634578][ T2727]  ? __alloc_pages_bulk+0x9c0/0x9c0
[  191.639776][ T2727]  ? __bpf_trace_mm_page_alloc+0xc0/0xf0
[  191.645415][ T2727]  __alloc_pages+0x124/0x450
[  191.650008][ T2727]  ? __kasan_kmalloc_large+0xa4/0xb0
[  191.655289][ T2727]  ? __cfi___alloc_pages+0x10/0x10
[  191.660402][ T2727]  ? __alloc_skb+0x2df/0x4b0
[  191.664991][ T2727]  alloc_skb_with_frags+0x20c/0x620
[  191.670207][ T2727]  sock_alloc_send_pskb+0x853/0x980
[  191.675402][ T2727]  ? __cfi_sock_alloc_send_pskb+0x10/0x10
[  191.681113][ T2727]  ? __kasan_check_write+0x14/0x20
[  191.686220][ T2727]  ? _raw_spin_lock+0x8e/0xe0
[  191.690894][ T2727]  ? __cfi__raw_spin_lock+0x10/0x10
[  191.696090][ T2727]  ? security_socket_getpeersec_dgram+0xbb/0xd0
[  191.702330][ T2727]  unix_dgram_sendmsg+0x592/0x16d0
[  191.707439][ T2727]  ? __cfi_selinux_socket_sendmsg+0x10/0x10
[  191.713340][ T2727]  ? __cfi_unix_dgram_sendmsg+0x10/0x10
[  191.718884][ T2727]  ? stack_trace_save+0x98/0xe0
[  191.723730][ T2727]  ? __stack_depot_save+0x36/0x480
[  191.728882][ T2727]  ? security_socket_sendmsg+0x93/0xb0
[  191.734347][ T2727]  ? __cfi_unix_dgram_sendmsg+0x10/0x10
[  191.739916][ T2727]  ____sys_sendmsg+0x5a9/0x990
[  191.744682][ T2727]  ? __sys_sendmsg_sock+0x40/0x40
[  191.749722][ T2727]  ? import_iovec+0x7c/0xb0
[  191.754227][ T2727]  ___sys_sendmsg+0x21c/0x290
[  191.758908][ T2727]  ? __sys_sendmsg+0x270/0x270
[  191.763671][ T2727]  ? __kasan_check_write+0x14/0x20
[  191.768791][ T2727]  ? proc_fail_nth_write+0x17a/0x1f0
[  191.774090][ T2727]  ? vfs_write+0x9d6/0xca0
[  191.778531][ T2727]  ? __fdget+0x19c/0x220
[  191.782767][ T2727]  __x64_sys_sendmsg+0x1f0/0x2c0
[  191.787693][ T2727]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[  191.793139][ T2727]  ? fpregs_assert_state_consistent+0xb1/0xe0
[  191.799213][ T2727]  x64_sys_call+0x171/0x9a0
[  191.803717][ T2727]  do_syscall_64+0x4c/0xa0
[  191.808128][ T2727]  ? clear_bhb_loop+0x30/0x80
[  191.812805][ T2727]  ? clear_bhb_loop+0x30/0x80
[  191.817473][ T2727]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  191.823363][ T2727] RIP: 0033:0x7f71e1f8ebe9
[  191.827778][ T2727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  191.847386][ T2727] RSP: 002b:00007f71e2edc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  191.855803][ T2727] RAX: ffffffffffffffda RBX: 00007f71e21c5fa0 RCX: 00007f71e1f8ebe9
[  191.863780][ T2727] RDX: 0000000000000000 RSI: 0000200000000500 RDI: 0000000000000007
[  191.871754][ T2727] RBP: 00007f71e2edc090 R08: 0000000000000000 R09: 0000000000000000
[  191.879828][ T2727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  191.887802][ T2727] R13: 00007f71e21c6038 R14: 00007f71e21c5fa0 R15: 00007ffe0b3be3d8
[  191.895786][ T2727]  </TASK>
[  191.939999][   T28] audit: type=1400 audit(1757055162.711:202): avc:  denied  { append } for  pid=2728 comm="syz.4.711" name="001" dev="devtmpfs" ino=185 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  191.946240][ T2731] loop4: detected capacity change from 0 to 512
[  191.983834][ T2731] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  191.993007][ T2731] ext4 filesystem being mounted at /141/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  193.079078][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[  193.096444][ T2102] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  193.122111][ T2741] binder: 2739:2741 unknown command 0
[  193.179093][ T2741] binder: 2739:2741 ioctl c0306201 200000000080 returned -22
[  193.191357][ T2746] syz.4.712[2746] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  193.191775][ T2746] syz.4.712[2746] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  193.988835][ T2757] binder: 2756:2757 unknown command 0
[  194.007274][ T2757] binder: 2756:2757 ioctl c0306201 200000000080 returned -22
[  194.106825][  T286] EXT4-fs (loop4): unmounting filesystem.
[  194.133350][ T2762] loop0: detected capacity change from 0 to 256
[  194.143070][ T2762] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  194.166278][   T28] audit: type=1400 audit(1757055164.961:203): avc:  denied  { read } for  pid=88 comm="acpid" name="event5" dev="devtmpfs" ino=833 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  194.198657][   T28] audit: type=1400 audit(1757055164.961:204): avc:  denied  { open } for  pid=88 comm="acpid" path="/dev/input/event5" dev="devtmpfs" ino=833 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  194.222925][   T28] audit: type=1400 audit(1757055164.961:205): avc:  denied  { ioctl } for  pid=88 comm="acpid" path="/dev/input/event5" dev="devtmpfs" ino=833 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  194.615852][   T28] audit: type=1400 audit(1757055165.411:206): avc:  denied  { unmount } for  pid=283 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  195.092149][ T2785] binder: 2784:2785 unknown command 0
[  195.097659][ T2785] binder: 2784:2785 ioctl c0306201 200000000080 returned -22
[  195.201558][ T2789] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  196.265160][ T2800] loop1: detected capacity change from 0 to 512
[  196.314794][ T2800] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  196.332519][ T2800] ext4 filesystem being mounted at /118/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  196.604287][ T2816] syz.2.733[2816] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  196.604871][ T2816] syz.2.733[2816] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  196.649762][ T2816] loop2: detected capacity change from 0 to 256
[  197.554875][ T2817] syz.1.730[2817] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  197.555223][ T2817] syz.1.730[2817] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  197.576455][ T2102] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  197.585800][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[  197.668617][ T2816] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  197.724017][   T28] audit: type=1400 audit(1757055168.511:207): avc:  denied  { write } for  pid=2809 comm="syz.2.733" name="/" dev="loop2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  197.814708][ T2819] loop0: detected capacity change from 0 to 512
[  197.848631][   T28] audit: type=1400 audit(1757055168.511:208): avc:  denied  { add_name } for  pid=2809 comm="syz.2.733" name="blkio.bfq.io_serviced_recursive" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  197.871605][   T28] audit: type=1400 audit(1757055168.511:209): avc:  denied  { associate } for  pid=2809 comm="syz.2.733" name="blkio.bfq.io_serviced_recursive" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  197.895713][   T28] audit: type=1400 audit(1757055168.641:210): avc:  denied  { read append open } for  pid=2809 comm="syz.2.733" path="/146/file1/blkio.bfq.io_serviced_recursive" dev="loop2" ino=1048629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  198.038059][ T2822] tipc: Failed to remove unknown binding: 66,1,1/0:53274583/53274585
[  198.048507][   T28] audit: type=1400 audit(1757055168.851:211): avc:  denied  { ioctl } for  pid=2823 comm="syz.2.736" path="socket:[23379]" dev="sockfs" ino=23379 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  198.105119][ T2819] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  198.133343][ T2819] ext4 filesystem being mounted at /168/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  198.148012][ T2828] loop2: detected capacity change from 0 to 256
[  198.299380][  T285] EXT4-fs (loop1): unmounting filesystem.
[  198.402092][ T2836] syz.0.745[2836] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  198.402433][ T2836] syz.0.745[2836] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  199.798851][  T430] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  199.821628][ T2837] loop1: detected capacity change from 0 to 512
[  199.855289][ T2841] loop3: detected capacity change from 0 to 512
[  199.998879][ T2837] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  200.008887][ T2837] ext4 filesystem being mounted at /119/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  201.133891][  T283] EXT4-fs (loop0): unmounting filesystem.
[  201.154763][  T430] usb 3-1: device descriptor read/all, error -71
[  201.236666][ T2847] syz.1.749[2847] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  201.237097][ T2847] syz.1.749[2847] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  334.756990][   T29] INFO: task khugepaged:33 blocked for more than 122 seconds.
