last executing test programs:

5.476109898s ago: executing program 2 (id=463):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000010000304000000000000000000000400", @ANYRES32=0x0, @ANYBLOB="00030000000000002000128009000100766c616e000000001000028004000480060001000200000008000500", @ANYRES32=r1, @ANYBLOB="08000a00a40a"], 0x50}}, 0x0)

5.473351677s ago: executing program 2 (id=466):
unshare(0x20000400)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240), 0x57)

5.444505s ago: executing program 2 (id=468):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x14, r2, 0x1, 0x0, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x90)

5.352082069s ago: executing program 2 (id=471):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0))
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f00000002c0)={'batadv_slave_1\x00', <r4=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r2, &(0x7f0000000100)={0x2c, 0x0, r4}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
ppoll(&(0x7f0000000500)=[{r0}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)

2.845442614s ago: executing program 2 (id=497):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0xfffffffe, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b702000008000000bfa300000000000007030000ffffffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000000000095000000000000006623848adf1dc9a764ab51a064caff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b81ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6b6981978d51514b00dcc4a2748b376358c33c9753beab62bdf27dc04e4cb4bc598affd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b770009524edd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd88345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1757b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c35af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d9900000011000003971b32fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d677d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc37e5aa23bff8cce0600000000000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68f536a03353a55a8a8e176e5d48887d31c8e0f77f2c1e68ec7c01bd5a2028a8fc107007f5f4c67600a6ade3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d9029f071fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b4492510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2020ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a017ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f6c3652c423ce6ecc1be5d4e8133fc32f68ea86a2df1e7df98a0ae216c405d0ae9eed114ff2d6fe27dfdff1cf9194849c4cc0da9533e5983863e526a7dc0d8728f3b573ca4427bdb44df9341e9b8420e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9467b51d92e0993af4beaf1f3d47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c27c318475802e2c62681bd1a331422a6e47bbd40857d52c4894944fae5c5000000000000000000000000e0c47613e950b6aefeae054fc723f62ac7d13941de11b018f1f48ac50335df91c771729f81929128135b2803562c1171ee00a3f4a31281aa363e087d53d86dd85e3ff979a7e72d16fdd7e1a0f07a1c8e6085d280d760f74975ceb3a5be6cfb4da8e0aeb769b8b75f4aad803ed77d34872eed2711aa40a3b38099dc2752e8ec9b520faf39e416752aa0830206736570f5d41a4df848c9052551cf8dcb1be000000000eb2577188e8e96bd825d462350905d3eb916b397d2a46a64081e85661d7a5a2716cc87cb1976d15d9b6418e94f165911803e43830432226c660f4da67bb7c8ceb3755c07197d8b80b8d16b12c2ec63bebe107aa2350a7ae564bf69a6c52a2da1496016dd66a1c1b112"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000880), 0xfffffffffffffddd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r3, 0x0, 0xe, 0x0, &(0x7f0000000140)="3d6ee2e04b91ab10143d9abe86dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.800073178s ago: executing program 2 (id=498):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x2000004c, &(0x7f00000001c0)=ANY=[@ANYRES16=0x0, @ANYRES8, @ANYRES32=0x0, @ANYBLOB="b71fe84fda50cf6fbefac5a5891d03a05027c0e6658ea94f09636160112a47b688552b72051bf0111daffbe0adef82589ee2fac726c31d20f98aa1f9761873cd604dab0d22b4b321f4c20044c5a8e018b51e52342814e4c33a7f4807781862b524b303c604203d95ef2f4feb698f5a4f3983ca0adeae0088c2e16969e9000a6a9d85bf9d4ee333cfeb763ad6506f66797f154f0923a63f106d908d1cf2a884e57ab63950b9883c40449a94847df80ca39e9394f8de077bfd7f0c81e773fe8ad33c339a0f92997d172adcde0c53c97cce8a0f42c862a0c88c9a25ccf6799b85dadc245f608d", @ANYBLOB="2c616c6c6f775f753d30303030303030a552303030303030303030303030303030372c646973636172642c00f7d4dceab5ea879b952debb95a4bd62fee1c5818ede60164889e83a588b4e8d85d0c30a28fa4ac4bf29b850e0f3403fda87be3922e7cff7f0000dd9fd4b9ef9af86ead00000000436cdb4047ce2f9fd77a67cf5b8ce94c9f9c55240d215f0cd19cbc29c929d50ee5aad4d9d5ff5709e589ccaf2f461164eb96418b01fc94850a03f75beb688e0efea28d60a7d8a7ba6f0a4eaf2caebdf1fc88d4cac84742fc33dedd39c639b1bb0f"], 0xfe, 0x1518, &(0x7f0000000d80)="$eJzs3AuYjtX6MPB1r7UehqS3SQ7Dutf98KbBIklySMghSZIkySkhSZIkJIackoYk5DhpchhCcpjGpHE+H3JOmmxNkyQhOSXru9j2tvvau/b/2/vb/tee+3dd65p1v897r/d+5n6vedfzzDXzXc9RdZvXq9WUiMS/BP78JUEIESOEGCaEuE4IEQghKsZWjL14PI+ChH/tRdi/18MpV7sCdjVx/3M27n/Oxv3P2bj/ORv3P2fj/uds3P+cjfvPWE62bXaR63nk3MH3/3My/vz/L5JddvJXG8re2Ot/kML9z9m4/zkb9z9n4/7nbNz/nI37/9+v5u8c4/7nbNx/xnKyv94LPu+9/19wP5rHf3Zc7fcfY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLGc4Yy/Qgsh/jK/2nUxxhhjjDHGGGPs38fnvtoVMMYYY4wxxhhj7P8/EFIooUUgconcIkbkEXnFNSKfuFbkF9eJiLhexIobRAFxoygoConCooiIE0VFMWEECitIhKK4KCGi4iZRUtws4kUpUVqUEU6UFeXELaK8uFVUELeJiuJ2UUncISqLKqKqqCbuFNXFXaKGqClqibtFbVFH1BX1xD2ivrhXNBD3iYbiftFIPCAaiwdFE/GQaCoeFs3EI6K5eFS0EI+JlqKVaC3aiLb/T/kvib7iZdFP9BcJYoAYKF4Rg8RgMUQMFcPEq2K4eE2MEK+LRDFSjBJviNHiTTFGvCXGinFivHhbTBATxSQxWUwRU0WSeEdME++KZPGemC5miJlilkgRs8Uc8b6YK+aJ+eIDsUB8KBaKRWKxWCJSxUciTSwV6eJjsUx8IjLEcrFCrBSrxGqxRqwV68R6sUFsFJvEZrFFbBXbxKdiu9ghdopdYrfYI/aKz8Q+8bnYL74QmeLL/2H+6f8rvxcIECBBggYNuSAXxEAM5IW8kA/yQX7IDxGIQCzEQgEoAAWhIBSGwhAHcVAMigECAgFBcSgOUYhCSSgJ8RAPpaE0OHBQDspBebgVKkAFqAgVoRJUgspQBapANagG1aE61IAaUAtqQW2oDXWhLtwD98C90AAaQENoCI2gETSGxtAEmkBTaArNoBk0h+bQAlpAS2gJraE1tIW20A7aQXtoDx2hI3SCTtAZOkMXUJff392gO3SHHtADekJP6AW9oTe8BC/By/Ay9IfacgAMhIEwCAbBEBgKQ+FVGA6vwWvwOiTCSBgFb8Ab8CaMgVMwFsbBeBgP1eVEmASTgeRUSIIkmAbTIBmSYTrMgBkwC1JgNsyBOTAX5sE8+AAWwIfwISyCRbAEUiEV0mAppEM6LIPTkAHLYQWshFWwGlbBWlgHa2EDbIQNsBk2w1bYCp/Cp7ADdsAu2AV7YA98Bp/B5/A5JEImZMIBOAAH4SBkQRZkQzYcgkNwGA7DETgCR+EoHIPjcAKOw0k4CafgNJyBM3AOzsF5eCHum2Z7Sq1PFPIiLbXMJXPJGBkj88q8Mp/MJ/PL/DIiIzJWxsoCsoAsKAvKwrKwjJNxspgsJlGiJBnK4rK4jMqoLClLyngZL0vL0tJJJ8vJcrK8LC8ryAqyorxdVpJ3yMqyiuzgqslqsrrs6GrImrKWrCVryzqyrqwn68n6sr5sIBvIhrKhbCQbycbyQdlEDoAh8LC82JnmciS0kKOgpWwlW8s28k14XLaTY6C97CA7yiflOBgLnWU710U+I7vKSdBNPicnw/Oyh5wKPeWLspfsLfvIl2Rf2d71k/3ldBggB8pZMEgOlkPkUDkX6siLHasrX5eJcqQcJd+QS+BNOUa+JcfKcXK8fFtOkBPlJDlZTpFTZZJ8R06T78pk+Z6cLmfImXKWTJGz5Rz5vpwr58n58gO5QH4oF8pFcrFcIlPlRzJNLpXp8mO5TH4iM+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVuldvkp3K73CF3yl1yt9wj98rP5D75udwvv5CZ8kt5QP5JHpRfySz5tcyW38hD8lt5WH4nj8jv5VH5gzwmj8sT8kd5Uv4kT8nT8ow8K8/Jn+V5+Yu8IL0UCpRUSmkVqFwqt4pReVRedY3Kp65V+dV1KqKuV7HqBlVA3agKqkKqsCqi4lRRVUwZhcoqUqEqrkqoqLpJlVQ3q3hVSpVWZZRTZVU5dYsqr25VFdRtqqK6XVVSd6jKqoqqqqqpO1V1dZeqoWqqWupuVVvVUXVVPXWPqq/uVQ3Ufaqhul81Ug+oxupB1UQ9pJqqh1Uz9Yhqrh5VLdRjqqVqpVqrNqqtely1U0+o9qqD6qieVJ3UU6qzelp1Uc+orupZ1U09p7qr51UP9YLqqV5UvVRv1Uf9oi4or/qp/ipBDVAD1StqkBqshqihaph6VQ1Xr6kR6nWVqEaqUeoNNVq9qcaot9RYNU6NV2+rCWqimqQmqylqqkpS76hp6l2VrN5T09UMNVPNUilqthpyeaX5/0T+u38nf8SlV9+qtqlP1Xa1Q+1Uu9RutUftVXvVPrVP7Vf7VabKVAfUAXVQHVRZKktlq2x1SB1Sh9VhdUQdUUfVUXVMHVdn1Y/qpPpJnVKn1Wl1Vp1T59T5y98DoUFLrbTWgc6lc+sYnUfn1dfofPpanV9fpyP6eh2rb9AF9I26oC6kC+siOk4X1cW00aitJh3q4rqEjuqbdEl9s47XpXRpXUY7XVaX07f8y/l/VF9b3Va30+10e91ed9QddSfdSXfWnXUX3UV31V11N91Nd9fddQ/dQ/fUPXUv3Uv30X10X91X99P9dIJO0AP1K3qQHqyH6KF6mH5VD9fD9Qg9QifqRD1Kj9Kj9Wg9Ro/RY/VYPV6P1xP0BD1JT9JT9BSdpJP0ND1NJ+tkPV1P1zP1TJ2iU/QcPUfP1XP1fD1fL9AL9EK9UC/Wi3WqTtVpOk2n63S9TC/TGXq5Xq5X6pV6tV6t1+q1er1erzfqjXqz3qwz9Da9TW/X2/VOvVPv1rv1Xr1X79P79H69X2fqTH1AH9AH9UGdpbN0ts7Wh/QhfVgf1kf0EX1UH9XH9DF9Qp/QJ/VJfUqf0mf0GX1On9Pn9Xl9QV+4uO0LZCADHeggV5AriAligrxB3iBfkC/IH+QPIkEkiA1igwLBjUHBoFBQOCgSxAVFg2KBCTCwAQVhUDwoEUSDm4KSwc1BfFAqKB2UCVxQNigX3BKUD24NKgS3BRWD24NKwR1B5aBKUDWoFtwZVA/uCmoENYNawd1B7aDOX34PFdwbNAjuCxoG9weNggeCxsGDQZPgoaBp8HDQLHgkaB48GrQIHgtaBq2C1kGboO0/u35QN6gX3BPU/931vT9V6AnXz/Q3CWaAGWheMYPMYDPEDDXDzKtmuHnNjDCvm0Qz0owyb5jR5k0zxrxlxppxZrx520wwE80kM9lMMVNNknnHTDPvmmTznpluZpiZZpZJMbPNHPO+mWvmmfnmA7PAfGgWmkVmsVliUs1HJs0sNenmY7PMfGIyzHKzwqw0q8xqs8asNevMerPBbDSbzGazxWw128ynZrvZYXaaXWa32WP2ms/MPvO52W++MJnmS3PA/MkcNF+ZLPO1yTbfmEPmW3PYfGeOmO/NUfODOWaOmxPmR3PS/GROmdPmjDlrzpmfzXnzi7lg/MXN/cWPd9SoMRfmwhiMwbyYF/NhPsyP+TGCEYzFWCyABbAgFsTCWBjjMA6LYTG8iJCwOBbHKEaxJJbEeIzH0lgaHTosh+WwPJbHClgBK2JFrISVsDJWxqpYFe/EO/EuvAtrYk28G+/GOlgH62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsjs2xBbbAltgSW2NrbIttsR22w/bYHjtiR+yEnbAzdsYu2AW7Ylfsht2wO3bHHtgDe2JP7IW9sA/2wb7YF/ud7YcJmIADcSAOwkE4BIfgMByGw3E4jsARmIiJOApH4WgcjWNwDI7FcTge38YJOBEn4WScglMxCZNwGk7DZEzG6TgdZ+JMTMEUnINzcC7Oxfk4HxfgAlyIC3ExLsZUTMU0TMN0TMdluAwzMANX4ApchatwDa7BdbgON+AG3ISbcAtuwW24DbfjdtyJO3E37sa9uBf34T7cj/sxEzPxAB7Ag3gQszALszEbD+EhPIyH8QgewaN4FI/hMTyBJ/AknsRTeArP4Bk8hz/jefwFL6DHGCtFXnuNzWevtfntdTbG5rF/Gxe2RWycLWqLWWML2kK/itFaG29L2dK2jHW2rC1nb/lNXNlWsVVtNXunrW7vsjV+E9e399oG9j7b0N5v69l7fhU3sg/YxvZR28Q+ZpvaVraZbWOb20dtC/uYbWlb2da2je1kn7Kd7dO2i33GdrXP/iZOs0vtOrvebrAb7T77uT1jz9rD9jt7zv5s+9n+dph91Q63r9kR9nWb2HDkr2M70o63b9sJdqKdZCfbKXbqb+KZdpZNsbPtHPu+nWvn/SZOtR/ZBTbdLrSL7GK75FJ8saZ0+7FdZj+xGXa5XWFX2lV2tV1j1/611pV2s91it9q99jO73e6wO+0uu9vuuRRfPI/99gubab+0h+y39qD9ymbZIzbbfnMpvnh+R+z39qj9wR6zx+0J+6M9aX+yp+zpS+d/8dx/tL/YC9ZbQUCSFGkKKBflphjKQ3npGspH11J+uo4idD3F0g1UgG6kglSIClMRiqOiVIwMIVkiCqk4laAo3UQl6WaKp1JUmsqQo7JUjm6h8nQrVaDbqCLdTpXoDqpMVagqVaM7qTrdRTWoJtWiu6k21aG6VI/uofp0LzWg+6gh3U+N6AFqTA9SE3qImtLD1Iweoeb0KLWgx6gltaLW1Iba0uPUjp6g9tSBOtKT1Imeos70NHWhZ6grPUvd6DnqTs9TD3qBetKL1It6Ux96ifrSy9SP+lMCDaCB9AoNosE0hIbSMHqVhtNrNIJep0QaSaPoDRpNb9IYeovG0jgaT2/TBJpIk2gyTaGplETv0DR6l5LpPZpOM2gmzaIUmk1z6H2aS/NoPn1AC+hDWkiLaDEtoVT6iNJoKaXTx7SMPqEMWk4raCWtotW0htbSOlpPG2gjbaLNtIW20jb6lLbTDtpJu2g37aG99Bnto89pP31BmfQlHaA/0UH6irLoa8qmb+gQfUuH6Ts6Qt/TUfqBjtFxOkE/0kn6iU7RaTpDZ+kc/Uzn6Re6QJ5ECKEMVajDIMwV5g5jwjxh3vCaMF94bZg/vC6MhNeHseENYYHwxrBgWCgsHBYJ48KiYbHQhBjakMIwLB6WCIW4KSwZ3hzGh6XC0mGZ0IVlw3LhLWH58NawQnhbWDG8PawU3hFWDquEj95fLbwzrB7eFdYIa4a1wrvD2mGdsG5YL7wnrB/eGzYI7wsbhveHFcIHwsbhg2GT8KGwafhw2Cx8JGwePhq2CB8LW4atwtZhm7Bt+HjYLnwibB92CDuGT4adwqfCzuHTYZfwmbBr+OwfHk8IB4QDw1fCV0Lv71OLo0uiqdGPomnRpdH06MfRZdFPohnR5dEV0ZXRVdHV0TXRtdF10fXRDdGN0U3RzdEt0a1R7+vlFg6cdMppF7hcLreLcXlcXneNy+eudfnddS7irnex7gZXwN3oCrpCrrAr4uJcUVfMGYfOOnKhK+5KuKi7yZV0N7t4V8qVdmWcc2VdOdfGtXVtXTv3hGvvOriO7kn3pHvKPeXyiKfdM66re9Z1c8+57u5518O94F5wL7perrfr415yfd3Lrp/r7xJcghvoBrpBbpAb4obkurwHcyPcCJfoEt0oN8qNdqPdGDfGjXVj3Xg33k1wE9wkN8lNcVNckkty09w0l+yS3XQ33c10M12KS3Fz3Bw318118918tyB+gVvoFrrFbrFLdakuzaW5dJfulrllLsNluBVuhVvlVrk1bo1b59a5DW6D2+Q2uS1ui9vmtrntbrvb6Xa63W632+v2un1un9vv9rtMl+kOuAPuoDvostzXLtt94w65b91h95074r53R90P7pg77k64H91J95M75U67M+6sO+d+dufdL+6C8y4p8k5kWuTdSHLkvcj0yIzIzMisSEpkdmRO5P3I3Mi8yPzIB5EFkQ8jCyOLIosjSyKpkY8iaZGlkfTIx5FlkU8iGZHlkRWRlZFVkdUR74tuD31xX8JH/U2+pL/Zx/tSvrQv450v68v5W3x5f6uv4G/zFf3tvpK/w1f2VXxV/5hv6Vv51r6Nb+sf9+38E7697+A7+id9J/+U7+yf9l38M76rf9Z388/57v5538O/4Hv6F30v39v38S/5vv5l38/39wl+gB/oX/GD/GA/xA/1w/yrfrh/zY/wr/tEP9KP8m/40f5NP8a/5cf6cX68f9tP8BP9JD/ZT/FTfZJ/x0/z7/pk/56f7mf4mX6WT/Gz/Rz/vp/r5/n5/gO/wH/oF/pFfrFf4lP9Rz7NL/Xp/mO/zH/iM/xyv8Kv9Kv8ar/Gr/Xr/Hq/wW/0m/xmv8Vv9dv8p3673+F3+l1+t9/j9/rP/D7/ud/vv/CZ/kt/wP/JH/Rf+Sz/tc/23/hD/lt/2H/nj/jv/VH/gz/mj/sT/kd/0v/kT/nT/ow/68/5n/15/4u/wH+zxhhjjDH2T0nO+v3jA/7OY/LyuGigEOLaHUWy//a4FkJsKvjn+WAZ1ykihHimf8+H/zJq105ISLj83AwlghKLhBCRK/mXLkMux8tFR/GU6CI6iPJ/t77Bsvc5+p314Zj30duFyPs3OTHiSnxl/Vv/wfqPPzk+rVJ4JvbX65+/vN+8WH90kRDxJa7k5BFX4ivrV/gH6xdq93v1ZyiR56skIdr/TU4+cSW+sn458YR4VnT51TMZY4wxxhhjjLE/Gyyrdv+D689L1+dx+lJ46eHc4q/xH16fM8YYY4wxxhhj7Op7vnefpx/v0qVDd57whCc8+evkav9kYowxxhhjjP27Xdn0/8OnZKX+RytijDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcZynv/EvxO72ufIGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMXW3/JwAA///UJ0JQ")
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000001540)='./bus\x00', 0x8000, &(0x7f0000000400)=ANY=[], 0x1, 0x1502, &(0x7f0000002a80)="$eJzs3Qu0jtX2MPA511oPm6Q3yX3NNR/e5LJIklyS5JIkSZLklpAkSRKSW25JSELuSe4hucVO7vdb7klyJEkSkluyvqFOxzn/zn90znfO//P/zp6/MdZ41xzrmetZ65177/d5njH23t+2H1S5bpUKtZkZ/iX460s3AEgBgL4AcA0ARABQIkuJLJfGM2js9q+dRPx7PTT1Sq9AXElS/7RN6p+2Sf3TNql/2ib1T9uk/mmb1D9tk/oLkZZtmZbzWmlpt/3rz/9Tfn2R5///H5LP/7RN6v+f5lSGf+Zoqf9/koshhH8uQ+qftkn90zapf9om9U/bpP5pm9RfiLTsSj9/lnZl25X++hNCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIkTacDZcZAPitf6XXJYQQQgghhBBCiH+fkP5Kr0AIIYQQQgghhBD/8xAUaDAQQTpIDymQATLCVZAJrobMcA0k4FrIAtdBVrgeskF2yAE5IRfkhjxggcABQwx5IR8k4QbIDzdCASgIhaAweCgCReEmKAY3Q3G4BUrArVASboNSUBrKQFm4HcrBHVAe7oQKcBdUhEpQGarA3VAV7oFqcC9Uh/ugBtwPNeEBqAUPQm14COrAw1AXHoF68CjUhwbQEBpB4/+r/BehM7wEXaArdIPu0ANehp7QC3pDH+gLr0A/eBX6w2swAAbCIHgdBsMbMATehKEwDIbDWzACRsIoGA1jYCyMg7dhPLwDE+BdmAiTYDJMgakwDabDezADZsIseB9mwwcwB+bCPJgPC+BDWAiLIBU+gsXwMSyBpbAMlsMKWAmrYDWsgbWwDtbDBtgIm2AzbIFPYCtsg+2wA3bCLtgNn8Ie+Az2wuewD774J/PP/Jf8DggIqFChQYPpMB2mYApmxIyYCTNhZsyMCUxgFsyCWTErZsNsmANzYC7MhXkwDxISMjLmxbyYxCTmx/xYAAtgISyEHj0WxaJYDG/G4lgcS2AJLIklsRSWxtJYFstiOSyH5bE8VsAKWBErYmWsjHfj3XgPVsNqWB2rYw2sgTWxJtbCWlgba2MdrIN1sS7Ww3pYH+tjQ2yIjbExNsEm2BSbYnNsji2wBbbEltgKW2FrbI1tsA22xbbYDtthe2yPHbAjdsQX8UV8CV/CrlhRdcce2AN7Yk/sjX2wD76C/fBVfBVfwwE4EAfh6/g6voFD8DQOxWE4HIdjOTUSR+FoZDUWx+E4HI/jcQJOwIk4CSfhFJyK03A6TscZOBNn4vs4Gz/AD3AuzsX5uAAX4EJchKmYiovxDC7BpbgMl+MKXIkrcDWuwdW4DtfjOtyIG3EzbsZP8BPchttwB+7AXbgLP8VP8TP8DAfgPtyH+3E/HsADeBAP4iE8hIfxMB7BI3gUj+IxPIbH8QSexBN4Ck/haTyDZ/EsnsfzeAEv4EW8eOmbX11ilFHpVDqVolJURpVRZVKZVGaVWSVUQmVRWVRWlVVlU9lUDpVD5VK5VB6VR5EixSpWeVVelVRJlV/lVwVUAVVIFVJeeVVUFVXFVDFVXBVXJdStqqS6TZVSpVUzX1aVVeVUc19e3akqqAqqoqqkKqsqqoqqqqqqaqqaqq6qqxqqhqqpHlC1VHfsjQ+pS5WpqwZiPTUI66sGkKIaqTfwMdVEDcGmqplqrp5Qw3AotlRNfCv1tGqtRmEb9awajc+pdmostlcvqA6qo+qkXlSdVVPfRXVVE7G76qGmYE/VS/VWfdQMrKQuVayyek0NUAPVIPW6mo9vqCHqTTVUDVPD1VtqhBqpRqnRaowaq8apt9V49Y6aoN5VE9UkNVlNUVPVNDVdvadmqJlqlnpfzVYfqDlqrpqn5qsF6kO1UC1SqeojtVh9rJaopWqZWq5WqJVqlVqt1qi1ap1arzaojWqT2qy2qE/UVrVNbVc71E61S+1Wn6o96jO1V32u9qkv1H71J3VAfakOqq/UIfW1Oqy+UUfUt+qo+k4dU9+r4+qEOql+UKfUj+q0OqPOqnPqvPpJXVA/q4sqKNColdba6Ein0+l1is6gM+qrdCZ9tc6sr9EJfa3Ooq/TWfX1OpvOrnPonDqXzq3zaKtJO8061nl1Pp3UN+j8+kZdQBfUhXRh7XURXVTfpIvpm3VxfYsuoW/VJfVtupQurcvosvp2XU7focvrO3UFfZeuqCvpyrqKvltX1ffoavpeXV3fp2vo+3VN/YCupR/UtfVDuo5+WNfVj+h6+lFdXzfQDXUj3Vg/ppvox3VT3Uw310/oFvpJ3VI/pVvpp3Vr/Yxuo5/VbfVzup1+XrfXL+gOuqPupH/WF3XQXXRX3U131z30y7qn7qV76z66r35F99Ov6v76NT1AD9SD9Ot6sH5DD9Fv6qF6mB6u39Ij9Eg9So/WY/RYPU6/rcfrd/QE/a6eqCfpyXqKnqqn6d5/nmnWP5D/zt/J7//L2TfrLfoTvVVv09v1Dr1T79K79W69R+/Re/VevU/v0/v1fn1AH9AH9UF9SB/Sh/VhfUQf0Uf1UX1MH9PH9Ql9Tv+gT+kf9Wl9Rp/R5/R5fV5f+PN7AAaNMtoYE5l0Jr1JMRnMuRBCJnO1yWyuMQlzrclirjNZzfUmm8lucpicJpfJbfIYa8g4wyY2eU0+kzQ3mPzmRlPAFDSFTGHjTRFT1Nz0L+f/vfVlNFeZ39bX2DQ2TUwT09Q0Nc1Nc9PCtDAtTUvTyrQyrU1r08a0MW1NW9POtDPtTXvTwXQwnUwn09l0NgEAuplupod52fQ0vUxv08f0Na+Yfqaf6W/6mwFmgBlkBpnBZrAZYoaYoWaoGW6GmxFmhBllRpkxZowZZ8aZ8Wa8mWAmmIlmoplsJpupZqqZbqabGWaGmWVmmdlmtplj5ph5Zp5ZYBaYhWahSTWpZrFZbJaYpWapWW6Wm5VmpVltVpu1Zq1Zb9abjWajWWLgbEgHAGG72W52mp1mt9lt9pg9Zq/Za/aZfWa/2W8OmAPmoDloDplD5rA5bI6YI+aoOWqOmWPmuDluTpqT5pQ5ZU6b0+asOWvOm/PmgrlgLpqLly77IhWpyEQmSheli1KilChjlDHKFGWKMkeZo0SUiLJEWaKs0fVRtih7lCPKGeWKckd5IhtR5CKO4ihvlC9KRjdE+aMbowJRwahQVDjyUZGoaHRTVCy6OSoe3RKViG6NSka3RaWi0lGZqGx0e1QuuiMqH90ZVYjuiipGlaLKUZXo7qhqdE9ULbo3qh7dF9WI7o9qRg9EtaIHo9rRQ1Gd6OGobvRIVC96NKofNYgaRo2ixv/W+UM4nf1x38V2td1sd9vDvmx72l62t+1j+9pXbD/7qu1vX7MD7EA7yL5uB9s37BD7ph1qh9nh9i07wo60o+xoO8aOtePs23a8fcdOsO/aiXaSnWyn2Kl2mp1u37Mz7Ew7y75vZ9sP7Bw7186z8+0C+6FdaBfZVPuRXWw/tkvsUrvMLrcr7Eq7yq62a+xau86utxvsRrvJbrZb7Cd2q91mt9sddqfdZXfbT+0e+5ndaz+3++wXdr/9kz1gv7QH7Vf2kP3aHrbf2CP2W3vUfmeP2e/tcXvCnrQ/2FP2R3vanrFn7Tl73v5kL9if7UUbLl3cX/p4J0OG0lE6SqEUykgZKRNlosyUmRKUoCyUhbJSVspG2SgH5aBclIvyUB66hIkpL+WlJCUpP+WnAlSAClEh8uSpKBWlYlSMilNxKkElqCSVpFJUisrQpfuR2+kOuoPupDvpLrqLKlElqkJVqCpVpWpUjapTdapBNagm1aRaVItqU22qQ3WoLtWlelSP6lN9akgNqTE1pibUhJpSU2pOzakFtaCW1JJaUStqTa2pDbWhttSW2lE7ak/tqQN1oE7UiTpTZ+pCXagbdaMe1IN6Uk/qTb2pL/WlftSP+lN/GkADaBANosE0mIbQEBpKw2g4vUUjaCSNotE0hsbSOBpH42k8TaAJNJEm0mSaTFNpKk2n6TSDZtAsmkWzaTbNoTk0j+bRAlpAC2khpVIqLabFtISW0DJaRitoBa2iVbSG1tA6WkcbaANtok20hbbQVtpK22k77aSdtJt20x7aQ3tpL+2jfbSf9tMBOkAH6SAdokN0mA7TETpCR+koHaNjdJyO40k6SafoFJ2m03SWztJ5+oku0M90kQKluAwuo7vKZXJXu8zuGpfiMnQFgL/EOVxOl8vldnmcddlc9r+JyTlXwBV0hVxh510RV9Td9Lu4lCvtyriy7nZXzt3hyv8ururucdXcva66u89VcXf/TVzD3e9qukdcLfeoq+0auDqukavrHnH13KOuvmvgGrpGroV70rV0T7lW7mnX2j3zu3ihW+TWuLVunVvv9rjP3Fl3zh1x37rz7ifXxXV1fd0rrp971fV3r7kBbuDv4uHuLTfCjXSj3Gg3xo39XTzZTXFT3TQ33b3nZriZv4sXuA/dbJfq5ri5bp6b/0t8aU2p7iO32H3slrilbplb7la4lW6VW/2XtS53G90mt9ntdp+6rW6b2+52uJ1u1y/xpX3sdZ+7fe4Ld9h94w64L91Bd9Qdcl//El/a31H3nTvmvnfH3Ql30v3gTrkf3Wl35pf9X9r7D+5nd9EFB4ysWLPhiNNxek7hDJyRr+JMfDVn5ms4wddyFr6Os/L1nI2zcw7Oybk4N+dhy8SOmWPOy/k4yTdwfr6RC3BBLsSF2XMRLso3cTG+mYvzLVyCb+WSfBuX4tJchsvy7VyO7+DyfCdX4Lu4IlfiylyF7+aqfA9X43u5Ot/HNfh+rskPcC1+kGvzQ1yHH+a6/AjX40e5PjfghtyIG/Nj3IQf56bcjJvzE9yCn+SW/BS34qe5NT/DbfhZbsvPcTt+ntvzC9yBO3InfpE780vchbtyN+7OPfhl7sm9uDf34b78CvfjV7k/v8YDeCAP4td5ML/BQ/hNHsrDeDi/xSN4JI/i0TyGx/I4fpvH8zs8gd/liTyJJ/MUnsrTeDq/xzN4Js/i93k2f8BzeC7P4/m8gD/khbyIU/kjXswf8xJeyst4Oa/glbyKV/MaXsvreD1v4I28iTfzFv6Et/I23s47eCfv4t38Ke/hz3gvf877+Avez3/iA/wlH+Sv+BB/zYf5Gz7C3/JR/o6P8fd8nE/wSf6BT/GPfJrP8Fk+x+f5J77AP/NFDgwxxirWsYmjOF2cPk6JM8QZ46viTPHVceb4mjgRXxtnia+Ls8bXx9ni7HGOOGecK84d54ltTLGLOY7jvHG+OBnfEOePb4wLxAXjQnHh2MdF4qLxTXGx+Oa4eHxLXCK+NS4Z3xaXikvHZeKy8e1xufiOuHx8Z1whviuuGFeKK8dV4rvjqvE9cbX43rh6fF9cPL4/rhk/ENeKH4xrxw/FdeKH47rxI3G9+NG4ftwgbhg3ihvHj8VN4sfjpnGzuHn8RNwifjJuGT8Vt4qfjlvHz/zheLe4e9wjfjl+OQ7hXj0vOT+5IPlhcmFyUTI1+VFycfLj5JLk0uSy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5OZkCFXSg0evvPbGRz6dT+9TfAaf0V/lM/mrfWZ/jU/4a30Wf53P6q/32Xx2n8Pn9Ll8bp/HW0/e+QwQ+7w+n0/6G3x+f6Mv4Av6Qr6w976IL+ob+ca+sW/iH/dNfTPf3D/hn/BP+if9U/4p/7Rv7Z/xbfyzvq1/zrfzz/vn/Qu+g+/oO/kXfWf/ku/iu/puvpvv4Xv4nr6n7+17+76+r+/n+/n+vr8f4Af4QX6QH+wH+yF+iB/qh/rhfrgf4Uf4UX6UH+PH+HF+nB/vx/sJfoKf6Cf6yX6yn+qn+ul+up/hZ/hZfpaf7Wf7OX6On+fn+QV+gV/oF/pUn+oX+8V+iV/il/llfoVf4Vf5VX6NX+PX+XV+g9/gN/lNfovf4rf6rX673+53+p1+t9/t9/g9fq/f6/f5fX6/3+8P+AP+oP/KH/Jf+8P+G3/Ef+uP+u/8Mf+9P+5P+JP+B3/K/+hP+zP+rD/nz/uf/AX/s7/ogx+XeDsxPvFOYkLi3cTExKTE5MSUxNTEtMT0xHuJGYmZiVmJ9xOzEx8k5iTmJuYl5icWJD5MLEwsSqQmPkosTnycWJJYmliWWJ5YkViZCCH31jjkDflCMtwQ8ocbQ4FQMBQKhYMPRULRcFMoFm4OxcMtoUS4NZQMt4VSoXQoEx4N9UOD0DA0Co3DY6FJeDw0Dc1C8/BEaBGeDC3DU6FVeDq0Ds+ENuHZ0DY8F9qF50P78ELoEDqGTuHF0Dm8FLqErqFb6B56hJdDz9Ar9A59Qt/wSugXXg39w2thQBgYBoXXw+DwRhgS3gxDw7AwPLwVRoSRYVQYHcaEsWFceDuMD++ECeHdMDFMCpPDlDA1TAvTw3thRpgZZoX3w+zwQZgT5oZ5YX5YED4MC8OikBo+CovDx2FJWBqWheVhRVgZVoXVYU1YG9aF9WFD2Bg2hc1hS/gkbA3bwvawI+wMu8Lu8GnYEz4Le8PnYV/4IuwPfwoHwpfhYPgqHApfh8Phm3AkfBuOhu/CsfB9OB5OhJPhh3Aq/BhOhzPhbDgXzoefwoXwc7gov7MmhBBCCPEP0X8w3v2/yVF/7vcAgKu35Tz0X8c3ZPu13yt9rhYJAHi6a/uHfmsVK3br1u3Pxy7REOWbCwCJy/np4HK8FJrDk9AKmkGxv4yn/NW51uXteJ7/YP7krQAZ/yrnUv5v8eX5b/67+++lRs7+w/nnAhTIdzknA1yOL89f/L+ZP3uTP5g/w5fjAJr+VU4muBxfnr8oPA7PQKu/OVIIIYQQQgghhPhVL1Wm7R/d3166P89lLuekh8vx37s/F0IIIYQQQgghxP8uz3Xs9NRjrVo1ayud/6lOuObXt/p/y3qkI51/oHOlfzIJIYQQQggh/t0uX/Rf6ZUIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBp1/+LPyf227n+6H8NCiGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEP+p/k8AAAD///wROr8=")
syz_mount_image$fuse(0x0, &(0x7f0000000100)='./file0\x00', 0x30000, 0x0, 0x1, 0x0, 0x0)
chdir(&(0x7f0000000540)='./file0\x00')
r1 = open(&(0x7f0000000140)='./file0\x00', 0x4002, 0x30)
fcntl$setstatus(r1, 0x4, 0x4c00)
write$FUSE_IOCTL(r1, &(0x7f0000000100)={0x20, 0x0, 0x0, {0x10001, 0x0, 0x3, 0x80}}, 0x20)
r2 = open(&(0x7f0000000140)='./file0\x00', 0x4002, 0x30)
fcntl$setstatus(r2, 0x4, 0x4c00)
write$FUSE_IOCTL(r2, &(0x7f0000000100)={0x20}, 0xfdef)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000100000007b8af8ff00000000bfa200000000000007020000faffffffb703000008400000b70600000000feff850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00', r4}, 0x10)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='environ\x00')
preadv(r5, &(0x7f0000000840)=[{&(0x7f0000003440)=""/4086, 0xff6}], 0x1, 0x2000, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000404c05d50310000200000109022400010000000009041200010300000009210000000122010009058103"], 0x0)
syz_usb_control_io$hid(r6, &(0x7f0000000b80)={0x24, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="002205"], 0x0}, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

