last executing test programs:

24.836478623s ago: executing program 0 (id=280):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$inet(0x2, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x7, 0x2a, 0x5}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000000000000000181100", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r5}, &(0x7f0000000180), &(0x7f0000000280)=r4}, 0x20)
uname(0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
unshare(0x24020400)
fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

20.488218131s ago: executing program 3 (id=295):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
open(&(0x7f0000000140)='./file0\x00', 0x149442, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0), 0x480, &(0x7f00000002c0))

18.894362538s ago: executing program 3 (id=299):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c00000010004b0400f4ed00000000007a000900", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c00028008000400000000000600060000000000060009"], 0x4c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
syz_usb_disconnect(r3)
syz_usb_connect(0x2, 0x1b, &(0x7f0000000180)=ANY=[@ANYBLOB="12000000d0fce08a37203ca978a5f20e161780ad40d2196bff5ac8daaea19dcc9936dc83e4b83ba13d18eea236"], 0x0)
ioctl$EVIOCRMFF(r3, 0x83c0550b, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c0000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r4}, 0x10)
timer_create(0x2, 0x0, &(0x7f0000000540))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r8 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)="5500000020007fafb72d13b2a4a2719302000000030b43026c26236925000400fe7f0000bd2dca8a9848a3", 0x2b}], 0x1}, 0x4000000)
ioctl$FS_IOC_GETFSLABEL(r0, 0x81009431, &(0x7f0000000740))

15.626045609s ago: executing program 3 (id=308):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x52, 0x6fbf, 0x1, {0x6000, 0x1}, {0x4f, 0x2}, @period={0x5a, 0x7, 0x8001, 0xee5, 0xff, {0x1, 0xf, 0x6, 0x28}, 0x0, 0x0}})
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x12d8)
flock(r0, 0x5)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000300)={0x1, 0x0, [{0x40000003, 0x0, 0x1}]})
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @private=0xa010100}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x6, &(0x7f0000000e80)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000800000095000000000000009500a5050000000077d8f3b423cdac8d8000000000000020e16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d10bfe150a7487535f7866907dc6751dfb261a0e3ccae669e173a649c1cfd6587d452d46b7c57d77578f4c35235138d5521f9453559c3421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983c044c03bf3ff03fe3e26e7a23129d6606fd28a7f9105f82317874b33d96b39fa4e045469989d552af6200000003a00000000000000abecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f1623ed38ae89d24e14b40234756ddcebfba2f87925bfacba83109753f543ad027edd68149ee99eebc6f7d6dd4aed4afe1f44ccb19e810879b70a70900000000000000000000d7900a820b6327944e9a217b9800e02a92895614cd50cbf83a1ed25268816b004519c9c5cff097d8000000000009d27d753a30a147b24a48435bd8a568669596e9e08679b3ce48e90defb6670c3d6209000000c773713a66b223fa8b148871c8d31d24000025449f106b99893ed20fa7a050fbbef90327e827e513e9606800000000e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e69ee52b59d13182e1f24ed208ada12f7a1525320e71666f472a972d5eb1affb87ba55b2d72078e9f40b4ae7dc3b2aeb0d11cd22c35d32940f19dff00ffffffff080000ff003853e59de7621e348955735264f34b1046a1813668297a7edad187ef106ae7fcbb25090f17d0baadeb8ae190a1fb5a315f8347fb0379659500000000000000000000000000000000000000002fdf0193ec79c90ed210ebc2fbed6d4216770c1b0dec886b388d138c2b69c6aacb714e7264093061c660a5100b7cc165889eb94c8d7c77b6fa06f1a4d8e4a6b6cb37e319c5c22f276b03cae853f42b07ca0b03b1eb32a6b1a81cd511fd0b59d57a11c6a3ebf9731464ad21f07f618efc31023ac60007426162b57e803519954d7c952197b0a508c0e16fda392fa84be38e937d36af1c35138e05a9e8d6dc0272de72c41500000000304402e22af23437126f330f8eb4075daaeae3134ece35cd86d95bd9836bd186c4b6565e967a4e3e86f299b7400994ba136b4eccf3b0f001a266c0d160b3ce1182001d64b52a5ce7f506295d59eea6903b84ffbabf5a5b91c1d6ecce8728a224aec66c610e3becd60a35e848c224f8251947eed20e2b612cb099bfe8924d33ba7f0691fed04a43e9c64b7a1e3165e86cdb9871c678a6bbb14821f441c6c14d1bd78d8ffdfea12c19ea04264335d60b6b7a7da6fb83f33101db32f6ab137d943dd3c1e8db9f3e1263573dc721ae82fe0bc63598751a5092c9f7dbfc39d564834e3703492c2a651643d8ce5c36d97a4812cf73fc8ea0d6"], &(0x7f0000000080)='GPL\x00', 0x4005, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r6}, 0xb)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x3, 0xfffffffc, 0x40, 0x6a101, r5, 0x4222, '\x00', 0x0, r5, 0x1, 0x1, 0x4, 0xf, @value=r5}, 0x50)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21681e, &(0x7f00000002c0), 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1")
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r5, 0x6628)
flock(r5, 0x1)
flock(r5, 0x2)
dup3(r5, r0, 0x0)