[  335.023797][   T29]       Not tainted syzkaller #0
[  335.028792][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  335.283667][   T29] task:khugepaged      state:D stack:28288 pid:33    ppid:2      flags:0x00004000
[  335.292954][   T29] Call Trace:
[  335.296298][   T29]  <TASK>
[  335.299247][   T29]  __schedule+0xb87/0x14e0
[  335.303709][   T29]  ? release_firmware_map_entry+0x194/0x194
[  335.309616][   T29]  ? __mutex_add_waiter+0x17b/0x270
[  335.314848][   T29]  ? __kasan_check_write+0x14/0x20
[  335.319990][   T29]  ? trace_contention_begin+0xa0/0xa0
[  335.325397][   T29]  ? __kasan_check_write+0x14/0x20
[  335.330552][   T29]  schedule+0xbd/0x170
[  335.334649][   T29]  schedule_preempt_disabled+0x13/0x20
[  335.340127][   T29]  __mutex_lock+0x74a/0x16d0
[  335.344749][   T29]  ? __ww_mutex_lock_interruptible_slowpath+0x20/0x20
[  335.351534][   T29]  ? _raw_spin_unlock+0x4c/0x70
[  335.356416][   T29]  ? finish_task_switch+0x16b/0x7b0
[  335.361639][   T29]  ? __kasan_check_write+0x14/0x20
[  335.366797][   T29]  ? _raw_spin_lock_irqsave+0xb0/0x110
[  335.372286][   T29]  ? __cfi__raw_spin_lock_irqsave+0x10/0x10
[  335.378221][   T29]  ? __schedule+0xb8f/0x14e0
[  335.382837][   T29]  ? detach_if_pending+0xf4/0x300
[  335.387898][   T29]  __mutex_lock_slowpath+0xe/0x10
[  335.392959][   T29]  mutex_lock+0xf8/0x1a0
[  335.397280][   T29]  ? __cfi_mutex_lock+0x10/0x10
[  335.402157][   T29]  ? schedule_timeout+0x17a/0x2e0
[  335.407307][   T29]  ? __cfi_schedule_timeout+0x10/0x10
[  335.412703][   T29]  __lru_add_drain_all+0x67/0x7b0
[  335.417866][   T29]  lru_add_drain_all+0x10/0x20
[  335.422656][   T29]  khugepaged+0x12c/0x1560
[  335.427103][   T29]  ? __kasan_check_write+0x14/0x20
[  335.432251][   T29]  ? __cfi_khugepaged+0x10/0x10
[  335.437139][   T29]  ? __cfi_autoremove_wake_function+0x10/0x10
[  335.443234][   T29]  ? __switch_to_asm+0x3a/0x60
[  335.448124][   T29]  ? __cfi_autoremove_wake_function+0x10/0x10
[  335.454230][   T29]  ? __schedule+0xb8f/0x14e0
[  335.458835][   T29]  ? __kasan_check_write+0x14/0x20
[  335.463989][   T29]  ? _raw_spin_lock_irqsave+0xb0/0x110
[  335.469476][   T29]  ? __cfi__raw_spin_lock_irqsave+0x10/0x10
[  335.475460][   T29]  ? __kasan_check_read+0x11/0x20
[  335.480510][   T29]  ? __kthread_parkme+0x142/0x180
[  335.485569][   T29]  kthread+0x281/0x320
[  335.489654][   T29]  ? __cfi_khugepaged+0x10/0x10
[  335.494581][   T29]  ? __cfi_kthread+0x10/0x10
[  335.499189][   T29]  ret_from_fork+0x1f/0x30
[  335.503643][   T29]  </TASK>
[  335.523536][   T29] INFO: task syz-executor:283 blocked for more than 123 seconds.
[  335.531301][   T29]       Not tainted syzkaller #0
[  335.783597][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  335.792348][   T29] task:syz-executor    state:D stack:22304 pid:283   ppid:278    flags:0x00004000
[  336.113512][   T29] Call Trace:
[  336.116859][   T29]  <TASK>
[  336.119811][   T29]  __schedule+0xb87/0x14e0
[  336.143552][   T29]  ? 0xffffffffa0000958
[  336.147753][   T29]  ? release_firmware_map_entry+0x194/0x194
[  336.153707][   T29]  schedule+0xbd/0x170
[  336.157795][   T29]  schedule_timeout+0xa6/0x2e0
[  336.162580][   T29]  ? __cfi_schedule_timeout+0x10/0x10
[  336.168000][   T29]  ? __cfi_find_get_pages_range_tag+0x10/0x10
[  336.174096][   T29]  wait_for_common+0x354/0x620
[  336.178887][   T29]  ? wait_for_completion+0x20/0x20
[  336.184025][   T29]  ? try_to_wake_up+0x613/0x1220
[  336.188984][   T29]  ? wake_up_process+0x10/0x20
[  336.193800][   T29]  ? insert_work+0x271/0x300
[  336.198417][   T29]  wait_for_completion+0x18/0x20
[  336.203370][   T29]  __flush_work+0x4fb/0x620
[  336.207922][   T29]  ? flush_work+0x20/0x20
[  336.212272][   T29]  ? __cfi_wq_barrier_func+0x10/0x10
[  336.217601][   T29]  ? __cfi_queue_work_on+0x10/0x10
[  336.222734][   T29]  ? smp_call_function_many+0x40/0x40
[  336.228154][   T29]  flush_work+0x15/0x20
[  336.232328][   T29]  __lru_add_drain_all+0x644/0x7b0
[  336.237566][   T29]  lru_add_drain_all+0x10/0x20
[  336.242358][   T29]  invalidate_bdev+0x95/0x150
[  336.247065][   T29]  ext4_put_super+0x718/0xac0
[  336.251766][   T29]  ? __cfi_ext4_put_super+0x10/0x10
[  336.256993][   T29]  generic_shutdown_super+0x15f/0x370
[  336.262386][   T29]  kill_block_super+0x7f/0xf0
[  336.267095][   T29]  deactivate_locked_super+0xb5/0x120
[  336.272491][   T29]  deactivate_super+0xaf/0xe0
[  336.277201][   T29]  cleanup_mnt+0x45f/0x4e0
[  336.281649][   T29]  __cleanup_mnt+0x19/0x20
[  336.286108][   T29]  task_work_run+0x1db/0x240
[  336.290719][   T29]  ? __cfi_task_work_run+0x10/0x10
[  336.295874][   T29]  ? __x64_sys_umount+0x125/0x160
[  336.300923][   T29]  ? __cfi___x64_sys_umount+0x10/0x10
[  336.306348][   T29]  exit_to_user_mode_loop+0x9b/0xb0
[  336.311566][   T29]  exit_to_user_mode_prepare+0x5a/0xa0
[  336.317054][   T29]  syscall_exit_to_user_mode+0x1a/0x30
[  336.322537][   T29]  do_syscall_64+0x58/0xa0
[  336.326978][   T29]  ? clear_bhb_loop+0x30/0x80
[  336.331690][   T29]  ? clear_bhb_loop+0x30/0x80
[  336.336407][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  336.342320][   T29] RIP: 0033:0x7f61e8f8ff17
[  336.346755][   T29] RSP: 002b:00007ffc1056de28 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  336.355191][   T29] RAX: 0000000000000000 RBX: 00007f61e9011c05 RCX: 00007f61e8f8ff17
[  336.363174][   T29] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc1056dee0
[  336.371174][   T29] RBP: 00007ffc1056dee0 R08: 0000000000000000 R09: 0000000000000000
[  336.379167][   T29] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc1056ef70
[  336.387181][   T29] R13: 00007f61e9011c05 R14: 0000000000030c5f R15: 00007ffc1056efb0
[  336.395192][   T29]  </TASK>
[  336.573567][   T29] NMI backtrace for cpu 0
[  336.577944][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[  336.585161][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  336.595225][   T29] Call Trace:
[  336.598510][   T29]  <TASK>
[  336.601451][   T29]  __dump_stack+0x21/0x24
[  336.605797][   T29]  dump_stack_lvl+0xee/0x150
[  336.610411][   T29]  ? __cfi_dump_stack_lvl+0x8/0x8
[  336.615464][   T29]  dump_stack+0x15/0x24
[  336.619630][   T29]  nmi_cpu_backtrace+0x2b4/0x2c0
[  336.624588][   T29]  ? rcu_read_unlock_special+0xab/0x480
[  336.630172][   T29]  ? __cfi_nmi_cpu_backtrace+0x10/0x10
[  336.635742][   T29]  ? __rcu_read_unlock+0xa0/0xa0
[  336.640712][   T29]  ? memcpy+0x56/0x70
[  336.644708][   T29]  ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10
[  336.650705][   T29]  nmi_trigger_cpumask_backtrace+0x16b/0x3a0
[  336.656702][   T29]  arch_trigger_cpumask_backtrace+0x10/0x20
[  336.662611][   T29]  watchdog+0xd44/0xe80
[  336.666825][   T29]  ? __cfi_watchdog+0x10/0x10
[  336.671530][   T29]  ? __kasan_check_read+0x11/0x20
[  336.677011][   T29]  ? __kthread_parkme+0x142/0x180
[  336.682059][   T29]  kthread+0x281/0x320
[  336.686152][   T29]  ? __cfi_watchdog+0x10/0x10
[  336.690850][   T29]  ? __cfi_kthread+0x10/0x10
[  336.695461][   T29]  ret_from_fork+0x1f/0x30
[  336.699902][   T29]  </TASK>
[  336.703259][   T29] Sending NMI from CPU 0 to CPUs 1:
[  336.708647][    C1] NMI backtrace for cpu 1
[  336.708657][    C1] CPU: 1 PID: 2852 Comm: syz.3.742 Not tainted syzkaller #0
[  336.708675][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  336.708684][    C1] RIP: 0010:is_bpf_text_address+0x80/0x190
[  336.708715][    C1] Code: f6 0f 84 cc 00 00 00 4c 89 6d d0 41 c1 e7 03 47 8d 2c 7f 49 f7 dd 4f 8d bc 2e e0 fd ff ff 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 <74> 08 4c 89 ff e8 f6 f8 35 00 4d 8b 3f 4c 89 ff 48 89 de e8 88 96
[  336.708730][    C1] RSP: 0018:ffffc90000a775a0 EFLAGS: 00000046
[  336.708746][    C1] RAX: 1ffff11026326a1c RBX: 0000000000000000 RCX: 0000000000080000
[  336.708758][    C1] RDX: ffffc90003dd4000 RSI: 000000000007ffff RDI: 0000000000080000
[  336.708770][    C1] RBP: ffffc90000a775d0 R08: ffffc90000a77710 R09: ffffc90000a77708
[  336.708784][    C1] R10: 000000000000000e R11: 1ffff9200014eec9 R12: dffffc0000000000
[  336.708797][    C1] R13: 0000000000000000 R14: ffff888131935300 R15: ffff8881319350e0
[  336.708809][    C1] FS:  00007f54bc9aa6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  336.708831][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  336.708844][    C1] CR2: 000000110c2cf438 CR3: 000000010c696000 CR4: 00000000003506a0
[  336.708860][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  336.708871][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  336.708882][    C1] Call Trace:
[  336.708886][    C1]  <TASK>
[  336.708894][    C1]  kernel_text_address+0xa0/0xd0
[  336.708916][    C1]  __kernel_text_address+0xd/0x30
[  336.708937][    C1]  unwind_get_return_address+0x4d/0x90
[  336.708957][    C1]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  336.708979][    C1]  arch_stack_walk+0xfc/0x150
[  336.709008][    C1]  stack_trace_save+0x98/0xe0
[  336.709029][    C1]  ? __cfi_stack_trace_save+0x10/0x10
[  336.709050][    C1]  ? 0xffffffffa0000958
[  336.709062][    C1]  ? memset+0x35/0x40
[  336.709088][    C1]  kasan_set_track+0x4b/0x70
[  336.709105][    C1]  ? kasan_set_track+0x4b/0x70
[  336.709122][    C1]  ? kasan_save_free_info+0x31/0x50
[  336.709146][    C1]  ? ____kasan_slab_free+0x132/0x180
[  336.709165][    C1]  ? __kasan_slab_free+0x11/0x20
[  336.709184][    C1]  ? slab_free_freelist_hook+0xc2/0x190
[  336.709209][    C1]  ? kmem_cache_free+0x12d/0x300
[  336.709230][    C1]  ? __dequeue_signal+0x4cf/0x600
[  336.709251][    C1]  ? dequeue_signal+0xec/0x4d0
[  336.709270][    C1]  ? get_signal+0x522/0x1520
[  336.709293][    C1]  ? arch_do_signal_or_restart+0xb0/0x1030
[  336.709314][    C1]  ? exit_to_user_mode_loop+0x7a/0xb0
[  336.709332][    C1]  ? exit_to_user_mode_prepare+0x5a/0xa0
[  336.709350][    C1]  ? syscall_exit_to_user_mode+0x1a/0x30
[  336.709372][    C1]  ? do_syscall_64+0x58/0xa0
[  336.709386][    C1]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  336.709415][    C1]  ? debug_smp_processor_id+0x17/0x20
[  336.709438][    C1]  ? kasan_quarantine_put+0x34/0x190
[  336.709454][    C1]  ? kmem_cache_free+0x12d/0x300
[  336.709475][    C1]  kasan_save_free_info+0x31/0x50
[  336.709499][    C1]  ____kasan_slab_free+0x132/0x180
[  336.709520][    C1]  __kasan_slab_free+0x11/0x20
[  336.709538][    C1]  slab_free_freelist_hook+0xc2/0x190
[  336.709564][    C1]  ? __dequeue_signal+0x4cf/0x600
[  336.709584][    C1]  kmem_cache_free+0x12d/0x300
[  336.709606][    C1]  __dequeue_signal+0x4cf/0x600
[  336.709629][    C1]  dequeue_signal+0xec/0x4d0
[  336.709650][    C1]  get_signal+0x522/0x1520
[  336.709678][    C1]  arch_do_signal_or_restart+0xb0/0x1030
[  336.709699][    C1]  ? __ia32_sys_rt_sigreturn+0x5e7/0x6c0
[  336.709722][    C1]  ? __cfi___x64_sys_rt_sigreturn+0x10/0x10
[  336.709744][    C1]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  336.709771][    C1]  exit_to_user_mode_loop+0x7a/0xb0
[  336.709789][    C1]  exit_to_user_mode_prepare+0x5a/0xa0
[  336.709807][    C1]  syscall_exit_to_user_mode+0x1a/0x30
[  336.709835][    C1]  do_syscall_64+0x58/0xa0
[  336.709849][    C1]  ? clear_bhb_loop+0x30/0x80
[  336.709868][    C1]  ? clear_bhb_loop+0x30/0x80
[  336.709889][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  336.709908][    C1] RIP: 0033:0x7f54bbb8ebe9
[  336.709920][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  336.709933][    C1] RSP: 002b:00007f54bc9aa0e8 EFLAGS: 00000246
[  336.709947][    C1] RAX: 0000000000000000 RBX: 00007f54bbdc6098 RCX: 00007f54bbb8ebe9
[  336.709958][    C1] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f54bbdc609c
[  336.709969][    C1] RBP: 00007f54bbdc6090 R08: 000452d9e28ec94c R09: 0000000000000000
[  336.709981][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  336.709991][    C1] R13: 00007f54bbdc6128 R14: 00007ffe0e5be5e0 R15: 00007ffe0e5be6c8
[  336.710007][    C1]  </TASK>
[  359.714108][   T29] INFO: task khugepaged:33 blocked for more than 147 seconds.
[  359.721640][   T29]       Not tainted syzkaller #0
[  359.843522][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  359.852418][   T29] task:khugepaged      state:D stack:28288 pid:33    ppid:2      flags:0x00004000
[  360.203494][   T29] Call Trace:
[  360.206822][   T29]  <TASK>
[  360.209764][   T29]  __schedule+0xb87/0x14e0
[  360.343550][   T29]  ? release_firmware_map_entry+0x194/0x194
[  360.349511][   T29]  ? __mutex_add_waiter+0x17b/0x270
[  360.354799][   T29]  ? __kasan_check_write+0x14/0x20
[  360.359944][   T29]  ? trace_contention_begin+0xa0/0xa0
[  360.365372][   T29]  ? __kasan_check_write+0x14/0x20
[  360.370512][   T29]  schedule+0xbd/0x170
[  360.374623][   T29]  schedule_preempt_disabled+0x13/0x20
[  360.380106][   T29]  __mutex_lock+0x74a/0x16d0
[  360.384743][   T29]  ? __ww_mutex_lock_interruptible_slowpath+0x20/0x20
[  360.391531][   T29]  ? _raw_spin_unlock+0x4c/0x70
[  360.396420][   T29]  ? finish_task_switch+0x16b/0x7b0
[  360.401646][   T29]  ? __kasan_check_write+0x14/0x20
[  360.406799][   T29]  ? _raw_spin_lock_irqsave+0xb0/0x110
[  360.412284][   T29]  ? __cfi__raw_spin_lock_irqsave+0x10/0x10
[  360.418214][   T29]  ? __schedule+0xb8f/0x14e0
[  360.422826][   T29]  ? detach_if_pending+0xf4/0x300
[  360.427884][   T29]  __mutex_lock_slowpath+0xe/0x10
[  360.433027][   T29]  mutex_lock+0xf8/0x1a0
[  360.437331][   T29]  ? __cfi_mutex_lock+0x10/0x10
[  360.442214][   T29]  ? schedule_timeout+0x17a/0x2e0
[  360.447279][   T29]  ? __cfi_schedule_timeout+0x10/0x10
[  360.452683][   T29]  __lru_add_drain_all+0x67/0x7b0
[  360.457781][   T29]  lru_add_drain_all+0x10/0x20
[  360.462574][   T29]  khugepaged+0x12c/0x1560
[  360.467029][   T29]  ? __kasan_check_write+0x14/0x20
[  360.472178][   T29]  ? __cfi_khugepaged+0x10/0x10
[  360.477060][   T29]  ? __cfi_autoremove_wake_function+0x10/0x10
[  360.483153][   T29]  ? __switch_to_asm+0x3a/0x60
[  360.487973][   T29]  ? __cfi_autoremove_wake_function+0x10/0x10
[  360.494077][   T29]  ? __schedule+0xb8f/0x14e0
[  360.498780][   T29]  ? __kasan_check_write+0x14/0x20
[  360.503933][   T29]  ? _raw_spin_lock_irqsave+0xb0/0x110
[  360.509426][   T29]  ? __cfi__raw_spin_lock_irqsave+0x10/0x10
[  360.515361][   T29]  ? __kasan_check_read+0x11/0x20
[  360.520503][   T29]  ? __kthread_parkme+0x142/0x180
[  360.525570][   T29]  kthread+0x281/0x320
[  360.529670][   T29]  ? __cfi_khugepaged+0x10/0x10
[  360.534551][   T29]  ? __cfi_kthread+0x10/0x10
[  360.539250][   T29]  ret_from_fork+0x1f/0x30
[  360.543704][   T29]  </TASK>
[  360.623533][   T29] INFO: task jbd2/sda1-8:66 blocked for more than 128 seconds.
[  360.631153][   T29]       Not tainted syzkaller #0
[  360.883532][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  360.892256][   T29] task:jbd2/sda1-8     state:D stack:24752 pid:66    ppid:2      flags:0x00004000
[  361.213542][   T29] Call Trace:
[  361.216974][   T29]  <TASK>
[  361.219945][   T29]  __schedule+0xb87/0x14e0
[  361.224414][   T29]  ? sbitmap_any_bit_set+0x11a/0x160
[  361.229723][   T29]  ? release_firmware_map_entry+0x194/0x194
[  361.235751][   T29]  schedule+0xbd/0x170
[  361.239843][   T29]  io_schedule+0x84/0xe0
[  361.244118][   T29]  bit_wait_io+0x13/0xd0
[  361.248380][   T29]  __wait_on_bit+0xb9/0x2d0
[  361.252991][   T29]  ? __cfi_bit_wait_io+0x10/0x10
[  361.257961][   T29]  ? __cfi_bit_wait_io+0x10/0x10
[  361.262915][   T29]  out_of_line_wait_on_bit+0x11c/0x160
[  361.268425][   T29]  ? __cfi_out_of_line_wait_on_bit+0x10/0x10
[  361.274465][   T29]  ? _raw_spin_lock+0x8e/0xe0
[  361.279169][   T29]  ? __cfi_wake_bit_function+0x10/0x10
[  361.284669][   T29]  ? __cfi__raw_write_lock+0x10/0x10
[  361.289973][   T29]  ? _raw_read_unlock+0x25/0x40
[  361.294863][   T29]  __wait_on_buffer+0x56/0x70
[  361.299566][   T29]  jbd2_journal_commit_transaction+0x2d77/0x5530
[  361.305943][   T29]  ? __cfi_jbd2_journal_commit_transaction+0x10/0x10
[  361.312645][   T29]  ? __cfi___switch_to+0x10/0x10
[  361.317625][   T29]  ? _raw_spin_unlock+0x4c/0x70
[  361.322494][   T29]  ? finish_task_switch+0x16b/0x7b0
[  361.327805][   T29]  ? __cfi__raw_spin_lock_irqsave+0x10/0x10
[  361.333767][   T29]  ? __kasan_check_write+0x14/0x20
[  361.338912][   T29]  ? _raw_spin_lock_irqsave+0xb0/0x110
[  361.344420][   T29]  ? detach_if_pending+0xf4/0x300
[  361.349464][   T29]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[  361.355297][   T29]  ? del_timer_sync+0x144/0x1a0
[  361.360167][   T29]  kjournald2+0x3e7/0x760
[  361.364544][   T29]  ? __cfi_kjournald2+0x10/0x10
[  361.369417][   T29]  ? __cfi_autoremove_wake_function+0x10/0x10
[  361.375545][   T29]  ? __kasan_check_read+0x11/0x20
[  361.380613][   T29]  ? __kthread_parkme+0x142/0x180
[  361.385681][   T29]  kthread+0x281/0x320
[  361.389783][   T29]  ? __cfi_kjournald2+0x10/0x10
[  361.394715][   T29]  ? __cfi_kthread+0x10/0x10
[  361.399360][   T29]  ret_from_fork+0x1f/0x30
[  361.403843][   T29]  </TASK>
[  361.423569][   T29] INFO: task syz-executor:283 blocked for more than 149 seconds.