2.21836916s ago: executing program 4 (id=508):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r1, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0207a20802"], 0x10}}, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000080)={{{@in=@broadcast, @in=@dev={0xac, 0x14, 0x14, 0x2a}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee00}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x40000000000000, 0x0, 0x0, 0x10000}, 0x0, 0x0, 0x1}, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x10000, 0x32}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0xb7, 0x1fb, 0xffffffff}}, 0xe8)
sendmmsg(r0, &(0x7f0000000180), 0x400000000000077, 0x7600)

2.117447219s ago: executing program 4 (id=510):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
r0 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff})
r2 = epoll_create1(0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, &(0x7f0000000140)={0x1ff, 0x4d, 0x81, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000000)={0xa0000001})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000800)={0xa0000006})

1.945902705s ago: executing program 1 (id=512):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(r0, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r1, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
signalfd(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
sendmsg$NFULNL_MSG_CONFIG(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x1, 0x4, 0x301, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000000104010400000000000000000000000006000640000000000a0002000000005147b60005"], 0x38}}, 0x0)

1.281190235s ago: executing program 3 (id=515):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
socket$packet(0x11, 0x0, 0x300)
r1 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000001800)=ANY=[@ANYBLOB="0180c200000050a245d7cde0080045000028000000000032907800000000ffffffff1100907800"/54], 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000186800000000000090737c73267beee600000000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r3}, 0x10)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018400110800395032303030"], 0x15)
r4 = dup(0xffffffffffffffff)
write$FUSE_BMAP(r4, &(0x7f0000000080)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX])
openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)

1.256055477s ago: executing program 4 (id=516):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
preadv(r2, 0x0, 0x0, 0x0, 0x0)

1.253515047s ago: executing program 3 (id=517):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
preadv(r2, 0x0, 0x0, 0x0, 0x0)

1.207131112s ago: executing program 3 (id=518):
r0 = socket(0x200000100000011, 0x803, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'xfrm0\x00', <r4=>0x0})
sendto$packet(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local}, 0x14)

1.206553472s ago: executing program 0 (id=519):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000013c0)={'ip_vti0\x00', &(0x7f0000001340)={'ip_vti0\x00', 0x0, 0x80, 0x7800, 0x4, 0xf79d9e1, {{0x11, 0x4, 0x2, 0x7, 0x44, 0x66, 0x0, 0x84, 0x4, 0x0, @rand_addr=0x64010100, @empty, {[@rr={0x7, 0x1b, 0x1, [@dev={0xac, 0x14, 0x14, 0x36}, @empty, @multicast2, @loopback, @broadcast, @dev={0xac, 0x14, 0x14, 0x17}]}, @lsrr={0x83, 0x13, 0x6b, [@rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x42}, @private=0xa010102, @rand_addr=0x64010100]}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
r6 = socket(0x200000100000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=@ipv6_newaddr={0x40, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r7}, [@IFA_CACHEINFO={0x14}, @IFA_LOCAL={0x14, 0x2, @local}]}, 0x40}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r9, 0x8933, &(0x7f0000000240)={'wg0\x00', <r10=>0x0})
sendmsg$nl_route(r8, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@ipv4_newroute={0x2c, 0x18, 0x811, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0xfd, 0x0, 0xfe, 0x2}, [@RTA_OIF={0x8, 0x4, r10}, @RTA_PREFSRC={0x8, 0x7, @local}]}, 0x2c}}, 0x0)
r11 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r11, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

1.173246994s ago: executing program 4 (id=520):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, <r3=>0x0}, &(0x7f0000000280)=0x5)
setuid(r3)
lchown(&(0x7f0000000000)='./file0\x00', r3, 0x0)