15.436041475s ago: executing program 3 (id=310):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000100)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@grpquota}, {@nodioread_nolock}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x563, &(0x7f00000007c0)="$eJzs3c1rHOUfAPDvbDbp6+/XFEpREQn0YKU2aRJfKnioR9FiQe91SaahdNMt2U1pYsH2YC9epAgiFsS73j0W/wH/ioIWipSgBy+R2czmpdlNtukmu+1+PjDheWZm93memfk+eZ6dWTaAvjWS/SlEvBwR3yQRRyIiybcVI984srLf0uObU9mSxPLyp38l9f2yfOO9Gq87lGdeiojfvoo4VdhcbnVh8UqpXE7n8vxYbfbaWHVh8fTl2dJMOpNenZicPPv25MR7777Tsba+ceGf7z+5/+HZr08sfffLw6N3kzgXh/Nt69vxDG6tz4zESH5MBuPcEzuOd6CwXpJ0uwLsyEAe54OR9QFHYiCPeuDF92VELAN9KhH/0Kca44DG3L5D8+DnxqMPViZAm9tfXPlsJPbX50YHl5INM6NsvjvcgfKzMn79897dbInOfQ4BsK1btyPiTLG4uf9L8v5v5860sc+TZej/YO/cz8Y/bzYb/xRWxz/RZPxzqEns7sT28V942IFiWsrGf+/n5e7fUP7qTavhgTz3v/qYbzC5dLmcZn3b/yPiZAzuy/Jb3c85u/RgudW29eO/bMnKb4wF83o8LO7b+JrpUq30LG1e79HtiFeajn+T1fOfNDn/2fG40GYZx9N7r7Xatn37d9fyTxGvN53/rN3RSra+PzlWvx7GGlfFZn/fOf77xjVrR7Lb7c/O/8Gt2z+crL9fW336Mn7c/2/aatuG9kf71/9Q8lk9PZSvu1Gq1ebGI4aSjzevn1h7bSPf2D9r/8kTW/d/za7/AxHxeZvtv3Ps51fban+Xzv/0U53/p088+OiLH1qV317/91Y9dTJf007/124Fn+XYAQAAAAAAQK8pRMThSAqjq+lCYXR05fmOY3GwUK5Ua6cuVeavTkf9u7LDMVho3Ok+su55iPH8edhGfuKJ/GREHI2IbwcO1POjU5XydLcbDwAAAAAAAAAAAAAAAAAAAD3iUIvv/2f+GOh27YBd18ZPfg/tRT2Avbdt/Hfil56AntTG/3/gBSX+oX+Jf+hf4h/6l/iH/iX+oX+Jf+hf4h8AAAAAAAAAAAAAAAAAAAAAAAAAAAA66sL589myvPT45lSWn76+MH+lcv30dFot5LvMXRudqVRmyunoVGV2u/crVyrXxidi/sZYLa3WxqoLixdnK/NXaxcvz5Zm0ovp4K63CAAAAAAAAAAAAAAAAAAAAJ4/1YXFK6VyOZ2TkNhRotgb1ehSotgb1diFRLd7JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABY818AAAD//0h7Mcc=") (async)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000100)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@grpquota}, {@nodioread_nolock}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x563, &(0x7f00000007c0)="$eJzs3c1rHOUfAPDvbDbp6+/XFEpREQn0YKU2aRJfKnioR9FiQe91SaahdNMt2U1pYsH2YC9epAgiFsS73j0W/wH/ioIWipSgBy+R2czmpdlNtukmu+1+PjDheWZm93memfk+eZ6dWTaAvjWS/SlEvBwR3yQRRyIiybcVI984srLf0uObU9mSxPLyp38l9f2yfOO9Gq87lGdeiojfvoo4VdhcbnVh8UqpXE7n8vxYbfbaWHVh8fTl2dJMOpNenZicPPv25MR7777Tsba+ceGf7z+5/+HZr08sfffLw6N3kzgXh/Nt69vxDG6tz4zESH5MBuPcEzuOd6CwXpJ0uwLsyEAe54OR9QFHYiCPeuDF92VELAN9KhH/0Kca44DG3L5D8+DnxqMPViZAm9tfXPlsJPbX50YHl5INM6NsvjvcgfKzMn79897dbInOfQ4BsK1btyPiTLG4uf9L8v5v5860sc+TZej/YO/cz8Y/bzYb/xRWxz/RZPxzqEns7sT28V942IFiWsrGf+/n5e7fUP7qTavhgTz3v/qYbzC5dLmcZn3b/yPiZAzuy/Jb3c85u/RgudW29eO/bMnKb4wF83o8LO7b+JrpUq30LG1e79HtiFeajn+T1fOfNDn/2fG40GYZx9N7r7Xatn37d9fyTxGvN53/rN3RSra+PzlWvx7GGlfFZn/fOf77xjVrR7Lb7c/O/8Gt2z+crL9fW336Mn7c/2/aatuG9kf71/9Q8lk9PZSvu1Gq1ebGI4aSjzevn1h7bSPf2D9r/8kTW/d/za7/AxHxeZvtv3Ps51fban+Xzv/0U53/p088+OiLH1qV317/91Y9dTJf007/124Fn+XYAQAAAAAAQK8pRMThSAqjq+lCYXR05fmOY3GwUK5Ua6cuVeavTkf9u7LDMVho3Ok+su55iPH8edhGfuKJ/GREHI2IbwcO1POjU5XydLcbDwAAAAAAAAAAAAAAAAAAAD3iUIvv/2f+GOh27YBd18ZPfg/tRT2Avbdt/Hfil56AntTG/3/gBSX+oX+Jf+hf4h/6l/iH/iX+oX+Jf+hf4h8AAAAAAAAAAAAAAAAAAAAAAAAAAAA66sL589myvPT45lSWn76+MH+lcv30dFot5LvMXRudqVRmyunoVGV2u/crVyrXxidi/sZYLa3WxqoLixdnK/NXaxcvz5Zm0ovp4K63CAAAAAAAAAAAAAAAAAAAAJ4/1YXFK6VyOZ2TkNhRotgb1ehSotgb1diFRLd7JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABY818AAAD//0h7Mcc=")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x2, 0x96) (async)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x2, 0x96)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cpuset.effective_mems\x00', 0x275a, 0x0)
write$FUSE_INTERRUPT(r1, &(0x7f0000000080)={0x10}, 0x10) (async)
write$FUSE_INTERRUPT(r1, &(0x7f0000000080)={0x10}, 0x10)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r1, 0x0) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r1, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wlan0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x10, 0x4, &(0x7f00000005c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r2 = syz_clone(0x80, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2) (async)
ptrace(0x10, r2)
wait4(r2, 0x0, 0x20000000, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x7)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
getpid() (async)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) (async)
connect$unix(r5, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = socket(0x10, 0x803, 0x0)
sendto(r7, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r7, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x6e, &(0x7f0000000600)=""/191, 0xffffffffffffff2f, 0xca9a3b}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400}) (async)
recvmmsg(r7, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x6e, &(0x7f0000000600)=""/191, 0xffffffffffffff2f, 0xca9a3b}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})
syz_mount_image$exfat(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000040)=ANY=[@ANYBLOB='sys_tz,sys_tz,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c01"], 0x1, 0x153d, &(0x7f00000005c0)="$eJzs3AuYT9XaAPD3XWvtMST+TXIZ1lrv5p9clkmSXJLkkiRJkuSWkDTJkYTEEJI0JCG5DEkMIblMTBr3+/2SkCRNkoTklqzvmfA4nTrf6XynL9/zzft7nv3Mev9rr7Xfvd//Ze89M/9vuw6t1aR29UZEBP8RvPAjCQBiAWAgAOQFgAAAyseVj8vqzykx6T/bCPtzPZh6pTNgVxLXP3vj+mdvXP/sjeufvXH9szeuf/bG9c/euP6MZWebphW6hpfsu/D9/+yMP///H8ksM/bLNWWu6wYQ80eHcP2zN67//1vBH1mJ65+9cf2zq9grnQD7P4Bf/9lBjn/aw/XP3rj+jGVnV/r+81+wIPw3/RD5K44BAsAfXPdIzguF+YuOz5V+/jHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYyx5O+8sUAFxqX+m8GGOMMcYYY4wx9ufxOa50BowxxhhjjDHGGPvfhyBAgoIAYiAHxEJOyAUCAK6GPJAXInANxMG1kA+ug/xQAApCIYiHwlAENBiwQBBCUSgGUbgeisMNUAJKQikoDQ7KQALcCGXhJigHN0N5uAUqwK1QESpBZagCt0FVuB2qwR1QHe6EGlATakFtuAvqwN1QF+6BenAv1If7oAHcDw3hAWgED0JjeAiawMPQFB6BZtAcWkBLaPU/Gv889IQXoBf0hiToA33hRegH/WEAvAQD4WUYBK/AYHgVkmEIDIXXYBi8DsPhDRgBI2EUvAmj4S0YA2NhHIyHFJgAE+FtmATvwGR4F6bAVEiFaTAd3oMZMBNmwfswGz6AOTAX5sF8SIMPYQEshHT4CBbBx5ABi2EJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQtshW2wHXbAJ7ATPoVdsBv2wGewFz7/N8ef+ofx3RAQUKBAhQpjMAZjMRZzYS7MjbkxD+bBCEYwDuMwH+bD/JgfC2JBjMd4LIJF0KBBQsKiWBSjGMXiWBxLYAkshaXQocMETMCyeBOWw3JYHstjBayAFbESVsIqWAWrYlWshtWwOlbHGlgDa2EtvAvvwj5YF+tiPayH9bH+pdtT2AgbYWNsjE2wCTbFptgMm2ELbIGtsBW2xtbYBttgO2yH7bE9dsAOmIiJ2BE7YifshJ2xM3bBLtgVu2I37I7dM5/PAfgCvoC9sYbog32xL/bD5BwD8CV8CV/GQfgKvoKvYjIOwaH4Gr6Gr+NwPIkjcCSOwlFYVbyFY3AskhiPKZiCE3EiTsJJmJXouzgVU3EaTsfpOANn4kx8H2fjB/gBzsW5OB/TMA0X4EJMx3RchKcwAxfjElyKy3A5LsOVuApX4hpci2twPa7HjbgRN+Nm3IpbcTtux09QAeCnuBt3YzLuxb24D/fhftyPB/AAZmImHsSDeAgP4WE8jEfwCB7FY3gcj+EJPIEn8RSextN4Fs/iOXw2/uvGn5RcnQwiixJKxIgYEStiRS6RS+QWuUUekUdERETEiTiRT+QT+UV+UVAUFPEiXhQRRYQRRpAIYwBAREVUFBfFRQlRQpQSpYQTTiSIBFFWlBXlRDlRXtwiKohbRUVRSbR1VUQVUVW0c9XEHaK6qC5qiJqilqgtaos6oo6oK+qKeqKeqC/qiwbiftFQ9MEB+KDIqkwTMQSbiqHYTDQX8uI7WGsxHNuItqKdeFyMxBHYQbR2ieIp0VGMwU7ib2IsPiO6iPHYVTwnuonuood4XvQUbVwv0VtMxj6ir5iK/UR/MUC8JGZgTfE+zs5ZS7wqksUQMVS8Jubj62K4eEOMECPFKPGmGC3eEmPEWDFOjBcpYoKYKN4Wk8Q7YrJ4V0wRU0WqmCami/fEDDFTzBLvi9niAzFHzBXzxHyRJj4UC8RCkS4+EovExyJDLBZLxFKxTCwXK8RKsUqsFmvEWrFOrBcbxEaxSWwWW8RWsU1sFzvEJ2Kn+FTsErvFHvGZ2Cs+F/vEF2K/+FIcEF+JTPG1OCi+EYfEt+Kw+E4cEd+Lo+KYOC5+ECfEj+KkOCVOizPirPhJnBM/i/PCC5AohZRSyUDGyBwyVuaUueRVMrcMLh7da2ScvFbmk9fJ/LKALCgLyXhZWBaRWhppJclQFpXFZFReL4vLG2QJWVKWkqWlk2VkgrxRlpU3yXLyZlle3iIryFtlRVlJVpZV5G2yqrxdQuTCNmrImrKWrC3vkklwt6wr75H15L2yvrxPNpD3y4byAdlIPigby4dkE/mwbCofkc1kc9lCtpSt5KOytXxMtpFtZTv5uGwvn5Ad5JMyUT4lO0p/8SnyjOwin5Vd5XOym+wue8if5XnpZS/ZW0IfkH3li7Kf7C8HxAKAfFkOkq/IwfJVmSyHyKHyNTlMvi6HyzfkCDlSjpJvytHyLTlGjpXj5HiZIifIifJtOUm+IyfLd+UUOVWmymlygBz4y0yzpPyX49/+nfGDf9n6RrlJbpZb5Fa5TW6XO+QncqfcKXfJXXKP3CP3yr1yn9wn98v98oA8IDNlpjwoD8pD8pA8LA/LI/KIPCqPyTPyB3lC/ihPylPylDwjz8qz8tzFYwAKlVBSKRWoGJVDxaqcKpe6SuVWV6s8Kq+KqGtUnLpW5VPXqfyqgCqoCql4VVgVUVoZZRWpUBVVxVRUXY8XnzCqlCqtnCqjEtSN/854VVzdoEqokr8afym/pH+SXyvVSrVWrVUb1Ua1U+1Ue9VedVAdVKJKVB1VR9VJdVKdVWfVRXVRXVVX1U11Uz1UD9VT9VS9VC+VpJJUX/Wi6qf6qwHqJTVQvawGqUFqsBqsklWyGqqGqmFqmBquhqsRaoQapUap0Wq0GqPGqHFqnEpRKWqimqgmqUlqspqspqgpKlWlqulqupqhZqhZapaarWarOWqOmqfmqTSVphaoBSpdpatFapHKUIvVYrVULVXL1XK1Uq1Uq9VqtVatVevVepWhNqlNaovaorapbWqH2qF2qp1ql9ql9qg9aq/aq/apfWq/2q8OqAMqU2Wqg+qgOqQOqcPqsDqijqij6qg6ro6rE+qEOqlOqtPqtDqrzqpz6pw6r85nnfYFIhCBClQQE8QEsUFskCvIFeQOcgd5gjxBJIgEcUFckC+4LsgfFAgKBoWC+KBwUCTQgQlsIC4WPRpcHxQPbghKBCWDUkHpwAVlgoTgxqBscFNQLrg5KB/cElQIbg0qBpWCykGV4LaganB7UC24I6ge3BnUCGoGtYLawV1BneDuoG5wT1AvuDeoH9wXNAjuDxoGDwSNggeDxsFDQZPg4aBp8EjQLGgetAhaBq3+1Pm9P1ngMddL99ZJuo/uq1/U/XR/PUC/pAfql/Ug/YoerF/VyXqIHqpf08P063q4fkOP0CP1KP2mHq3f0mP0WD1Oj9cpeoKeqN/Wk/Q7erJ+V0/RU3Wqnqan6/f0DD1Tz9Lv69n6Az1Hz9Xz9Hydpj/UC/RCna4/0ov0xzpDL9ZL9FK9TC/XK/RKvUqv1mv0Wr1Or9cb9Ea9SW/WW/RWvU1v1zv0J3qn/lTv0rv1Hv2Z3qs/1/v0F3q//lIf0F/pTP21Pqi/0Yf0t/qw/k4f0d/ro/qYPq5/0Cf0j/qkPqVP6zP6rP5Jn9M/6/PaZ53cZ328G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emn8ln8pv8pqApaOJNvCliipgsZMgUNUVN1ERNcVPclDAlTClTyjjjTIJJMGVNWVPOlDPlTXlTwVQwFU1FU9lUNreZ28zt5nZzh7nD3GnuNDVNTVPb1DZ1TB1T19Q19Uw9U9/UNw1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1MM9PCtDCtTCvT2rQ2bUwb0860M+1Ne9PBdDCJJtF0NB1NJ9PJdDadTRfTxXQ1XU030830MD1MT9PT9DK9TJJJMn1NX9PP9DMDzAAz0Aw0g8wgM9gMNskm2Qw1Q80wM8wMN8PNCDPSjMo6UTVvmTFmrBlnxpsUk2ImmolmkplkJpvJZoqZYlJNqpluppsZZoaZZWaZ2Wa2mWPmmHlmnkkzaWaBWWDSTbpZZBaZDJNhlpglZplZZlaYFWaVWWXWmDVmHawzG8wGs8lsMlvMFrPNbDM7zA6z0+w0u8wus8fsMXvNXrPP7DP7zX5zwBwwmSbTHDQHzSFzyBw2h80Rc8QcNUfNcXPcnDAnzElz0pw2p81ZU+Di56U3sTanzWWvsrnt1TaPzWv/MS5oC9l4W9gWsdrmtwV+FRtrbQlb0paypa2zZWyCvfE3cUVbyVa2Vexttqq93Vb7TVzH3m3r2ntsPXuvrW3v+lVc395nG9iHbUNEANvcNrYtbRP7sG1qH7HNbHPbwra07e0TtoN90ibap2xH+/Rv4gV2oV1lV9s1dq3dZXfb0/aMPWS/tWftT7aX7W0H2pftIPuKHWxftcl2yG/iUfZNO9q+ZcfYsXacHf+beIqdalPtNDvdvmdn2Jm/idPsh3a2Tbdz7Fw7z87/Jc7KKd1+ZBfZj22GDWCJXWqX2eV2hV15KVef1663G+xGu9N+arfYrXab3W53XDoRtrvtHvuZ3Ws/twftN3a//dIesIdtpv36lzhr/w7b7+wR+709ao/Z4/YHe8L+qC6Nztr3H+zP9rz1FggJSJKigGIoB8VSTspFV1FuupryUF6K0DUUR9dSPrqO8lMBKkiFKJ4KUxHSZMgSUUhFqRhF6Xq6lF4pKk2OylAC3Uhl6SYqRzdTebqFKtCtVJEqUWWqQrdRVbqdqtEdVJ3upBpUk2pRbbqL6tDdVJfuoXp0L9Wn+6gB3U8N6QFqRA9SY3qImtDD1JQeoWbUnFpQS2pFj1JreozaUFtqR49Te3qCOtCTlEhPUUd6mjrR36gzPUNd6FnqSs9RN+pOPeh56kkvUC/qTUnUh/rSi9SP+tMAeokG0ss0iF6hwfQqJdMQGkqv0TB6nYbTGzSCRtIoepNG01s0hsbSOBpPKTSBJtLbNIneocn0Lk2hqZRK02g6vUczaCbNovdpNn1Ac2guzaP5lEYf0gJaSOn0ES2ijymDFtMSWkrLaDmtoJW0ilbTGlpL62g9baCNtIk20xbaSttoO+2gT2gnfUq7aDftoc9oL31O++gL2k9f0gH6ijLpazpI39Ah+pYO03e+N31PR+kYHacf6AT9SCfpFJ2mM3SWfqJz9DOdJ08QYihCGaowCGPCHGFsmDPMFV4V5g6vDvOEecNIeE0YF14b5guvC/OHBcKCYaEwPiwcFgl1aEIbUhiGRcNiYTS8Piwe3hCWCEuGpcLSoQvLhAnhjWHZ8KawXHhzWD68JawQ3hpWDCuFD99bJbwtrBreHlYL7wirh3eGNcKaYa2wdnhXWCe8O6wb3hPWC+8Ny4X3hQ3C+8OG4QNho/DBsHH4UNgkfDhsGj4SNgubhy3ClmGr8NGwdfhY2CZsG7YLHw/bh0+EHcInw8TwqbBj+PQv/fct/Of9SWGfsG/4Yvhi6P09cl50fjQt+mF0QXRhND36UXRR9ONoRnRxdEl0aXRZdHl0RXRldFV0dXRNdG10XXR9dEN0Y9T72jnAoRNOOuUCF+NyuFiX0+VyV7nc7mqXx+V1EXeNi3PXunzuOpffFXAFXSEX7wq7Ik4746wjF7qirpiLuutdcXeDK+FKulKutHOujEtwLV0r18q1do+5Nq6ta+ced4+7J9wT7kn3pHvKdXRPu07ub66ze8Z1cc+6Z91zrpvr7nq4511PNyHPhddkkuvr+rp+rp8b4Aa4gW6gG+QGucFusEt2yW6oG+qGuWFuuBvuRrgRbpQb5Ua70W6MG+PGuXEuxaW4iW6im+QmucluspviprhUl+qmu+luhpvhqs68sJU5bo6b5+a5NJfmFrisc8Z0t8gtchkuwy1xS9wyt8ytcCvcKrfKrXFr3Dq3zm1wG9wmt8ltcVvcNrfN7XA73E630+3yeS9M6va6fW6f2+/2uwPuK5fpvnYH3TfukPvWHXbfuSPue3fUHXPH3Q/uhPvRnXSn3Gl3xp11P7lz7md33nmXEpkQmRh5OzIp8k5kcuTdyJTI1EhqZFpkeuS9yIzIzMisyPuR2ZEPInMicyPzIvMjaZEPIwsiCyPpkY8iiyIfRzIiiyNLIksjyyLLI94X3hL6or6Yj/rrfXF/gy/hS/pSvrR3voxP8Df6sv4mX87f7Mv7W3wFf6uv6Cv5yv4R38w39y18S9/KP+pb+8d8G9/Wt/OP+/b+Cd/BP+kT/VO+o3/ad/J/8539M76Lf9Z39c/5br677+Gf9z39C76X7+2TfB/f17/o+/n+foB/yQ/0L/tB/hU/2L/qk/0QP9S/5of51/1w/4Yf4Uf6UTFv+tGXLpFhvE/xE/xE/7af5N/xk/27foqf6lP9ND/dv+dn+Jl+ln/fz/Yf+Dl+rp/n5/s0/6Ff4Bf6dP+RX+Q/9hl+8aWbyn6FX+lX+dV+jV/r1/n1foPf6Df5zX6L3+q3+e1+h//E7/Sf+l1+t9/jP/N7/ed+n//C7/df+gP+K5/pv/YH/Tf+kP/WH/bf+SP+e3/UH/PH/Q/+hP/Rn/Sn/Gl/xp/1P/lz/md/nv9njTHGGGPsD5lwuSl+3XPhdn6f3xkj/m7lvgBw9dZCmX/fn3VGuS7/hXZ/Ed8+AgBP9e764KWlRo2kpKSL62ZICIrNBbj0m6AsMXA5Xgzt4AlIhLZQ9nfz7y+6n6V/MX/0FoBcfzcmFi7Hl+f/AgCTfmf+Rx8ftaBCeDruv5l/LkCJYpfH5ITL8WJo98v9lbZQ7p/kX6D1v8g/55cpAG3+bkxuuBxfzj8BHoOnIfFiz1W/uzXGGGOMMcYYY9lVf1G586Xrz0t/8fl71+fx6vKYHHA5/lfX54wxxhhjjDHGGLvynune48lHExPbdv73G9X+R6P+cKMp/G/NzI3fbXgPcOkRBQD/4YQAWQ35V+7F5r9kW8kXXzr/2LXsjA/g/0Yp/4zGFX5jYowxxhhjjP3pLp/0//pxdaUSYowxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGsqH/7KvCAoA/8C19V3ofGWOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsSvtvwIAAP//w4D6Ww==")
ptrace$setregset(0x4205, r2, 0x1, &(0x7f0000000140)={0x0})

14.851971302s ago: executing program 3 (id=313):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000017c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40dddb51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42553ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca000000000000000000000509619f5f0cbc72eebc653946d3552236f0dfe485cfa71bd69f4ded6e131128c3875b785875addfcbd5931c12adbe"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x7)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a500850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r7=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x70bd26, 0x25dfdbff, {}, [@NHA_OIF={0x8, 0x5, r7}]}, 0x20}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=@ipv6_newrule={0x2c, 0x18, 0x409, 0x0, 0x0, {}, [@FIB_RULE_POLICY=@FRA_GOTO={0x8, 0x1e, 0x1}, @FIB_RULE_POLICY=@FRA_SPORT_RANGE={0x8, 0x17, {0x4e23, 0x4e23}}]}, 0x2c}}, 0x0)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r8, 0x40345410, &(0x7f00000083c0)={{0x1}})

14.774555938s ago: executing program 3 (id=315):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff})
ioctl$int_in(r0, 0x5452, &(0x7f0000000080)=0x8000000ffffffff) (async)
pipe(&(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r0, 0x0, r2, 0x0, 0x4, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0xe, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="6a0ac4ff00000000a3ff3b00000000009500000000000100"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1}, 0x94)