[  361.431427][   T29]       Not tainted syzkaller #0
[  361.678873][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  361.863512][   T29] task:syz-executor    state:D stack:22304 pid:283   ppid:278    flags:0x00004000
[  361.872794][   T29] Call Trace:
[  362.043539][   T29]  <TASK>
[  362.046622][   T29]  __schedule+0xb87/0x14e0
[  362.051066][   T29]  ? 0xffffffffa0000958
[  362.055266][   T29]  ? release_firmware_map_entry+0x194/0x194
[  362.061184][   T29]  schedule+0xbd/0x170
[  362.065301][   T29]  schedule_timeout+0xa6/0x2e0
[  362.070176][   T29]  ? __cfi_schedule_timeout+0x10/0x10
[  362.075614][   T29]  ? __cfi_find_get_pages_range_tag+0x10/0x10
[  362.081704][   T29]  wait_for_common+0x354/0x620
[  362.086508][   T29]  ? wait_for_completion+0x20/0x20
[  362.091639][   T29]  ? try_to_wake_up+0x613/0x1220
[  362.096638][   T29]  ? wake_up_process+0x10/0x20
[  362.101451][   T29]  ? insert_work+0x271/0x300
[  362.106191][   T29]  wait_for_completion+0x18/0x20
[  362.111160][   T29]  __flush_work+0x4fb/0x620
[  362.115739][   T29]  ? flush_work+0x20/0x20
[  362.120184][   T29]  ? __cfi_wq_barrier_func+0x10/0x10
[  362.125522][   T29]  ? __cfi_queue_work_on+0x10/0x10
[  362.130691][   T29]  ? smp_call_function_many+0x40/0x40
[  362.136121][   T29]  flush_work+0x15/0x20
[  362.140304][   T29]  __lru_add_drain_all+0x644/0x7b0
[  362.145544][   T29]  lru_add_drain_all+0x10/0x20
[  362.150338][   T29]  invalidate_bdev+0x95/0x150
[  362.155048][   T29]  ext4_put_super+0x718/0xac0
[  362.159751][   T29]  ? __cfi_ext4_put_super+0x10/0x10
[  362.165064][   T29]  generic_shutdown_super+0x15f/0x370
[  362.170461][   T29]  kill_block_super+0x7f/0xf0
[  362.175226][   T29]  deactivate_locked_super+0xb5/0x120
[  362.180624][   T29]  deactivate_super+0xaf/0xe0
[  362.185333][   T29]  cleanup_mnt+0x45f/0x4e0
[  362.189781][   T29]  __cleanup_mnt+0x19/0x20
[  362.194297][   T29]  task_work_run+0x1db/0x240
[  362.198908][   T29]  ? __cfi_task_work_run+0x10/0x10
[  362.204052][   T29]  ? __x64_sys_umount+0x125/0x160
[  362.209101][   T29]  ? __cfi___x64_sys_umount+0x10/0x10
[  362.214510][   T29]  exit_to_user_mode_loop+0x9b/0xb0
[  362.219736][   T29]  exit_to_user_mode_prepare+0x5a/0xa0
[  362.225224][   T29]  syscall_exit_to_user_mode+0x1a/0x30
[  362.230703][   T29]  do_syscall_64+0x58/0xa0
[  362.235145][   T29]  ? clear_bhb_loop+0x30/0x80
[  362.239841][   T29]  ? clear_bhb_loop+0x30/0x80
[  362.244548][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  362.250462][   T29] RIP: 0033:0x7f61e8f8ff17
[  362.254905][   T29] RSP: 002b:00007ffc1056de28 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  362.263332][   T29] RAX: 0000000000000000 RBX: 00007f61e9011c05 RCX: 00007f61e8f8ff17
[  362.271331][   T29] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc1056dee0
[  362.279369][   T29] RBP: 00007ffc1056dee0 R08: 0000000000000000 R09: 0000000000000000
[  362.287451][   T29] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc1056ef70
[  362.295447][   T29] R13: 00007f61e9011c05 R14: 0000000000030c5f R15: 00007ffc1056efb0
[  362.303439][   T29]  </TASK>
[  362.374893][   T29] INFO: task kworker/u4:6:1067 blocked for more than 130 seconds.
[  362.382744][   T29]       Not tainted syzkaller #0
[  362.615586][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  362.773493][   T29] task:kworker/u4:6    state:D stack:22752 pid:1067  ppid:2      flags:0x00004000
[  362.782767][   T29] Workqueue: writeback wb_workfn (flush-8:0)
[  362.913581][   T29] Call Trace:
[  362.916914][   T29]  <TASK>
[  362.919856][   T29]  __schedule+0xb87/0x14e0
[  362.924322][   T29]  ? release_firmware_map_entry+0x194/0x194
[  362.930235][   T29]  ? kthread_data+0x50/0xc0
[  362.934786][   T29]  ? wq_worker_sleeping+0x64/0x280
[  362.939922][   T29]  schedule+0xbd/0x170
[  362.944044][   T29]  io_schedule+0x84/0xe0
[  362.948307][   T29]  bit_wait_io+0x13/0xd0
[  362.952744][   T29]  __wait_on_bit+0xb9/0x2d0
[  362.957289][   T29]  ? __cfi_bit_wait_io+0x10/0x10
[  362.962320][   T29]  ? __cfi_bit_wait_io+0x10/0x10
[  362.967292][   T29]  out_of_line_wait_on_bit+0x11c/0x160
[  362.972786][   T29]  ? __kasan_check_write+0x14/0x20
[  362.977938][   T29]  ? __cfi_out_of_line_wait_on_bit+0x10/0x10
[  362.983989][   T29]  ? __cfi_wake_bit_function+0x10/0x10
[  362.989495][   T29]  do_get_write_access+0x536/0xd70
[  362.994827][   T29]  jbd2_journal_get_write_access+0x19a/0x2e0
[  363.000839][   T29]  __ext4_journal_get_write_access+0x216/0x6c0
[  363.007025][   T29]  ? __cfi___ext4_journal_get_write_access+0x10/0x10
[  363.013743][   T29]  ? __kasan_check_read+0x11/0x20
[  363.018802][   T29]  ? ext4_wait_block_bitmap+0x6a/0x1c0
[  363.024298][   T29]  ext4_mb_mark_diskspace_used+0x1cf/0x1450
[  363.030211][   T29]  ? ext4_discard_allocated_blocks+0x5d0/0x5d0
[  363.036407][   T29]  ext4_mb_new_blocks+0x10ec/0x4210
[  363.041640][   T29]  ? __kasan_kmalloc+0x95/0xb0
[  363.046435][   T29]  ? memcpy+0x56/0x70
[  363.050431][   T29]  ? __cfi_ext4_mb_new_blocks+0x10/0x10
[  363.056022][   T29]  ? ext4_ext_check_overlap+0x461/0x5c0
[  363.061588][   T29]  ? ext4_ext_find_goal+0x108/0x200
[  363.066815][   T29]  ext4_ext_map_blocks+0x12ec/0x6060
[  363.072123][   T29]  ? kasan_set_track+0x60/0x70
[  363.076917][   T29]  ? kasan_set_track+0x4b/0x70
[  363.081697][   T29]  ? kasan_save_alloc_info+0x25/0x30
[  363.087043][   T29]  ? __kasan_slab_alloc+0x72/0x80
[  363.092090][   T29]  ? slab_post_alloc_hook+0x4f/0x2d0
[  363.097410][   T29]  ? kmem_cache_alloc+0x16e/0x330
[  363.102457][   T29]  ? ext4_alloc_io_end_vec+0x2a/0x160
[  363.107866][   T29]  ? ext4_writepages+0xf42/0x3020
[  363.112916][   T29]  ? do_writepages+0x3a9/0x5e0
[  363.117708][   T29]  ? __writeback_single_inode+0xc6/0xad0
[  363.123367][   T29]  ? writeback_sb_inodes+0x9b8/0x1550
[  363.128772][   T29]  ? __writeback_inodes_wb+0x12f/0x400
[  363.134267][   T29]  ? wb_writeback+0x403/0x980
[  363.138968][   T29]  ? wb_workfn+0xa01/0xda0
[  363.143401][   T29]  ? process_one_work+0x71f/0xc40
[  363.148457][   T29]  ? worker_thread+0xa29/0x11f0
[  363.153331][   T29]  ? __cfi_ext4_ext_map_blocks+0x10/0x10
[  363.158996][   T29]  ? ext4_es_lookup_extent+0x32d/0x8c0
[  363.164492][   T29]  ext4_map_blocks+0x9cb/0x1b60
[  363.169452][   T29]  ? __cfi_ext4_map_blocks+0x10/0x10
[  363.174782][   T29]  ? ext4_inode_journal_mode+0x391/0x480
[  363.180445][   T29]  ext4_writepages+0x1260/0x3020
[  363.185450][   T29]  ? __cfi_ext4_writepages+0x10/0x10
[  363.190771][   T29]  ? __cfi_blk_mq_dispatch_rq_list+0x10/0x10
[  363.196797][   T29]  ? __sbitmap_queue_get+0x15/0x20
[  363.201928][   T29]  ? __blk_mq_get_driver_tag+0x299/0x520
[  363.207603][   T29]  ? dd_has_work+0x362/0x390
[  363.212218][   T29]  ? __cfi_ext4_writepages+0x10/0x10
[  363.217541][   T29]  do_writepages+0x3a9/0x5e0
[  363.222150][   T29]  ? __blk_mq_sched_dispatch_requests+0x311/0x3f0
[  363.228606][   T29]  ? __cfi_do_writepages+0x10/0x10
[  363.233767][   T29]  ? __cfi_wake_up_bit+0x10/0x10
[  363.238736][   T29]  ? __inode_add_lru+0xff/0x310
[  363.243627][   T29]  ? __kasan_check_write+0x14/0x20