1.172917294s ago: executing program 4 (id=521):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001900)=@bridge_setlink={0x28, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x48}, [@IFLA_AF_SPEC={0x8, 0xc, 0x0, 0x0, [@AF_BRIDGE={0x4}]}]}, 0x28}}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000900)={'bridge0\x00', @broadcast})
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCPKT(r5, 0x5420, &(0x7f0000000100)=0xcf5)
ioctl$TCSETS(r5, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d830000000000590000000000000080"})
ppoll(&(0x7f0000000080)=[{r5}, {r5, 0x8000}], 0x2, 0x0, 0x0, 0x0)
r6 = syz_open_pts(r5, 0x0)
r7 = dup3(r6, r5, 0x0)
ioctl$TCSETSW2(r7, 0x5437, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r8, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r9 = dup(r8)
write$FUSE_BMAP(r9, &(0x7f0000000100)={0x18}, 0x18)
r10 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
fstat(r10, 0x0)

1.172487885s ago: executing program 3 (id=522):
getpid()
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x9)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='sched_switch\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x8, 0x0, 0x0, 0x0, 0x73, 0x11, 0x31}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0xb7}, @exit={0x95, 0x0, 0xc2}], {0x95, 0x0, 0x1200}}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0xf)

1.010435649s ago: executing program 4 (id=523):
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = syz_open_dev$usbfs(0x0, 0x75, 0x121301)
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x2208050, &(0x7f0000000140)=ANY=[], 0x1, 0x1516, &(0x7f0000003140)="$eJzs3Am4T+X2OPC13vfdHDJ8k8x7vWvzTYaXJMmQJEOSJCGZE5IkSZLEIVMSkpDxJJlD5nTSMc9D5qSTK0mSkJDk/T+n4e823H/33l/3r9896/M8+znv2nu/a6991vmePTzPOV90HVa9UY0q9ZkZ/h365wH++CURABIAYCAAZAeAAADK5CiTI217Jo2J/9ZBxH9IgxmXuwJxOUn/0zfpf/om/U/fpP/pm/Q/fZP+p2/S//RN+i9EujYr75WypN9F3v//L6f+J5Pl+v/fB/G3q/7RvtL//zb6X9pb+p9uZPi9ldL/9OL3LwHS//RN+p+eBZe7AHGZyec/fZP+C5Gu/envlDecu9zvtGX5FxYhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEOL/g3P+EgMAP48vd11CCCGEEEIIIYT48/i3LncFQgghhBBCCCGE+M9DUKDBQAAZICMkQCbIDFdAFsgK2SA7xOBKyAFXQU64GnJBbsgDeSEf5IcCEAKBBYYICkIhiMM1UBiuhSJQFIpBcXBQAkrCdVAKrofScAOUgRuhLNwE5aA8VICKcDNUglugMtwKVeA2qArVoDrUgNuhJtwBteBOqA13QR24G+rCPVAP7oX60AAawn3QCO6HxtAEmkIzaA4toOUfzE/K/nvzn4Ee8Cz0hF6QCL2hDzwHfaEf9IcBMBCeh0HwAgyGF2EIDIVh8BIMh5dhBLwCI2EUjIZXYQyMhXEwHibAREiC12ASvA6T4Y37s8JUmAbTYQbMhFnwJsyGOTAX3oJ5MB8WQFKmRbAYlsDbsBTegWR4F5bBe5ACy2EFrIRVsBrWwFpYB+thA2yETbAZtsBW2Abvw3bYATthF+yGPbAXPoB98CHsh48gFT/+F+ef/eV86IaAgAoVGjSYATNgAiZgZsyMWTALZsNsGMMY5sAcmBNzYi7MhXkwD+bDfFgACyAhISNjQSyIcYxjYSyMRbAIFsNi6NBhSSyJpfB6LI2lsQyWwbJYFstheSyPFbEiVsJKWBkrYxWsglWxKlbH6ng73o53YC2shbWxNtbBOlgX62I9rIf1sT42xIbYCBthY2yMTbEpNsfm2BJbYitsha2xNbbFttgO22F7bI8dsAN2xI7YCTthZ+yMXbALdsWu2A2fxqfxGXwGn8VnsRdWVb2xD/bBvtgX++MAHIDP4yB8AV/AF3EIDsVh+BK+hC/jCDyDI3EUjsbRWEmNxXE4HllNxCRMwowwCSfjZJyCU3EqTscZOBNn4SycjXNwDr6F83A+zseFuBAX4xJcgkvxHUzGZFyGZzEFl+MKXImrcDWuwrW4DtfiBtyIG3AzbsatuBXfx/dxB+7AXbgL9+Ae/AA/wA/xQxyCqZiKB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5wDgPJ7HC3gBL+LFtA+/SmOUURlUBpWgElRmlVllUVlUNpVNxVRM5VA5VE6VU+VSuVQelUflU/lUAVVAkSLFKlIFVUEVV3FVWBVWRVQRVUwVU045VVKVVKVUKVValVZl1I2qrLpJlVPlVRtXUVVUlVRbV1ndqqqoKqqqqqaqqxqqhqqpaqpaqpaqrWqrOqqOqqvuUfVUb+yPDVRaZxqpodhYDcOmqplqrlqol/EB1UqNwNaqjWqrHlKjcCS2V61cB/Wo6qjGYSf1uBqPT6guaiJ2VU+pbupp1V09o3qo1q6n6qWmYG/VR03Hvqqf6q8GqNlYTaV1rLp6UQ1RQ9Uw9ZJajC+rEeoVNVKNUqPVq2qMGqvGqfFqgpqoktRrapJ6XU1Wb6gpaqqapqarGWqmmqXeVLPVHDVXvaXmqflqgVqoFqnFaol6Wy1V76hk9a5apt5TKWq5WqFWqlVqtVqj1qp1ar3aoDaqTWqz2qK2qm3qfbVd7VA71S61W+1Re9UHap/6UO1XH6lU9bE6oP6mDqpP1CH1qTqsPlNH1OfqqPpCHVNfquPqK3VCnVSn1NfqtPpGnVFn1Tn1rTqvvlMX1PfqovIKNGqltTY60Bl0Rp2gM+nM+gqdRWfV2XR2HdNX6hz6Kp1TX61z6dw6j8mr8+n8uoAONWmrWUe6oC6k4/oaXVhfq4voorqYLq6dLqFL6ut0KX29Lq1v0GX0jbqsvkmX0+V1BQ/6Zl1J36Ir61t1FX2brqqr6eq6hr5d19R36Fr6Tl1b36Xr6Lt1XX2Prqfv1fV1A91Q36cb6ft1Y91EN9XNdHPdQrfUD+hW+kHdWrfRbfVDup1+WLfXj+gO+lHdUT+mO+nHdWf9hO6in9Rd9VO6m35ad9ff64va6566l07UvXUf/Zzuq/vp/nqAHqif14P0C3qwflEP0UP1MP2SHq5f1iP0K3qkHqVH61f1GD1Wj9Pj9QQ9USfp1/Qk/bqerN/QU/RUPU1P1zP0TN3/p0xz/4n5r//O/ME/HH2r3qbf19v1Dr1T79K79R69V+/V+/Q+vV/v16k6VR/QB/RBfVAf0of0YX1YH9FH9FF9VB/Tx/RxfVyf0Cf1t/prfVp/o8/os/qs/laf1+f1hZ++B2DQKKONMYHJYDKaBJPJZDZXmCwmq8lmspuYudLkMFeZnOZqk8vkNnlMXpPP5DcFTGjIWMMmMgVNIRM315jC5lpTxBQ1xUxx40wJU9Jc9z+e/0f1tTQtTSvTyrQ2rU1b09a0M+1Me9PedDAdTEfT0XQynUxn09l0MV1MV9PVdDPdTHfT3fQwPUxP09MkmkTTxzxn+pp+pr8ZYAaa580gM8gMNoPNEDPEDDPDzHAz3IwwI8xIM9KMNqPNGDPGjDPjzAQzwST57GaSmWQmm8lmiplipg3MbmaYGWaWmWVmm9lmrplr5pl5ZoFZYBaZRWaJWWKWmqUm2SSbZWaZSTHLzXKz0qw0q81qs9asNevNerPRbDSbzWaTYraZbWa72W52mp1mt9lt9pq9Zp/ZZ/ab/SbVpJoD5oA5aA6aQ+aQOWwOmyPmiDlqjppj5pg5bo6bE+aEOWVOmdPmtDljzphz5pw5b86bC+aCuWgupt32BSpQgQlMkCHIECQECUHmIHOQJcgSZAuyBbEgFuQIcgQ5g6uDXEHuIE+QN8gX5A8KBGFAgQ04iIKCQaEgHlwTFA6uDYoERYNiQfHABSWCksF1Qang+qB0cENQJrgxKBvcFJQLygcVgorBzUGl4JagcnBrUCW4LagaVAuqBzWC24OawR1BreDOoHZwV1AnuDuoG9wT1AvuDeoHDYKGwX1Bo+D+oHHQJGgaNAuaBy2Cln9qfu/P5H7Q9Qx7hYlh77BP+FzYN+wX9g8HhAPD58NB4Qvh4PDFcEg4NBwWvhQOD18OR4SvhCPDUeHo8NVwTDg2HBeODyeEE8Ok8LVwUvh6ODl8I5wSTg2nBdPDGeHMcFb4Zjg7nBPODd8K54XzwwXhwnBRuDhE/PFuPDl8N1wWvhemhMvDFeHKcFW4OlwTrg3XhevDDeHGcFO4ucygH3cNt4c7wp3hrnB3uCfcG34Q7gs/DPeHH4Wp4cfhgfBv4cHwk/BQ+Gl4OPwsPBJ+Hh4NvwiPhV+Gx8OvwhPhyUwQfh2eDr8Jz4Rnw3Pht+H58LvwQvh9eDH0aTf3aZd3MmQoA2WgBEqgzJSZslAWykbZKEYxykE5KCflpFyUi/JQHspH+agAFaA0TEwFqSDFKU6FqTAVoSJUjIqRI0clqSSVolJUmkpTGSpDZakslSNLFagC3Uw30y10C91Kt9JtdBtVo2pUg2oQYk2qRbWoNtWmOlSH6lJdqkf1qD7Vp4bUkBpRI2pMjakpNaXm1JxaUktqRa2oNbWmttSW2lE7ak/tqQN1oI7UkTpRJ+pMnakLdaGu1JW6UTfqTt2pB/WgntSTEimR+lAf6kt9qT/1p4E0kAbRIBpMg2kIDaFhNIyG03AaQSNoJI2i0fQqjaGxNI7G0wSaSEmURJNoEk2myTSFptA0mkYzaAbNolk0m2bTXJpL82geLaAFtIgW0RJaQktpKSVTMi2jZZRCKbSCVtAqWkVraA2to3W0gTbQJtpEW2gLbaNttJ22007aSbtpN+2lvbSP9tF+2k+plEoH6AAdpIN0iA7RYTpMR+gIHaWjdIyO0XE6TifoBJ2iU3SaTtMZOkPn6Bydp+/oAn1PF8lTgs1kM9srbBab1Waz2e2v4zw2r81n89sCNrS5bO5fxGStLWKL2mK2uHW2hC1pr/tNXM6WtxVsRXuzrWRvsZVtOZsJ/j6uae+wteydtra9y9awt/8irmPvtnXt/baebWLr22a2oW1hG9n7bWPbxDa1zWxz28K2sw/b9vYR28E+ajvax34TL7Xv2HV2vd1gN9p99kN7zn5rj9ov7Hn7ne1pe9mB9nk7yL5gB9sX7RA79JcxgB1tX7Vj7Fg7zo63E+zE38TT7HQ7w860s+ybdrad85t4iX3bzrPJdoFdaBfZxT/EaTUl23ftMvueTbHL7Qq70q6yq+0au/b/1rrSbrZb7Fa7135gt9sddqfdZXfbPT/Eaeex335kU+3H9oj93B60n9hD9pg9bD/7IU47v2P2S3vcfmVP2JP2lP3anrbf2DP27A/nn3buX9vv7UXrLTCyYs2GA87AGTmBM3FmvoKzcFbOxtk5xldyDr6Kc/LVnItzcx7Oy/k4PxfgkIktM0dckAtxnK/hwnwtF+GiXIyLs+MSXJKv41J8PZfmG7gM38hl+SYux+W5Alfkm7kS38KV+VauwrdxVa7G1bkG3841+Q6uxXdybb6L6/DdXJfv4Xp8L9fnBtyQ7+NGfD835ibclJtxc27BLfkBbsUPcmtuw235IW7HD3N7foQ78KPckR/jTvw4d+YnuAs/yV35Ke7GT3N3foZ78LPck3txIvfmPvwc9+V+3J8H8EB+ngfxCzyYX+QhPJSH8Us8nF/mEfwKj+RRPJpf5TE8lsfxeJ7AEzmJX+NJ/DpP5jd4Ck/laTydZ/BMnsVv8myew3P5LZ7H83kBL+RFvJiX8Nu8lN/hZH6Xl/F7nMLLeQWv5FW8mtfwWl7H63kDb+RNvJm38Fbexu/zdt7BO3kX7+Y9vJc/4H38Ie/njziVP+YD/Dc+yJ/wIf6UD/NnfIQ/56P8BR/jL/k4f8Un+CSf4q/5NH/DZ/gsn+Nv+Tx/xxf4e77IniHCSEU6MlEQZYgyRglRpihzdEWUJcoaZYuyR7HoyihHdFWUM7o6yhXljvJEeaN8Uf6oQBRGFNmIoygqGBWK4tE1UeHo2qhIVDQqFhWPXFQiKhldF5WKro9KRzdEZaIbo7LRTVG5qHxUIaoY3RxVim6JKke3RlWi26KqUbWoelQjuj2qGd0R1YrujGpHd0Wlo7ujutE9Ub3o3qh+1CBqGN0XNYrujxpHTaKmUbOoedQiahk9ELWKHoxaR22ittFDUbvo4ah99EjUIXo06hg9dml70eDHq+mvtidGvSP90xuyO/Wi+OL4kvjb8aXxd+LJ8Xfjy+LvxVPiy+Mr4ivjq+Kr42via+Pr4uvjG+Ib45vim+Nb4lvj3tfICA7THoTBuMBlcBldgsvkMrsrXBaX1WVz2V3MXelyuKtcTne1y+Vyuzwur8vn8rsCLnTkrGMXuYKukIu7a1xhd60r4oq6Yq64c66EK+lauJaupWvlHnStXRvX1j3kHnIPu4fdI+4R96jr6B5zndzjrrN7wnVxT7on3VOum3vadXfPuB7uWdfT9XKJLtH1cX1cX9fX9Xf93UA30A1yg9xgN9gNcUPcMDfMDXfD3Qg3wo10I91oN9qNcWPcODfOTXATXJJLcpPcJDfZTXZT3BQ3zU1zM9wMN8vNcrPdbDfXzXXz3Dy3wC1wi9wit8QtcUvdUpfskt0yt8yluBS3wq1wq9wqt8atcevcOrfBbXCb3Ca3xW1x29w2t91tdzvdTrfb7XZ73V63z+1z+91+l+pS3QF3wB10B90h96k77D5zR9zn7qj7wh1zX7rj7it3wp10p9zX7rT7xp1xZ9059607775zF9z37qLzLin2WmxS7PXY5NgbsSmxqbFpsemxGbGZsVmxN2OzY3Nic2NvxebF5scWxBbGFsUWx5bE3o4tjb0TS469G1sWey+WElseWxFbGVsVWx3zPv/2yBf0hXzcX+ML+2t9EV/UF/PFvfMlfEl/nS/lr/el/Q2+jL/Rl/U3+XK+vK/gm/imvplv7lv4lv4B38o/6Fv7Nr6tf8i38w/79v4R38E/6jv6x3wn/7jv7J/wXfyTvqt/av5PP56+h3/W9/S9fKLv7fv453xf38/39wP8QP+8H+Rf8IP9i36IH+qH+Zf8cP+yH+Ff8SP9KD/av+rH+LF+nB/vJ/iJPsm/5if51/1k/4af4qf6aX66n+Fn+ln+TT/bz/Fz/Vt+np/vF/iFfpFf7Jf4t/1S/45P9u/6Zf49n+KX+xV+pV/lV/s1fq1f59f7DX6j3+Q3+y1+q9/mM8J2v8Pv9Lv8br/H7/Uf+H3+Q7/ff+RT/cf+gP+bP+g/8Yf8p/6w/8wf8Z/7o/4Lf8x/6Y/7r/wJf9Kf8l/70/4bf8af9ef8t/68/85f8N/7i/I3a0IIIYQQ/xT9B9t7/8469dNiAKAPAGTdkffwr3NuyvXjuJ/a1zEGAI/26trg56VBg8TExJ/2TdEQFFoIALFL8zPApXg5tIWHoQO0gVK/W18/VQH5V/mDv9uelj9+I0BmgEw/r0uAH+Jf5b/+H+Rv8vav8/+6/vhCgCKFLs1JO9DP8aX8pf9B/j3t/iB/pk+SAFr/3ZwscCm+lL8kPAiPQYdf7CmEEEIIIYQQQvyonzrf7Y+eb9Oez/OZS3MywqX4j57P/0DlP+MchBBCCCGEEEII8f/2xNPdH3mgQ4c2nf+bBxn/GmX8BQYIAH+BMmTw1x9c7t9MQgghhBBCiD/bpZv+y12JEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgiRfv37/yFM/dM7X+5zFEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIS63/xMAAP//gUVOqg==")
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000100)='./file0\x00', 0x31024a5, 0x0, 0xa, 0x0, &(0x7f0000000040))
mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000400)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000010000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10)
lgetxattr(0x0, 0x0, 0x0, 0x0)
chdir(&(0x7f00000003c0)='./file0\x00')
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYRES64=r0, @ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0xfffffffffffffddf, &(0x7f0000000040)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f00000002c0)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, 0x0, 0x0)
setresuid(0x0, 0x0, 0x0)

528.954013ms ago: executing program 1 (id=524):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r1 = dup(r0)
write$binfmt_script(r1, &(0x7f00000000c0)={'#! ', './file0', [], 0xa, "a5cd30a69310965c7f804ad6a3e015507dd9a4159f1a3007f5660467844c7045bb2bd8e3df2b7f839c4d5a687fd75dcbf5cf9650db3d7d1be67c51ffd78d1b62c48efd80c8eba3d0d39f84b58e2226916270af1e1cb0c54508b0b79d1e81981c07701484501198b729c27f842d3418ae12022c21"}, 0x7f)

467.352098ms ago: executing program 0 (id=525):
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000abb1ee093f17c79fe3a86365ecffcf94db1b868569c8860cd6352e3f05af596a6b4a04588257936ad6705cfacc5fd422f767a0e3ae699caa63f94316531a5b128ec3e6e01dcdc4b84a1245"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
timer_create(0x0, &(0x7f0000000100)={0x0, 0x0, 0x1, @thr={0x0, 0x0}}, &(0x7f0000000140))
clock_gettime(0x0, &(0x7f0000000180)={<r2=>0x0})
timer_settime(0x0, 0x1, &(0x7f00000001c0)={{r2}, {0x0, 0x3938700}}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000a40)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='netlink_extack\x00', r5}, 0x10)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x1a)
sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x14, 0x12, 0xa01}, 0x14}}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r7}, 0x10)
connect$netlink(r0, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001500)=@newtaction={0x18, 0x32, 0x829, 0x0, 0x0, {0x0, 0x0, 0x2}, [{0x4}]}, 0x18}}, 0x0)

368.535867ms ago: executing program 1 (id=526):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000710000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0x3, 0x300)
r2 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
pipe2$9p(0x0, 0x0)
r5 = socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@broadcast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @dev, @private}, @address_reply}}}}, 0x0)
sendmsg(r5, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x36}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000008c0)={0x8c, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}]}]}, 0x8c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x3, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r7}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r6}, &(0x7f00000001c0), &(0x7f0000000300)}, 0x20)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
utime(&(0x7f0000000200)='./file0\x00', 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
syz_emit_ethernet(0x1f, &(0x7f0000000180)=ANY=[@ANYBLOB="ffffffffffff000000e8ff00001142"], 0x0)

343.394569ms ago: executing program 0 (id=527):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
socket$packet(0x11, 0x0, 0x300)
r1 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000001800)=ANY=[@ANYBLOB="0180c200000050a245d7cde0080045000028000000000032907800000000ffffffff1100907800"/54], 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000186800000000000090737c73267beee600000000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018400110800395032303030"], 0x15)
r5 = dup(r4)
write$FUSE_BMAP(r5, &(0x7f0000000080)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r5, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)

247.800588ms ago: executing program 0 (id=528):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
preadv(r2, 0x0, 0x0, 0x0, 0x0)