14.658627217s ago: executing program 32 (id=315):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff})
ioctl$int_in(r0, 0x5452, &(0x7f0000000080)=0x8000000ffffffff) (async)
pipe(&(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r0, 0x0, r2, 0x0, 0x4, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0xe, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="6a0ac4ff00000000a3ff3b00000000009500000000000100"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1}, 0x94)

14.571046374s ago: executing program 0 (id=317):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0)
pwritev2(r2, 0x0, 0x0, 0x7, 0xfffffffc, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000001700)=0x4)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r4, 0x541c, &(0x7f0000000000)={0x2, {0x2, 0xfffe, 0x6, 0x101, 0x6}})
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r5, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x0, 0x300, 0x0, 0x8, 0x300}})
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), r7)
keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f0000000580)={0x0, 0x3, 0x63}, 0x0, &(0x7f0000000640)="58bb3b", &(0x7f0000000680)=""/99)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r6, 0x400c6615, &(0x7f0000000400)={0x0, @adiantum, 0x0, @desc1})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000001e00100000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000fcffffffb702000004000000b7030000000000de850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r8}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)

14.482132901s ago: executing program 0 (id=318):
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000680)='sched_switch\x00', r1}, 0x10)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
r4 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r4, &(0x7f0000000640)={&(0x7f0000000280)=@name={0x1e, 0x2, 0x2, {{0x1, 0x2}, 0x2}}, 0x10, &(0x7f0000000ec0)=[{&(0x7f0000000340)="659efcf9f900a9b5d263622a6a16492bec8499f9a77ab2cc8435977c4181eed5b9dfc7dcf17ede1cbffd0cb3c8dd74d019e8fef937f0bd3f5322ec4739f1edbe1ac4d830013e89d41c489bd9b90f55469285541de01b89dc1f", 0x59}, {&(0x7f00000004c0)="bdc3d54811050e66a1fcb1f68b1fab74472d07869c72884787fc70520b8825aca2b377d7cc5d5480ba45eec28e7825c1ab37cd2123dc08ca83d8db310c22492922851da4eb69677e838ed96b67aa7b201858cc5fb9af3308d4dcf3a4eedf3b8305026b5f13f0262d03a59f6b44e998de168b558ed8f1c5adf8063c28997cc3bfab1dc603731da8270f9fe3a1c12b67ed05cb48634ba3a13be9411946c2e1fced2eb5b556199cad0d0c965b5bd2bc24488331ac6a7ad850cf7c25b52e8c1e63dffd66b4b583add80ce810e18fdc9968668bd7d3128ddf73c7846791e66c6a73910287611abbc716ff5ee6a8b2f4f314252979eeb64bdeb50c", 0xf8}, {&(0x7f00000003c0)="60badba0745ebe749eddf2b5868f49730bf614396fd156f65f7341e2ac3b7a6b398a6f396b098cd43f9c01c2da7ea0abcd293129eb8afee1ca93dd822f504a9c8e6afc88540ce37bb81598888a900ec2705f03a7fdfb334046e2a06b113762cae06d4bdc3f0158717171e0351fc1f9f26a5a1006c12c2abd62207acc0ba3f18d9a09b339f59d", 0x86}, {&(0x7f00000002c0)}, {0x0}, {&(0x7f00000006c0)="d0fd66a667812b01d2545447d8ae0c6ec858c31d060a8ba8ea612376eb5d014116f7408d917bf1bf2cb03f3b1ed32b19962a36972202487d5ded289bfbf9cb3cdffeef167863dc78bdfb8f6b0e836dd91fb8d705d5416362290e3d69b668a6", 0x5f}, {&(0x7f0000000740)="6601fb64c0d07c524cf1070d0de858560018bf236c08df0ee4f927bc1b324bfdf280bca974a4018ac074fb875191b31c132f75e52c6ac3f1e46b617ff9a629f7511993207c17f8b4f83767e715c60cd0d1eec5a6e6fea22e44c84cfb0d530768a787ed6e40111dd16ec74b7d0ecdbc803ae61bddefbdbd51cd8357b3eea0bc0e111571b58a812f2df90aa2523118d7c3ad1beebdcc951a9045b8bf301bb420a3f6e8d1244c9aa4ee9f61c6bec33bbba2ba8aeeebb3d86c4d2ca51754d3c29d557727fc0470405d6e0efb83d46ee2d1f290a9f31c", 0xd4}, {&(0x7f0000000840)="aa9818b53f9a5ae073eed4f1043ca2dcca2e08da4478d397f339d994777a3400d8000700f3f045b21924e1f79f71ccbbb730f0942e9d42877821e3c63a83c9b041487b0fa6d4a65cc6ff742f1c6b46a7566e956743a44bd1ed201e189b8382c8a822d88a6cf6f18ebc1788faf8168e54bd5edb5564489e49e0a7791cad2ec7fe5870130e7ae70df5ff", 0x89}, {&(0x7f0000000d80)="ae491a98fe733d4c3bd3ee6e9b68c63474dbb87fbdc520e8c9a422abd9ce8b770f0b6b0a5310fe175d9190f49a3f4a693ba920ff422aaed46de91f93967c6c0d5f2777e20a18450b19caf50f008c08df80ef571a2cb42bf7e78c7be84857ef078094b7302a1cc0e8518db70a716485f448aa41d39767e93d", 0x78}, {&(0x7f0000000e00)="7c1bd1ebe68b410e735ead4cd2666c79b9b071557b598667a3af1f8350b2f28441604cfdf69a8205dcea39237eec50f187c810656e881b628ce8676f2bb302c95c1da3587be93ccc470d2f70160ba09fe23cc5ef8aa77f48be6551fd0175c61125f0a5f823eedde6e4f2b6604240d59c0a799e7d8af65dd65ed10faacc5c715687a136a892dcd19bd0dd66550d3637034040fdb0e23557bdbe998834b2", 0x9d}], 0xa, &(0x7f0000000f80)="22b77bf5a959082343afaa8c49499ec9d5d11fa40b308782030708367f44a657006b10392fe18f1fa1706f762068f6729aff24f3fbcd6888ffdc870d5796d9c3cb80c7eefa5dde15d87d82af4f9a7a1ba456690479361f395f5815ca8ba4bfcfe23511a0e30677d6ed28ada2fd06a9519dbec8d3b8b08ea9174c4cae99252fb4", 0x80, 0x80}, 0x2000c054)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect={0x80000000})
ioctl$USBDEVFS_RELEASE_PORT(r3, 0x80045519, &(0x7f0000000000)=0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@grpid}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@quota}]}, 0x3, 0x42f, &(0x7f0000001080)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
socket$key(0xf, 0x3, 0x2)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="98010000100013070000000000000000ff0100000000000000000000000000010000000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000003200000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000048000200656362286369706865725f6e756c6c2900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600001007863626328616573290000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000feffffffffbf000000bd4786e667d86f1ee0fab0861fd447149db52737b0cd641f"], 0x198}}, 0x0)
r6 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x0)
fchdir(r7)
r8 = openat$cgroup_ro(r2, &(0x7f0000000900)='freezer.self_freezing\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_CREATE(r0, 0xc02054a5, &(0x7f0000001000)={0x80, r8, 'id0\x00'})
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$cgroup_devices(r9, &(0x7f0000000000)=ANY=[@ANYBLOB="684c38dea91695"], 0x8)
write$binfmt_script(r9, &(0x7f00000005c0)={'#! ', '', [], 0xa, "af6f71a162e100f645f0f032"}, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ioctl$TCSETA(r0, 0x5406, &(0x7f0000000080)={0x4, 0x3, 0x8e9d, 0x9708, 0x4, "01851d59cb4007fb"})
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
sched_setscheduler(0x0, 0x2, 0x0)

12.61737257s ago: executing program 0 (id=322):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f00000001c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1f, 0x7, 0xc, 0x401, 0x1bcd9, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x1}, 0x50)
write$FUSE_NOTIFY_STORE(0xffffffffffffffff, 0x0, 0xfdef)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$TCSETS(r5, 0x5402, &(0x7f00000000c0)={0x1fc, 0x7, 0x80000000, 0x760, 0x8, "d291ae4428fbee00"})
socket$nl_route(0x10, 0x3, 0x0)
lsetxattr$security_selinux(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100), &(0x7f0000000280)='system_u:object_r:modules_conf_t:s0\x00', 0x24, 0x2)
r6 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x8, 0x0, 0x0, 0x0, 0xff, 0x0, [0x0, 0x25]}})
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x8914, &(0x7f0000000040)={'veth0_to_team\x00', 0x3fa1dc947ffe4b82})

11.224294482s ago: executing program 0 (id=324):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x6a3, 0x621, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x80, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x3, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x7, 0x20}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000000)={0x2c, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0)

8.835694363s ago: executing program 2 (id=334):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000017c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x7)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a500850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r5}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r6}, 0x10)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r9=>0x0})
sendmsg$nl_route(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x70bd26, 0x25dfdbff, {}, [@NHA_OIF={0x8, 0x5, r9}]}, 0x20}}, 0x0)
sendmsg$nl_route(r7, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=@ipv6_newrule={0x2c, 0x18, 0x409, 0x0, 0x0, {}, [@FIB_RULE_POLICY=@FRA_GOTO={0x8, 0x1e, 0x1}, @FIB_RULE_POLICY=@FRA_SPORT_RANGE={0x8, 0x17, {0x4e23, 0x4e23}}]}, 0x2c}}, 0x0)
r10 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r10, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r10, 0x40505412, &(0x7f0000000140)={0x0, 0x3, 0x3ff})

8.802974226s ago: executing program 0 (id=336):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$inet(0x2, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x7, 0x2a, 0x5}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r5}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r4}, &(0x7f0000000180), &(0x7f0000000280)}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
unshare(0x24020400)
fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

6.62246198s ago: executing program 2 (id=341):
socket(0xc1acd62b43d46ca9, 0x801, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
syz_open_dev$evdev(0x0, 0x2, 0x862b01)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x61, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x7}, {}, {}, {}, {}, {}, {}, {0x16}, {}, {}, {}, {}, {}, {0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x7}, {}, {}, {}, {0x0, 0x0, 0x0, 0xffff8acc}]}}, @common=@hl={{0x28}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@private, 'veth1_macvtap\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590)

5.74565746s ago: executing program 2 (id=345):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000380)='sched_switch\x00', r2}, 0x18)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000000c0)=@nat={'nat\x00', 0x670, 0x5, 0x3c0, 0x250, 0x1a8, 0xfeffffff, 0x0, 0xa8, 0x328, 0x328, 0xffffffff, 0x328, 0x328, 0x5, 0x0, {[{{@uncond, 0x0, 0x70, 0xa8}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x1, @private=0xa010102, @rand_addr=0x640100ff, @gre_key=0x4, @icmp_id=0x68}}}}, {{@ip={@private=0xa010101, @multicast2, 0xffffff00, 0xffffffff, 'vxcan1\x00', 'veth1_to_team\x00', {0xff}, {}, 0x34, 0x2, 0x20}, 0x0, 0xc8, 0x100, 0x0, {0x0, 0x7}, [@common=@inet=@length={{0x28}, {0x7ff, 0x9}}, @common=@ah={{0x30}, {[0x0, 0x4]}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0xe, @private=0xa010100, @empty, @port=0x4e24, @port=0x4e23}}}}, {{@uncond, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x0, @loopback, @multicast2, @icmp_id=0x68, @icmp_id=0x66}}}}, {{@ip={@loopback, @dev={0xac, 0x14, 0x14, 0x27}, 0x0, 0x0, 'veth1_virt_wifi\x00', 'veth0_macvtap\x00', {}, {}, 0x8, 0x1, 0x10}, 0x0, 0xa0, 0xd8, 0x0, {}, [@common=@addrtype={{0x30}, {0x200, 0x260, 0x0, 0x1}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0xe, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, @port=0x9, @gre_key=0x8}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x420)
r4 = syz_open_dev$usbfs(0x0, 0xf650, 0x80801)
socket$tipc(0x1e, 0x5, 0x0)
mkdir(0x0, 0x101)
sync_file_range(0xffffffffffffffff, 0x6, 0x6, 0x1)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x8, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRESOCT=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095", @ANYRESOCT], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfffffffffffffd86)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="0500"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{0xffffffffffffffff, <r7=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000580)=r2}, 0x20)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000c40)={r2, 0xe0, &(0x7f0000000b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000980)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, &(0x7f00000009c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000a00)=[0x0, 0x0, 0x0, 0x0], <r8=>0x0, 0xcc, &(0x7f0000000a40)=[{}, {}], 0x10, 0x10, &(0x7f0000000a80), &(0x7f0000000ac0), 0x8, 0x3f, 0x8, 0x8, &(0x7f0000000b00)}}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{}, &(0x7f0000000540), &(0x7f0000000580)='%pS    \x00'}, 0x20)
r9 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000c80)={0x3, 0x4, 0x4, 0xa, 0x0, r2, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x5}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x3, 0x27, &(0x7f0000000e40)=ANY=[@ANYBLOB="1800000001000000000000000300000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000002333010008000000186000000c000000000000000500000018210000bd4a7acf150522223cd1819b31be25e0bbafd03258154d4a12aa71c889e86080dc5d6429704ae5d8f50f4814791c587c8c4ac1513d063dd8e3fe8f646c26e7f7d126fbb005cc2126ee443b9e0326eda39744699f66b1cab92b98e7fbede8f150848d1b6e5be8cd736ef53ed5e85173b02f7ade80a94c", @ANYRES32=r6, @ANYBLOB="000000009a0f0000851000000500000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000700000085000000060000009c43feff1000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000ffff00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082000000bf91000000000000b7020000020000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000740)='GPL\x00', 0x7, 0xd7, &(0x7f0000000780)=""/215, 0x41000, 0x10, '\x00', 0x0, @fallback=0x1e, r4, 0x8, &(0x7f0000000900)={0x8, 0x5}, 0x8, 0x10, &(0x7f0000000940)={0x1, 0x1, 0x8}, 0x10, r8, r2, 0x2, &(0x7f0000000d00)=[0xffffffffffffffff, r9], &(0x7f0000000d40)=[{0x3, 0x5, 0x5, 0x3}, {0x1, 0x4, 0x3, 0x3}], 0x10, 0xffb}, 0x94)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r10, &(0x7f0000d84000)={0xa, 0x2, 0x0, @rand_addr, 0x2000000}, 0x1c)

4.725519422s ago: executing program 2 (id=350):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000"], 0x64}}, 0x24004080)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e) (async)
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) (async)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000000))
poll(0x0, 0x0, 0x5) (async)
poll(0x0, 0x0, 0x5)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='fsi_master_acf_poll_response_busy\x00', r6, 0x0, 0xfffffffffffffffc}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='fsi_master_acf_poll_response_busy\x00', r6, 0x0, 0xfffffffffffffffc}, 0x18)
r7 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10)
write$UHID_CREATE(r7, &(0x7f0000000780)={0x0, {'syz1\x00', 'syz0\x00', 'syz0\x00', &(0x7f00000000c0)=""/43, 0x2b, 0x0, 0x0, 0x0, 0x800}}, 0x120) (async)
write$UHID_CREATE(r7, &(0x7f0000000780)={0x0, {'syz1\x00', 'syz0\x00', 'syz0\x00', &(0x7f00000000c0)=""/43, 0x2b, 0x0, 0x0, 0x0, 0x800}}, 0x120)
write$UHID_DESTROY(r7, &(0x7f0000000080), 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000780)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x20, 0x7ffc1ffb}]})
getgroups(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