[  363.248774][   T29]  ? _raw_spin_lock+0x8e/0xe0
[  363.253506][   T29]  ? __kasan_check_write+0x14/0x20
[  363.258652][   T29]  ? _raw_spin_lock+0x8e/0xe0
[  363.263359][   T29]  __writeback_single_inode+0xc6/0xad0
[  363.268855][   T29]  writeback_sb_inodes+0x9b8/0x1550
[  363.274113][   T29]  ? queue_io+0x4c0/0x4c0
[  363.278456][   T29]  ? down_read_trylock+0x273/0x640
[  363.283621][   T29]  __writeback_inodes_wb+0x12f/0x400
[  363.288926][   T29]  wb_writeback+0x403/0x980
[  363.293451][   T29]  ? inode_cgwb_move_to_attached+0x3e0/0x3e0
[  363.299466][   T29]  ? __kasan_check_write+0x14/0x20
[  363.304648][   T29]  wb_workfn+0xa01/0xda0
[  363.308915][   T29]  ? __cfi_wb_workfn+0x10/0x10
[  363.313702][   T29]  ? tracing_record_taskinfo_sched_switch+0x80/0x3a0
[  363.320406][   T29]  ? probe_sched_wakeup+0x71/0x90
[  363.325465][   T29]  ? ttwu_do_activate+0x174/0x280
[  363.330514][   T29]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[  363.336349][   T29]  ? try_to_wake_up+0x613/0x1220
[  363.341310][   T29]  process_one_work+0x71f/0xc40
[  363.346190][   T29]  worker_thread+0xa29/0x11f0
[  363.350881][   T29]  ? _raw_spin_lock_irqsave+0xb0/0x110
[  363.356385][   T29]  kthread+0x281/0x320
[  363.360485][   T29]  ? __cfi_worker_thread+0x10/0x10
[  363.365619][   T29]  ? __cfi_kthread+0x10/0x10
[  363.370224][   T29]  ret_from_fork+0x1f/0x30
[  363.374687][   T29]  </TASK>
[  363.583530][   T29] NMI backtrace for cpu 0
[  363.587916][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[  363.595141][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  363.605208][   T29] Call Trace:
[  363.608498][   T29]  <TASK>
[  363.611447][   T29]  __dump_stack+0x21/0x24
[  363.615793][   T29]  dump_stack_lvl+0xee/0x150
[  363.620406][   T29]  ? __cfi_dump_stack_lvl+0x8/0x8
[  363.625461][   T29]  dump_stack+0x15/0x24
[  363.629632][   T29]  nmi_cpu_backtrace+0x2b4/0x2c0
[  363.634603][   T29]  ? rcu_read_unlock_special+0xab/0x480
[  363.640181][   T29]  ? __cfi_nmi_cpu_backtrace+0x10/0x10
[  363.645661][   T29]  ? __rcu_read_unlock+0xa0/0xa0
[  363.650626][   T29]  ? memcpy+0x56/0x70
[  363.654625][   T29]  ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10
[  363.660711][   T29]  nmi_trigger_cpumask_backtrace+0x16b/0x3a0
[  363.666718][   T29]  arch_trigger_cpumask_backtrace+0x10/0x20
[  363.672648][   T29]  watchdog+0xd44/0xe80
[  363.676845][   T29]  ? __cfi_watchdog+0x10/0x10
[  363.681559][   T29]  ? __kasan_check_read+0x11/0x20
[  363.686606][   T29]  ? __kthread_parkme+0x142/0x180
[  363.691736][   T29]  kthread+0x281/0x320
[  363.695822][   T29]  ? __cfi_watchdog+0x10/0x10
[  363.700612][   T29]  ? __cfi_kthread+0x10/0x10
[  363.705214][   T29]  ret_from_fork+0x1f/0x30
[  363.709651][   T29]  </TASK>
[  363.712758][   T29] Sending NMI from CPU 0 to CPUs 1:
[  363.717987][    C1] NMI backtrace for cpu 1
[  363.717996][    C1] CPU: 1 PID: 2852 Comm: syz.3.742 Not tainted syzkaller #0
[  363.718013][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  363.718023][    C1] RIP: 0010:irqtime_account_irq+0x6e/0x240
[  363.718051][    C1] Code: 00 74 08 4c 89 f7 e8 81 f4 63 00 80 3d 2a 7e 46 06 01 0f 85 48 01 00 00 49 c7 c4 c8 73 02 00 4d 03 26 e8 d5 7c 9c 03 89 45 d4 <89> c7 e8 2b 3d 01 00 49 89 c7 4d 8d 74 24 10 4c 89 f0 48 c1 e8 03
[  363.718077][    C1] RSP: 0018:ffffc900001b0f88 EFLAGS: 00000086
[  363.718090][    C1] RAX: 0000000000000001 RBX: 0000000000000001 RCX: 3046ddd725794b00
[  363.718101][    C1] RDX: 0000000000010000 RSI: ffffffff85aa0c40 RDI: ffffffff85aa0c00
[  363.718113][    C1] RBP: ffffc900001b0fc0 R08: dffffc0000000000 R09: ffffed103ee2660b
[  363.718125][    C1] R10: ffffed103ee2660b R11: 1ffff1103ee2660a R12: ffff8881f71273c8
[  363.718137][    C1] R13: 0000000000000000 R14: ffffffff864929a8 R15: 0000000000000000
[  363.718148][    C1] FS:  00007f54bc9aa6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  363.718162][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  363.718173][    C1] CR2: 000000110c2cf438 CR3: 000000010c696000 CR4: 00000000003506a0
[  363.718188][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  363.718197][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  363.718207][    C1] Call Trace:
[  363.718211][    C1]  <IRQ>
[  363.718217][    C1]  __irq_exit_rcu+0x18/0xf0
[  363.718234][    C1]  irq_exit_rcu+0x9/0x10
[  363.718249][    C1]  sysvec_irq_work+0xa6/0xc0
[  363.718266][    C1]  </IRQ>
[  363.718270][    C1]  <TASK>
[  363.718275][    C1]  asm_sysvec_irq_work+0x1b/0x20
[  363.718293][    C1] RIP: 0010:native_apic_msr_write+0x39/0x50
[  363.718317][    C1] Code: 74 05 83 ff 30 75 12 5d c3 81 ff d0 00 00 00 74 f6 81 ff e0 00 00 00 74 ee c1 ef 04 81 c7 00 08 00 00 89 f9 89 f0 31 d2 0f 30 <66> 90 eb d9 89 f6 31 d2 e8 7a d6 56 01 5d c3 0f 1f 84 00 00 00 00
[  363.718329][    C1] RSP: 0018:ffffc90000a77c20 EFLAGS: 00000246
[  363.718341][    C1] RAX: 00000000000000f6 RBX: 00000000000000f6 RCX: 000000000000083f
[  363.718351][    C1] RDX: 0000000000000000 RSI: 00000000000000f6 RDI: 000000000000083f
[  363.718360][    C1] RBP: ffffc90000a77c20 R08: dffffc0000000000 R09: fffff5200014ef81
[  363.718372][    C1] R10: 0000000000000000 R11: ffffffff81342080 R12: 0000000000000000
[  363.718383][    C1] R13: dffffc0000000001 R14: ffffffff86492b60 R15: dffffc0000000000
[  363.718396][    C1]  ? __cfi_native_apic_msr_write+0x10/0x10
[  363.718420][    C1]  x2apic_send_IPI_self+0x6f/0x80
[  363.718441][    C1]  arch_irq_work_raise+0x98/0xf0
[  363.718464][    C1]  __irq_work_queue_local+0x115/0x190
[  363.718484][    C1]  irq_work_queue+0x9e/0x150
[  363.718502][    C1]  bpf_send_signal_common+0x2b2/0x420
[  363.718525][    C1]  ? __set_printk_clr_event+0x80/0x80
[  363.718550][    C1]  bpf_send_signal+0x19/0x20
[  363.718584][    C1]  bpf_prog_7ba5217f62dcd359+0x38/0x3c
[  363.718601][    C1]  bpf_trace_run2+0xff/0x250
[  363.718623][    C1]  ? __cfi_bpf_trace_run2+0x10/0x10
[  363.718647][    C1]  __bpf_trace_sys_enter+0x62/0x70
[  363.718664][    C1]  trace_sys_enter+0x3d/0x50
[  363.718680][    C1]  syscall_trace_enter+0xf3/0x150
[  363.718698][    C1]  syscall_enter_from_user_mode+0x1f/0x30
[  363.718725][    C1]  do_syscall_64+0x24/0xa0
[  363.718740][    C1]  ? clear_bhb_loop+0x30/0x80
[  363.718759][    C1]  ? clear_bhb_loop+0x30/0x80
[  363.718789][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  363.718807][    C1] RIP: 0033:0x7f54bbb2adb9
[  363.718817][    C1] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  363.718830][    C1] RSP: 002b:00007f54bc9a9b40 EFLAGS: 00000246 ORIG_RAX: 000000000000000f
[  363.718845][    C1] RAX: ffffffffffffffda RBX: 00007f54bbdc6098 RCX: 00007f54bbb2adb9
[  363.718856][    C1] RDX: 00007f54bc9a9b40 RSI: 00007f54bc9a9c70 RDI: 0000000000000011
[  363.718868][    C1] RBP: 00007f54bbdc6090 R08: 0000000000000000 R09: 0000000000000000
[  363.718877][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  363.718887][    C1] R13: 00007f54bbdc6128 R14: 00007ffe0e5be5e0 R15: 00007ffe0e5be6c8
[  363.718902][    C1]  </TASK>
[  386.593886][   T29] INFO: task khugepaged:33 blocked for more than 174 seconds.