180.958014ms ago: executing program 3 (id=529):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000710000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0x3, 0x300)
r2 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
pipe2$9p(0x0, 0x0)
r5 = socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@broadcast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @dev, @private}, @address_reply}}}}, 0x0)
sendmsg(r5, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x36}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000008c0)={0x8c, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}]}]}, 0x8c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x3, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r7}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r6}, &(0x7f00000001c0), &(0x7f0000000300)}, 0x20)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
utime(&(0x7f0000000200)='./file0\x00', 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
syz_emit_ethernet(0x6e, &(0x7f0000000080)={@broadcast, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x38, 0x3a, 0x0, @local, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x7d0, {0x0, 0x6, "8cb02b", 0x0, 0x2f, 0x0, @loopback, @local, [@srh]}}}}}}}, 0x0)

135.358358ms ago: executing program 1 (id=530):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
preadv(r2, 0x0, 0x0, 0x0, 0x0)

99.960281ms ago: executing program 3 (id=531):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(r0, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f0000000180)=0x7)
sendmsg$tipc(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
signalfd(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x1, 0x4, 0x301, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000000104010400000000000000000000000006000640000000000a0002000000005147b60005"], 0x38}}, 0x0)

61.337114ms ago: executing program 1 (id=532):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, <r3=>0x0}, &(0x7f0000000280)=0x5)
setuid(r3)
lchown(&(0x7f0000000000)='./file0\x00', r3, 0x0)

60.573405ms ago: executing program 0 (id=533):
r0 = socket(0x200000100000011, 0x803, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'xfrm0\x00', <r4=>0x0})
sendto$packet(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local}, 0x14)

60.292505ms ago: executing program 1 (id=534):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_type(r1, &(0x7f00000001c0), 0x2, 0x0)
mkdirat$cgroup(r1, &(0x7f0000000080)='syz0\x00', 0x1ff)
write$cgroup_type(r2, &(0x7f0000000280), 0x9)
socket$packet(0x11, 0x3, 0x300)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff)
r3 = openat$cgroup_procs(r1, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r3, &(0x7f0000000c40), 0x12)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='signal_deliver\x00', r4}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001480)='./cgroup/syz1\x00', 0x200002, 0x0)
r6 = openat$cgroup_ro(r5, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r6, &(0x7f0000000200)=0x1, 0x12)

0s ago: executing program 0 (id=535):
socket$key(0xf, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'batadv_slave_0\x00', <r0=>0x0})
r1 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=@base={0x1e, 0x6, 0x4, 0x5, 0x28013, 0xffffffffffffffff, 0x44e, '\x00', r0, r1, 0x1000, 0x4, 0x4, 0x0, @value=r1, @void, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, 0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getpid()
socketpair(0x1d, 0x3, 0x1, &(0x7f0000000000))
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000680)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@metacopy_on}], [], 0x2c})
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000580)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
renameat2(r6, &(0x7f0000000380)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', r7, &(0x7f0000000040)='./file1\x00', 0x0)

kernel console output (not intermixed with test programs):