4.24821778s ago: executing program 2 (id=352):
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@printk={@u, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xa0000005}, {0x85, 0x0, 0x0, 0x2d}}, @call={0x85, 0x0, 0x0, 0x23}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='timer_start\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000680), &(0x7f00000006c0), 0x9, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000010c0))

4.00039854s ago: executing program 2 (id=353):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$inet(0x2, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x7, 0x2a, 0x5}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
uname(0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
unshare(0x24020400)
fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

453.054384ms ago: executing program 1 (id=375):
r0 = socket(0x10, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0xfffffffffffffdbc, 0x2, {{0x1, 0xd, 0x0, 0x9, 0x8}, 0x6, 0x1, 0x1, 0x4, 0x8, 0xe, 0x7, 0x1d, 0x3, 0x9, {0xa2d6, 0x200, 0xb, 0x40, 0x2, 0x1ff}}}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0xfff2, 0xa}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

407.548988ms ago: executing program 5 (id=376):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x4}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELCHAIN={0x2c, 0x5, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x2000}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0xa8}}, 0x8000)

407.384408ms ago: executing program 5 (id=377):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000016c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000001700)={'wlan0\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_JOIN_MESH(r3, &(0x7f0000001800)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000040)={0x30, r1, 0x1, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000044}, 0x24048008)

407.152147ms ago: executing program 5 (id=378):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x14}, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000020000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newsa={0x15c, 0x10, 0x713, 0x0, 0x25dfdbfc, {{@in6=@mcast2, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x2, 0x4e21, 0x2, 0x0, 0x0, 0x0, 0x6c, 0x0, 0xee00}, {@in6=@private1, 0xfe, 0x32}, @in6=@remote, {0x0, 0x0, 0x0, 0x9, 0xffffffff00000001, 0x0, 0x80000001, 0x543}, {0x4, 0x7fffffffffffffff, 0x0, 0x1}, {}, 0x70bd2c, 0x3500, 0xa, 0x0, 0x0, 0x50}, [@algo_aead={0x60, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xa0, 0x60, "210466d38547aa140db9a200000000c538c7cb7a"}}, @offload={0xc, 0x1c, {r2, 0x3}}]}, 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x2000)

367.601051ms ago: executing program 5 (id=381):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)={0x38, r1, 0x101, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x2}, @NL80211_ATTR_SSID={0x5, 0x34, @random="c4"}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_KEYS={0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x90}, 0x0)

366.916781ms ago: executing program 1 (id=382):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001280)={0x894, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x41, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac=@broadcast}, 0x0, @random=0x7, 0x1, @void, @void, @void, @val={0x4, 0x6, {0xf0, 0x2, 0x7f, 0xa706}}, @val={0x6, 0x2, 0x6}, @void, @val={0x25, 0x3, {0x1, 0x8c, 0x8}}, @void, @void, @void, @val={0x72, 0x6}, @void, @void}}, @NL80211_ATTR_PROBE_RESP={0x682, 0x91, "d1dee203521826dab526b4bd7d72ab316ffc72126bacec401d9a7ec1a4967ca9f1f4b336b8fa7f1209d37865b21999c1fc2e713a22e5cec8ae4e5f796cfa57fbddc0b7a3eafffe483276ccc78070e3a17804bbb5a450bb250495fc7cf181791f8423c8f6250765963294851db7d72e6d9a2e0d3dda135de672f634c6a6e952406e0b02e5072c7a433c837467bce985043a0749a4966c99aff728a97615e190d20951a2b432e52066b56696cdfe0a389d4bd740a39d3444278b7e3f2f800dd5e9c29b10eaa0dca522955d363a951595b35e5ddd9e8fb2645a0ec6589eb3a5e212475f644f3c4e0f51aef348dca4bdb2fc24485f15132e244b6645e49d07aee03a09cf8664b001c6cf91121efe8e029194b845840e6195550b53bc88989ecc10bedcd815fd43d9b67947e19eef17d17fb3cfce2dab5c81b7003ef8ae7306e122cde99369adb7c7396f2039dae5b28634aa7ce9e790237ffe3fa6ca0be7b23c83ed7aed202c19b7c830893c0775b7bfb111688d928e144399214bac7162efd4ad06004ee460b2db23d0bda803884cdd8003eeb0a7a4adcb642dade2677daf27fb0bae4cb03bd9c187b6b90ca49ece895a671f3d3501de80dfcc97324dafecbd38515e4e638981d6ee3da1124ec23058ef08e893b9d6afdb8e22afd2f67cb8bbf3e4bc6206a4367f8dc9eecf188f967fe406a88493686e0dff4dce318236ec4bb9eb3eed495b7781206df4d6cf6affa7a5b32b37140f618febec9222890dba0708c2e3e822d5333cdddb3f00d68ebab791b3eea515e2617516a3ef170a6b02b9235605288ab3a27feae03f7d3e5283e521e7ed3c70c04723210b6461543e08575206895eed3aa94a5ab3665b88895a5e6df2e9ecff8bd806f7e6cb08feab0b3369a2051bc44b899355a2f5c412237c8995a9347289074581a3d11f1c226f83a3d85dc3a65391a4ab1396a379a9e7ed92c973106902548c95e68b4bb688962048a9de8ae7345a08441611601c5004871b2ad3806c8c3d9ddfbc6034d6d8f4ac83985d13eb79c0032a1fcaa52439b2663ec02eeb05069d11cf2e85f297462d712651ee584a39c54d8e73b5b364fe804125e904c27f90e78fbca9aceb33055077d591684f3b21b4eb07b28149c95d1f2250bb6720c086b2889897eca1989e8a339ccad81253f5523170c6c59738f3ae28b4b6489f653d9ee2c6cb5026241b460163202ab773a021c10ef2b21d825fe34199eb0b4b0d6c4ecffe55ad6feef326566a1c4acaffea43648e7f3fc769f7167c8ae6397132c721cc4094939ba33718049f567e3c9e1f41ce7ff0c40bf901d5f5b84e5446ab367711a2ebba61af615c23717f436030951b0c54c56fc8522b4056d259126c1c76489da16562bed17f3fd934212b2164cd3e18c1af7a09375f24d22c86860eba90278c6757ccac0ca1e8da61496e7a9b40e05e9885e891963615b7cb8e712b8d4c18462d5b0be80114eb3e7a764853250812bd7ef94abe39f635a866dd7afc0811d18f792a62533f4516db153477ca2665bc32166286bbba28340918a3725da6bc635f31bd94f6196edff9e2a0f435e9c0b41f0233bf27f58e1aeea6174b62cb8302b0adfa85d5a68f1aeb495bcff36ee3a08aadda95ae457daddee81e0befe0e24bb87b326e56d1d5facf9fe1ec61fce66aa0b621d411daf5bbfe258743bbad5e6764ef8b54266038092c48bed7b333e5dfc16b555115e939bbba9164693060bb6e22033b9177c7fd3674bf745f2e3068ffdcf3445b27d1f5fbc86ede559eab6b13bfbc93cf972ba6e2c8aa894a2c624c34d2a0fefa4656f48f7ba4d55ad87cf0cc764524d19f1a2d565d61aa195860e8555c5c3fbc2838069c06694df7b5df63a6f17ade2d21962ea3b840c4f06575c915fbaf44cf868cf2ab549b44207cd0c4768c619b551d01e79a5b5b07fbbd966c09f2d3e771f9f49ab004e3e76373c5d04f71c9ae1ff32c4606ef7f0f6687847f6e0a622e434e33c5b26aa6b17b8f7a216b3922997b2e4ccfb14aa8c0305fe43213bb7e40c9a64a80fdaf86e781519e9ac9306b0747f82d20f61f1e503eb75bce207557a2a8d6854479a318530ae42081b5de1718c540080f9025d7db2f681aa320fda14303fa6fdd7ac15bf9e692f551343f7087dffe5feaf99b1fed1af4beec3993b0809ec998009c9a16ffd0f663d95dd6be5a5faaa7b21801fbe7358a6e98fc213cb5ec24ca5a8328b7731635cea986f7c2bffe8da777dfd027956f5c821e7b67a1f4e86580bb00d03fc7d2abf59c567c527cf1dc2875cc0d9e0abebbbdb1220e124a2cec54179f65eacc32890aaeb2374ddecf720edfd82b7b"}, @NL80211_ATTR_IE_ASSOC_RESP={0x16a, 0x80, [@supported_rates={0x1, 0x1, [{0x1b, 0x1}]}, @random={0x1d, 0x98, "7edecf02581c812a3f5161d3bab2b3934f0308d4995f1dce12f15068a9fb6765c0e4812e469942c392ddeff15e883daa964ce25369f2f8e9cf832adb50e24bac14b9dc69eea500a4160814051810270da293d599e09eb08534abe3e23888116c2f4608ae2a3714790ce1f4b76b79258d5f2e4c9f7693c069295a1cc4431e41f61ea90dde4cc1d4093f8ab63a06a13bd4af1f4a3dd8f807f5"}, @perr={0x84, 0xbb, {0x9, 0xb, [{{0x0, 0x1}, @device_b, 0x6, @value=@broadcast, 0x19}, {{0x0, 0x1}, @device_a, 0x9, @value=@broadcast, 0x2f}, {{0x0, 0x1}, @device_a, 0x7, @value=@broadcast, 0x12}, {{0x0, 0x1}, @device_b, 0x9, @value=@broadcast, 0x24}, {{0x0, 0x1}, @broadcast, 0x9, @value=@broadcast, 0x27}, {{}, @device_b, 0x3, @void, 0x11}, {{}, @device_b, 0x1000, @void, 0x3c}, {{}, @device_b, 0x4, @void, 0x31}, {{0x0, 0x1}, @broadcast, 0x14aa6e3d, @value, 0x28}, {{}, @device_a, 0xa, @void, 0x41}, {{0x0, 0x1}, @device_b, 0x5, @value=@broadcast, 0x14}]}}, @ibss={0x6, 0x2, 0x8}, @mesh_chsw={0x76, 0x6, {0x2, 0x7, 0xe, 0x6}}]}, @NL80211_ATTR_IE_ASSOC_RESP={0x25, 0x80, [@prep={0x83, 0x1f, {{}, 0xfd, 0x6, @device_a, 0xc4c9, @void, 0x4, 0x4, @broadcast, 0x3}}]}, @NL80211_ATTR_IE_ASSOC_RESP={0x4}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x8063}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x894}, 0x1, 0x0, 0x0, 0x20004090}, 0x0)

326.357814ms ago: executing program 5 (id=384):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={0x98, r1, 0x5, 0xffffffff, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x41, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac=@broadcast, {0x0, 0xfff}}, 0x0, @random=0x7, 0x1, @void, @void, @void, @val={0x4, 0x6, {0xf0, 0x2, 0x7f, 0xa706}}, @val={0x6, 0x2, 0x6}, @void, @val={0x25, 0x3, {0x1, 0x8c, 0x8}}, @void, @void, @void, @val={0x72, 0x6}, @void, @void}}, @NL80211_ATTR_PROBE_RESP={0x4}], @NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x4}, @NL80211_ATTR_HE_BSS_COLOR={0x18, 0x11b, 0x0, 0x1, [@NL80211_HE_BSS_COLOR_ATTR_COLOR={0x5, 0x1, 0x1a}, @NL80211_HE_BSS_COLOR_ATTR_DISABLED={0x4}, @NL80211_HE_BSS_COLOR_ATTR_COLOR={0x5, 0x1, 0x29}]}]}, 0x98}, 0x1, 0x0, 0x0, 0x20004090}, 0x0)

326.135864ms ago: executing program 5 (id=385):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)="11111526", 0x4}, 0x1, 0x0, 0x0, 0x2c004014}, 0x80)
recvmmsg(r0, &(0x7f0000005e40)=[{{0x0, 0x0, 0x0}, 0x5}], 0x1, 0x1, 0x0)

325.826144ms ago: executing program 1 (id=386):
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
sendto$inet6(r0, &(0x7f0000000080)="b159e21d2250fe", 0x7, 0x8000, 0x0, 0x0)
connect$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e24, 0x3, @private1, 0x3}, 0x1c)

325.429434ms ago: executing program 1 (id=388):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r1, 0x0, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
r2 = socket(0x200000000000011, 0x2, 0x4)
bind$packet(r2, &(0x7f0000000080)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @random="933c547ecfa7"}, 0x14)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe3}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000004a80)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000040)="4fa3", 0x2}, {0x0}], 0x2}}, {{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000007c0)="16ecaaaeb69ec105e9dd534f1bd77f8051db33a07055391264d230088248daa370b0bc75883a507be52e9744ca1479096e0a1d347324d779b5fe3167e722437570ee9c472c6399c49d1473a32016f512dee12a2f9dc3bd6060001c8139ae43a3cbf08d05c66712c9a0b2994264c8614da6c0251fdeb06bcb94139d6b3df7bd60ac9d53ac834c97388aa638bb50457e57f90b3e8e11975ebd2c81a2a13cb5dc9b7fae4411137ad278cf52dd8d32de5b07a396cd19a242b247d2ca16ce1a663064abfc1ba416f7b1fc251409afd53815f775ab04810637bd8c9b2606a8512ee5622829a369d77900cfc7987f950003fb657f4c17131695efdcead8816ddae634049c3dab49a0ca36b1d5d93c8dac8fa0ba2a74f55d159667e3b52ec903f439a21a023b4bc7bf4463d73f5ae46a680f138c34f0ab2e8503ce342bfb26e481f087a08d410a8886335ac1fda0df344dfbb68b6bb8fcc2bf9a85fe835f350fb281e1159b093d52c519a3d61cd4979941c87ebf52404bdb04ebce4e1980314c1b03a674a86d6cf027b9076559eecadd6cbc5daab4002468d3653a11bbcb9cf625b1e4fe49a398e63200944d4ecee2741a09daf3650edb6a8dca6dc705873b78767c0e942a766c8be2bf425eeba3c277f09332f84fe9f24272059625703661763ed5efd08af27a1b6ccc3a7ae63ff339676e5caa6447e4a0575131495bc643681ca8e18b95bc7db66366c50cd89c9a59746da83dcced2526003b48e250bb7a20eabaf34e950fd1eeb6cce37de630e51a067e786dc3ecde5d2218962d33adde6734636adcf597b93be0cc3f307127d2b0df08a75d14f41ed41237db5e7b10fdacd56231cd781566b26080a06edbd7af51e6310233f0cea9aea8fe2c08a94cdc1ae11c6bef6f0fb5d4155567b47db0c4fc61940d157fc5a1df14ff33bd638b56b200b032cd99504751cb6c29d8252e6ebd0c1ac4c3df73d335aaf060f54d6a4f1c225eaca5e3f313a1d29f940d7a9fcaa040d7cab55550954a3c4d8bd772890fff6eadf3de96a396758e0a3d21cba8f2b1bbbc2ce9dbc8818bb3ca8967fc89e130ef4409db59a858f81b29c9019c3954754777af852162d61ff916ad98d6ee6ab4c0a5d25339e7923c1db2386df6596a5059ffb169fa9991d82573587fa4edd83649ece1a1976755b6d622e75ec6b342df6b30c8ea280daacfd1cfa82909f295ad96130d439abf3ebf9f48e8b138b89ea93c751c5c416e727c49c764559ca5dba38a894b056e3c9569f20bd56c638eb74429f5a89fdf1b3d3bd7e38993b0a39446ece8359a57894e28136fc0305e43bfa4adb63c9d85951207eb506bac375a3e203eed305fcd1cc6984f4dc67dc9e50391e4a01effe62fce188da0eead8dabebe5a3e74c7223c240bc0443b3e4c53d677bbccc58a7dfbb0b69dac81cf9ec689f1762a0ba768d73aeb38b4718d735defdfc3ac9376eea3412e5c388f1cf89d7b1caf2550cdafb8deeb8df3b75993b98665b47f29e213c2b2a0541b4d7a8a458cfa92548d03c5b74b5fda560ee3fbf972640a5a59645e87b08ad07086c4324091b5e874cbb5ea7a5c30e3596db80c6a44c091a3e51d931bfe63efae82a396cb2d8886430c4b26b135c29492d454b8582bfe12203f70ff24d9ab7818939091941f5eca793d19e3799571e071614fabb8254744f94454a8f755e605feece3c415bef9506de83b4b3ec4873888bbf4784e6ac25524120212d77ca6f977b5670caa6ffe5ad508f8e0f9c03e36df4556b5e52a74c7ab0fdcb38c4a154bb370117701cef672bee99f1f8270cd7d604a141275a25ab", 0x50c}], 0x1}}], 0x2, 0x400c0)