[  386.601409][   T29]       Not tainted syzkaller #0
[  386.713496][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  386.722224][   T29] task:khugepaged      state:D stack:28288 pid:33    ppid:2      flags:0x00004000
[  387.073521][   T29] Call Trace:
[  387.076860][   T29]  <TASK>
[  387.079805][   T29]  __schedule+0xb87/0x14e0
[  387.143555][   T29]  ? release_firmware_map_entry+0x194/0x194
[  387.149529][   T29]  ? __mutex_add_waiter+0x17b/0x270
[  387.154829][   T29]  ? __kasan_check_write+0x14/0x20
[  387.159972][   T29]  ? trace_contention_begin+0xa0/0xa0
[  387.165402][   T29]  ? __kasan_check_write+0x14/0x20
[  387.170554][   T29]  schedule+0xbd/0x170
[  387.174656][   T29]  schedule_preempt_disabled+0x13/0x20
[  387.180131][   T29]  __mutex_lock+0x74a/0x16d0
[  387.184767][   T29]  ? __ww_mutex_lock_interruptible_slowpath+0x20/0x20
[  387.191551][   T29]  ? _raw_spin_unlock+0x4c/0x70
[  387.196436][   T29]  ? finish_task_switch+0x16b/0x7b0
[  387.201670][   T29]  ? __kasan_check_write+0x14/0x20
[  387.206819][   T29]  ? _raw_spin_lock_irqsave+0xb0/0x110
[  387.212313][   T29]  ? __cfi__raw_spin_lock_irqsave+0x10/0x10
[  387.218277][   T29]  ? __schedule+0xb8f/0x14e0
[  387.222892][   T29]  ? detach_if_pending+0xf4/0x300
[  387.227956][   T29]  __mutex_lock_slowpath+0xe/0x10
[  387.232999][   T29]  mutex_lock+0xf8/0x1a0
[  387.237281][   T29]  ? __cfi_mutex_lock+0x10/0x10
[  387.242148][   T29]  ? schedule_timeout+0x17a/0x2e0
[  387.247209][   T29]  ? __cfi_schedule_timeout+0x10/0x10
[  387.252606][   T29]  __lru_add_drain_all+0x67/0x7b0
[  387.257706][   T29]  lru_add_drain_all+0x10/0x20
[  387.262499][   T29]  khugepaged+0x12c/0x1560
[  387.266945][   T29]  ? __kasan_check_write+0x14/0x20
[  387.272090][   T29]  ? __cfi_khugepaged+0x10/0x10
[  387.277089][   T29]  ? __cfi_autoremove_wake_function+0x10/0x10
[  387.283188][   T29]  ? __switch_to_asm+0x3a/0x60
[  387.287995][   T29]  ? __cfi_autoremove_wake_function+0x10/0x10
[  387.294101][   T29]  ? __schedule+0xb8f/0x14e0
[  387.298717][   T29]  ? __kasan_check_write+0x14/0x20
[  387.303868][   T29]  ? _raw_spin_lock_irqsave+0xb0/0x110
[  387.309367][   T29]  ? __cfi__raw_spin_lock_irqsave+0x10/0x10
[  387.315402][   T29]  ? __kasan_check_read+0x11/0x20
[  387.320552][   T29]  ? __kthread_parkme+0x142/0x180
[  387.325629][   T29]  kthread+0x281/0x320
[  387.329726][   T29]  ? __cfi_khugepaged+0x10/0x10
[  387.334611][   T29]  ? __cfi_kthread+0x10/0x10
[  387.339221][   T29]  ret_from_fork+0x1f/0x30
[  387.343694][   T29]  </TASK>
[  387.493548][   T29] INFO: task jbd2/sda1-8:66 blocked for more than 155 seconds.
[  387.501159][   T29]       Not tainted syzkaller #0
[  387.743518][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  387.752262][   T29] task:jbd2/sda1-8     state:D stack:24752 pid:66    ppid:2      flags:0x00004000
[  388.083514][   T29] Call Trace:
[  388.086868][   T29]  <TASK>
[  388.089820][   T29]  __schedule+0xb87/0x14e0
[  388.163557][   T29]  ? sbitmap_any_bit_set+0x11a/0x160
[  388.168939][   T29]  ? release_firmware_map_entry+0x194/0x194
[  388.174900][   T29]  schedule+0xbd/0x170
[  388.178992][   T29]  io_schedule+0x84/0xe0
[  388.183251][   T29]  bit_wait_io+0x13/0xd0
[  388.187547][   T29]  __wait_on_bit+0xb9/0x2d0
[  388.192083][   T29]  ? __cfi_bit_wait_io+0x10/0x10
[  388.197080][   T29]  ? __cfi_bit_wait_io+0x10/0x10
[  388.202058][   T29]  out_of_line_wait_on_bit+0x11c/0x160
[  388.207562][   T29]  ? __cfi_out_of_line_wait_on_bit+0x10/0x10
[  388.213580][   T29]  ? _raw_spin_lock+0x8e/0xe0
[  388.218291][   T29]  ? __cfi_wake_bit_function+0x10/0x10
[  388.223792][   T29]  ? __cfi__raw_write_lock+0x10/0x10
[  388.229099][   T29]  ? _raw_read_unlock+0x25/0x40
[  388.233985][   T29]  __wait_on_buffer+0x56/0x70
[  388.238720][   T29]  jbd2_journal_commit_transaction+0x2d77/0x5530
[  388.245104][   T29]  ? __cfi_jbd2_journal_commit_transaction+0x10/0x10
[  388.251847][   T29]  ? __cfi___switch_to+0x10/0x10
[  388.256844][   T29]  ? _raw_spin_unlock+0x4c/0x70
[  388.261719][   T29]  ? finish_task_switch+0x16b/0x7b0
[  388.266986][   T29]  ? __cfi__raw_spin_lock_irqsave+0x10/0x10
[  388.272914][   T29]  ? __kasan_check_write+0x14/0x20
[  388.278093][   T29]  ? _raw_spin_lock_irqsave+0xb0/0x110
[  388.283636][   T29]  ? detach_if_pending+0xf4/0x300
[  388.288712][   T29]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[  388.294578][   T29]  ? del_timer_sync+0x144/0x1a0
[  388.299469][   T29]  kjournald2+0x3e7/0x760
[  388.303851][   T29]  ? __cfi_kjournald2+0x10/0x10
[  388.308731][   T29]  ? __cfi_autoremove_wake_function+0x10/0x10
[  388.314839][   T29]  ? __kasan_check_read+0x11/0x20
[  388.319898][   T29]  ? __kthread_parkme+0x142/0x180
[  388.324954][   T29]  kthread+0x281/0x320
[  388.329045][   T29]  ? __cfi_kjournald2+0x10/0x10
[  388.334023][   T29]  ? __cfi_kthread+0x10/0x10
[  388.338637][   T29]  ret_from_fork+0x1f/0x30
[  388.343076][   T29]  </TASK>
[  388.494605][   T29] INFO: task syz-executor:283 blocked for more than 176 seconds.
[  388.502382][   T29]       Not tainted syzkaller #0
[  388.733524][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  388.742336][   T29] task:syz-executor    state:D stack:22304 pid:283   ppid:278    flags:0x00004000
[  389.093543][   T29] Call Trace:
[  389.096891][   T29]  <TASK>
[  389.099841][   T29]  __schedule+0xb87/0x14e0
[  389.104305][   T29]  ? 0xffffffffa0000958
[  389.108481][   T29]  ? release_firmware_map_entry+0x194/0x194
[  389.114425][   T29]  schedule+0xbd/0x170
[  389.118511][   T29]  schedule_timeout+0xa6/0x2e0
[  389.123299][   T29]  ? __cfi_schedule_timeout+0x10/0x10
[  389.128711][   T29]  ? __cfi_find_get_pages_range_tag+0x10/0x10
[  389.134813][   T29]  wait_for_common+0x354/0x620
[  389.139599][   T29]  ? wait_for_completion+0x20/0x20
[  389.144744][   T29]  ? try_to_wake_up+0x613/0x1220
[  389.149721][   T29]  ? wake_up_process+0x10/0x20
[  389.154550][   T29]  ? insert_work+0x271/0x300
[  389.159171][   T29]  wait_for_completion+0x18/0x20
[  389.164163][   T29]  __flush_work+0x4fb/0x620
[  389.168714][   T29]  ? flush_work+0x20/0x20
[  389.173067][   T29]  ? __cfi_wq_barrier_func+0x10/0x10
[  389.178395][   T29]  ? __cfi_queue_work_on+0x10/0x10
[  389.183552][   T29]  ? smp_call_function_many+0x40/0x40
[  389.188948][   T29]  flush_work+0x15/0x20
[  389.193127][   T29]  __lru_add_drain_all+0x644/0x7b0
[  389.198285][   T29]  lru_add_drain_all+0x10/0x20
[  389.203079][   T29]  invalidate_bdev+0x95/0x150
[  389.207795][   T29]  ext4_put_super+0x718/0xac0
[  389.212496][   T29]  ? __cfi_ext4_put_super+0x10/0x10
[  389.217724][   T29]  generic_shutdown_super+0x15f/0x370
[  389.223117][   T29]  kill_block_super+0x7f/0xf0
[  389.227833][   T29]  deactivate_locked_super+0xb5/0x120
[  389.233254][   T29]  deactivate_super+0xaf/0xe0
[  389.237968][   T29]  cleanup_mnt+0x45f/0x4e0
[  389.242415][   T29]  __cleanup_mnt+0x19/0x20
[  389.246875][   T29]  task_work_run+0x1db/0x240
[  389.251493][   T29]  ? __cfi_task_work_run+0x10/0x10
[  389.256642][   T29]  ? __x64_sys_umount+0x125/0x160
[  389.261690][   T29]  ? __cfi___x64_sys_umount+0x10/0x10
[  389.267119][   T29]  exit_to_user_mode_loop+0x9b/0xb0
[  389.272344][   T29]  exit_to_user_mode_prepare+0x5a/0xa0
[  389.277837][   T29]  syscall_exit_to_user_mode+0x1a/0x30
[  389.283324][   T29]  do_syscall_64+0x58/0xa0
[  389.287770][   T29]  ? clear_bhb_loop+0x30/0x80
[  389.292496][   T29]  ? clear_bhb_loop+0x30/0x80
[  389.297219][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  389.303135][   T29] RIP: 0033:0x7f61e8f8ff17
[  389.307579][   T29] RSP: 002b:00007ffc1056de28 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  389.316024][   T29] RAX: 0000000000000000 RBX: 00007f61e9011c05 RCX: 00007f61e8f8ff17
[  389.324024][   T29] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc1056dee0
[  389.332010][   T29] RBP: 00007ffc1056dee0 R08: 0000000000000000 R09: 0000000000000000
[  389.340055][   T29] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc1056ef70
[  389.348063][   T29] R13: 00007f61e9011c05 R14: 0000000000030c5f R15: 00007ffc1056efb0
[  389.356072][   T29]  </TASK>
[  389.373553][   T29] INFO: task kworker/u4:6:1067 blocked for more than 157 seconds.