  T290] device bridge_slave_0 entered promiscuous mode
[   22.479485][  T290] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.486331][  T290] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.493657][  T290] device bridge_slave_1 entered promiscuous mode
[   22.540229][  T291] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.547081][  T291] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.554421][  T291] device bridge_slave_0 entered promiscuous mode
[   22.562701][  T291] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.569589][  T291] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.576740][  T291] device bridge_slave_1 entered promiscuous mode
[   22.653934][  T293] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.660872][  T293] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.667955][  T293] device bridge_slave_0 entered promiscuous mode
[   22.674567][  T292] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.681432][  T292] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.688758][  T292] device bridge_slave_0 entered promiscuous mode
[   22.696733][  T292] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.703653][  T292] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.710769][  T292] device bridge_slave_1 entered promiscuous mode
[   22.720621][  T294] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.727454][  T294] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.734733][  T294] device bridge_slave_0 entered promiscuous mode
[   22.741207][  T293] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.748044][  T293] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.755359][  T293] device bridge_slave_1 entered promiscuous mode
[   22.775898][  T294] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.782793][  T294] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.790060][  T294] device bridge_slave_1 entered promiscuous mode
[   22.890671][  T290] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.897518][  T290] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.904688][  T290] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.911541][  T290] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.973326][  T291] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.980282][  T291] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.987356][  T291] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.994178][  T291] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.012637][  T293] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.019500][  T293] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.026587][  T293] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.033395][  T293] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.049976][  T294] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.056833][  T294] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.063957][  T294] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.070728][  T294] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.109896][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.116979][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.124269][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.131466][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.139320][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.146528][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.153722][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.160999][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.169666][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   23.176969][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   23.200846][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   23.209138][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.215984][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.229738][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   23.237425][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   23.244896][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   23.253018][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.259856][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.267314][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   23.275520][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.282531][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.304216][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   23.312432][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.319370][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.327066][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   23.335478][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.342342][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.349639][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   23.357606][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.364473][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.382976][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   23.391281][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   23.399392][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   23.407164][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   23.415958][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.422830][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.451551][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   23.459983][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   23.467924][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.474780][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.482114][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   23.490590][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   23.498313][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   23.506309][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   23.514160][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   23.522165][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   23.530041][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   23.537829][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   23.545845][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   23.553793][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   23.566076][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   23.574064][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   23.591494][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   23.598942][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   23.606148][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   23.614436][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   23.622475][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.629340][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.636667][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   23.644936][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   23.652979][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.659816][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.667024][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   23.676964][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   23.685243][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   23.703247][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   23.711521][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   23.719855][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   23.727966][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   23.736557][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   23.744466][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   23.752562][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   23.760032][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   23.768161][  T294] device veth0_vlan entered promiscuous mode
[   23.778157][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   23.785985][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   23.796123][  T293] device veth0_vlan entered promiscuous mode
[   23.803734][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   23.811110][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   23.818868][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   23.826556][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   23.834739][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   23.842312][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   23.850503][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   23.858914][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   23.867736][  T290] device veth0_vlan entered promiscuous mode
[   23.883131][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   23.891494][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   23.899794][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   23.912627][  T291] device veth0_vlan entered promiscuous mode
[   23.920227][  T293] device veth1_macvtap entered promiscuous mode
[   23.928156][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   23.936192][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   23.944147][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   23.952210][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   23.960180][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   23.968048][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   23.975486][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   23.989522][  T290] device veth1_macvtap entered promiscuous mode
[   24.004002][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   24.012057][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   24.019819][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.027827][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.036264][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.044491][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.052871][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   24.062653][  T294] device veth1_macvtap entered promiscuous mode
[   24.072718][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.080884][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.105173][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.113764][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.122511][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   24.130781][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   24.139012][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.147012][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.155392][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.163684][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.174549][  T291] device veth1_macvtap entered promiscuous mode
[   24.194794][  T292] device veth0_vlan entered promiscuous mode
[   24.215026][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   24.225573][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   24.233832][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   24.241889][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   24.249447][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   24.320054][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.332866][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.341223][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.349677][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.372031][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   24.487353][  T329] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3'.
[   24.664712][  T292] device veth1_macvtap entered promiscuous mode
[   24.699747][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.708159][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.722579][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.739032][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.848575][  T320] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   24.968500][   T20] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   25.108454][  T320] usb 3-1: Using ep0 maxpacket: 32
[   25.208453][   T20] usb 5-1: Using ep0 maxpacket: 16
[   25.288551][  T320] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   25.308502][  T320] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   25.312029][  T347] loop0: detected capacity change from 0 to 1024
[   25.318085][  T320] usb 3-1: New USB device found, idVendor=06a3, idProduct=0ccb, bcdDevice= 0.00
[   25.366035][  T320] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   25.389557][  T320] usb 3-1: config 0 descriptor??
[   25.533045][   T20] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 8
[   25.567725][  T347] EXT4-fs (loop0): Ignoring removed orlov option
[   25.579792][  T347] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[   25.595394][  T347] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[   26.688161][   T30] kauditd_printk_skb: 44 callbacks suppressed
[   26.688180][   T30] audit: type=1400 audit(1730951013.320:120): avc:  denied  { getopt } for  pid=316 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   26.771469][   T30] audit: type=1400 audit(1730951013.350:121): avc:  denied  { mount } for  pid=346 comm="syz.0.9" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   26.792748][   T30] audit: type=1400 audit(1730951013.410:122): avc:  denied  { confidentiality } for  pid=346 comm="syz.0.9" lockdown_reason="use of bpf to read kernel RAM" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1
[   27.068570][   T20] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[   27.077767][   T20] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   27.087298][   T20] usb 5-1: Product: syz
[   27.091514][   T20] usb 5-1: Manufacturer: syz
[   27.095953][   T20] usb 5-1: SerialNumber: syz
[   27.104254][   T20] usb 5-1: config 0 descriptor??
[   27.111302][   T30] audit: type=1326 audit(1730951013.720:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=365 comm="syz.1.12" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc25947c719 code=0x0
[   27.144660][   T30] audit: type=1400 audit(1730951013.740:124): avc:  denied  { write } for  pid=346 comm="syz.0.9" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   27.161134][  T347] netlink: 'syz.0.9': attribute type 4 has an invalid length.
[   27.167226][   T30] audit: type=1400 audit(1730951013.740:125): avc:  denied  { add_name } for  pid=346 comm="syz.0.9" name="memory.events" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   27.195594][   T20] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[   27.203718][   T20] usb 5-1: Detected FT232RL
[   27.215006][  T347] syz.0.9 (347) used greatest stack depth: 20128 bytes left
[   27.226187][   T30] audit: type=1400 audit(1730951013.740:126): avc:  denied  { create } for  pid=346 comm="syz.0.9" name="memory.events" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   27.256527][   T30] audit: type=1400 audit(1730951013.740:127): avc:  denied  { append open } for  pid=346 comm="syz.0.9" path="/2/file1/memory.events" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   27.280585][   T30] audit: type=1400 audit(1730951013.740:128): avc:  denied  { read write } for  pid=346 comm="syz.0.9" name="memory.events" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   27.644649][  T374] loop0: detected capacity change from 0 to 40427
[   27.698839][  T374] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   27.717628][  T374] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   27.738329][  T374] F2FS-fs (loop0): invalid crc value
[   27.763365][  T374] F2FS-fs (loop0): Found nat_bits in checkpoint
[   28.218794][  T320] usbhid 3-1:0.0: can't add hid device: -71
[   28.224800][  T320] usbhid: probe of 3-1:0.0 failed with error -71
[   28.297477][  T374] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   28.323354][  T320] usb 3-1: USB disconnect, device number 2
[   28.336256][  T374] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   28.661557][   T30] audit: type=1400 audit(1730951015.300:129): avc:  denied  { create } for  pid=389 comm="syz.2.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   28.758548][   T20] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[   28.778499][   T20] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[   28.808841][   T20] ftdi_sio 5-1:0.0: GPIO initialisation failed: -71
[   28.840449][   T20] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[   28.860687][  T399] loop3: detected capacity change from 0 to 2048
[   28.910983][   T20] usb 5-1: USB disconnect, device number 2
[   28.935518][   T20] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[   28.957410][   T20] ftdi_sio 5-1:0.0: device disconnected
[   28.998738][  T399] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   29.611203][  T412] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   29.628610][  T412] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 152 with error 28
[   29.664656][  T412] EXT4-fs (loop3): This should not happen!! Data will be lost
[   29.664656][  T412] 
[   29.688721][  T412] EXT4-fs (loop3): Total free blocks count 0
[   29.742684][  T412] EXT4-fs (loop3): Free/Dirty block details
[   29.780771][  T412] EXT4-fs (loop3): free_blocks=2415919104
[   29.798704][  T412] EXT4-fs (loop3): dirty_blocks=160
[   29.822177][  T412] EXT4-fs (loop3): Block reservation details
[   29.858499][  T412] EXT4-fs (loop3): i_reserved_data_blocks=10
[   30.478631][  T197] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[   30.509324][  T197] EXT4-fs (loop3): This should not happen!! Data will be lost
[   30.509324][  T197] 
[   30.747642][  T197] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   30.758852][  T197] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[   30.807483][  T423] capability: warning: `syz.4.24' uses deprecated v2 capabilities in a way that may be insecure
[   30.819791][  T423] Zero length message leads to an empty skb
[   32.127846][  T441] loop1: detected capacity change from 0 to 2048
[   32.150854][  T447] loop3: detected capacity change from 0 to 256
[   32.165197][  T320] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   32.182820][   T30] kauditd_printk_skb: 11 callbacks suppressed
[   32.182836][   T30] audit: type=1326 audit(1730951018.820:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=442 comm="syz.2.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897f33c719 code=0x7ffc0000
[   32.213892][  T447] =======================================================
[   32.213892][  T447] WARNING: The mand mount option has been deprecated and
[   32.213892][  T447]          and is ignored by this kernel. Remove the mand
[   32.213892][  T447]          option from the mount to silence this warning.
[   32.213892][  T447] =======================================================
[   32.251382][   T30] audit: type=1326 audit(1730951018.820:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=442 comm="syz.2.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897f33c719 code=0x7ffc0000
[   32.283308][  T441] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   32.294223][   T30] audit: type=1326 audit(1730951018.820:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=442 comm="syz.2.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f897f33c719 code=0x7ffc0000
[   32.317552][   T30] audit: type=1326 audit(1730951018.820:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=442 comm="syz.2.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897f33c719 code=0x7ffc0000
[   32.340678][   T30] audit: type=1326 audit(1730951018.820:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=442 comm="syz.2.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897f33c719 code=0x7ffc0000
[   32.388106][  T447] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011a39, chksum : 0xa7648d78, utbl_chksum : 0xe619d30d)
[   32.415057][   T30] audit: type=1326 audit(1730951018.820:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=442 comm="syz.2.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f897f33c719 code=0x7ffc0000
[   32.636081][   T30] audit: type=1326 audit(1730951018.820:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=442 comm="syz.2.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897f33c719 code=0x7ffc0000
[   32.706687][   T30] audit: type=1326 audit(1730951018.820:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=442 comm="syz.2.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897f33c719 code=0x7ffc0000
[   32.731368][  T457] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   32.745697][  T320] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   32.746312][   T30] audit: type=1326 audit(1730951018.820:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=442 comm="syz.2.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f897f33c719 code=0x7ffc0000
[   32.763279][  T320] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[   32.779231][   T30] audit: type=1326 audit(1730951018.820:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=442 comm="syz.2.31" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897f33c719 code=0x7ffc0000
[   32.796653][  T320] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   32.812531][  T457] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1490 with error 28
[   32.835271][  T457] EXT4-fs (loop1): This should not happen!! Data will be lost
[   32.835271][  T457] 
[   32.844859][  T457] EXT4-fs (loop1): Total free blocks count 0
[   32.850867][  T457] EXT4-fs (loop1): Free/Dirty block details
[   32.856640][  T457] EXT4-fs (loop1): free_blocks=2415919104
[   32.862236][  T457] EXT4-fs (loop1): dirty_blocks=1504
[   32.867306][  T457] EXT4-fs (loop1): Block reservation details
[   32.873341][  T457] EXT4-fs (loop1): i_reserved_data_blocks=94
[   33.038469][  T197] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[   33.050837][  T197] EXT4-fs (loop1): This should not happen!! Data will be lost
[   33.050837][  T197] 
[   33.068617][  T320] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   33.077641][  T320] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   33.085531][  T320] usb 5-1: Product: syz
[   33.089592][  T320] usb 5-1: Manufacturer: syz
[   33.094002][  T320] usb 5-1: SerialNumber: syz
[   33.139082][  T320] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found
[   33.157029][  T320] cdc_ncm 5-1:1.0: bind() failure
[   33.170030][   T20] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   33.688990][  T423] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=none:owns=io+mem
[   33.703423][  T361] usb 5-1: USB disconnect, device number 3
[   33.788526][   T20] usb 4-1: config 0 has an invalid interface number: 18 but max is 0
[   33.799746][   T20] usb 4-1: config 0 has no interface number 0
[   33.807738][  T472] netlink: 16 bytes leftover after parsing attributes in process `syz.2.36'.
[   33.809843][   T20] usb 4-1: config 0 interface 18 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   33.837367][   T20] usb 4-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   33.928550][   T20] usb 4-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10
[   33.942609][   T20] usb 4-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[   33.957262][   T20] usb 4-1: Manufacturer: syz
[   33.970480][   T20] usb 4-1: config 0 descriptor??
[   34.236783][  T478] netlink: 16 bytes leftover after parsing attributes in process `syz.1.38'.
[   34.377816][  T488] bridge0: port 2(bridge_slave_1) entered disabled state
[   34.384885][  T488] bridge0: port 1(bridge_slave_0) entered disabled state
[   34.464429][  T491] bridge0: port 1(bridge_slave_0) entered blocking state
[   34.471356][  T491] bridge0: port 1(bridge_slave_0) entered forwarding state
[   34.482524][  T488] bridge0: port 2(bridge_slave_1) entered blocking state
[   34.489412][  T488] bridge0: port 2(bridge_slave_1) entered forwarding state
[   34.496552][  T488] bridge0: port 1(bridge_slave_0) entered blocking state
[   34.503464][  T488] bridge0: port 1(bridge_slave_0) entered forwarding state
[   34.510999][  T488] device bridge0 entered promiscuous mode
[   34.511184][  T494] FAULT_INJECTION: forcing a failure.
[   34.511184][  T494] name failslab, interval 1, probability 0, space 0, times 1
[   34.518628][  T361] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   34.538102][  T494] CPU: 1 PID: 494 Comm: syz.2.45 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[   34.547821][  T494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   34.557719][  T494] Call Trace:
[   34.560847][  T494]  <TASK>
[   34.563629][  T494]  dump_stack_lvl+0x151/0x1c0
[   34.568129][  T494]  ? io_uring_drop_tctx_refs+0x190/0x190
[   34.573598][  T494]  dump_stack+0x15/0x20
[   34.577588][  T494]  should_fail+0x3c6/0x510
[   34.581843][  T494]  __should_failslab+0xa4/0xe0
[   34.586444][  T494]  should_failslab+0x9/0x20
[   34.590780][  T494]  slab_pre_alloc_hook+0x37/0xd0
[   34.595554][  T494]  kmem_cache_alloc_trace+0x48/0x210
[   34.600676][  T494]  ? alloc_bprm+0x59/0x760
[   34.604932][  T494]  alloc_bprm+0x59/0x760
[   34.609006][  T494]  ? __check_object_size+0x2ec/0x3d0
[   34.614129][  T494]  ? strncpy_from_user+0x18e/0x2d0
[   34.619078][  T494]  do_execveat_common+0x193/0x710
[   34.623936][  T494]  ? getname_flags+0x1fd/0x520
[   34.628538][  T494]  __x64_sys_execveat+0xce/0xf0
[   34.633226][  T494]  x64_sys_call+0x886/0x9a0
[   34.637562][  T494]  do_syscall_64+0x3b/0xb0
[   34.641814][  T494]  ? clear_bhb_loop+0x35/0x90
[   34.646326][  T494]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   34.652054][  T494] RIP: 0033:0x7f897f33c719
[   34.656314][  T494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   34.675753][  T494] RSP: 002b:00007f897dfb5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[   34.683994][  T494] RAX: ffffffffffffffda RBX: 00007f897f4f3f80 RCX: 00007f897f33c719
[   34.691808][  T494] RDX: 0000000000000000 RSI: 0000000020000080 RDI: ffffffffffffff9c
[   34.699624][  T494] RBP: 00007f897dfb5090 R08: 0000000000000000 R09: 0000000000000000
[   34.707436][  T494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   34.715244][  T494] R13: 0000000000000000 R14: 00007f897f4f3f80 R15: 00007fff0c253ed8
[   34.723060][  T494]  </TASK>
[   34.848533][   T20] usbhid 4-1:0.18: can't add hid device: -71
[   34.854459][   T20] usbhid: probe of 4-1:0.18 failed with error -71
[   34.868529][   T20] usb 4-1: USB disconnect, device number 2
[   34.875484][  T499] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   34.975260][  T497] loop2: detected capacity change from 0 to 40427
[   35.008522][  T361] usb 2-1: Using ep0 maxpacket: 32
[   35.081046][  T497] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   35.091154][  T504] xt_TPROXY: Can be used only with -p tcp or -p udp
[   35.100833][  T497] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   35.110379][  T497] F2FS-fs (loop2): invalid crc value
[   35.120976][  T497] F2FS-fs (loop2): Found nat_bits in checkpoint
[   35.138629][  T361] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   35.156863][  T361] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   35.172574][  T361] usb 2-1: New USB device found, idVendor=06a3, idProduct=0ccb, bcdDevice= 0.00
[   35.190728][  T361] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   35.217583][  T361] usb 2-1: config 0 descriptor??
[   35.223750][  T497] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   35.236055][  T497] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   35.286304][  T515] loop4: detected capacity change from 0 to 512
[   35.350842][  T515] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.51: corrupted in-inode xattr
[   35.366668][  T515] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.51: couldn't read orphan inode 15 (err -117)
[   35.378926][  T515] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   35.498506][  T413] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   35.659186][  T197] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   35.669053][  T197] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[   35.722645][  T527] netlink: 16 bytes leftover after parsing attributes in process `syz.4.54'.
[   35.822959][  T531] loop0: detected capacity change from 0 to 2048
[   35.880910][  T531] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   36.358577][  T197] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   36.361812][  T544] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   36.390761][  T197] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   36.417627][  T197] EXT4-fs (loop0): This should not happen!! Data will be lost
[   36.417627][  T197] 
[   36.442590][  T197] EXT4-fs (loop0): Total free blocks count 0
[   36.458521][  T197] EXT4-fs (loop0): Free/Dirty block details
[   36.470462][  T197] EXT4-fs (loop0): free_blocks=2415919104
[   36.488604][  T197] EXT4-fs (loop0): dirty_blocks=2368
[   36.495127][  T197] EXT4-fs (loop0): Block reservation details
[   36.502213][  T197] EXT4-fs (loop0): i_reserved_data_blocks=148
[   36.577035][  T552] loop4: detected capacity change from 0 to 1024
[   36.589983][  T413] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 306 with error 28
[   36.602615][  T413] EXT4-fs (loop0): This should not happen!! Data will be lost
[   36.602615][  T413] 
[   36.621510][  T552] EXT4-fs (loop4): Ignoring removed orlov option
[   36.627821][  T552] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[   36.640826][  T552] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[   36.663394][  T553] binder: 549:553 ioctl c0306201 0 returned -14
[   36.705460][  T552] netlink: 'syz.4.62': attribute type 4 has an invalid length.
[   36.789951][  T560] loop4: detected capacity change from 0 to 512
[   36.948549][  T560] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2815: Unable to expand inode 11. Delete some EAs or run e2fsck.
[   36.977462][  T560] EXT4-fs (loop4): 1 truncate cleaned up