281.981478ms ago: executing program 1 (id=392):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@dellink={0x34, 0x11, 0x1, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x1020, 0x40000}, [@IFLA_IFNAME={0x14, 0x3, 'veth1_vlan\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x801}, 0x4000000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'vlan0\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x2c, r4, 0x8d61ddcfedb48df, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x8, 0x3, 0x0, 0x1, [{0x4}]}]}, @ETHTOOL_A_FEATURES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}]}, 0x2c}}, 0x0)

227.565322ms ago: executing program 1 (id=397):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0xe}, 0x1c)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0}, &(0x7f0000000340)=0x40)

15.991449ms ago: executing program 4 (id=421):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'syz_tun\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000300)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @remote}, 0x14)
syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd318", 0x14, 0x6, 0xff, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0x9}}}}}}}, 0x0)

15.754889ms ago: executing program 4 (id=422):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x16, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x16, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x803, 0x0)
r0 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000140)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x100, 0x0, 0x0, 0x4, 0x2, 0x1}})

15.662299ms ago: executing program 4 (id=423):
socket$tipc(0x1e, 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000640)=ANY=[@ANYBLOB="5000000009060102fc00000000000000030000000900020073797a31000000000500010007000000280007800c00018008000140e000000205000700ff000000060004404e2200000500030006"], 0x50}, 0x1, 0x0, 0x0, 0x10040003}, 0x8880)

15.379119ms ago: executing program 4 (id=424):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe3}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000004a80)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000007c0)="16ecaaaeb69ec105e9dd534f1bd77f8051db33a07055391264d230088248daa370b0bc75883a507be52e9744ca1479096e0a1d347324d779b5fe3167e722437570ee9c472c6399c49d1473a32016f512dee12a2f9dc3bd6060001c8139ae43a3cbf08d05c66712c9a0b2994264c8614da6c0251fdeb06bcb94139d6b3df7bd60ac9d53ac834c97388aa638bb50457e57f90b3e8e11975ebd2c81a2a13cb5dc9b7fae4411137ad278cf52dd8d32de5b07a396cd19a242b247d2ca16ce1a663064abfc1ba4", 0xc4}], 0x1}}], 0x1, 0x400c0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000480)=0x1df9, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x1d4c, 0x10048095, 0x0, 0x0)

11.24186ms ago: executing program 4 (id=425):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x122}, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

0s ago: executing program 4 (id=426):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0xb0, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, 0x0, {0x0, 0xf}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x80, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1], 0x0, [0x5, 0x6, 0x2, 0x0, 0x8, 0x0, 0x9, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x8001]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x24, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}, {0xf, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x2c2a1f44}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x7}]}]}]}}]}, 0xb0}}, 0x0)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000006600000008000300", @ANYRES32=r2, @ANYBLOB="08002600940900000400b8400800b7"], 0x30}}, 0x0)