[  389.381400][   T29]       Not tainted syzkaller #0
[  389.624204][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  389.632927][   T29] task:kworker/u4:6    state:D stack:22752 pid:1067  ppid:2      flags:0x00004000
[  389.943488][   T29] Workqueue: writeback wb_workfn (flush-8:0)
[  389.949637][   T29] Call Trace:
[  389.952934][   T29]  <TASK>
[  390.023538][   T29]  __schedule+0xb87/0x14e0
[  390.028032][   T29]  ? release_firmware_map_entry+0x194/0x194
[  390.034067][   T29]  ? kthread_data+0x50/0xc0
[  390.038615][   T29]  ? wq_worker_sleeping+0x64/0x280
[  390.043791][   T29]  schedule+0xbd/0x170
[  390.047885][   T29]  io_schedule+0x84/0xe0
[  390.052166][   T29]  bit_wait_io+0x13/0xd0
[  390.056535][   T29]  __wait_on_bit+0xb9/0x2d0
[  390.061060][   T29]  ? __cfi_bit_wait_io+0x10/0x10
[  390.066124][   T29]  ? __cfi_bit_wait_io+0x10/0x10
[  390.071096][   T29]  out_of_line_wait_on_bit+0x11c/0x160
[  390.076719][   T29]  ? __kasan_check_write+0x14/0x20
[  390.081862][   T29]  ? __cfi_out_of_line_wait_on_bit+0x10/0x10
[  390.087976][   T29]  ? __cfi_wake_bit_function+0x10/0x10
[  390.093487][   T29]  do_get_write_access+0x536/0xd70
[  390.098632][   T29]  jbd2_journal_get_write_access+0x19a/0x2e0
[  390.104655][   T29]  __ext4_journal_get_write_access+0x216/0x6c0
[  390.110829][   T29]  ? __cfi___ext4_journal_get_write_access+0x10/0x10
[  390.117559][   T29]  ? __kasan_check_read+0x11/0x20
[  390.122617][   T29]  ? ext4_wait_block_bitmap+0x6a/0x1c0
[  390.128141][   T29]  ext4_mb_mark_diskspace_used+0x1cf/0x1450
[  390.134086][   T29]  ? ext4_discard_allocated_blocks+0x5d0/0x5d0
[  390.140272][   T29]  ext4_mb_new_blocks+0x10ec/0x4210
[  390.145515][   T29]  ? __kasan_kmalloc+0x95/0xb0
[  390.150307][   T29]  ? memcpy+0x56/0x70
[  390.154322][   T29]  ? __cfi_ext4_mb_new_blocks+0x10/0x10
[  390.159889][   T29]  ? ext4_ext_check_overlap+0x461/0x5c0
[  390.165493][   T29]  ? ext4_ext_find_goal+0x108/0x200
[  390.170721][   T29]  ext4_ext_map_blocks+0x12ec/0x6060
[  390.176069][   T29]  ? kasan_set_track+0x60/0x70
[  390.180902][   T29]  ? kasan_set_track+0x4b/0x70
[  390.185792][   T29]  ? kasan_save_alloc_info+0x25/0x30
[  390.191110][   T29]  ? __kasan_slab_alloc+0x72/0x80
[  390.196175][   T29]  ? slab_post_alloc_hook+0x4f/0x2d0
[  390.201489][   T29]  ? kmem_cache_alloc+0x16e/0x330
[  390.206549][   T29]  ? ext4_alloc_io_end_vec+0x2a/0x160
[  390.211947][   T29]  ? ext4_writepages+0xf42/0x3020
[  390.217048][   T29]  ? do_writepages+0x3a9/0x5e0
[  390.221841][   T29]  ? __writeback_single_inode+0xc6/0xad0
[  390.227509][   T29]  ? writeback_sb_inodes+0x9b8/0x1550
[  390.232956][   T29]  ? __writeback_inodes_wb+0x12f/0x400
[  390.238454][   T29]  ? wb_writeback+0x403/0x980
[  390.243158][   T29]  ? wb_workfn+0xa01/0xda0
[  390.247634][   T29]  ? process_one_work+0x71f/0xc40
[  390.252676][   T29]  ? worker_thread+0xa29/0x11f0
[  390.257570][   T29]  ? __cfi_ext4_ext_map_blocks+0x10/0x10
[  390.263317][   T29]  ? ext4_es_lookup_extent+0x32d/0x8c0
[  390.268817][   T29]  ext4_map_blocks+0x9cb/0x1b60
[  390.273731][   T29]  ? __cfi_ext4_map_blocks+0x10/0x10
[  390.279046][   T29]  ? ext4_inode_journal_mode+0x391/0x480
[  390.284729][   T29]  ext4_writepages+0x1260/0x3020
[  390.289712][   T29]  ? __cfi_ext4_writepages+0x10/0x10
[  390.295040][   T29]  ? __cfi_blk_mq_dispatch_rq_list+0x10/0x10
[  390.301151][   T29]  ? __sbitmap_queue_get+0x15/0x20
[  390.306297][   T29]  ? __blk_mq_get_driver_tag+0x299/0x520
[  390.311957][   T29]  ? dd_has_work+0x362/0x390
[  390.316584][   T29]  ? __cfi_ext4_writepages+0x10/0x10
[  390.321904][   T29]  do_writepages+0x3a9/0x5e0
[  390.326620][   T29]  ? __blk_mq_sched_dispatch_requests+0x311/0x3f0
[  390.333170][   T29]  ? __cfi_do_writepages+0x10/0x10
[  390.338338][   T29]  ? __cfi_wake_up_bit+0x10/0x10
[  390.343313][   T29]  ? __inode_add_lru+0xff/0x310
[  390.348202][   T29]  ? __kasan_check_write+0x14/0x20
[  390.353345][   T29]  ? _raw_spin_lock+0x8e/0xe0
[  390.358084][   T29]  ? __kasan_check_write+0x14/0x20
[  390.363231][   T29]  ? _raw_spin_lock+0x8e/0xe0
[  390.367951][   T29]  __writeback_single_inode+0xc6/0xad0
[  390.373440][   T29]  writeback_sb_inodes+0x9b8/0x1550
[  390.378720][   T29]  ? queue_io+0x4c0/0x4c0
[  390.383092][   T29]  ? down_read_trylock+0x273/0x640
[  390.388308][   T29]  __writeback_inodes_wb+0x12f/0x400
[  390.393642][   T29]  wb_writeback+0x403/0x980
[  390.398180][   T29]  ? inode_cgwb_move_to_attached+0x3e0/0x3e0
[  390.404210][   T29]  ? __kasan_check_write+0x14/0x20
[  390.409361][   T29]  wb_workfn+0xa01/0xda0
[  390.413642][   T29]  ? __cfi_wb_workfn+0x10/0x10
[  390.418426][   T29]  ? tracing_record_taskinfo_sched_switch+0x80/0x3a0
[  390.425149][   T29]  ? probe_sched_wakeup+0x71/0x90
[  390.430200][   T29]  ? ttwu_do_activate+0x174/0x280
[  390.435331][   T29]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[  390.441153][   T29]  ? try_to_wake_up+0x613/0x1220
[  390.446140][   T29]  process_one_work+0x71f/0xc40
[  390.451014][   T29]  worker_thread+0xa29/0x11f0
[  390.455730][   T29]  ? _raw_spin_lock_irqsave+0xb0/0x110
[  390.461227][   T29]  kthread+0x281/0x320
[  390.465326][   T29]  ? __cfi_worker_thread+0x10/0x10
[  390.470451][   T29]  ? __cfi_kthread+0x10/0x10
[  390.475108][   T29]  ret_from_fork+0x1f/0x30
[  390.479559][   T29]  </TASK>
[  390.673542][   T29] NMI backtrace for cpu 0
[  390.678017][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[  390.685241][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  390.695321][   T29] Call Trace:
[  390.698615][   T29]  <TASK>
[  390.701564][   T29]  __dump_stack+0x21/0x24
[  390.705913][   T29]  dump_stack_lvl+0xee/0x150
[  390.710530][   T29]  ? __cfi_dump_stack_lvl+0x8/0x8
[  390.715587][   T29]  dump_stack+0x15/0x24
[  390.719755][   T29]  nmi_cpu_backtrace+0x2b4/0x2c0
[  390.724709][   T29]  ? rcu_read_unlock_special+0xab/0x480
[  390.730297][   T29]  ? __cfi_nmi_cpu_backtrace+0x10/0x10
[  390.735775][   T29]  ? __rcu_read_unlock+0xa0/0xa0
[  390.740745][   T29]  ? memcpy+0x56/0x70
[  390.744758][   T29]  ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10
[  390.750765][   T29]  nmi_trigger_cpumask_backtrace+0x16b/0x3a0
[  390.756781][   T29]  arch_trigger_cpumask_backtrace+0x10/0x20
[  390.762692][   T29]  watchdog+0xd44/0xe80
[  390.766886][   T29]  ? __cfi_watchdog+0x10/0x10
[  390.771591][   T29]  ? __kasan_check_read+0x11/0x20
[  390.776644][   T29]  ? __kthread_parkme+0x142/0x180
[  390.781688][   T29]  kthread+0x281/0x320
[  390.785777][   T29]  ? __cfi_watchdog+0x10/0x10
[  390.790653][   T29]  ? __cfi_kthread+0x10/0x10
[  390.795266][   T29]  ret_from_fork+0x1f/0x30
[  390.799718][   T29]  </TASK>
[  390.802870][   T29] Sending NMI from CPU 0 to CPUs 1:
[  390.808193][    C1] NMI backtrace for cpu 1
[  390.808204][    C1] CPU: 1 PID: 2852 Comm: syz.3.742 Not tainted syzkaller #0
[  390.808221][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  390.808232][    C1] RIP: 0010:update_stack_state+0x10e/0x480