[   36.995664][  T560] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   37.238514][  T361] usbhid 2-1:0.0: can't add hid device: -71
[   37.244439][  T361] usbhid: probe of 2-1:0.0 failed with error -71
[   37.276467][  T361] usb 2-1: USB disconnect, device number 2
[   37.592430][   T30] kauditd_printk_skb: 28 callbacks suppressed
[   37.592450][   T30] audit: type=1326 audit(1730951024.220:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=579 comm="syz.3.69" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1a9bc55719 code=0x0
[   38.271936][  T588] loop2: detected capacity change from 0 to 40427
[   38.284449][  T596] netlink: 16 bytes leftover after parsing attributes in process `syz.4.73'.
[   38.361857][  T588] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   38.376211][  T588] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   38.387372][  T588] F2FS-fs (loop2): invalid crc value
[   38.474445][  T588] F2FS-fs (loop2): Found nat_bits in checkpoint
[   38.583386][  T588] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   38.593387][  T588] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   38.604926][  T609] loop3: detected capacity change from 0 to 256
[   38.709263][  T610] netlink: 16 bytes leftover after parsing attributes in process `syz.0.75'.
[   38.849349][  T609] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011a39, chksum : 0xa7648d78, utbl_chksum : 0xe619d30d)
[   39.018695][   T26] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   39.212651][   T20] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   39.796926][   T26] usb 1-1: Using ep0 maxpacket: 32
[   39.819497][   T30] audit: type=1326 audit(1730951026.460:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=622 comm="syz.1.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   39.858657][   T30] audit: type=1326 audit(1730951026.480:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=622 comm="syz.1.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   39.901782][   T30] audit: type=1326 audit(1730951026.480:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=622 comm="syz.1.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   39.978560][   T26] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   39.988201][   T30] audit: type=1326 audit(1730951026.480:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=622 comm="syz.1.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   40.000424][   T26] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   40.027124][   T30] audit: type=1326 audit(1730951026.480:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=622 comm="syz.1.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   40.051881][   T26] usb 1-1: New USB device found, idVendor=06a3, idProduct=0ccb, bcdDevice= 0.00
[   40.053025][   T30] audit: type=1326 audit(1730951026.480:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=622 comm="syz.1.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   40.084714][   T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   40.084972][   T30] audit: type=1326 audit(1730951026.480:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=622 comm="syz.1.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   40.098271][   T26] usb 1-1: config 0 descriptor??
[   40.116570][   T30] audit: type=1326 audit(1730951026.480:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=622 comm="syz.1.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   40.143362][  T413] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   40.143698][   T30] audit: type=1326 audit(1730951026.480:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=622 comm="syz.1.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   40.176233][  T413] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[   40.188611][   T20] usb 4-1: config 0 has an invalid interface number: 18 but max is 0
[   40.202541][   T20] usb 4-1: config 0 has no interface number 0
[   40.218551][   T20] usb 4-1: config 0 interface 18 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   40.235446][   T20] usb 4-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   40.318574][   T20] usb 4-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10
[   40.327810][   T20] usb 4-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[   40.336071][   T20] usb 4-1: Manufacturer: syz
[   40.359265][   T20] usb 4-1: config 0 descriptor??
[   40.697258][  T639] FAULT_INJECTION: forcing a failure.
[   40.697258][  T639] name failslab, interval 1, probability 0, space 0, times 0
[   40.709974][  T639] CPU: 0 PID: 639 Comm: syz.1.86 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[   40.719693][  T639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   40.729589][  T639] Call Trace:
[   40.732713][  T639]  <TASK>
[   40.735491][  T639]  dump_stack_lvl+0x151/0x1c0
[   40.740006][  T639]  ? io_uring_drop_tctx_refs+0x190/0x190
[   40.745478][  T639]  dump_stack+0x15/0x20
[   40.749562][  T639]  should_fail+0x3c6/0x510
[   40.753809][  T639]  __should_failslab+0xa4/0xe0
[   40.758403][  T639]  ? shmem_alloc_inode+0x1a/0x30
[   40.763174][  T639]  should_failslab+0x9/0x20
[   40.767512][  T639]  slab_pre_alloc_hook+0x37/0xd0
[   40.772284][  T639]  ? shmem_alloc_inode+0x1a/0x30
[   40.777056][  T639]  kmem_cache_alloc+0x44/0x200
[   40.781657][  T639]  ? shmem_match+0x180/0x180
[   40.786082][  T639]  shmem_alloc_inode+0x1a/0x30
[   40.790683][  T639]  new_inode_pseudo+0x64/0x220
[   40.795382][  T639]  new_inode+0x28/0x1c0
[   40.799374][  T639]  shmem_get_inode+0x328/0x9e0
[   40.803973][  T639]  ? _raw_spin_unlock+0x4d/0x70
[   40.808658][  T639]  __shmem_file_setup+0x111/0x2a0
[   40.813527][  T639]  shmem_file_setup+0x2f/0x40
[   40.818037][  T639]  __se_sys_memfd_create+0x1e1/0x3e0
[   40.823157][  T639]  __x64_sys_memfd_create+0x5b/0x70
[   40.828190][  T639]  x64_sys_call+0x871/0x9a0
[   40.832528][  T639]  do_syscall_64+0x3b/0xb0
[   40.836780][  T639]  ? clear_bhb_loop+0x35/0x90
[   40.841295][  T639]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   40.847020][  T639] RIP: 0033:0x7fc25947c719
[   40.851275][  T639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   40.870802][  T639] RSP: 002b:00007fc2580f4e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   40.879047][  T639] RAX: ffffffffffffffda RBX: 000000000000046a RCX: 00007fc25947c719
[   40.886943][  T639] RDX: 00007fc2580f4ef0 RSI: 0000000000000000 RDI: 00007fc2594efc0a
[   40.894759][  T639] RBP: 0000000020000b40 R08: 00007fc2580f4bb7 R09: 00007fc2580f4e40
[   40.902568][  T639] R10: 000000000000000a R11: 0000000000000202 R12: 00000000200000c0
[   40.910376][  T639] R13: 00007fc2580f4ef0 R14: 00007fc2580f4eb0 R15: 0000000020000100
[   40.918193][  T639]  </TASK>
[   41.192600][  T650] process 'syz.4.90' launched './file1' with NULL argv: empty string added
[   41.278529][   T20] usbhid 4-1:0.18: can't add hid device: -71
[   41.284496][   T20] usbhid: probe of 4-1:0.18 failed with error -71
[   41.291525][  T655] netlink: 16 bytes leftover after parsing attributes in process `syz.2.88'.
[   41.308226][   T20] usb 4-1: USB disconnect, device number 3
[   41.684540][  T662] loop0: detected capacity change from 0 to 256
[   41.738486][   T26] usbhid 1-1:0.0: can't add hid device: -71
[   41.739203][  T662] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[   41.744258][   T26] usbhid: probe of 1-1:0.0 failed with error -71
[   41.770904][  T662] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186)
[   41.801611][   T26] usb 1-1: USB disconnect, device number 2
[   42.443324][  T695] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.450369][  T695] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.463760][  T695] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.470729][  T695] bridge0: port 1(bridge_slave_0) entered forwarding state
[   42.486333][  T695] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.493405][  T695] bridge0: port 2(bridge_slave_1) entered forwarding state
[   42.500525][  T695] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.507370][  T695] bridge0: port 1(bridge_slave_0) entered forwarding state
[   42.548536][  T695] device bridge0 entered promiscuous mode
[   42.557228][  T699] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.564376][  T699] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.579482][  T699] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.586452][  T699] bridge0: port 1(bridge_slave_0) entered forwarding state
[   42.603843][  T699] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.610753][  T699] bridge0: port 2(bridge_slave_1) entered forwarding state
[   42.617840][  T699] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.624626][  T699] bridge0: port 1(bridge_slave_0) entered forwarding state
[   42.632031][  T699] device bridge0 entered promiscuous mode
[   42.685074][   T30] kauditd_printk_skb: 97 callbacks suppressed
[   42.685090][   T30] audit: type=1400 audit(1730951029.320:286): avc:  denied  { read write } for  pid=706 comm="syz.0.111" name="uhid" dev="devtmpfs" ino=259 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   42.719116][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   42.739834][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   42.755326][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   42.769889][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   42.781295][   T30] audit: type=1400 audit(1730951029.350:287): avc:  denied  { open } for  pid=706 comm="syz.0.111" path="/dev/uhid" dev="devtmpfs" ino=259 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   42.808351][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   42.823884][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   42.838451][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   42.853933][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   42.869504][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   42.883952][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   42.899443][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   42.913901][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   42.929415][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   42.943848][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   42.959305][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   42.974769][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   42.990266][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   43.005135][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   43.014034][  T712] netlink: 16 bytes leftover after parsing attributes in process `syz.2.112'.
[   43.031001][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   43.054208][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   43.069053][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   43.092229][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   43.112371][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   43.127868][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   43.137776][  T707] loop0: detected capacity change from 0 to 40427
[   43.142778][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   43.152187][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   43.159619][  T296] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   43.167635][  T296] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   43.224679][  T707] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   43.238018][  T707] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   43.251568][  T707] F2FS-fs (loop0): invalid crc value
[   43.257901][  T716] FAULT_INJECTION: forcing a failure.
[   43.257901][  T716] name failslab, interval 1, probability 0, space 0, times 0
[   43.262723][  T707] F2FS-fs (loop0): Found nat_bits in checkpoint
[   43.271380][  T716] CPU: 1 PID: 716 Comm: syz.3.113 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[   43.286198][  T716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   43.296090][  T716] Call Trace:
[   43.299214][  T716]  <TASK>
[   43.301987][  T716]  dump_stack_lvl+0x151/0x1c0
[   43.306540][  T716]  ? io_uring_drop_tctx_refs+0x190/0x190
[   43.311973][  T716]  ? release_sock+0x163/0x1b0
[   43.316488][  T716]  dump_stack+0x15/0x20
[   43.320481][  T716]  should_fail+0x3c6/0x510
[   43.324735][  T716]  __should_failslab+0xa4/0xe0
[   43.329333][  T716]  ? __alloc_skb+0xbe/0x550
[   43.333669][  T716]  should_failslab+0x9/0x20
[   43.338008][  T716]  slab_pre_alloc_hook+0x37/0xd0
[   43.342780][  T716]  ? __alloc_skb+0xbe/0x550
[   43.347118][  T716]  kmem_cache_alloc+0x44/0x200
[   43.351724][  T716]  __alloc_skb+0xbe/0x550
[   43.355886][  T716]  netlink_sendmsg+0x797/0xd20
[   43.360491][  T716]  ? netlink_getsockopt+0x560/0x560
[   43.365517][  T716]  ? kmem_cache_free+0x116/0x2e0
[   43.370295][  T716]  ? security_socket_sendmsg+0x82/0xb0
[   43.375587][  T716]  ? netlink_getsockopt+0x560/0x560
[   43.380625][  T716]  ____sys_sendmsg+0x59e/0x8f0
[   43.385224][  T716]  ? __sys_sendmsg_sock+0x40/0x40
[   43.389617][  T707] F2FS-fs (loop0): recover fsync data on readonly fs
[   43.390084][  T716]  ? import_iovec+0xe5/0x120
[   43.396879][  T707] F2FS-fs (loop0): Try to recover 1th superblock, ret: -30
[   43.401028][  T716]  ___sys_sendmsg+0x252/0x2e0
[   43.401055][  T716]  ? __sys_sendmsg+0x260/0x260
[   43.401088][  T716]  ? __fdget+0x1bc/0x240
[   43.408908][  T707] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   43.412557][  T716]  __se_sys_sendmsg+0x19a/0x260
[   43.433225][  T716]  ? __x64_sys_sendmsg+0x90/0x90
[   43.437994][  T716]  ? ksys_write+0x260/0x2c0
[   43.442337][  T716]  ? debug_smp_processor_id+0x17/0x20
[   43.447538][  T716]  ? fpregs_assert_state_consistent+0xb6/0xe0
[   43.453442][  T716]  __x64_sys_sendmsg+0x7b/0x90
[   43.458039][  T716]  x64_sys_call+0x16a/0x9a0
[   43.462377][  T716]  do_syscall_64+0x3b/0xb0
[   43.466629][  T716]  ? clear_bhb_loop+0x35/0x90
[   43.471148][  T716]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   43.475569][  T719] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   43.476870][  T716] RIP: 0033:0x7f1a9bc55719
[   43.488245][  T716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   43.507687][  T716] RSP: 002b:00007f1a9a8ce038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   43.515926][  T716] RAX: ffffffffffffffda RBX: 00007f1a9be0cf80 RCX: 00007f1a9bc55719
[   43.523740][  T716] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000004
[   43.531548][  T716] RBP: 00007f1a9a8ce090 R08: 0000000000000000 R09: 0000000000000000
[   43.539358][  T716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   43.547258][  T716] R13: 0000000000000000 R14: 00007f1a9be0cf80 R15: 00007fff5c141b88
[   43.555074][  T716]  </TASK>
[   43.780045][   T30] audit: type=1400 audit(1730951030.420:288): avc:  denied  { setopt } for  pid=731 comm="syz.1.119" lport=132 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   43.836999][   T30] audit: type=1400 audit(1730951030.440:289): avc:  denied  { connect } for  pid=731 comm="syz.1.119" lport=132 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   43.937514][   T30] audit: type=1400 audit(1730951030.440:290): avc:  denied  { read } for  pid=731 comm="syz.1.119" name="loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   43.981042][   T30] audit: type=1400 audit(1730951030.440:291): avc:  denied  { open } for  pid=731 comm="syz.1.119" path="/dev/loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   44.013922][  T738] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.020992][  T738] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.057989][  T738] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.064896][  T738] bridge0: port 1(bridge_slave_0) entered forwarding state
[   44.096699][   T30] audit: type=1326 audit(1730951030.520:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=726 comm="syz.3.118" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1a9bc55719 code=0x0
[   44.120197][  T738] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.127051][  T738] bridge0: port 2(bridge_slave_1) entered forwarding state
[   44.134214][  T738] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.141073][  T738] bridge0: port 1(bridge_slave_0) entered forwarding state
[   44.166230][   T30] audit: type=1400 audit(1730951030.790:293): avc:  denied  { remove_name } for  pid=83 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   44.189349][  T738] device bridge0 entered promiscuous mode
[   44.195385][   T30] audit: type=1400 audit(1730951030.790:294): avc:  denied  { rename } for  pid=83 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   44.218595][   T30] audit: type=1400 audit(1730951030.790:295): avc:  denied  { create } for  pid=83 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   44.349270][  T746] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.356318][  T746] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.396968][  T751] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.403889][  T751] bridge0: port 1(bridge_slave_0) entered forwarding state
[   44.417390][  T746] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.424302][  T746] bridge0: port 2(bridge_slave_1) entered forwarding state
[   44.431404][  T746] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.438241][  T746] bridge0: port 1(bridge_slave_0) entered forwarding state
[   44.445867][  T746] device bridge0 entered promiscuous mode
[   44.458580][  T748] netlink: 24 bytes leftover after parsing attributes in process `syz.1.119'.
[   44.688281][  T758] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   44.807689][  T755] loop0: detected capacity change from 0 to 40427
[   44.860879][  T755] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   44.878461][  T755] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   44.929417][  T755] F2FS-fs (loop0): Found nat_bits in checkpoint
[   44.972508][  T770] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   45.005265][  T755] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   45.013125][  T755] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   45.023460][  T755] FAULT_INJECTION: forcing a failure.
[   45.023460][  T755] name failslab, interval 1, probability 0, space 0, times 0
[   45.035931][  T755] CPU: 1 PID: 755 Comm: syz.0.126 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[   45.045671][  T755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   45.055566][  T755] Call Trace:
[   45.058688][  T755]  <TASK>
[   45.061467][  T755]  dump_stack_lvl+0x151/0x1c0
[   45.065990][  T755]  ? io_uring_drop_tctx_refs+0x190/0x190
[   45.071457][  T755]  dump_stack+0x15/0x20
[   45.075450][  T755]  should_fail+0x3c6/0x510
[   45.079710][  T755]  __should_failslab+0xa4/0xe0
[   45.084293][  T755]  ? __alloc_file+0x29/0x2a0
[   45.088717][  T755]  should_failslab+0x9/0x20
[   45.093062][  T755]  slab_pre_alloc_hook+0x37/0xd0
[   45.097832][  T755]  ? __alloc_file+0x29/0x2a0
[   45.102265][  T755]  kmem_cache_alloc+0x44/0x200
[   45.106875][  T755]  __alloc_file+0x29/0x2a0
[   45.111113][  T755]  alloc_empty_file+0x95/0x180
[   45.115712][  T755]  path_openat+0xfe/0x2f40
[   45.119963][  T755]  ? stack_trace_snprint+0xf0/0xf0
[   45.125084][  T755]  ? kmem_cache_free+0x116/0x2e0
[   45.129855][  T755]  ? __kasan_slab_alloc+0xc3/0xe0
[   45.134710][  T755]  ? __kasan_slab_alloc+0xb1/0xe0
[   45.139569][  T755]  ? slab_post_alloc_hook+0x53/0x2c0
[   45.144689][  T755]  ? kmem_cache_alloc+0xf5/0x200
[   45.149464][  T755]  ? getname_flags+0xba/0x520
[   45.153978][  T755]  ? getname+0x19/0x20
[   45.157888][  T755]  ? do_sys_openat2+0xd7/0x820
[   45.162482][  T755]  ? __x64_sys_openat+0x243/0x290
[   45.167353][  T755]  ? x64_sys_call+0x6bf/0x9a0
[   45.171857][  T755]  ? do_syscall_64+0x3b/0xb0
[   45.176283][  T755]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   45.182191][  T755]  ? do_filp_open+0x460/0x460
[   45.186701][  T755]  do_filp_open+0x21c/0x460
[   45.191037][  T755]  ? vfs_tmpfile+0x2c0/0x2c0
[   45.195580][  T755]  do_sys_openat2+0x13f/0x820
[   45.200081][  T755]  ? wait_for_completion_killable_timeout+0x10/0x10
[   45.206505][  T755]  ? __mutex_lock_slowpath+0x10/0x10
[   45.211798][  T755]  ? do_sys_open+0x220/0x220
[   45.216314][  T755]  ? __kasan_check_write+0x14/0x20
[   45.221257][  T755]  ? ksys_write+0x260/0x2c0
[   45.225596][  T755]  __x64_sys_openat+0x243/0x290
[   45.230286][  T755]  ? __ia32_sys_open+0x270/0x270
[   45.235057][  T755]  ? debug_smp_processor_id+0x17/0x20
[   45.240264][  T755]  ? fpregs_assert_state_consistent+0xb6/0xe0
[   45.246164][  T755]  ? exit_to_user_mode_prepare+0x39/0xa0
[   45.251631][  T755]  x64_sys_call+0x6bf/0x9a0
[   45.255972][  T755]  do_syscall_64+0x3b/0xb0
[   45.260227][  T755]  ? clear_bhb_loop+0x35/0x90
[   45.264735][  T755]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   45.270473][  T755] RIP: 0033:0x7f96b3b7e719
[   45.274719][  T755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   45.294267][  T755] RSP: 002b:00007f96b27f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   45.302508][  T755] RAX: ffffffffffffffda RBX: 00007f96b3d35f80 RCX: 00007f96b3b7e719
[   45.310318][  T755] RDX: 000000000000275a RSI: 0000000020000080 RDI: ffffffffffffff9c
[   45.318134][  T755] RBP: 00007f96b27f7090 R08: 0000000000000000 R09: 0000000000000000
[   45.325943][  T755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   45.333838][  T755] R13: 0000000000000000 R14: 00007f96b3d35f80 R15: 00007ffc67fb0428
[   45.341652][  T755]  </TASK>
[   45.396008][  T778] netlink: 16 bytes leftover after parsing attributes in process `syz.2.130'.
[   45.445669][  T781] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.452643][  T781] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.467916][  T781] device bridge0 left promiscuous mode
[   45.515238][  T781] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.522156][  T781] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.529936][  T781] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.536800][  T781] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.543953][  T781] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.550834][  T781] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.557963][  T781] device bridge0 entered promiscuous mode
[   45.653894][  T791] netlink: 16 bytes leftover after parsing attributes in process `syz.3.133'.
[   45.768484][  T296] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   46.548533][  T197] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   46.588556][  T296] usb 5-1: device descriptor read/64, error -71
[   46.707982][  T809] loop3: detected capacity change from 0 to 256
[   46.768963][  T809] exfat: Deprecated parameter 'namecase'
[   46.774505][  T809] exfat: Deprecated parameter 'namecase'
[   46.788630][  T809] exfat: Deprecated parameter 'utf8'
[   46.793768][  T809] exfat: Deprecated parameter 'namecase'
[   46.803685][  T807] syz.1.141 (807) used greatest stack depth: 19808 bytes left
[   46.818025][  T809] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[   46.921977][  T809] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[   46.978455][  T296] usb 5-1: device descriptor read/64, error -71
[   47.099118][  T361] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   47.139135][  T823] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.146130][  T823] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.153090][  T823] device bridge0 left promiscuous mode
[   47.160809][  T823] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.167666][  T823] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.175169][  T823] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.182228][  T823] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.189337][  T823] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.196093][  T823] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.203371][  T823] device bridge0 entered promiscuous mode
[   47.258492][  T296] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   47.468543][  T361] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   47.479148][  T361] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[   47.487841][  T361] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   47.528457][  T296] usb 5-1: device descriptor read/64, error -71
[   47.536961][  T836] IPv6: NLM_F_REPLACE set, but no existing node found!
[   47.658566][  T361] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   47.667594][  T361] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   47.675486][  T361] usb 1-1: Product: syz
[   47.679548][  T361] usb 1-1: Manufacturer: syz
[   47.683997][  T361] usb 1-1: SerialNumber: syz
[   47.749299][  T361] cdc_ncm 1-1:1.0: CDC Union missing and no IAD found
[   47.755914][  T361] cdc_ncm 1-1:1.0: bind() failure
[   47.767984][  T840] netlink: 16 bytes leftover after parsing attributes in process `syz.3.152'.
[   47.789894][   T30] kauditd_printk_skb: 66 callbacks suppressed
[   47.789924][   T30] audit: type=1326 audit(1730951034.430:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=841 comm="syz.1.153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   47.868952][   T30] audit: type=1326 audit(1730951034.460:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=841 comm="syz.1.153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=141 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   47.906052][  T845] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1053 sclass=netlink_route_socket pid=845 comm=syz.1.154
[   47.919798][   T30] audit: type=1326 audit(1730951034.460:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=841 comm="syz.1.153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   47.943974][  T804] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=none,decodes=none:owns=io+mem
[   47.962465][  T845] loop1: detected capacity change from 0 to 512
[   47.968594][  T296] usb 5-1: device descriptor read/64, error -71
[   47.974907][  T361] usb 1-1: USB disconnect, device number 3
[   48.013163][   T30] audit: type=1326 audit(1730951034.480:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=841 comm="syz.1.153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   48.079535][  T845] EXT4-fs (loop1): 1 orphan inode deleted
[   48.085301][  T845] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,bsddf,lazytime,. Quota mode: writeback.
[   48.106644][  T296] usb usb5-port1: attempt power cycle
[   48.108839][  T845] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038 (0x7fffffff)
[   48.499893][   T30] audit: type=1326 audit(1730951035.140:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=860 comm="syz.3.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a9bc55719 code=0x7ffc0000
[   48.528634][  T296] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   48.581626][   T30] audit: type=1326 audit(1730951035.170:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=860 comm="syz.3.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a9bc55719 code=0x7ffc0000
[   48.661883][   T30] audit: type=1326 audit(1730951035.170:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=860 comm="syz.3.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1a9bc55719 code=0x7ffc0000
[   48.715299][   T30] audit: type=1326 audit(1730951035.170:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=860 comm="syz.3.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a9bc55719 code=0x7ffc0000
[   48.744889][  T858] loop1: detected capacity change from 0 to 40427
[   48.795406][   T30] audit: type=1326 audit(1730951035.170:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=860 comm="syz.3.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a9bc55719 code=0x7ffc0000
[   48.836032][   T30] audit: type=1326 audit(1730951035.170:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=860 comm="syz.3.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1a9bc55719 code=0x7ffc0000
[   48.896714][  T858] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[   48.938483][  T858] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   48.968222][  T858] F2FS-fs (loop1): Found nat_bits in checkpoint
[   49.000221][  T885] FAULT_INJECTION: forcing a failure.
[   49.000221][  T885] name failslab, interval 1, probability 0, space 0, times 0
[   49.058569][  T885] CPU: 0 PID: 885 Comm: syz.0.167 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[   49.068386][  T885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   49.078286][  T885] Call Trace:
[   49.081406][  T885]  <TASK>
[   49.084182][  T885]  dump_stack_lvl+0x151/0x1c0
[   49.088698][  T885]  ? io_uring_drop_tctx_refs+0x190/0x190
[   49.094166][  T885]  dump_stack+0x15/0x20
[   49.098154][  T885]  should_fail+0x3c6/0x510
[   49.102415][  T885]  __should_failslab+0xa4/0xe0
[   49.107010][  T885]  ? shmem_alloc_inode+0x1a/0x30
[   49.111782][  T885]  should_failslab+0x9/0x20
[   49.116120][  T885]  slab_pre_alloc_hook+0x37/0xd0
[   49.120894][  T885]  ? shmem_alloc_inode+0x1a/0x30
[   49.125670][  T885]  kmem_cache_alloc+0x44/0x200
[   49.130269][  T885]  ? shmem_match+0x180/0x180
[   49.134700][  T885]  shmem_alloc_inode+0x1a/0x30
[   49.139299][  T885]  new_inode_pseudo+0x64/0x220
[   49.143895][  T885]  new_inode+0x28/0x1c0
[   49.147891][  T885]  shmem_get_inode+0x328/0x9e0
[   49.152491][  T885]  ? _raw_spin_unlock+0x4d/0x70
[   49.157176][  T885]  __shmem_file_setup+0x111/0x2a0
[   49.162041][  T885]  shmem_file_setup+0x2f/0x40
[   49.166550][  T885]  __se_sys_memfd_create+0x1e1/0x3e0
[   49.171672][  T885]  __x64_sys_memfd_create+0x5b/0x70
[   49.176706][  T885]  x64_sys_call+0x871/0x9a0
[   49.181040][  T885]  do_syscall_64+0x3b/0xb0
[   49.185294][  T885]  ? clear_bhb_loop+0x35/0x90
[   49.189830][  T885]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   49.195540][  T885] RIP: 0033:0x7f96b3b7e719
[   49.199793][  T885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.217238][  T874] loop3: detected capacity change from 0 to 40427