0s ago: executing program 4 (id=427):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x2, 0x0, 0x25dfdbfe, {{@in6=@private0, @in=@remote, 0x0, 0x400, 0x0, 0x0, 0xa, 0x60, 0x0, 0x3b, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xffffffffffffffff}, {0x3}, 0x6}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$NL80211_CMD_FLUSH_PMKSA(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, 0x0, 0x1, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4004084}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x158)
socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e99900000000fedbdf25fc000000000000000000000000000000ac1414bb00000000000000000000000000000400000000000a0060", @ANYBLOB='\x00'/79], 0xb8}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x40, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x9}, {0x0, 0x0, 0x1}}}, 0xb8}}, 0x4000)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.189' (ED25519) to the list of known hosts.
[   19.721511][   T30] audit: type=1400 audit(1755443846.755:64): avc:  denied  { mounton } for  pid=273 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   19.722699][  T273] cgroup: Unknown subsys name 'net'
[   19.726381][   T30] audit: type=1400 audit(1755443846.755:65): avc:  denied  { mount } for  pid=273 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   19.731916][   T30] audit: type=1400 audit(1755443846.765:66): avc:  denied  { unmount } for  pid=273 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   19.732213][  T273] cgroup: Unknown subsys name 'devices'
[   19.917999][  T273] cgroup: Unknown subsys name 'hugetlb'
[   19.923620][  T273] cgroup: Unknown subsys name 'rlimit'
[   20.060985][   T30] audit: type=1400 audit(1755443847.095:67): avc:  denied  { setattr } for  pid=273 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   20.084435][   T30] audit: type=1400 audit(1755443847.095:68): avc:  denied  { mounton } for  pid=273 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   20.097659][  T275] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   20.109785][   T30] audit: type=1400 audit(1755443847.095:69): avc:  denied  { mount } for  pid=273 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   20.141648][   T30] audit: type=1400 audit(1755443847.155:70): avc:  denied  { relabelto } for  pid=275 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   20.152290][  T273] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   20.167247][   T30] audit: type=1400 audit(1755443847.155:71): avc:  denied  { write } for  pid=275 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   20.201741][   T30] audit: type=1400 audit(1755443847.185:72): avc:  denied  { read } for  pid=273 comm="syz-executor" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   20.227533][   T30] audit: type=1400 audit(1755443847.185:73): avc:  denied  { open } for  pid=273 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   22.012376][  T281] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.019814][  T281] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.027235][  T281] device bridge_slave_0 entered promiscuous mode
[   22.036769][  T281] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.043909][  T281] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.051359][  T281] device bridge_slave_1 entered promiscuous mode
[   22.145139][  T283] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.152321][  T283] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.159734][  T283] device bridge_slave_0 entered promiscuous mode
[   22.166366][  T284] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.173574][  T284] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.181050][  T284] device bridge_slave_0 entered promiscuous mode
[   22.190806][  T284] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.198149][  T284] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.205705][  T284] device bridge_slave_1 entered promiscuous mode
[   22.215418][  T283] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.222703][  T283] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.230382][  T283] device bridge_slave_1 entered promiscuous mode
[   22.246227][  T282] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.253711][  T282] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.261147][  T282] device bridge_slave_0 entered promiscuous mode
[   22.268589][  T282] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.275704][  T282] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.283148][  T282] device bridge_slave_1 entered promiscuous mode
[   22.382926][  T285] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.390005][  T285] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.397501][  T285] device bridge_slave_0 entered promiscuous mode
[   22.411025][  T285] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.418154][  T285] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.425495][  T285] device bridge_slave_1 entered promiscuous mode
[   22.444065][  T281] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.451244][  T281] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.458693][  T281] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.465713][  T281] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.526109][  T283] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.533193][  T283] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.540508][  T283] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.547756][  T283] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.564595][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.572151][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.579749][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.587417][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.596219][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   22.604062][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   22.625846][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   22.634060][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.641210][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.676519][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   22.684523][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   22.693105][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.700414][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.711196][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.732655][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   22.741027][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.748185][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.755543][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   22.764098][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.771251][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.779827][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   22.801518][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   22.809172][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.817554][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   22.825786][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.832873][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.840393][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.848527][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   22.856728][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.863822][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.871232][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.879328][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.887530][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.918890][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   22.926723][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   22.941498][  T283] device veth0_vlan entered promiscuous mode
[   22.952668][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   22.961073][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   22.968708][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   22.976199][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   22.987393][  T281] device veth0_vlan entered promiscuous mode
[   22.999762][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   23.007993][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   23.016154][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.023273][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.031224][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   23.039633][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.046776][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.063029][  T284] device veth0_vlan entered promiscuous mode
[   23.069632][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   23.077502][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   23.084980][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   23.092822][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   23.100465][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   23.108205][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   23.116841][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   23.125125][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   23.133634][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   23.141869][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   23.149888][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   23.158078][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   23.166082][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   23.174278][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   23.181949][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   23.192100][  T283] device veth1_macvtap entered promiscuous mode
[   23.201654][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   23.209906][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   23.218235][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   23.225861][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   23.234416][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   23.242943][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.250021][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.258554][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   23.268892][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   23.277451][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   23.290942][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   23.299651][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   23.308199][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   23.316820][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   23.333514][  T282] device veth0_vlan entered promiscuous mode
[   23.342007][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   23.350770][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   23.359285][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   23.367922][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   23.376114][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.383278][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.391039][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   23.399240][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   23.407698][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   23.415131][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   23.424161][  T284] device veth1_macvtap entered promiscuous mode
[   23.434550][  T281] device veth1_macvtap entered promiscuous mode
[   23.441249][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   23.448998][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   23.457428][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   23.465700][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   23.473867][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   23.482299][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   23.490522][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   23.498699][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   23.514118][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   23.522804][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   23.531655][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   23.531705][  T283] request_module fs-gadgetfs succeeded, but still no fs?
[   23.540427][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   23.565147][  T282] device veth1_macvtap entered promiscuous mode
[   23.585733][  T285] device veth0_vlan entered promiscuous mode
[   23.598080][  T285] device veth1_macvtap entered promiscuous mode
[   23.633163][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   23.641639][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   23.650520][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   23.659762][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   23.668779][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   23.677100][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   23.686098][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   23.695177][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   24.067308][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   24.075796][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   24.084090][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   24.092494][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   24.101226][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   24.109796][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   24.117993][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.126717][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.135181][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.144064][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.178035][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   24.185684][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   24.208900][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.218356][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.227243][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.235569][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.496710][  T349] loop0: detected capacity change from 0 to 8192
[   24.631431][  T333]  loop0: p1 p2[DM] p4
[   24.638170][  T333] loop0: p1 size 196608 extends beyond EOD, truncated
[   24.791712][  T333] loop0: p2 start 4292936063 is beyond EOD, truncated
[   24.917795][  T333] loop0: p4 size 50331648 extends beyond EOD, truncated
[   25.209196][   T30] kauditd_printk_skb: 34 callbacks suppressed
[   25.209213][   T30] audit: type=1326 audit(1755443852.065:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=353 comm="syz.4.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdb79e05ba7 code=0x7ffc0000
[   25.355572][  T349]  loop0: p1 p2[DM] p4
[   25.362812][  T363] udevd[363]: failed to send result of seq 4100 to main daemon: Connection refused
[   25.376027][  T349] loop0: p1 size 196608 extends beyond EOD, truncated
[   25.851470][  T368] syz.2.7[368] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   25.852596][  T368] syz.2.7[368] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   26.156445][  T349] loop0: p2 start 4292936063 is beyond EOD, truncated
[   26.276100][  T371] syz.3.4[371] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   26.277420][  T371] syz.3.4[371] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   26.312685][  T349] loop0: p4 size 50331648 extends beyond EOD, 
[   26.327865][   T30] audit: type=1326 audit(1755443852.075:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=353 comm="syz.4.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdb79daadd9 code=0x7ffc0000
[   26.499070][  T349] truncated
[   27.195197][   T30] audit: type=1326 audit(1755443852.285:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=353 comm="syz.4.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdb79e05ba7 code=0x7ffc0000
[   27.231705][   T30] audit: type=1326 audit(1755443852.285:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=353 comm="syz.4.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdb79daadd9 code=0x7ffc0000
[   27.323893][   T30] audit: type=1326 audit(1755443852.295:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=353 comm="syz.4.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb79e0ebe9 code=0x7ffc0000
[   27.379411][   T30] audit: type=1326 audit(1755443852.295:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=353 comm="syz.4.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb79e0ebe9 code=0x7ffc0000
[   28.108162][   T42] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   28.766390][   T30] audit: type=1326 audit(1755443852.295:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=353 comm="syz.4.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb79e0ebe9 code=0x7ffc0000
[   28.904194][   T30] audit: type=1326 audit(1755443852.295:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=353 comm="syz.4.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb79e0ebe9 code=0x7ffc0000
[   28.932282][  T361] Bluetooth: hci0: Frame reassembly failed (-84)
[   28.976448][   T30] audit: type=1326 audit(1755443852.295:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=353 comm="syz.4.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb79e0ebe9 code=0x7ffc0000
[   29.030099][   T30] audit: type=1326 audit(1755443852.295:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=353 comm="syz.4.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb79e0ebe9 code=0x7ffc0000
[   29.106492][   T42] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   29.125853][   T42] usb 5-1: New USB device found, idVendor=046d, idProduct=c50c, bcdDevice= 0.00
[   29.156483][   T42] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   29.183737][   T42] usb 5-1: config 0 descriptor??
[   29.718119][   T42] logitech 0003:046D:C50C.0001: hidraw0: USB HID v0.00 Device [HID 046d:c50c] on usb-dummy_hcd.4-1/input0
[   29.924350][  T343] usb 5-1: USB disconnect, device number 2
[   30.055767][  T408] syz.3.16[408] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   30.056062][  T408] syz.3.16[408] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   30.518035][   T30] kauditd_printk_skb: 20 callbacks suppressed
[   30.518048][   T30] audit: type=1326 audit(1755443857.555:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=411 comm="syz.2.18" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   30.616123][  T412] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=412 comm=syz.2.18
[   30.635936][   T30] audit: type=1326 audit(1755443857.555:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=411 comm="syz.2.18" exe="/root/syz-executor" sig=0 arch=c000003e syscall=82 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   30.709737][   T30] audit: type=1326 audit(1755443857.555:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=411 comm="syz.2.18" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   30.776404][   T30] audit: type=1326 audit(1755443857.555:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=411 comm="syz.2.18" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   30.836740][   T30] audit: type=1326 audit(1755443857.555:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=411 comm="syz.2.18" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   30.877025][   T30] audit: type=1326 audit(1755443857.555:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=411 comm="syz.2.18" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   30.880579][  T416] 9pnet: Insufficient options for proto=fd
[   30.918745][   T30] audit: type=1326 audit(1755443857.565:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=411 comm="syz.2.18" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   30.942294][   T30] audit: type=1326 audit(1755443857.565:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=411 comm="syz.2.18" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   30.965641][   T30] audit: type=1326 audit(1755443857.565:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=411 comm="syz.2.18" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   30.986385][   T26] Bluetooth: hci0: command 0x1003 tx timeout
[   30.994864][  T395] Bluetooth: hci0: sending frame failed (-49)
[   31.006263][   T30] audit: type=1326 audit(1755443857.565:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=411 comm="syz.2.18" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   31.377246][  T422] 9pnet: Insufficient options for proto=fd
[   31.866436][    T8] Bluetooth: hci1: Frame reassembly failed (-84)
[   32.021544][  T429] loop3: detected capacity change from 0 to 8192
[   32.076702][  T429]  loop3: p1 p2[DM] p4
[   32.080995][  T429] loop3: p1 size 196608 extends beyond EOD, truncated
[   32.098531][  T429] loop3: p2 start 4292936063 is beyond EOD, truncated
[   32.110214][  T429] loop3: p4 size 50331648 extends beyond EOD, truncated
[   33.066398][   T26] Bluetooth: hci0: command 0x1001 tx timeout
[   33.077153][  T427] Bluetooth: hci0: sending frame failed (-49)
[   33.232760][  T461] loop1: detected capacity change from 0 to 8192
[   33.306709][  T461]  loop1: p1 p2[DM] p4
[   33.310875][  T461] loop1: p1 size 196608 extends beyond EOD, truncated
[   33.318243][  T461] loop1: p2 start 4292936063 is beyond EOD, truncated
[   33.325032][  T461] loop1: p4 size 50331648 extends beyond EOD, truncated
[   33.357172][  T464] 9pnet: Insufficient options for proto=fd
[   33.866427][   T26] Bluetooth: hci1: command 0x1003 tx timeout
[   33.875059][  T427] Bluetooth: hci1: sending frame failed (-49)
[   35.146550][   T26] Bluetooth: hci0: command 0x1009 tx timeout
[   35.747858][  T603] loop1: detected capacity change from 0 to 8192
[   35.852438][  T603]  loop1: p1 p2[DM] p4
[   35.856648][  T603] loop1: p1 size 196608 extends beyond EOD, truncated
[   35.863818][  T603] loop1: p2 start 4292936063 is beyond EOD, truncated
[   35.872065][  T603] loop1: p4 size 50331648 extends beyond EOD, truncated
[   35.946430][   T56] Bluetooth: hci1: command 0x1001 tx timeout
[   35.952961][  T427] Bluetooth: hci1: sending frame failed (-49)
[   36.173138][  T615] 9pnet: Insufficient options for proto=fd
[   36.791785][  T621] loop3: detected capacity change from 0 to 512