[  390.808256][    C1] Code: 00 4c 8d 73 08 48 8d 4b 10 4c 89 7d b0 4c 01 f8 48 89 85 78 ff ff ff 48 8d 53 18 48 8d 43 28 48 8d 73 20 48 89 b5 60 ff ff ff <4c> 89 f6 48 c1 ee 03 48 89 b5 40 ff ff ff 48 89 8d 70 ff ff ff 48
[  390.808272][    C1] RSP: 0018:ffffc900001b0698 EFLAGS: 00000082
[  390.808287][    C1] RAX: ffffc900001b0810 RBX: ffffc900001b07e8 RCX: ffffc900001b07f8
[  390.808301][    C1] RDX: ffffc900001b0800 RSI: ffffc900001b0808 RDI: ffffc900001b0840
[  390.808314][    C1] RBP: ffffc900001b0758 R08: ffffc900001b08b0 R09: ffffc900001b08a8
[  390.808328][    C1] R10: 000000000000001b R11: 1ffff920000360fd R12: 0000000000000000
[  390.808340][    C1] R13: dffffc0000000000 R14: ffffc900001b07f0 R15: ffffc90000a77f00
[  390.808354][    C1] FS:  00007f54bc9aa6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  390.808370][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  390.808382][    C1] CR2: 000000110c2cf438 CR3: 000000010c696000 CR4: 00000000003506a0
[  390.808398][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  390.808408][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  390.808420][    C1] Call Trace:
[  390.808424][    C1]  <IRQ>
[  390.808435][    C1]  unwind_next_frame+0x3d5/0x700
[  390.808455][    C1]  ? __kernel_text_address+0xd/0x30
[  390.808477][    C1]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  390.808501][    C1]  arch_stack_walk+0x124/0x150
[  390.808529][    C1]  ? syscall_trace_enter+0xf3/0x150
[  390.808547][    C1]  stack_trace_save+0x98/0xe0
[  390.808568][    C1]  ? __cfi_stack_trace_save+0x10/0x10
[  390.808589][    C1]  ? __stack_depot_save+0x36/0x480
[  390.808605][    C1]  ? __alloc_pages+0x450/0x450
[  390.808628][    C1]  ? memset+0x35/0x40
[  390.808653][    C1]  kasan_set_track+0x4b/0x70
[  390.808670][    C1]  ? kasan_set_track+0x4b/0x70
[  390.808687][    C1]  ? kasan_save_alloc_info+0x25/0x30
[  390.808711][    C1]  ? __kasan_slab_alloc+0x72/0x80
[  390.808729][    C1]  ? slab_post_alloc_hook+0x4f/0x2d0
[  390.808751][    C1]  ? kmem_cache_alloc+0x16e/0x330
[  390.808771][    C1]  ? __sigqueue_alloc+0x13f/0x210
[  390.808794][    C1]  ? __send_signal_locked+0x19d/0xb70
[  390.808814][    C1]  ? send_signal_locked+0x422/0x580
[  390.808834][    C1]  ? do_send_sig_info+0xd6/0x210
[  390.808854][    C1]  ? group_send_sig_info+0x118/0x2b0
[  390.808874][    C1]  ? do_bpf_send_signal+0x82/0x150
[  390.808900][    C1]  ? irq_work_run_list+0x18b/0x2b0
[  390.808920][    C1]  ? irq_work_run+0x6a/0xf0
[  390.808939][    C1]  ? __sysvec_irq_work+0x75/0x1c0
[  390.808963][    C1]  ? sysvec_irq_work+0xa1/0xc0
[  390.808982][    C1]  ? asm_sysvec_irq_work+0x1b/0x20
[  390.809002][    C1]  ? native_apic_msr_write+0x39/0x50
[  390.809026][    C1]  ? x2apic_send_IPI_self+0x6f/0x80
[  390.809048][    C1]  ? arch_irq_work_raise+0x98/0xf0
[  390.809072][    C1]  ? __irq_work_queue_local+0x115/0x190
[  390.809097][    C1]  ? irq_work_queue+0x9e/0x150
[  390.809116][    C1]  ? bpf_send_signal_common+0x2b2/0x420
[  390.809141][    C1]  ? bpf_send_signal+0x19/0x20
[  390.809160][    C1]  ? bpf_prog_7ba5217f62dcd359+0x38/0x3c
[  390.809176][    C1]  ? bpf_trace_run2+0xff/0x250
[  390.809197][    C1]  ? __bpf_trace_sys_enter+0x62/0x70
[  390.809214][    C1]  ? trace_sys_enter+0x3d/0x50
[  390.809230][    C1]  ? syscall_trace_enter+0xf3/0x150
[  390.809254][    C1]  ? __sigqueue_alloc+0x13f/0x210
[  390.809277][    C1]  kasan_save_alloc_info+0x25/0x30
[  390.809301][    C1]  __kasan_slab_alloc+0x72/0x80
[  390.809321][    C1]  slab_post_alloc_hook+0x4f/0x2d0
[  390.809344][    C1]  ? __sigqueue_alloc+0x13f/0x210
[  390.809368][    C1]  ? __sigqueue_alloc+0x13f/0x210
[  390.809391][    C1]  kmem_cache_alloc+0x16e/0x330
[  390.809411][    C1]  ? __sigqueue_alloc+0x13f/0x210
[  390.809435][    C1]  __sigqueue_alloc+0x13f/0x210
[  390.809459][    C1]  __send_signal_locked+0x19d/0xb70
[  390.809479][    C1]  ? _raw_spin_lock_irqsave+0xb0/0x110
[  390.809507][    C1]  send_signal_locked+0x422/0x580
[  390.809530][    C1]  do_send_sig_info+0xd6/0x210
[  390.809552][    C1]  group_send_sig_info+0x118/0x2b0
[  390.809574][    C1]  ? __cfi_group_send_sig_info+0x10/0x10
[  390.809599][    C1]  do_bpf_send_signal+0x82/0x150
[  390.809624][    C1]  irq_work_run_list+0x18b/0x2b0
[  390.809646][    C1]  ? irq_work_run+0xf0/0xf0
[  390.809668][    C1]  irq_work_run+0x6a/0xf0
[  390.809688][    C1]  __sysvec_irq_work+0x75/0x1c0
[  390.809713][    C1]  sysvec_irq_work+0xa1/0xc0
[  390.809732][    C1]  </IRQ>
[  390.809737][    C1]  <TASK>
[  390.809742][    C1]  asm_sysvec_irq_work+0x1b/0x20
[  390.809761][    C1] RIP: 0010:native_apic_msr_write+0x39/0x50
[  390.809786][    C1] Code: 74 05 83 ff 30 75 12 5d c3 81 ff d0 00 00 00 74 f6 81 ff e0 00 00 00 74 ee c1 ef 04 81 c7 00 08 00 00 89 f9 89 f0 31 d2 0f 30 <66> 90 eb d9 89 f6 31 d2 e8 7a d6 56 01 5d c3 0f 1f 84 00 00 00 00
[  390.809801][    C1] RSP: 0018:ffffc90000a77c20 EFLAGS: 00000246
[  390.809815][    C1] RAX: 00000000000000f6 RBX: 00000000000000f6 RCX: 000000000000083f
[  390.809825][    C1] RDX: 0000000000000000 RSI: 00000000000000f6 RDI: 000000000000083f
[  390.809836][    C1] RBP: ffffc90000a77c20 R08: dffffc0000000000 R09: fffff5200014ef81
[  390.809849][    C1] R10: 0000000000000000 R11: ffffffff81342080 R12: 0000000000000000
[  390.809860][    C1] R13: dffffc0000000001 R14: ffffffff86492b60 R15: dffffc0000000000
[  390.809875][    C1]  ? __cfi_native_apic_msr_write+0x10/0x10
[  390.809901][    C1]  x2apic_send_IPI_self+0x6f/0x80
[  390.809925][    C1]  arch_irq_work_raise+0x98/0xf0
[  390.809949][    C1]  __irq_work_queue_local+0x115/0x190
[  390.809970][    C1]  irq_work_queue+0x9e/0x150
[  390.809990][    C1]  bpf_send_signal_common+0x2b2/0x420
[  390.810016][    C1]  ? __set_printk_clr_event+0x80/0x80
[  390.810043][    C1]  bpf_send_signal+0x19/0x20
[  390.810063][    C1]  bpf_prog_7ba5217f62dcd359+0x38/0x3c
[  390.810084][    C1]  bpf_trace_run2+0xff/0x250
[  390.810107][    C1]  ? __cfi_bpf_trace_run2+0x10/0x10
[  390.810132][    C1]  __bpf_trace_sys_enter+0x62/0x70
[  390.810149][    C1]  trace_sys_enter+0x3d/0x50
[  390.810165][    C1]  syscall_trace_enter+0xf3/0x150
[  390.810183][    C1]  syscall_enter_from_user_mode+0x1f/0x30
[  390.810205][    C1]  do_syscall_64+0x24/0xa0
[  390.810219][    C1]  ? clear_bhb_loop+0x30/0x80
[  390.810240][    C1]  ? clear_bhb_loop+0x30/0x80
[  390.810260][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  390.810279][    C1] RIP: 0033:0x7f54bbb2adb9
[  390.810291][    C1] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  390.810305][    C1] RSP: 002b:00007f54bc9a9b40 EFLAGS: 00000246 ORIG_RAX: 000000000000000f
[  390.810321][    C1] RAX: ffffffffffffffda RBX: 00007f54bbdc6098 RCX: 00007f54bbb2adb9
[  390.810341][    C1] RDX: 00007f54bc9a9b40 RSI: 00007f54bc9a9c70 RDI: 0000000000000011
[  390.810353][    C1] RBP: 00007f54bbdc6090 R08: 0000000000000000 R09: 0000000000000000
[  390.810363][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  390.810373][    C1] R13: 00007f54bbdc6128 R14: 00007ffe0e5be5e0 R15: 00007ffe0e5be6c8
[  390.810390][    C1]  </TASK>