[   49.219226][  T885] RSP: 002b:00007f96b27f6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   49.219251][  T885] RAX: ffffffffffffffda RBX: 000000000000044a RCX: 00007f96b3b7e719
[   49.241537][  T885] RDX: 00007f96b27f6ef0 RSI: 0000000000000000 RDI: 00007f96b3bf1c0a
[   49.249345][  T885] RBP: 0000000020000400 R08: 00007f96b27f6bb7 R09: 00007f96b27f6e40
[   49.257158][  T885] R10: 000000000000000a R11: 0000000000000202 R12: 00000000200001c0
[   49.264968][  T885] R13: 00007f96b27f6ef0 R14: 00007f96b27f6eb0 R15: 0000000020000b80
[   49.272781][  T885]  </TASK>
[   49.276426][  T296] usb 5-1: device not accepting address 6, error -71
[   49.312724][  T858] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   49.335003][  T858] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   50.548813][  T895] loop2: detected capacity change from 0 to 40427
[   50.629588][  T895] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   50.637286][  T895] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   50.646611][  T895] F2FS-fs (loop2): invalid crc value
[   50.653452][  T895] F2FS-fs (loop2): Found nat_bits in checkpoint
[   50.699330][  T895] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   50.706348][  T895] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   50.749527][  T922] FAULT_INJECTION: forcing a failure.
[   50.749527][  T922] name failslab, interval 1, probability 0, space 0, times 0
[   50.763051][  T922] CPU: 0 PID: 922 Comm: syz.4.177 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[   50.772861][  T922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   50.782760][  T922] Call Trace:
[   50.785882][  T922]  <TASK>
[   50.788659][  T922]  dump_stack_lvl+0x151/0x1c0
[   50.793176][  T922]  ? io_uring_drop_tctx_refs+0x190/0x190
[   50.798653][  T922]  dump_stack+0x15/0x20
[   50.802631][  T922]  should_fail+0x3c6/0x510
[   50.806887][  T922]  __should_failslab+0xa4/0xe0
[   50.811486][  T922]  should_failslab+0x9/0x20
[   50.815821][  T922]  slab_pre_alloc_hook+0x37/0xd0
[   50.820598][  T922]  ? audit_log_start+0x456/0xa80
[   50.825371][  T922]  __kmalloc_track_caller+0x6c/0x260
[   50.830492][  T922]  ? audit_log_start+0x456/0xa80
[   50.835267][  T922]  ? audit_log_start+0x456/0xa80
[   50.840034][  T922]  __alloc_skb+0x10c/0x550
[   50.844293][  T922]  audit_log_start+0x456/0xa80
[   50.848890][  T922]  ? audit_serial+0x30/0x30
[   50.853225][  T922]  ? __kasan_check_write+0x14/0x20
[   50.858174][  T922]  ? migrate_enable+0x1c1/0x2a0
[   50.862860][  T922]  audit_seccomp+0x61/0x1e0
[   50.867197][  T922]  ? migrate_disable+0xd9/0x190
[   50.871886][  T922]  __seccomp_filter+0xc08/0x1c60
[   50.876660][  T922]  ? file_end_write+0x1c0/0x1c0
[   50.881346][  T922]  ? __kasan_check_write+0x14/0x20
[   50.886293][  T922]  ? __secure_computing+0x300/0x300
[   50.891326][  T922]  ? __mutex_lock_slowpath+0x10/0x10
[   50.896450][  T922]  ? __kasan_check_write+0x14/0x20
[   50.901406][  T922]  ? fput_many+0x160/0x1b0
[   50.905653][  T922]  ? __ia32_sys_read+0x90/0x90
[   50.910251][  T922]  __secure_computing+0xf0/0x300
[   50.915025][  T922]  syscall_enter_from_user_mode+0xd5/0x1b0
[   50.919747][   T26] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   50.920662][  T922]  do_syscall_64+0x1e/0xb0
[   50.932206][  T922]  ? clear_bhb_loop+0x35/0x90
[   50.936720][  T922]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   50.942625][  T922] RIP: 0033:0x7fe2a6b7a719
[   50.946878][  T922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   50.966314][  T922] RSP: 002b:00007fe2a57f3038 EFLAGS: 00000246 ORIG_RAX: 000000000000007e
[   50.974558][  T922] RAX: ffffffffffffffda RBX: 00007fe2a6d31f80 RCX: 00007fe2a6b7a719
[   50.982368][  T922] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000020000080
[   50.990179][  T922] RBP: 00007fe2a57f3090 R08: 0000000000000000 R09: 0000000000000000
[   50.997993][  T922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   51.005802][  T922] R13: 0000000000000000 R14: 00007fe2a6d31f80 R15: 00007ffe4237b358
[   51.013619][  T922]  </TASK>
[   51.136277][  T197] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   51.150891][  T197] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[   51.428579][   T26] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   51.458926][   T26] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[   51.498046][   T26] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   52.081441][  T936] loop4: detected capacity change from 0 to 40427
[   52.118554][  T953] loop1: detected capacity change from 0 to 1024
[   52.146766][  T955] loop3: detected capacity change from 0 to 512
[   52.189742][  T955] EXT4-fs (loop3): Ignoring removed oldalloc option
[   52.196401][  T955] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   52.210961][  T953] EXT4-fs (loop1): Ignoring removed orlov option
[   52.227466][  T955] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   52.227517][  T953] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[   52.244622][   T26] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   52.249190][  T955] EXT4-fs (loop3): 1 orphan inode deleted
[   52.256855][   T26] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   52.272408][  T955] EXT4-fs (loop3): 1 truncate cleaned up
[   52.279153][  T955] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,oldalloc,debug_want_extra_isize=0x000000000000002e,inode_readahead_blks=0x0000000000010000,block_validity,quota,. Quota mode: writeback.
[   52.286988][  T953] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[   52.469019][   T26] usb 1-1: Product: syz
[   52.483119][   T26] usb 1-1: Manufacturer: syz
[   52.489297][   T26] usb 1-1: SerialNumber: syz
[   52.492478][  T955] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   52.548783][  T965] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.555711][  T965] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.562799][  T965] device bridge0 left promiscuous mode
[   52.570451][  T965] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.577342][  T965] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.588027][  T953] netlink: 'syz.1.188': attribute type 4 has an invalid length.
[   52.598291][  T965] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.605180][  T965] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.612311][  T965] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.619175][  T965] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.627131][  T955] EXT4-fs (loop3): Remounting filesystem read-only
[   52.649143][   T26] cdc_ncm 1-1:1.0: CDC Union missing and no IAD found
[   52.655749][   T26] cdc_ncm 1-1:1.0: bind() failure
[   52.680819][  T965] device bridge0 entered promiscuous mode
[   52.722836][  T972] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   52.761356][  T980] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   52.832099][   T30] kauditd_printk_skb: 160 callbacks suppressed
[   52.832115][   T30] audit: type=1326 audit(1730951039.470:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=985 comm="syz.1.199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   52.862918][  T902] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=none,decodes=none:owns=io+mem
[   52.940559][   T30] audit: type=1326 audit(1730951039.510:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=985 comm="syz.1.199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   52.964840][   T30] audit: type=1326 audit(1730951039.510:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=985 comm="syz.1.199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   52.990647][   T30] audit: type=1326 audit(1730951039.510:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=985 comm="syz.1.199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc25947e637 code=0x7ffc0000
[   53.068394][ T1000] netlink: 16 bytes leftover after parsing attributes in process `syz.2.200'.
[   53.309626][   T30] audit: type=1326 audit(1730951039.510:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=985 comm="syz.1.199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fc25947e5ac code=0x7ffc0000
[   53.323523][  T296] usb 1-1: USB disconnect, device number 4
[   53.370679][   T30] audit: type=1326 audit(1730951039.510:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=985 comm="syz.1.199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fc25947e4e4 code=0x7ffc0000
[   53.396706][   T30] audit: type=1326 audit(1730951039.510:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=985 comm="syz.1.199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fc25947e4e4 code=0x7ffc0000
[   53.419746][ T1006] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.420053][   T30] audit: type=1326 audit(1730951039.510:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=985 comm="syz.1.199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fc25947b3aa code=0x7ffc0000
[   53.426659][ T1006] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.430266][ T1006] device bridge0 left promiscuous mode
[   53.450465][   T30] audit: type=1326 audit(1730951039.510:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=985 comm="syz.1.199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   53.486903][   T30] audit: type=1326 audit(1730951039.510:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=985 comm="syz.1.199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   53.512787][ T1006] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.519669][ T1006] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.538154][ T1006] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.545069][ T1006] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.552164][ T1006] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.559028][ T1006] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.567253][ T1006] device bridge0 entered promiscuous mode
[   53.624137][  T994] loop1: detected capacity change from 0 to 40427
[   53.648496][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   53.811354][ T1030] IPv6: NLM_F_REPLACE set, but no existing node found!
[   54.482830][ T1047] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   54.531590][ T1051] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.538536][ T1051] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.545580][ T1051] device bridge0 left promiscuous mode
[   54.554904][ T1051] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.561799][ T1051] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.569690][ T1051] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.576562][ T1051] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.583709][ T1051] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.590571][ T1051] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.603919][ T1051] device bridge0 entered promiscuous mode
[   54.688445][  T320] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   54.699829][ T1060] FAULT_INJECTION: forcing a failure.
[   54.699829][ T1060] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   54.715238][ T1062] loop0: detected capacity change from 0 to 16
[   54.721675][ T1060] CPU: 1 PID: 1060 Comm: syz.4.222 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[   54.731566][ T1060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   54.741458][ T1060] Call Trace:
[   54.744581][ T1060]  <TASK>
[   54.747359][ T1060]  dump_stack_lvl+0x151/0x1c0
[   54.751872][ T1060]  ? io_uring_drop_tctx_refs+0x190/0x190
[   54.757337][ T1060]  ? kstrtouint_from_user+0x20a/0x2a0
[   54.762632][ T1060]  dump_stack+0x15/0x20
[   54.766626][ T1060]  should_fail+0x3c6/0x510
[   54.770880][ T1060]  should_fail_usercopy+0x1a/0x20
[   54.775735][ T1060]  _copy_to_user+0x20/0x90
[   54.779993][ T1060]  simple_read_from_buffer+0xc7/0x150
[   54.785198][ T1060]  proc_fail_nth_read+0x1a3/0x210
[   54.790060][ T1060]  ? proc_fault_inject_write+0x390/0x390
[   54.795524][ T1060]  ? fsnotify_perm+0x269/0x5b0
[   54.800126][ T1060]  ? security_file_permission+0x86/0xb0
[   54.805504][ T1060]  ? proc_fault_inject_write+0x390/0x390
[   54.810974][ T1060]  vfs_read+0x27d/0xd40
[   54.814966][ T1060]  ? kernel_read+0x1f0/0x1f0
[   54.819397][ T1060]  ? __kasan_check_write+0x14/0x20
[   54.824347][ T1060]  ? mutex_lock+0xb6/0x1e0
[   54.828746][ T1060]  ? wait_for_completion_killable_timeout+0x10/0x10
[   54.835167][ T1060]  ? __fdget_pos+0x2e7/0x3a0
[   54.839591][ T1060]  ? ksys_read+0x77/0x2c0
[   54.843757][ T1060]  ksys_read+0x199/0x2c0
[   54.847838][ T1060]  ? vfs_write+0x1110/0x1110
[   54.852263][ T1060]  ? debug_smp_processor_id+0x17/0x20
[   54.857468][ T1060]  ? fpregs_assert_state_consistent+0xb6/0xe0
[   54.863372][ T1060]  __x64_sys_read+0x7b/0x90
[   54.867713][ T1060]  x64_sys_call+0x28/0x9a0
[   54.871960][ T1060]  do_syscall_64+0x3b/0xb0
[   54.876213][ T1060]  ? clear_bhb_loop+0x35/0x90
[   54.880729][ T1060]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   54.886596][ T1060] RIP: 0033:0x7fe2a6b7915c
[   54.890796][ T1060] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[   54.910235][ T1060] RSP: 002b:00007fe2a57d2030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   54.918479][ T1060] RAX: ffffffffffffffda RBX: 00007fe2a6d32058 RCX: 00007fe2a6b7915c
[   54.926292][ T1060] RDX: 000000000000000f RSI: 00007fe2a57d20a0 RDI: 0000000000000006
[   54.934100][ T1060] RBP: 00007fe2a57d2090 R08: 0000000000000000 R09: 0000000000000000
[   54.941911][ T1060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.949723][ T1060] R13: 0000000000000000 R14: 00007fe2a6d32058 R15: 00007ffe4237b358
[   54.957539][ T1060]  </TASK>
[   54.989310][ T1062] erofs: (device loop0): mounted with root inode @ nid 36.
[   55.108464][  T313] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   55.298519][  T320] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   55.308597][  T320] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[   55.317398][  T320] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   55.468510][  T313] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[   55.478210][  T313] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[   55.518506][  T320] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   55.527626][  T320] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   55.535510][  T320] usb 3-1: Product: syz
[   55.539594][  T320] usb 3-1: Manufacturer: syz
[   55.549445][  T320] usb 3-1: SerialNumber: syz
[   55.589331][  T320] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found
[   55.596035][  T320] cdc_ncm 3-1:1.0: bind() failure
[   55.638519][  T313] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[   55.647398][  T313] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   55.656978][  T313] usb 4-1: Product: syz
[   55.661011][  T313] usb 4-1: Manufacturer: syz
[   55.665466][  T313] usb 4-1: SerialNumber: syz
[   55.670631][  T313] usb 4-1: config 0 descriptor??
[   55.790036][ T1043] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=none,decodes=none:owns=io+mem
[   55.800442][  T320] usb 3-1: USB disconnect, device number 3
[   55.854265][ T1076] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   55.892060][ T1080] loop1: detected capacity change from 0 to 1024
[   55.915703][ T1053] UDC core: couldn't find an available UDC or it's busy: -16
[   55.923089][ T1053] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   55.949935][ T1080] EXT4-fs (loop1): Ignoring removed orlov option
[   55.956120][ T1080] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[   55.970325][ T1080] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[   56.009133][ T1080] netlink: 'syz.1.231': attribute type 4 has an invalid length.
[   56.451540][  T313] usb 4-1: USB disconnect, device number 4
[   56.479683][ T1095] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.486647][ T1095] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.496400][  T377] udevd[377]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   56.517690][ T1095] device bridge0 left promiscuous mode
[   56.528650][ T1095] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.535533][ T1095] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.547677][ T1095] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.554563][ T1095] bridge0: port 2(bridge_slave_1) entered forwarding state
[   56.561688][ T1095] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.568634][ T1095] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.576324][ T1095] device bridge0 entered promiscuous mode
[   56.686417][ T1105] IPv6: NLM_F_REPLACE set, but no existing node found!
[   56.847028][ T1108] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   57.072350][ T1118] loop2: detected capacity change from 0 to 256
[   57.155801][ T1118] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011a39, chksum : 0xa7648d78, utbl_chksum : 0xe619d30d)
[   57.538544][   T26] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   57.568888][  T197] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   57.978586][   T26] usb 3-1: config 0 has an invalid interface number: 18 but max is 0
[   57.987624][   T26] usb 3-1: config 0 has no interface number 0
[   57.996183][   T26] usb 3-1: config 0 interface 18 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   58.010779][   T26] usb 3-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   58.030795][ T1141] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   58.085824][   T30] kauditd_printk_skb: 257 callbacks suppressed
[   58.085842][   T30] audit: type=1326 audit(1730951044.720:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1145 comm="syz.1.255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   58.131634][   T30] audit: type=1326 audit(1730951044.750:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1145 comm="syz.1.255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   58.154861][   T30] audit: type=1326 audit(1730951044.750:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1145 comm="syz.1.255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   58.180002][   T30] audit: type=1326 audit(1730951044.750:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1145 comm="syz.1.255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   58.203470][   T30] audit: type=1326 audit(1730951044.750:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1145 comm="syz.1.255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   58.203645][   T26] usb 3-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10
[   58.228029][   T30] audit: type=1326 audit(1730951044.750:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1145 comm="syz.1.255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   58.258807][   T26] usb 3-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[   58.268472][   T26] usb 3-1: Manufacturer: syz
[   58.269424][   T30] audit: type=1326 audit(1730951044.750:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1145 comm="syz.1.255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   58.277702][   T26] usb 3-1: config 0 descriptor??
[   58.300549][   T30] audit: type=1326 audit(1730951044.750:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1145 comm="syz.1.255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   58.324050][   T30] audit: type=1326 audit(1730951044.750:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1145 comm="syz.1.255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   58.347262][   T30] audit: type=1326 audit(1730951044.750:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1145 comm="syz.1.255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   58.415816][ T1152] netlink: 16 bytes leftover after parsing attributes in process `syz.1.256'.
[   58.708454][  T313] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[   59.170394][ T1163] loop0: detected capacity change from 0 to 2048
[   59.182865][ T1165] loop1: detected capacity change from 0 to 256
[   59.231604][ T1165] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[   59.238492][   T26] usbhid 3-1:0.18: can't add hid device: -71
[   59.243785][ T1165] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186)
[   59.249744][   T26] usbhid: probe of 3-1:0.18 failed with error -71
[   59.257964][  T313] usb 4-1: Using ep0 maxpacket: 16
[   59.291325][   T26] usb 3-1: USB disconnect, device number 4
[   59.292658][ T1163] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   59.388575][  T313] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   59.406567][  T313] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   59.417939][ T1163] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   59.432644][  T313] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   59.433874][ T1163] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1554 with error 28
[   59.445541][  T313] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   59.459126][ T1163] EXT4-fs (loop0): This should not happen!! Data will be lost
[   59.459126][ T1163] 
[   59.466516][  T313] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   59.476682][ T1163] EXT4-fs (loop0): Total free blocks count 0
[   59.493308][  T313] usb 4-1: config 0 descriptor??
[   59.498217][ T1163] EXT4-fs (loop0): Free/Dirty block details
[   59.504085][ T1163] EXT4-fs (loop0): free_blocks=2415919104
[   59.509806][ T1163] EXT4-fs (loop0): dirty_blocks=1568
[   59.514983][ T1163] EXT4-fs (loop0): Block reservation details
[   59.520798][ T1163] EXT4-fs (loop0): i_reserved_data_blocks=98
[   59.616866][ T1175] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   59.823482][   T10] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[   59.836549][   T10] EXT4-fs (loop0): This should not happen!! Data will be lost
[   59.836549][   T10] 
[   59.949509][ T1195] loop2: detected capacity change from 0 to 256
[   59.964793][ T1196] netlink: 16 bytes leftover after parsing attributes in process `syz.4.270'.
[   60.042854][  T313] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[   60.057538][  T313] microsoft 0003:045E:07DA.0002: unbalanced collection at end of report description
[   60.070321][  T313] microsoft 0003:045E:07DA.0002: parse failed
[   60.076235][  T313] microsoft: probe of 0003:045E:07DA.0002 failed with error -22
[   60.238475][  T313] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[   60.251564][ T1200] netlink: 16 bytes leftover after parsing attributes in process `syz.0.271'.
[   60.258746][   T20] usb 4-1: USB disconnect, device number 5
[   60.304231][ T1195] futex_wake_op: syz.2.272 tries to shift op by 144; fix this program
[   60.488476][  T313] usb 5-1: Using ep0 maxpacket: 32
[   60.848789][  T313] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   60.859697][  T313] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   60.869428][  T313] usb 5-1: New USB device found, idVendor=06a3, idProduct=0ccb, bcdDevice= 0.00
[   60.878493][  T313] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   60.889305][  T313] usb 5-1: config 0 descriptor??
[   60.943110][ T1210] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   61.343289][ T1221] IPv6: NLM_F_REPLACE set, but no existing node found!
[   61.343693][ T1219] loop3: detected capacity change from 0 to 2048
[   61.381146][ T1219] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   61.392055][ T1226] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.399043][ T1226] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.417549][ T1226] device bridge0 left promiscuous mode
[   61.441899][ T1226] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.448795][ T1226] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.457157][ T1230] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.464093][ T1230] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.466698][ T1231] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   61.472195][ T1230] device bridge0 left promiscuous mode
[   61.485788][ T1231] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2032 with error 28
[   61.492635][ T1226] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.509768][ T1226] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.516867][ T1226] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.523668][ T1226] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.531164][ T1231] EXT4-fs (loop3): This should not happen!! Data will be lost
[   61.531164][ T1231] 
[   61.542955][ T1226] device bridge0 entered promiscuous mode
[   61.544890][ T1231] EXT4-fs (loop3): Total free blocks count 0
[   61.554525][ T1230] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.555999][ T1231] EXT4-fs (loop3): Free/Dirty block details
[   61.561390][ T1230] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.562351][ T1230] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.567222][ T1231] EXT4-fs (loop3): free_blocks=2415919104
[   61.574158][ T1230] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.574257][ T1230] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.582794][ T1231] EXT4-fs (loop3): dirty_blocks=2032
[   61.586535][ T1230] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.593790][ T1231] EXT4-fs (loop3): Block reservation details
[   61.601499][ T1230] device bridge0 entered promiscuous mode
[   61.605592][ T1231] EXT4-fs (loop3): i_reserved_data_blocks=127
[   61.734754][ T1235] loop1: detected capacity change from 0 to 256
[   61.777910][    T8] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[   61.805551][    T8] EXT4-fs (loop3): This should not happen!! Data will be lost
[   61.805551][    T8] 
[   61.877846][ T1235] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011a39, chksum : 0xa7648d78, utbl_chksum : 0xe619d30d)
[   62.572445][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   62.749665][ T1029] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   63.134253][ T1272] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.141166][ T1272] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.298499][  T313] usbhid 5-1:0.0: can't add hid device: -71
[   63.304345][  T313] usbhid: probe of 5-1:0.0 failed with error -71
[   63.317892][  T313] usb 5-1: USB disconnect, device number 8
[   63.367072][   T30] kauditd_printk_skb: 194 callbacks suppressed
[   63.367087][   T30] audit: type=1326 audit(1730951050.000:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1262 comm="syz.2.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897f33c719 code=0x7ffc0000
[   63.398682][   T30] audit: type=1326 audit(1730951050.000:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1262 comm="syz.2.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897f33c719 code=0x7ffc0000
[   63.537248][   T30] audit: type=1326 audit(1730951050.010:1003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1262 comm="syz.2.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f897f33c719 code=0x7ffc0000
[   63.681517][   T30] audit: type=1326 audit(1730951050.010:1004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1262 comm="syz.2.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897f33c719 code=0x7ffc0000
[   63.704889][   T30] audit: type=1326 audit(1730951050.010:1005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1262 comm="syz.2.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897f33c719 code=0x7ffc0000
[   63.718523][ T1029] usb 2-1: config 0 has an invalid interface number: 18 but max is 0
[   63.746487][ T1029] usb 2-1: config 0 has no interface number 0
[   63.752765][ T1029] usb 2-1: config 0 interface 18 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   63.778477][ T1029] usb 2-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   63.839444][   T30] audit: type=1326 audit(1730951050.010:1006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1262 comm="syz.2.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f897f33c719 code=0x7ffc0000
[   63.878595][ T1029] usb 2-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10
[   64.175547][   T30] audit: type=1326 audit(1730951050.040:1007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1262 comm="syz.2.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897f33c719 code=0x7ffc0000
[   64.204129][ T1029] usb 2-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[   64.212511][ T1029] usb 2-1: Manufacturer: syz
[   64.217682][ T1029] usb 2-1: config 0 descriptor??
[   64.263259][   T30] audit: type=1326 audit(1730951050.040:1008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1262 comm="syz.2.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897f33c719 code=0x7ffc0000
[   64.294125][   T30] audit: type=1326 audit(1730951050.040:1009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1262 comm="syz.2.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f897f33c719 code=0x7ffc0000
[   64.328714][   T30] audit: type=1326 audit(1730951050.040:1010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1262 comm="syz.2.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897f33c719 code=0x7ffc0000
[   64.487018][ T1306] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.493985][ T1306] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.501878][ T1306] device bridge0 left promiscuous mode
[   64.510296][ T1306] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.517191][ T1306] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.524841][ T1306] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.531752][ T1306] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.538889][ T1306] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.545814][ T1306] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.557837][ T1306] device bridge0 entered promiscuous mode
[   64.607519][ T1310] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.614410][ T1310] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.621559][ T1310] device bridge0 left promiscuous mode