[   36.830025][  T621] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[   36.837573][  T621] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   36.867308][  T621] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b002c118, mo2=0002]
[   36.875808][  T621] System zones: 1-12
[   36.893745][  T621] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2228: inode #15: comm syz.3.33: corrupted in-inode xattr
[   36.907220][  T621] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.33: couldn't read orphan inode 15 (err -117)
[   36.920181][  T621] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,data_err=abort,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,debug,,errors=continue. Quota mode: none.
[   37.120579][  T626] loop2: detected capacity change from 0 to 256
[   37.216084][   T30] kauditd_printk_skb: 31 callbacks suppressed
[   37.216113][   T30] audit: type=1400 audit(1755443864.245:179): avc:  denied  { mount } for  pid=625 comm="syz.2.34" name="/" dev="loop2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   37.363510][   T30] audit: type=1400 audit(1755443864.395:180): avc:  denied  { create } for  pid=625 comm="syz.2.34" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   37.914270][   T30] audit: type=1400 audit(1755443864.935:181): avc:  denied  { name_bind } for  pid=625 comm="syz.2.34" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   38.036397][  T630] Bluetooth: hci1: command 0x1009 tx timeout
[   38.231239][   T30] audit: type=1400 audit(1755443865.265:182): avc:  denied  { unmount } for  pid=285 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   38.330669][  T635] loop2: detected capacity change from 0 to 8192
[   38.376696][  T635]  loop2: p1 p2[DM] p4
[   38.380904][  T635] loop2: p1 size 196608 extends beyond EOD, truncated
[   38.388837][  T635] loop2: p2 start 4292936063 is beyond EOD, truncated
[   38.395741][  T635] loop2: p4 size 50331648 extends beyond EOD, truncated
[   38.586392][    T6] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   38.827638][    T6] usb 2-1: Using ep0 maxpacket: 8
[   38.946449][    T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   38.974127][    T6] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[   38.987482][    T6] usb 2-1: New USB device found, idVendor=06a3, idProduct=0621, bcdDevice= 0.00
[   38.999208][    T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   39.008631][    T6] usb 2-1: config 0 descriptor??
[   39.193954][   T30] audit: type=1326 audit(1755443866.225:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=747 comm="syz.2.39" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   39.226807][   T30] audit: type=1326 audit(1755443866.255:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=747 comm="syz.2.39" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   39.257140][   T30] audit: type=1326 audit(1755443866.255:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=747 comm="syz.2.39" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   39.280471][  T750] loop2: detected capacity change from 0 to 8192
[   39.286998][   T30] audit: type=1326 audit(1755443866.255:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=747 comm="syz.2.39" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   39.310237][   T30] audit: type=1326 audit(1755443866.255:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=747 comm="syz.2.39" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   39.333857][   T30] audit: type=1326 audit(1755443866.255:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=747 comm="syz.2.39" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   39.366725][  T750]  loop2: p1 p2[DM] p4
[   39.371011][  T750] loop2: p1 size 196608 extends beyond EOD, truncated
[   39.378519][  T750] loop2: p2 start 4292936063 is beyond EOD, truncated
[   39.385546][  T750] loop2: p4 size 50331648 extends beyond EOD, truncated
[   40.279189][  T758] loop1: detected capacity change from 0 to 512
[   40.343706][  T764] netlink: 36 bytes leftover after parsing attributes in process `syz.0.46'.
[   40.353660][  T762] loop3: detected capacity change from 0 to 8192
[   40.360980][  T764] netlink: 36 bytes leftover after parsing attributes in process `syz.0.46'.
[   40.370924][  T764] netlink: 36 bytes leftover after parsing attributes in process `syz.0.46'.
[   40.379964][  T764] Zero length message leads to an empty skb
[   40.386406][    T6] usbhid 2-1:0.0: can't add hid device: -71
[   40.392721][    T6] usbhid: probe of 2-1:0.0 failed with error -71
[   40.400339][  T762]  loop3: p1 p2[DM] p4
[   40.404789][  T762] loop3: p1 size 196608 extends beyond EOD, truncated
[   40.412362][    T6] usb 2-1: USB disconnect, device number 2
[   40.419832][  T758] EXT4-fs (loop1): mounted filesystem without journal. Opts: nodioread_nolock,sb=0x0000000000000001,,errors=continue. Quota mode: writeback.
[   40.435823][  T762] loop3: p2 start 4292936063 is beyond EOD, truncated
[   40.446766][  T758] ext4 filesystem being mounted at /12/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   40.457933][  T762] loop3: p4 size 50331648 extends beyond EOD, truncated
[   40.468232][  T764] loop0: detected capacity change from 0 to 256
[   40.539186][  T764] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[   40.874208][  T781] loop2: detected capacity change from 0 to 8192
[   40.956727][  T781]  loop2: p1 p2[DM] p4
[   40.960963][  T781] loop2: p1 size 196608 extends beyond EOD, truncated
[   40.977548][  T781] loop2: p2 start 4292936063 is beyond EOD, truncated
[   40.993713][  T781] loop2: p4 size 50331648 extends beyond EOD, truncated
[   41.154620][  T794] 9pnet: Insufficient options for proto=fd
[   42.348850][  T805] 9pnet: Insufficient options for proto=fd
[   42.385933][  T808] loop1: detected capacity change from 0 to 256
[   42.402577][  T808] exfat: Deprecated parameter 'utf8'
[   42.418411][  T808] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[   42.497726][   T30] kauditd_printk_skb: 28 callbacks suppressed
[   42.497742][   T30] audit: type=1400 audit(1755443869.525:217): avc:  denied  { create } for  pid=807 comm="syz.1.55" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   42.529323][  T813] =======================================================
[   42.529323][  T813] WARNING: The mand mount option has been deprecated and
[   42.529323][  T813]          and is ignored by this kernel. Remove the mand
[   42.529323][  T813]          option from the mount to silence this warning.
[   42.529323][  T813] =======================================================
[   42.576420][   T30] audit: type=1400 audit(1755443869.555:218): avc:  denied  { write } for  pid=807 comm="syz.1.55" name="/" dev="loop1" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   42.600570][   T30] audit: type=1400 audit(1755443869.555:219): avc:  denied  { add_name } for  pid=807 comm="syz.1.55" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   42.620968][   T30] audit: type=1400 audit(1755443869.555:220): avc:  denied  { create } for  pid=807 comm="syz.1.55" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   42.641032][   T30] audit: type=1400 audit(1755443869.555:221): avc:  denied  { associate } for  pid=807 comm="syz.1.55" name="bus" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   42.664216][   T30] audit: type=1400 audit(1755443869.565:222): avc:  denied  { mounton } for  pid=807 comm="syz.1.55" path="/14/file1/file0" dev="loop1" ino=1048597 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   42.687654][   T30] audit: type=1400 audit(1755443869.565:223): avc:  denied  { remount } for  pid=807 comm="syz.1.55" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   42.696421][  T342] usb 5-1: new low-speed USB device number 3 using dummy_hcd
[   42.707682][   T30] audit: type=1400 audit(1755443869.705:224): avc:  denied  { remove_name } for  pid=807 comm="syz.1.55" name="file1" dev="loop1" ino=1048596 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   42.715357][  T289] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   42.741710][  T817] loop3: detected capacity change from 0 to 8192
[   42.754885][   T30] audit: type=1400 audit(1755443869.705:225): avc:  denied  { rmdir } for  pid=807 comm="syz.1.55" name="file1" dev="loop1" ino=1048596 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   42.836201][  T817]  loop3: p1 p2[DM] p4
[   42.840579][  T817] loop3: p1 size 196608 extends beyond EOD, truncated
[   42.848246][  T817] loop3: p2 start 4292936063 is beyond EOD, truncated
[   42.855268][  T817] loop3: p4 size 50331648 extends beyond EOD, truncated
[   43.006394][  T289] usb 3-1: Using ep0 maxpacket: 8
[   43.006474][  T342] usb 5-1: Invalid ep0 maxpacket: 32
[   43.186657][  T342] usb 5-1: new low-speed USB device number 4 using dummy_hcd
[   43.197389][  T289] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   43.207574][  T289] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[   43.270714][  T289] usb 3-1: New USB device found, idVendor=06a3, idProduct=0621, bcdDevice= 0.00
[   43.301298][  T289] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   43.312358][  T289] usb 3-1: config 0 descriptor??
[   43.786373][   T30] audit: type=1400 audit(1755443870.395:226): avc:  denied  { read } for  pid=827 comm="syz.1.61" name="kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   44.391529][  T836] device wg2 entered promiscuous mode
[   44.439013][  T342] usb 5-1: Invalid ep0 maxpacket: 32
[   44.672185][  T342] usb usb5-port1: attempt power cycle
[   44.867634][  T848] syz.3.65[848] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   44.867704][  T848] syz.3.65[848] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   44.871618][  T847] 9pnet: Insufficient options for proto=fd
[   45.056413][  T289] usbhid 3-1:0.0: can't add hid device: -71
[   45.062619][  T289] usbhid: probe of 3-1:0.0 failed with error -71
[   45.082002][  T289] usb 3-1: USB disconnect, device number 2
[   45.126367][  T342] usb 5-1: new low-speed USB device number 5 using dummy_hcd
[   45.236423][  T342] usb 5-1: Invalid ep0 maxpacket: 32
[   45.243833][  T850] netlink: 'syz.1.66': attribute type 3 has an invalid length.
[   45.328413][  T853] FAULT_INJECTION: forcing a failure.
[   45.328413][  T853] name failslab, interval 1, probability 0, space 0, times 1
[   45.356375][  T853] CPU: 0 PID: 853 Comm: syz.1.67 Not tainted 5.15.189-syzkaller-android13-5.15.189_r00 #0
[   45.366391][  T853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   45.376555][  T853] Call Trace:
[   45.379843][  T853]  <TASK>
[   45.382877][  T853]  __dump_stack+0x21/0x30
[   45.387237][  T853]  dump_stack_lvl+0xee/0x150
[   45.391839][  T853]  ? show_regs_print_info+0x20/0x20
[   45.397146][  T853]  ? __local_bh_enable_ip+0x58/0x80
[   45.402412][  T853]  ? _raw_spin_unlock_bh+0x51/0x60
[   45.407621][  T853]  dump_stack+0x15/0x20
[   45.411782][  T853]  should_fail+0x3c1/0x510
[   45.416363][  T853]  __should_failslab+0xa4/0xe0
[   45.421112][  T853]  should_failslab+0x9/0x20
[   45.425696][  T853]  slab_pre_alloc_hook+0x3b/0xe0
[   45.430677][  T853]  ? __alloc_skb+0xe0/0x740
[   45.435184][  T853]  kmem_cache_alloc+0x44/0x260
[   45.439927][  T853]  __alloc_skb+0xe0/0x740
[   45.444240][  T853]  netlink_sendmsg+0x602/0xb70
[   45.449158][  T853]  ? netlink_getsockopt+0x530/0x530
[   45.454337][  T853]  ? security_socket_sendmsg+0x82/0xa0
[   45.460061][  T853]  ? netlink_getsockopt+0x530/0x530
[   45.465248][  T853]  ____sys_sendmsg+0x5a2/0x8c0
[   45.470002][  T853]  ? __sys_sendmsg_sock+0x40/0x40
[   45.475075][  T853]  ? import_iovec+0x7c/0xb0
[   45.479663][  T853]  ___sys_sendmsg+0x1f0/0x260
[   45.484509][  T853]  ? __sys_sendmsg+0x250/0x250
[   45.489263][  T853]  ? __fdget+0x1a1/0x230
[   45.493487][  T853]  __x64_sys_sendmsg+0x1e2/0x2a0
[   45.498405][  T853]  ? ___sys_sendmsg+0x260/0x260
[   45.503235][  T853]  ? ksys_write+0x1eb/0x240
[   45.507718][  T853]  ? fpregs_assert_state_consistent+0xb1/0xe0
[   45.513855][  T853]  x64_sys_call+0x4b/0x9a0
[   45.518254][  T853]  do_syscall_64+0x4c/0xa0
[   45.522702][  T853]  ? clear_bhb_loop+0x50/0xa0
[   45.527379][  T853]  ? clear_bhb_loop+0x50/0xa0
[   45.532148][  T853]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   45.538213][  T853] RIP: 0033:0x7f2f6482bbe9
[   45.542622][  T853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   45.562519][  T853] RSP: 002b:00007f2f63294038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   45.570920][  T853] RAX: ffffffffffffffda RBX: 00007f2f64a52fa0 RCX: 00007f2f6482bbe9
[   45.578873][  T853] RDX: 0000000004000000 RSI: 0000200000000000 RDI: 0000000000000006
[   45.586919][  T853] RBP: 00007f2f63294090 R08: 0000000000000000 R09: 0000000000000000
[   45.594976][  T853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   45.603026][  T853] R13: 00007f2f64a53038 R14: 00007f2f64a52fa0 R15: 00007fff8425db78
[   45.610984][  T853]  </TASK>
[   45.614886][  T342] usb 5-1: new low-speed USB device number 6 using dummy_hcd
[   45.679074][  T859] tmpfs: Bad value for 'uid'
[   45.685347][  T861] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   45.807936][  T867] loop2: detected capacity change from 0 to 8192
[   45.871585][  T867]  loop2: p1 p2[DM] p4
[   45.875814][  T867] loop2: p1 size 196608 extends beyond EOD, truncated
[   45.904180][  T874] incfs: Can't find or create .index dir in ./file0
[   45.914820][  T867] loop2: p2 start 4292936063 is beyond EOD, truncated
[   45.916476][  T874] incfs: mount failed -14
[   45.922673][  T867] loop2: p4 size 50331648 extends beyond EOD, truncated
[   46.116386][  T342] usb 5-1: device not accepting address 6, error -71
[   46.126058][  T342] usb usb5-port1: unable to enumerate USB device
[   48.964515][   T30] kauditd_printk_skb: 54 callbacks suppressed
[   48.964529][   T30] audit: type=1326 audit(1755443875.995:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=896 comm="syz.2.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   49.040402][   T30] audit: type=1326 audit(1755443876.035:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=896 comm="syz.2.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   49.063939][   T30] audit: type=1326 audit(1755443876.035:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=896 comm="syz.2.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   49.087222][   T30] audit: type=1326 audit(1755443876.035:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=896 comm="syz.2.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   49.110392][   T30] audit: type=1326 audit(1755443876.035:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=896 comm="syz.2.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   49.112226][  T899] loop4: detected capacity change from 0 to 8192
[   49.134500][  T909] FAULT_INJECTION: forcing a failure.
[   49.134500][  T909] name failslab, interval 1, probability 0, space 0, times 0
[   49.153173][   T30] audit: type=1326 audit(1755443876.035:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=896 comm="syz.2.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   49.176670][  T909] CPU: 1 PID: 909 Comm: syz.0.82 Not tainted 5.15.189-syzkaller-android13-5.15.189_r00 #0
[   49.186581][  T909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   49.196627][  T909] Call Trace:
[   49.199899][  T909]  <TASK>
[   49.202823][  T909]  __dump_stack+0x21/0x30
[   49.207152][  T909]  dump_stack_lvl+0xee/0x150
[   49.211742][  T909]  ? show_regs_print_info+0x20/0x20
[   49.216928][  T909]  dump_stack+0x15/0x20
[   49.221082][  T909]  should_fail+0x3c1/0x510
[   49.225506][  T909]  ? netlink_sendmsg+0x602/0xb70
[   49.230524][  T909]  __should_failslab+0xa4/0xe0
[   49.235274][  T909]  should_failslab+0x9/0x20
[   49.239847][  T909]  slab_pre_alloc_hook+0x3b/0xe0
[   49.244769][  T909]  ? netlink_sendmsg+0x602/0xb70
[   49.249780][  T909]  ? netlink_sendmsg+0x602/0xb70
[   49.254812][  T909]  __kmalloc_track_caller+0x6c/0x2c0
[   49.260082][  T909]  ? netlink_sendmsg+0x602/0xb70
[   49.265006][  T909]  ? netlink_sendmsg+0x602/0xb70
[   49.269925][  T909]  __alloc_skb+0x21a/0x740
[   49.274337][  T909]  netlink_sendmsg+0x602/0xb70
[   49.279173][  T909]  ? netlink_getsockopt+0x530/0x530
[   49.284366][  T909]  ? security_socket_sendmsg+0x82/0xa0
[   49.289808][  T909]  ? netlink_getsockopt+0x530/0x530
[   49.294989][  T909]  ____sys_sendmsg+0x5a2/0x8c0
[   49.299738][  T909]  ? __sys_sendmsg_sock+0x40/0x40
[   49.304746][  T909]  ? import_iovec+0x7c/0xb0
[   49.309241][  T909]  ___sys_sendmsg+0x1f0/0x260
[   49.313902][  T909]  ? __sys_sendmsg+0x250/0x250
[   49.318654][  T909]  ? __fdget+0x1a1/0x230
[   49.322881][  T909]  __x64_sys_sendmsg+0x1e2/0x2a0
[   49.327979][  T909]  ? ___sys_sendmsg+0x260/0x260
[   49.332810][  T909]  ? ksys_write+0x1eb/0x240
[   49.337295][  T909]  ? fpregs_assert_state_consistent+0xb1/0xe0
[   49.343347][  T909]  x64_sys_call+0x4b/0x9a0
[   49.347776][  T909]  do_syscall_64+0x4c/0xa0
[   49.352254][  T909]  ? clear_bhb_loop+0x50/0xa0
[   49.356938][  T909]  ? clear_bhb_loop+0x50/0xa0
[   49.361599][  T909]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   49.367504][  T909] RIP: 0033:0x7ff6accfbbe9
[   49.371902][  T909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.391677][  T909] RSP: 002b:00007ff6ab743038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   49.400178][  T909] RAX: ffffffffffffffda RBX: 00007ff6acf23090 RCX: 00007ff6accfbbe9
[   49.408316][  T909] RDX: 0000000004000000 RSI: 0000200000000000 RDI: 0000000000000004
[   49.416359][  T909] RBP: 00007ff6ab743090 R08: 0000000000000000 R09: 0000000000000000
[   49.424435][  T909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   49.432405][  T909] R13: 00007ff6acf23128 R14: 00007ff6acf23090 R15: 00007ffc51a26778
[   49.440394][  T909]  </TASK>
[   49.445782][   T30] audit: type=1326 audit(1755443876.035:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=896 comm="syz.2.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   49.494091][   T30] audit: type=1326 audit(1755443876.035:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=896 comm="syz.2.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   49.543828][   T30] audit: type=1326 audit(1755443876.035:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=896 comm="syz.2.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   49.574770][  T899]  loop4: p1 p2[DM] p4
[   49.589534][  T899] loop4: p1 size 196608 extends beyond EOD, truncated
[   49.596395][   T30] audit: type=1326 audit(1755443876.035:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=896 comm="syz.2.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   49.596982][  T899] loop4: p2 start 4292936063 is beyond EOD, truncated
[   49.627165][  T899] loop4: p4 size 50331648 extends beyond EOD, truncated
[   50.074396][  T920] netlink: 24 bytes leftover after parsing attributes in process `syz.1.86'.
[   50.470683][  T920] syz.1.86 (920) used greatest stack depth: 19456 bytes left
[   50.521200][  T925] loop1: detected capacity change from 0 to 256
[   50.573855][  T927] af_packet: tpacket_rcv: packet too big, clamped from 4087 to 4294967272. macoff=96
[   50.608544][  T925] FAT-fs (loop1): Unrecognized mount option "iocha	" or missing value
[   50.619362][  T918] loop2: detected capacity change from 0 to 8192
[   50.655891][  T918]  loop2: p1 p2[DM] p4
[   50.675371][  T918] loop2: p1 size 196608 extends beyond EOD, truncated
[   50.758494][  T918] loop2: p2 start 4292936063 is beyond EOD, truncated
[   50.823239][  T918] loop2: p4 size 50331648 extends beyond EOD, truncated
[   50.911254][  T948] overlayfs: missing 'workdir'
[   51.046545][  T289] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[   51.129450][  T963] syz.3.95[963] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   51.131183][  T963] syz.3.95[963] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   51.646440][  T622] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   52.088677][  T975] netlink: 28 bytes leftover after parsing attributes in process `syz.4.99'.
[   52.248631][  T289] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   52.276230][  T289] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   52.286082][  T289] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1c1e, bcdDevice= 0.00
[   52.295198][  T289] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   52.313861][  T289] usb 2-1: config 0 descriptor??
[   52.510645][  T622] usb 3-1: Using ep0 maxpacket: 8
[   52.518595][  T982] loop3: detected capacity change from 0 to 128
[   52.558753][  T982] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   52.570271][  T982] ext4 filesystem being mounted at /18/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   52.571925][  T940] loop1: detected capacity change from 0 to 512
[   52.638786][  T940] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   52.659132][  T940] EXT4-fs (loop1): 1 orphan inode deleted
[   52.665076][  T940] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   52.676996][  T940] ext4 filesystem being mounted at /28/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   52.683371][  T622] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   52.694939][  T940] netlink: 52 bytes leftover after parsing attributes in process `syz.1.90'.
[   52.710481][  T622] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[   52.725071][  T622] usb 3-1: New USB device found, idVendor=06a3, idProduct=0621, bcdDevice= 0.00
[   52.735897][  T622] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   52.819083][  T940] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   52.858936][  T622] usb 3-1: config 0 descriptor??
[   52.909401][  T995] syz.0.102[995] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   52.909477][  T995] syz.0.102[995] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   53.002436][  T997] loop4: detected capacity change from 0 to 8192
[   53.058534][  T997]  loop4: p1 p2[DM] p4
[   53.063444][  T997] loop4: p1 size 196608 extends beyond EOD, truncated
[   53.074936][  T997] loop4: p2 start 4292936063 is beyond EOD, truncated
[   53.081924][  T997] loop4: p4 size 50331648 extends beyond EOD, truncated
[   53.098092][  T289] hid-generic 0003:1B1C:1C1E.0002: hidraw0: USB HID v0.00 Device [HID 1b1c:1c1e] on usb-dummy_hcd.1-1/input0