[   64.629821][ T1310] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.636678][ T1310] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.659154][ T1310] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.666027][ T1310] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.673154][ T1310] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.679920][ T1310] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.699022][ T1315] netlink: 16 bytes leftover after parsing attributes in process `syz.3.310'.
[   64.709884][ T1310] device bridge0 entered promiscuous mode
[   64.721381][ T1314] loop2: detected capacity change from 0 to 1024
[   64.836054][ T1314] EXT4-fs (loop2): Ignoring removed orlov option
[   64.846770][ T1314] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[   64.889000][ T1314] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[   64.928510][ T1029] usbhid 2-1:0.18: can't add hid device: -71
[   64.934370][ T1029] usbhid: probe of 2-1:0.18 failed with error -71
[   64.949589][ T1029] usb 2-1: USB disconnect, device number 3
[   64.954870][ T1314] netlink: 'syz.2.312': attribute type 4 has an invalid length.
[   65.145459][ T1332] loop4: detected capacity change from 0 to 256
[   65.156661][ T1334] 9pnet: Insufficient options for proto=fd
[   65.178823][ T1332] exfat: Deprecated parameter 'namecase'
[   65.184659][ T1332] exfat: Deprecated parameter 'namecase'
[   65.190250][ T1332] exfat: Deprecated parameter 'utf8'
[   65.195480][ T1332] exfat: Deprecated parameter 'namecase'
[   65.254151][ T1332] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[   65.394949][ T1332] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[   66.687734][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   66.712835][ T1351] loop4: detected capacity change from 0 to 1024
[   66.765428][ T1351] EXT4-fs (loop4): Ignoring removed orlov option
[   66.788085][ T1351] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[   66.808078][ T1363] bridge0: port 2(bridge_slave_1) entered disabled state
[   66.815064][ T1363] bridge0: port 1(bridge_slave_0) entered disabled state
[   66.822989][ T1363] device bridge0 left promiscuous mode
[   66.832266][ T1363] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.839160][ T1363] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.847395][ T1351] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[   66.873217][ T1363] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.880119][ T1363] bridge0: port 2(bridge_slave_1) entered forwarding state
[   66.887209][ T1363] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.894015][ T1363] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.906611][ T1363] device bridge0 entered promiscuous mode
[   66.935007][ T1351] netlink: 'syz.4.324': attribute type 4 has an invalid length.
[   67.060225][ T1381] 9pnet: Insufficient options for proto=fd
[   67.060228][ T1378] netlink: 16 bytes leftover after parsing attributes in process `syz.1.332'.
[   68.117985][ T1399] loop3: detected capacity change from 0 to 2048
[   68.158510][   T26] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   68.240759][ T1399] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   68.342003][ T1399] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   68.357969][ T1399] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   68.370369][ T1399] EXT4-fs (loop3): This should not happen!! Data will be lost
[   68.370369][ T1399] 
[   68.380072][ T1399] EXT4-fs (loop3): Total free blocks count 0
[   68.386015][ T1399] EXT4-fs (loop3): Free/Dirty block details
[   68.391953][ T1399] EXT4-fs (loop3): free_blocks=2415919104
[   68.397578][ T1399] EXT4-fs (loop3): dirty_blocks=2320
[   68.402769][ T1399] EXT4-fs (loop3): Block reservation details
[   68.408732][ T1399] EXT4-fs (loop3): i_reserved_data_blocks=145
[   68.574014][ T1029] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   68.633088][   T30] kauditd_printk_skb: 222 callbacks suppressed
[   68.633132][   T30] audit: type=1326 audit(1730951055.270:1233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1412 comm="syz.2.343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897f33c719 code=0x7ffc0000
[   68.712101][   T30] audit: type=1326 audit(1730951055.300:1234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1412 comm="syz.2.343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f897f33c719 code=0x7ffc0000
[   68.736061][   T30] audit: type=1326 audit(1730951055.300:1235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1412 comm="syz.2.343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897f33c719 code=0x7ffc0000
[   68.736277][   T45] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[   68.773306][   T30] audit: type=1326 audit(1730951055.300:1236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1412 comm="syz.2.343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f897f33c719 code=0x7ffc0000
[   68.784138][   T45] EXT4-fs (loop3): This should not happen!! Data will be lost
[   68.784138][   T45] 
[   68.807030][   T26] usb 1-1: config 0 interface 0 altsetting 249 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   68.809119][   T30] audit: type=1326 audit(1730951055.300:1237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1412 comm="syz.2.343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897f33c719 code=0x7ffc0000
[   68.842183][   T26] usb 1-1: config 0 interface 0 altsetting 249 endpoint 0x81 has invalid wMaxPacketSize 0
[   68.852763][   T26] usb 1-1: config 0 interface 0 has no altsetting 0
[   68.867926][   T26] usb 1-1: New USB device found, idVendor=056a, idProduct=00d7, bcdDevice= 0.00
[   68.877128][   T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   68.902256][   T26] usb 1-1: config 0 descriptor??
[   68.908380][   T30] audit: type=1400 audit(1730951055.540:1238): avc:  denied  { create } for  pid=1421 comm="syz.2.348" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   68.910895][ T1422] netlink: 8 bytes leftover after parsing attributes in process `syz.2.348'.
[   68.937906][ T1422] netlink: 12 bytes leftover after parsing attributes in process `syz.2.348'.
[   69.121248][ T1029] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   69.131544][ T1029] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[   69.142202][ T1029] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   69.214364][   T30] audit: type=1400 audit(1730951055.850:1239): avc:  denied  { name_bind } for  pid=1452 comm="syz.3.362" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[   69.255356][   T30] audit: type=1400 audit(1730951055.890:1240): avc:  denied  { bind } for  pid=1458 comm="syz.2.363" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   69.289889][ T1466] xt_l2tp: missing protocol rule (udp|l2tpip)
[   69.305486][   T30] audit: type=1400 audit(1730951055.930:1241): avc:  denied  { bind } for  pid=1464 comm="syz.4.369" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   69.325624][ T1029] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   69.338179][ T1029] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   69.351887][ T1029] usb 2-1: Product: syz
[   69.355885][ T1029] usb 2-1: Manufacturer: syz
[   69.367384][   T30] audit: type=1400 audit(1730951055.930:1242): avc:  denied  { node_bind } for  pid=1464 comm="syz.4.369" saddr=172.20.20.170 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[   69.393380][ T1029] usb 2-1: SerialNumber: syz
[   69.409896][ T1480] netlink: 60 bytes leftover after parsing attributes in process `syz.2.376'.
[   69.438993][ T1029] cdc_ncm 2-1:1.0: CDC Union missing and no IAD found
[   69.448596][ T1029] cdc_ncm 2-1:1.0: bind() failure
[   69.477940][ T1490] device ip6gre1 entered promiscuous mode
[   69.641463][ T1401] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=none,decodes=none:owns=io+mem
[   69.658714][ T1029] usb 2-1: USB disconnect, device number 4
[   69.904852][ T1568] netlink: 104 bytes leftover after parsing attributes in process `syz.2.409'.
[   69.964464][ T1580] netlink: 40 bytes leftover after parsing attributes in process `syz.2.415'.
[   70.005522][ T1586] netlink: 4 bytes leftover after parsing attributes in process `syz.4.418'.
[   70.263518][ T1636] netlink: 4 bytes leftover after parsing attributes in process `syz.2.443'.
[   70.494617][ T1675] netlink: 12 bytes leftover after parsing attributes in process `syz.1.461'.
[   70.505081][ T1676] netlink: 8 bytes leftover after parsing attributes in process `syz.3.462'.
[   70.610660][ T1692] device dummy0 entered promiscuous mode
[   70.616245][ T1692] device vlan2 entered promiscuous mode
[   71.988405][    C1] sched: RT throttling activated
[   72.148344][ T1692] device dummy0 left promiscuous mode
[   72.165755][ T1697] netlink: 28 bytes leftover after parsing attributes in process `syz.4.472'.
[   72.213944][ T1706] netlink: 16 bytes leftover after parsing attributes in process `syz.1.475'.
[   72.382894][ T1721] device ipip0 entered promiscuous mode
[   72.471125][   T26] usbhid 1-1:0.0: can't add hid device: -71
[   72.477307][   T26] usbhid: probe of 1-1:0.0 failed with error -71
[   72.494275][   T26] usb 1-1: USB disconnect, device number 5
[   72.585682][ T1741] loop1: detected capacity change from 0 to 1024
[   72.708105][ T1752] netlink: 16 bytes leftover after parsing attributes in process `syz.3.490'.
[   72.735785][ T1741] EXT4-fs (loop1): Ignoring removed orlov option
[   72.747175][ T1741] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[   72.763377][ T1741] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[   72.839760][ T1757] netlink: 16 bytes leftover after parsing attributes in process `syz.0.495'.
[   73.030223][ T1741] netlink: 'syz.1.489': attribute type 4 has an invalid length.
[   73.223016][ T1764] loop2: detected capacity change from 0 to 256
[   73.605698][ T1764] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011a39, chksum : 0xa7648d78, utbl_chksum : 0xe619d30d)
[   73.802229][   T30] kauditd_printk_skb: 20 callbacks suppressed
[   73.802246][   T30] audit: type=1400 audit(1730951060.440:1263): avc:  denied  { read write } for  pid=1783 comm="syz.3.506" name="ppp" dev="devtmpfs" ino=149 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   73.839542][   T30] audit: type=1400 audit(1730951060.470:1264): avc:  denied  { open } for  pid=1783 comm="syz.3.506" path="/dev/ppp" dev="devtmpfs" ino=149 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   73.864956][   T30] audit: type=1400 audit(1730951060.470:1265): avc:  denied  { ioctl } for  pid=1783 comm="syz.3.506" path="/dev/ppp" dev="devtmpfs" ino=149 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   73.979575][   T30] audit: type=1400 audit(1730951060.610:1266): avc:  denied  { block_suspend } for  pid=1799 comm="syz.4.510" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   73.998501][ T1029] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   74.588517][ T1029] usb 3-1: config 0 has an invalid interface number: 18 but max is 0
[   74.596488][ T1029] usb 3-1: config 0 has no interface number 0
[   74.602564][ T1029] usb 3-1: config 0 interface 18 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   74.613410][ T1029] usb 3-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   74.698687][ T1029] usb 3-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10
[   74.708496][ T1029] usb 3-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[   74.716599][ T1029] usb 3-1: Manufacturer: syz
[   74.722412][ T1029] usb 3-1: config 0 descriptor??
[   74.743921][ T1816] 9pnet: Insufficient options for proto=fd
[   74.854149][ T1829] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.861193][ T1829] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.871628][ T1829] device bridge0 left promiscuous mode
[   74.881690][ T1829] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.888587][ T1829] bridge0: port 1(bridge_slave_0) entered forwarding state
[   74.896271][ T1829] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.903163][ T1829] bridge0: port 2(bridge_slave_1) entered forwarding state
[   74.910284][ T1829] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.917215][ T1829] bridge0: port 1(bridge_slave_0) entered forwarding state
[   74.928578][ T1829] device bridge0 entered promiscuous mode
[   75.025000][ T1834] loop4: detected capacity change from 0 to 256
[   75.651190][ T1834] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[   75.669745][ T1834] exFAT-fs (loop4): bogus allocation bitmap size(need : 2, cur : 17179869186)
[   75.689555][   T30] audit: type=1326 audit(1730951062.330:1267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1842 comm="syz.1.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   75.712984][   T30] audit: type=1326 audit(1730951062.330:1268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1842 comm="syz.1.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   75.718488][ T1029] usbhid 3-1:0.18: can't add hid device: -71
[   75.740350][   T30] audit: type=1326 audit(1730951062.330:1269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1842 comm="syz.1.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   75.742497][ T1029] usbhid: probe of 3-1:0.18 failed with error -71
[   75.773690][ T1029] usb 3-1: USB disconnect, device number 5
[   75.781790][   T30] audit: type=1326 audit(1730951062.330:1270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1842 comm="syz.1.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   75.805000][   T30] audit: type=1326 audit(1730951062.330:1271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1842 comm="syz.1.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   75.829805][   T30] audit: type=1326 audit(1730951062.330:1272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1842 comm="syz.1.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc25947c719 code=0x7ffc0000
[   75.888853][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   76.114502][ T1865] __nla_validate_parse: 2 callbacks suppressed
[   76.114536][ T1865] netlink: 16 bytes leftover after parsing attributes in process `syz.3.531'.
[  176.578382][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  176.585344][    C1] 	(detected by 1, t=10002 jiffies, g=7973, q=984)
[  176.591667][    C1] rcu: All QSes seen, last rcu_preempt kthread activity 10003 (4294954878-4294944875), jiffies_till_next_fqs=1, root ->qsmask 0x0
[  176.604868][    C1] rcu: rcu_preempt kthread starved for 10004 jiffies! g7973 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  176.615783][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  176.625595][    C1] rcu: RCU grace-period kthread stack dump:
[  176.631338][    C1] task:rcu_preempt     state:R  running task     stack:27912 pid:   14 ppid:     2 flags:0x00004000
[  176.641922][    C1] Call Trace:
[  176.645038][    C1]  <TASK>
[  176.647820][    C1]  __schedule+0xccc/0x1590
[  176.652072][    C1]  ? release_firmware_map_entry+0x190/0x190
[  176.657792][    C1]  ? finish_task_switch+0x167/0x7b0
[  176.662829][    C1]  ? __kasan_check_write+0x14/0x20
[  176.667776][    C1]  schedule+0x11f/0x1e0
[  176.671771][    C1]  schedule_timeout+0x18c/0x370
[  176.676453][    C1]  ? release_firmware_map_entry+0x190/0x190
[  176.682184][    C1]  ? console_conditional_schedule+0x30/0x30
[  176.687907][    C1]  ? tracing_record_taskinfo_sched_switch+0x84/0x390
[  176.694420][    C1]  ? update_process_times+0x200/0x200
[  176.699629][    C1]  ? prepare_to_swait_event+0x308/0x320
[  176.705008][    C1]  rcu_gp_fqs_loop+0x2af/0xf80
[  176.709607][    C1]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[  176.715163][    C1]  ? preempt_schedule_thunk+0x16/0x18
[  176.720369][    C1]  ? rcu_gp_init+0xc30/0xc30
[  176.724799][    C1]  ? _raw_spin_unlock_irq+0x61/0x70
[  176.729833][    C1]  ? rcu_gp_init+0x9cf/0xc30
[  176.734260][    C1]  rcu_gp_kthread+0xa4/0x350
[  176.738686][    C1]  ? _raw_spin_lock+0x1b0/0x1b0
[  176.743380][    C1]  ? wake_nocb_gp+0x1e0/0x1e0
[  176.747885][    C1]  ? __kasan_check_read+0x11/0x20
[  176.752853][    C1]  ? __kthread_parkme+0xb2/0x200
[  176.757604][    C1]  kthread+0x421/0x510
[  176.761507][    C1]  ? wake_nocb_gp+0x1e0/0x1e0
[  176.766022][    C1]  ? kthread_blkcg+0xd0/0xd0
[  176.770447][    C1]  ret_from_fork+0x1f/0x30
[  176.774706][    C1]  </TASK>
[  176.777579][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  176.783743][    C1] Sending NMI from CPU 1 to CPUs 0:
[  176.788778][    C0] NMI backtrace for cpu 0
[  176.788795][    C0] CPU: 0 PID: 1867 Comm: syz.0.535 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  176.788815][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  176.788829][    C0] RIP: 0010:__send_signal+0x925/0xcb0
[  176.788853][    C0] Code: e9 65 ff ff ff e8 5b 26 2b 00 be 01 00 00 00 48 c7 c7 c0 46 af 86 48 8b 55 b8 e8 06 56 40 01 eb 82 e8 3f 26 2b 00 4c 8b 6d c8 <eb> 14 e8 34 26 2b 00 eb 0d e8 2d 26 2b 00 4c 8b 6d c8 4c 8b 7d c0
[  176.788868][    C0] RSP: 0018:ffffc90000007cb8 EFLAGS: 00000006
[  176.788884][    C0] RAX: ffffffff81453141 RBX: 0000000000000000 RCX: ffff8881178362c0
[  176.788896][    C0] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000001
[  176.788907][    C0] RBP: ffffc90000007d18 R08: ffffffff81452fab R09: ffff888169590410
[  176.788920][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000100000000
[  176.788932][    C0] R13: ffff8881178362c0 R14: 0000000000000020 R15: 0000000000000021
[  176.788943][    C0] FS:  00007f96b27b56c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  176.788959][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  176.788971][    C0] CR2: 00007f96b2594000 CR3: 000000010da47000 CR4: 00000000003506b0
[  176.788986][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  176.788996][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  176.789007][    C0] Call Trace:
[  176.789011][    C0]  <NMI>
[  176.789017][    C0]  ? show_regs+0x58/0x60
[  176.789035][    C0]  ? nmi_cpu_backtrace+0x29f/0x300
[  176.789056][    C0]  ? nmi_trigger_cpumask_backtrace+0x270/0x270
[  176.789078][    C0]  ? __send_signal+0x925/0xcb0
[  176.789094][    C0]  ? __send_signal+0x925/0xcb0
[  176.789110][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  176.789128][    C0]  ? nmi_handle+0xa8/0x280
[  176.789145][    C0]  ? __send_signal+0x925/0xcb0
[  176.789161][    C0]  ? default_do_nmi+0x69/0x160
[  176.789178][    C0]  ? exc_nmi+0xad/0x100
[  176.789192][    C0]  ? end_repeat_nmi+0x16/0x31
[  176.789216][    C0]  ? __send_signal+0x78b/0xcb0
[  176.789232][    C0]  ? __send_signal+0x921/0xcb0
[  176.789249][    C0]  ? __send_signal+0x925/0xcb0
[  176.789265][    C0]  ? __send_signal+0x925/0xcb0
[  176.789281][    C0]  ? __send_signal+0x925/0xcb0
[  176.789297][    C0]  </NMI>
[  176.789302][    C0]  <IRQ>
[  176.789309][    C0]  send_signal+0x43a/0x590
[  176.789326][    C0]  do_send_sig_info+0xde/0x230
[  176.789343][    C0]  group_send_sig_info+0x113/0x460
[  176.789361][    C0]  ? __lock_task_sighand+0x100/0x100
[  176.789380][    C0]  do_bpf_send_signal+0x8c/0x150
[  176.789405][    C0]  irq_work_run_list+0x1c2/0x290
[  176.789424][    C0]  ? irq_work_run+0xf0/0xf0
[  176.789443][    C0]  irq_work_run+0x69/0xf0
[  176.789460][    C0]  __sysvec_irq_work+0x63/0x1b0
[  176.789478][    C0]  sysvec_irq_work+0x92/0xb0
[  176.789493][    C0]  </IRQ>
[  176.789498][    C0]  <TASK>
[  176.789503][    C0]  asm_sysvec_irq_work+0x1b/0x20
[  176.789518][    C0] RIP: 0010:_raw_spin_unlock_irq+0x49/0x70
[  176.789539][    C0] Code: 08 00 74 0c 48 c7 c7 d8 59 ad 86 e8 91 b7 cb fc 48 83 3d 01 68 c6 01 00 74 2a 48 89 df e8 b3 22 6e fc 66 90 fb bf 01 00 00 00 <e8> d2 6b 65 fc 65 8b 05 93 7b 1b 7b 85 c0 74 03 5b 5d c3 e8 c3 95
[  176.789553][    C0] RSP: 0018:ffffc90000c57bb8 EFLAGS: 00000246
[  176.789567][    C0] RAX: 0000000000000001 RBX: ffff8881153c6900 RCX: dffffc0000000000
[  176.789579][    C0] RDX: ffffc9000176f000 RSI: 000000000003ffff RDI: 0000000000000001
[  176.789590][    C0] RBP: ffffc90000c57bc0 R08: ffffffff81459e7a R09: fffff5200018afc0
[  176.789603][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8881153c6900
[  176.789615][    C0] R13: ffff8881153c6d20 R14: 0000000000000021 R15: dffffc0000000000
[  176.789629][    C0]  ? get_signal+0x151a/0x1630
[  176.789648][    C0]  ? _raw_spin_unlock_irq+0x41/0x70
[  176.789667][    C0]  get_signal+0x1562/0x1630
[  176.789687][    C0]  arch_do_signal_or_restart+0xbd/0x1680
[  176.789704][    C0]  ? __do_compat_sys_x32_rt_sigreturn+0x1e0/0x1e0
[  176.789722][    C0]  ? _raw_spin_lock_irq+0xa5/0x1b0
[  176.789742][    C0]  ? __kasan_check_write+0x14/0x20
[  176.789760][    C0]  ? _copy_from_user+0x96/0xd0
[  176.789777][    C0]  ? restore_altstack+0x274/0x400
[  176.789796][    C0]  ? get_sigframe_size+0x10/0x10
[  176.789811][    C0]  ? __ia32_sys_sigaltstack+0x70/0x70
[  176.789833][    C0]  ? __do_sys_rt_sigreturn+0x160/0x1e0
[  176.789851][    C0]  exit_to_user_mode_loop+0xa0/0xe0
[  176.789869][    C0]  exit_to_user_mode_prepare+0x5a/0xa0
[  176.789886][    C0]  syscall_exit_to_user_mode+0x26/0x160
[  176.789904][    C0]  do_syscall_64+0x47/0xb0
[  176.789918][    C0]  ? clear_bhb_loop+0x35/0x90
[  176.789933][    C0]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  176.789949][    C0] RIP: 0033:0x7f96b3a403c0
[  176.789973][    C0] Code: 10 83 e0 01 83 e2 01 88 15 2a 53 e2 00 88 05 27 53 e2 00 c3 50 48 8d 35 e6 0f 1b 00 48 8d 3d ec 0f 1b 00 31 c0 e8 a0 f9 ff ff <53> 89 fb 48 83 ec 10 64 8b 04 25 94 ff ff ff 85 c0 74 2a 89 fe 31
[  176.789987][    C0] RSP: 002b:00007f96b27b48b8 EFLAGS: 00000283
[  176.790000][    C0] RAX: 0000000000000000 RBX: 00007f96b27b4ef0 RCX: 0000000000000000
[  176.790011][    C0] RDX: 00007f96b27b48c0 RSI: 00007f96b27b49f0 RDI: 000000000000000b
[  176.790028][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  176.790039][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000020000580
[  176.790050][    C0] R13: 00007f96b27b4eb0 R14: 0000000000000000 R15: 0000000000000000
[  176.790064][    C0]  </TASK>
[  285.409290][    C0] BUG: workqueue lockup - pool cpus=0-1 flags=0x4 nice=0 stuck for 208s!
[  285.417619][    C0] Showing busy workqueues and worker pools:
[  285.423532][    C0] workqueue events: flags=0x0
[  285.428005][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=2/256 refcnt=3
[  285.428055][    C0]     pending: kfree_rcu_monitor, xfrm_state_gc_task
[  285.428118][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=6/256 refcnt=7
[  285.428158][    C0]     pending: bpf_map_free_deferred, vmstat_shepherd, destroy_list_workfn, psi_avgs_work, kfree_rcu_monitor, rht_deferred_worker
[  285.428261][    C0] workqueue events_unbound: flags=0x2
[  285.468067][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=2/512 refcnt=4
[  285.468112][    C0]     pending: flush_memcg_stats_dwork, toggle_allocation_gate
[  285.468166][    C0] workqueue events_power_efficient: flags=0x80
[  285.488480][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=4/256 refcnt=5
[  285.488528][    C0]     pending: wg_ratelimiter_gc_entries, neigh_periodic_work, neigh_periodic_work, gc_worker
[  285.488596][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  285.488639][    C0]     pending: check_lifetime
[  285.488669][    C0] workqueue mm_percpu_wq: flags=0x8
[  285.523202][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  285.523253][    C0]     pending: vmstat_update
[  285.523284][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  285.523323][    C0]     pending: vmstat_update
[  285.523352][    C0] workqueue writeback: flags=0x4a
[  285.551979][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=4/256 refcnt=6
[  285.552033][    C0]     pending: wb_workfn, wb_workfn, wb_workfn, wb_workfn
[  285.552106][    C0] workqueue kblockd: flags=0x18
[  285.570751][    C0]   pwq 1: cpus=0 node=0 flags=0x0 nice=-20 active=3/256 refcnt=4
[  285.570865][    C0]     pending: blk_mq_timeout_work, blk_mq_timeout_work, blk_mq_timeout_work
[  285.570976][    C0] workqueue dm_bufio_cache: flags=0x8
[  285.592405][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  285.592466][    C0]     pending: work_fn
[  285.592545][    C0] workqueue mld: flags=0x40008
[  285.608504][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/1 refcnt=3
[  285.608550][    C0]     pending: mld_dad_work
[  285.608578][    C0]     inactive: mld_ifc_work
[  285.608600][    C0] workqueue ipv6_addrconf: flags=0x40008
[  285.630024][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/1 refcnt=2
[  285.630071][    C0]     pending: addrconf_verify_work
[  285.630202][    C0] workqueue wg-crypt-wg0: flags=0x28
[  285.647618][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  285.647665][    C0]     pending: wg_packet_encrypt_worker
[  285.647699][    C0] workqueue wg-kex-wg1: flags=0x6
[  285.665329][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=3
[  285.665370][    C0]     pending: wg_packet_handshake_send_worker
[  285.665400][    C0] workqueue wg-crypt-wg1: flags=0x28
[  285.683462][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  285.683509][    C0]     pending: wg_packet_encrypt_worker
[  285.683537][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  285.683576][    C0]     pending: wg_packet_encrypt_worker
[  285.683606][    C0] workqueue wg-kex-wg2: flags=0x6
[  285.714214][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=3
[  285.714260][    C0]     pending: wg_packet_handshake_send_worker
[  285.714296][    C0] workqueue wg-crypt-wg2: flags=0x28
[  285.732361][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  285.732407][    C0]     pending: wg_packet_encrypt_worker
[  285.732444][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  285.732485][    C0]     pending: wg_packet_encrypt_worker
[  285.732513][    C0] workqueue wg-crypt-wg0: flags=0x28
[  285.763394][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  285.763450][    C0]     pending: wg_packet_encrypt_worker
[  285.763486][    C0] workqueue wg-crypt-wg1: flags=0x28
[  285.781358][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  285.781405][    C0]     pending: wg_packet_encrypt_worker
[  285.781442][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  285.781481][    C0]     pending: wg_packet_encrypt_worker
[  285.781511][    C0] workqueue wg-kex-wg2: flags=0x6
[  285.812303][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=3
[  285.812347][    C0]     pending: wg_packet_handshake_send_worker
[  285.812381][    C0] workqueue wg-crypt-wg2: flags=0x28
[  285.830446][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  285.830495][    C0]     pending: wg_packet_encrypt_worker
[  285.830527][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  285.830568][    C0]     pending: wg_packet_encrypt_worker
[  285.830597][    C0] workqueue wg-crypt-wg0: flags=0x28
[  285.861477][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  285.861526][    C0]     pending: wg_packet_encrypt_worker
[  285.861564][    C0] workqueue wg-crypt-wg1: flags=0x28
[  285.879447][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  285.879494][    C0]     pending: wg_packet_encrypt_worker
[  285.879525][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  285.879565][    C0]     pending: wg_packet_encrypt_worker
[  285.879596][    C0] workqueue wg-kex-wg0: flags=0x6
[  285.910219][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=3
[  285.910262][    C0]     pending: wg_packet_handshake_send_worker
[  285.910299][    C0] workqueue wg-kex-wg1: flags=0x6
[  285.928080][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=3
[  285.928123][    C0]     pending: wg_packet_handshake_send_worker
[  285.928154][    C0] workqueue wg-crypt-wg1: flags=0x28
[  285.946218][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  285.946264][    C0]     pending: wg_packet_encrypt_worker
[  285.946298][    C0] workqueue wg-kex-wg2: flags=0x6
[  285.963927][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=3
[  285.963966][    C0]     in-flight: 8:wg_packet_handshake_send_worker
[  285.964004][    C0] workqueue wg-crypt-wg2: flags=0x28
[  285.982430][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  285.982477][    C0]     pending: wg_packet_encrypt_worker
[  285.982507][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  285.982546][    C0]     pending: wg_packet_encrypt_worker
[  285.982575][    C0] workqueue wg-kex-wg2: flags=0x6
[  286.013110][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=3
[  286.013152][    C0]     pending: wg_packet_handshake_send_worker
[  286.013185][    C0] workqueue wg-crypt-wg2: flags=0x28
[  286.031253][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  286.031299][    C0]     pending: wg_packet_encrypt_worker
[  286.031331][    C0] workqueue wg-crypt-wg0: flags=0x28
[  286.049215][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  286.049260][    C0]     pending: wg_packet_encrypt_worker
[  286.049291][    C0] workqueue wg-kex-wg1: flags=0x6
[  286.066905][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=3
[  286.066946][    C0]     pending: wg_packet_handshake_send_worker
[  286.066978][    C0] workqueue wg-crypt-wg1: flags=0x28
[  286.085047][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  286.085091][    C0]     pending: wg_packet_encrypt_worker
[  286.085120][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  286.085156][    C0]     pending: wg_packet_encrypt_worker
[  286.085184][    C0] workqueue wg-kex-wg2: flags=0x6
[  286.115706][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=3
[  286.115756][    C0]     pending: wg_packet_handshake_send_worker
[  286.115791][    C0] workqueue wg-crypt-wg2: flags=0x28
[  286.133842][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  286.133890][    C0]     pending: wg_packet_encrypt_worker
[  286.133920][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  286.133960][    C0]     pending: wg_packet_encrypt_worker
[  286.133993][    C0] pool 4: cpus=0-1 flags=0x4 nice=0 hung=209s workers=6 idle: 45 10 1347 413 197