[   53.456413][  T622] usbhid 3-1:0.0: can't add hid device: -71
[   53.464806][  T622] usbhid: probe of 3-1:0.0 failed with error -71
[   53.507123][  T622] usb 3-1: USB disconnect, device number 3
[   53.714720][  T289] usb 2-1: USB disconnect, device number 3
[   53.834956][ T1016] loop1: detected capacity change from 0 to 8192
[   53.841415][  T342] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   53.850411][ T1023] loop4: detected capacity change from 0 to 256
[   53.877192][ T1016]  loop1: p1 p2 p4 < >
[   53.881471][ T1016] loop1: partition table partially beyond EOD, truncated
[   53.898912][ T1016] loop1: p1 start 16777216 is beyond EOD, truncated
[   53.905568][ T1016] loop1: p2 size 515840 extends beyond EOD, truncated
[   53.929772][ T1016] loop1: p4 start 16777216 is beyond EOD, truncated
[   54.910160][ T1021] Bluetooth: hci0: Frame reassembly failed (-84)
[   55.039632][ T1040] loop1: detected capacity change from 0 to 512
[   55.092950][ T1040] EXT4-fs (loop1): Test dummy encryption mode enabled
[   55.106004][ T1040] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   55.116121][  T342] usb 4-1: Using ep0 maxpacket: 16
[   55.123572][ T1040] EXT4-fs (loop1): 1 truncate cleaned up
[   55.129588][ T1040] EXT4-fs (loop1): mounted filesystem without journal. Opts: auto_da_alloc=0x0000000000000000,test_dummy_encryption=v1,init_itable=0x000000000000005c,noblock_validity,debug_want_extra_isize=0x0000000000000006,,errors=continue. Quota mode: none.
[   55.263863][ T1047] netlink: 28 bytes leftover after parsing attributes in process `syz.2.113'.
[   55.886414][  T342] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[   55.956430][ T1049] syz.1.111[1049] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   55.956607][ T1049] syz.1.111[1049] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   55.977331][ T1049] xt_CT: You must specify a L4 protocol and not use inversions on it
[   56.106511][    C0] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[   56.146416][  T342] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[   56.297689][  T737] Bluetooth: hci1: Frame reassembly failed (-84)
[   56.307150][  T737] Bluetooth: hci1: Frame reassembly failed (-84)
[   56.386403][  T342] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   56.394445][  T342] usb 4-1: Product: syz
[   56.406378][  T342] usb 4-1: Manufacturer: 涹緼軾ꙿ膠ﺡ烧ᣁ稡咂ᴰ哢쒆硺뱻꺟ׁ૷츦ᩛ党❘눘⎟璢퇽뽂ᕟ扄챜
[   56.426370][  T342] usb 4-1: SerialNumber: syz
[   56.523027][ T1056] loop3: detected capacity change from 0 to 2048
[   56.597709][  T342] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[   56.617280][  T342] usb 4-1: USB disconnect, device number 2
[   56.627908][ T1056] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,,errors=continue. Quota mode: writeback.
[   56.647198][  T342] usblp0: removed
[   56.669738][ T1056] netlink: 'syz.3.115': attribute type 27 has an invalid length.
[   56.699784][ T1056] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.707090][ T1056] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.895431][ T1064] loop1: detected capacity change from 0 to 8192
[   56.923145][ T1064]  loop1: p1 p2[DM] p4
[   56.928291][ T1064] loop1: p1 size 196608 extends beyond EOD, truncated
[   56.935607][ T1064] loop1: p2 start 4292936063 is beyond EOD, truncated
[   56.942792][ T1064] loop1: p4 size 50331648 extends beyond EOD, truncated
[   56.946434][  T289] usb 1-1: new full-speed USB device number 2 using dummy_hcd
[   56.996514][   T26] Bluetooth: hci0: command 0x1003 tx timeout
[   57.002749][  T427] Bluetooth: hci0: sending frame failed (-49)
[   57.302028][   T30] kauditd_printk_skb: 31 callbacks suppressed
[   57.302042][   T30] audit: type=1400 audit(1755443884.335:322): avc:  denied  { remove_name } for  pid=282 comm="syz-executor" name="lost+found" dev="loop3" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   57.316429][  T289] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   57.343827][   T30] audit: type=1400 audit(1755443884.385:323): avc:  denied  { rmdir } for  pid=282 comm="syz-executor" name="lost+found" dev="loop3" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   57.370830][  T282] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[   57.389906][  T289] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   57.400389][   T30] audit: type=1400 audit(1755443884.425:324): avc:  denied  { rmdir } for  pid=282 comm="syz-executor" name=".index" dev="loop3" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   57.422872][  T289] usb 1-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00
[   57.433143][  T289] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   57.441445][   T30] audit: type=1400 audit(1755443884.425:325): avc:  denied  { unlink } for  pid=282 comm="syz-executor" name="file0" dev="loop3" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   57.464937][  T289] usb 1-1: config 0 descriptor??
[   57.472464][   T30] audit: type=1400 audit(1755443884.425:326): avc:  denied  { unlink } for  pid=282 comm="syz-executor" name="file1" dev="loop3" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[   58.035714][   T30] audit: type=1400 audit(1755443885.065:327): avc:  denied  { create } for  pid=1059 comm="syz.0.116" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   58.346396][  T343] Bluetooth: hci1: command 0x1003 tx timeout
[   58.352798][  T427] Bluetooth: hci1: sending frame failed (-49)
[   58.391903][ T1290] syz.3.121[1290] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   58.391967][ T1290] syz.3.121[1290] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   58.449618][ T1293] loop3: detected capacity change from 0 to 128
[   58.468248][ T1294] syz.1.120[1294] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   58.468319][ T1294] syz.1.120[1294] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   58.542515][ T1293] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[   58.563872][ T1293] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   58.575357][ T1293] ext2 filesystem being mounted at /23/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   58.825463][ T1298] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1472 (2944 ns) > initial count (6 ns). Using initial count to start timer.
[   59.076386][    T6] Bluetooth: hci0: command 0x1001 tx timeout
[   59.082977][  T427] Bluetooth: hci0: sending frame failed (-49)
[   59.796416][  T289] usbhid 1-1:0.0: can't add hid device: -71
[   59.872230][ T1306] netlink: 28 bytes leftover after parsing attributes in process `syz.3.124'.
[   60.024967][  T289] usbhid: probe of 1-1:0.0 failed with error -71
[   60.072516][  T289] usb 1-1: USB disconnect, device number 2
[   60.428509][  T342] usb 2-1: new full-speed USB device number 4 using dummy_hcd
[   60.444498][  T289] Bluetooth: hci1: command 0x1001 tx timeout
[   60.452614][  T427] Bluetooth: hci1: sending frame failed (-49)
[   60.731587][ T1316] loop3: detected capacity change from 0 to 512
[   60.844529][ T1316] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   60.857192][ T1316] ext4 filesystem being mounted at /26/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.886409][   T30] audit: type=1400 audit(1755443887.915:328): avc:  denied  { create } for  pid=1315 comm="syz.3.129" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   60.962827][   T30] audit: type=1400 audit(1755443887.915:329): avc:  denied  { write open } for  pid=1315 comm="syz.3.129" path="/26/file1/bus" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   61.026665][   T30] audit: type=1400 audit(1755443887.955:330): avc:  denied  { read write } for  pid=1315 comm="syz.3.129" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   61.055830][   T30] audit: type=1400 audit(1755443887.955:331): avc:  denied  { open } for  pid=1315 comm="syz.3.129" path="/26/file1/file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   61.146462][    T6] Bluetooth: hci0: command 0x1009 tx timeout
[   61.286489][  T342] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   61.296967][  T342] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[   61.486459][  T342] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   61.495843][  T342] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   61.504086][  T342] usb 2-1: Product: syz
[   61.508547][  T342] usb 2-1: Manufacturer: syz
[   61.513227][  T342] usb 2-1: SerialNumber: syz
[   61.846510][  T342] usb 2-1: 0:2 : does not exist
[   61.897989][  T342] usb 2-1: USB disconnect, device number 4
[   62.345180][   T30] kauditd_printk_skb: 2 callbacks suppressed
[   62.345193][   T30] audit: type=1400 audit(1755443889.375:334): avc:  denied  { unmount } for  pid=284 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[   62.463551][   T30] audit: type=1400 audit(1755443889.495:335): avc:  denied  { ioctl } for  pid=1342 comm="syz.3.136" path="socket:[17669]" dev="sockfs" ino=17669 ioctlcmd=0x52c8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   62.506414][ T1336] Bluetooth: hci1: command 0x1009 tx timeout
[   62.536067][ T1343] netlink: 76 bytes leftover after parsing attributes in process `syz.3.136'.
[   62.553201][ T1341] loop1: detected capacity change from 0 to 512
[   62.559632][ T1343] netlink: 18 bytes leftover after parsing attributes in process `syz.3.136'.
[   62.568852][ T1343] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   62.586531][   T30] audit: type=1400 audit(1755443889.625:336): avc:  denied  { audit_write } for  pid=1342 comm="syz.3.136" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   62.626661][   T30] audit: type=1107 audit(1755443889.645:337): pid=1342 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='fmt'
[   62.651151][ T1341] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   62.672610][ T1341] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.697087][   T30] audit: type=1400 audit(1755443889.735:338): avc:  denied  { rename } for  pid=1340 comm="syz.1.135" name="file0" dev="loop1" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   62.746387][   T30] audit: type=1400 audit(1755443889.765:339): avc:  denied  { ioctl } for  pid=1340 comm="syz.1.135" path="socket:[17683]" dev="sockfs" ino=17683 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   62.772937][   T30] audit: type=1400 audit(1755443889.765:340): avc:  denied  { write } for  pid=1340 comm="syz.1.135" name="001" dev="devtmpfs" ino=163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   62.904758][ T1358] syz.3.137[1358] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   62.904834][ T1358] syz.3.137[1358] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   63.218723][ T1364] netlink: 28 bytes leftover after parsing attributes in process `syz.1.139'.
[   63.766353][ T1336] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   63.931148][   T30] audit: type=1400 audit(1755443890.965:341): avc:  denied  { write } for  pid=1365 comm="syz.1.141" name="nf_conntrack" dev="proc" ino=4026532663 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   64.136506][ T1336] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   64.146824][ T1336] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[   64.226571][ T1336] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   64.235840][ T1336] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   64.244021][ T1336] usb 1-1: SerialNumber: syz
[   64.527349][ T1336] usb 1-1: 0:2 : does not exist
[   64.546701][ T1336] usb 1-1: USB disconnect, device number 3
[   65.609571][   T30] audit: type=1400 audit(1755443892.645:342): avc:  denied  { name_bind } for  pid=1379 comm="syz.4.146" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[   66.103228][   T30] audit: type=1400 audit(1755443893.135:343): avc:  denied  { write } for  pid=1391 comm="syz.3.150" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   66.826072][ T1413] syz.3.153[1413] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.826610][ T1413] syz.3.153[1413] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   67.130189][   T56] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   67.597363][  T473] Bluetooth: hci0: Frame reassembly failed (-84)
[   67.620469][ T1417] loop1: detected capacity change from 0 to 4096
[   67.679794][ T1417] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[   67.687187][ T1417] EXT4-fs (loop1): Test dummy encryption mode enabled
[   67.694112][ T1417] EXT4-fs (loop1): Can't change test_dummy_encryption on remount
[   67.766418][   T56] usb 3-1: Using ep0 maxpacket: 8
[   68.021176][   T56] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   68.046373][   T56] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[   68.059548][   T56] usb 3-1: New USB device found, idVendor=06a3, idProduct=0621, bcdDevice= 0.00
[   68.076425][   T56] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   68.096514][   T56] usb 3-1: config 0 descriptor??
[   68.577346][   T56] saitek 0003:06A3:0621.0003: unknown main item tag 0x0
[   68.587397][   T56] saitek 0003:06A3:0621.0003: hidraw0: USB HID v0.03 Device [HID 06a3:0621] on usb-dummy_hcd.2-1/input0
[   68.788782][  T342] usb 3-1: USB disconnect, device number 4
[   69.013526][   T30] kauditd_printk_skb: 2 callbacks suppressed
[   69.013540][   T30] audit: type=1400 audit(1755443896.045:346): avc:  denied  { sys_admin } for  pid=1440 comm="syz.4.163" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[   69.065014][ T1444] 9pnet: Insufficient options for proto=fd
[   69.096180][   T30] audit: type=1400 audit(1755443896.125:347): avc:  denied  { execute } for  pid=1445 comm="syz.4.165" path="/23/file1" dev="tmpfs" ino=158 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   69.330701][   T30] audit: type=1326 audit(1755443896.365:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1451 comm="syz.2.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fced8b34ba7 code=0x7ffc0000
[   69.354735][   T30] audit: type=1326 audit(1755443896.395:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1451 comm="syz.2.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fced8ad9dd9 code=0x7ffc0000
[   69.384042][   T30] audit: type=1326 audit(1755443896.395:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1451 comm="syz.2.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fced8b34ba7 code=0x7ffc0000
[   69.439619][   T30] audit: type=1326 audit(1755443896.395:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1451 comm="syz.2.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fced8ad9dd9 code=0x7ffc0000
[   69.494688][   T30] audit: type=1326 audit(1755443896.395:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1451 comm="syz.2.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   69.540823][   T30] audit: type=1326 audit(1755443896.395:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1451 comm="syz.2.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   69.582665][ T1456] netlink: 28 bytes leftover after parsing attributes in process `syz.2.168'.
[   69.630057][   T56] Bluetooth: hci0: command 0x1003 tx timeout
[   69.676501][  T395] Bluetooth: hci0: sending frame failed (-49)
[   69.703722][   T30] audit: type=1326 audit(1755443896.395:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1451 comm="syz.2.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=94 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   69.730624][   T30] audit: type=1326 audit(1755443896.395:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1451 comm="syz.2.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fced8b3dbe9 code=0x7ffc0000
[   69.986446][  T289] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[   70.065239][ T1462] capability: warning: `syz.4.170' uses deprecated v2 capabilities in a way that may be insecure
[   70.355800][  T289] usb 4-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   70.366908][  T289] usb 4-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[   70.374076][ T1465] loop2: detected capacity change from 0 to 4096
[   70.376884][  T289] usb 4-1: config 0 interface 0 has no altsetting 0
[   70.389734][  T289] usb 4-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[   70.399076][  T289] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   70.407912][  T289] usb 4-1: config 0 descriptor??
[   70.428625][ T1465] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   70.510276][ T1471] loop2: detected capacity change from 0 to 8192
[   70.546791][ T1471]  loop2: p1 p2[DM] p4
[   70.550960][ T1471] loop2: p1 size 196608 extends beyond EOD, truncated
[   70.558381][ T1471] loop2: p2 start 4292936063 is beyond EOD, truncated
[   70.565151][ T1471] loop2: p4 size 50331648 extends beyond EOD, truncated
[   70.646930][ T1458] UDC core: couldn't find an available UDC or it's busy: -16
[   70.654530][ T1458] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   70.953140][  T289] hid-steam 0003:28DE:1102.0004: unknown main item tag 0x0
[   70.968712][  T289] hid-steam 0003:28DE:1102.0004: unknown main item tag 0x0
[   70.977037][  T289] hid-steam 0003:28DE:1102.0004: : USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.3-1/input0
[   70.994366][  T289] hid-steam 0003:28DE:1102.0005: unknown main item tag 0x0
[   71.241597][  T289] hid-steam 0003:28DE:1102.0005: unknown main item tag 0x0
[   71.249797][  T289] hid-steam 0003:28DE:1102.0005: hidraw0: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.3-1/input0
[   71.333273][  T289] hid-steam 0003:28DE:1102.0004: Steam Controller 'XXXXXXXXXX' connected
[   71.346963][  T289] input: Steam Controller as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:28DE:1102.0004/input/input4
[   71.362014][  T289] usb 4-1: USB disconnect, device number 3
[   71.370330][  T289] hid-steam 0003:28DE:1102.0004: Steam Controller 'XXXXXXXXXX' disconnected
[   71.664787][ T1481] netlink: 12 bytes leftover after parsing attributes in process `syz.3.175'.
[   71.666445][   T42] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   71.739714][   T56] Bluetooth: hci0: command 0x1001 tx timeout
[   72.071526][  T395] Bluetooth: hci0: sending frame failed (-49)
[   72.796531][   T42] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   72.806159][   T42] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   72.815367][   T42] usb 3-1: Product: syz
[   72.820434][   T42] usb 3-1: Manufacturer: syz
[   72.825260][   T42] usb 3-1: SerialNumber: syz
[   73.146329][    C0] sched: RT throttling activated
[   73.386758][   T42] cdc_ncm 3-1:1.0: failed GET_NTB_PARAMETERS
[   73.393245][   T42] cdc_ncm 3-1:1.0: bind() failure
[   73.404232][   T42] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[   73.412326][   T42] cdc_ncm 3-1:1.1: bind() failure
[   73.666428][   T56] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   73.835021][ T1509] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1472 (2944 ns) > initial count (6 ns). Using initial count to start timer.
[   74.096768][   T56] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   74.108366][   T56] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   74.119846][   T56] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   74.134212][   T56] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   74.185450][   T56] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   74.194518][   T56] usb 4-1: config 0 descriptor??
[   74.200168][   T42] Bluetooth: hci0: command 0x1009 tx timeout
[   74.618865][   T42] usb 3-1: USB disconnect, device number 5
[   74.707840][   T56] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[   74.715359][   T56] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[   74.736408][   T56] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[   74.743981][   T56] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[   74.766429][   T56] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[   74.773866][   T56] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[   74.836153][   T56] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[   74.856390][   T56] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[   74.863932][   T56] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[   74.871580][   T56] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[   74.879035][   T56] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[   74.887382][   T30] kauditd_printk_skb: 55 callbacks suppressed
[   74.887395][   T30] audit: type=1400 audit(1755443901.925:411): avc:  denied  { create } for  pid=1520 comm="syz.1.187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   74.914387][   T56] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[   74.921957][   T56] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[   74.929519][   T56] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[   74.985612][   T30] audit: type=1400 audit(1755443901.985:412): avc:  denied  { read } for  pid=1520 comm="syz.1.187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   75.010765][   T56] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[   75.037819][ T1528] syz.2.185[1528] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   75.038550][ T1528] syz.2.185[1528] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   75.052256][   T56] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving
[   75.115561][   T56] plantronics 0003:047F:FFFF.0006: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[   75.180016][   T56] usb 4-1: USB disconnect, device number 4
[   75.694529][   T30] audit: type=1400 audit(1755443902.725:413): avc:  denied  { read write } for  pid=1530 comm="syz.3.188" name="uinput" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   75.736939][ T1531] loop3: detected capacity change from 0 to 2048
[   75.753654][   T30] audit: type=1400 audit(1755443902.755:414): avc:  denied  { open } for  pid=1530 comm="syz.3.188" path="/dev/uinput" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   75.807168][ T1533] 9pnet: Insufficient options for proto=fd
[   75.816910][ T1531] EXT4-fs (loop3): Ignoring removed nobh option
[   75.823348][   T30] audit: type=1400 audit(1755443902.755:415): avc:  denied  { write } for  pid=1530 comm="syz.3.188" name="binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   75.846874][ T1531] EXT4-fs (loop3): Mount option "dioread_lock" incompatible with ext2
[   75.885826][   T30] audit: type=1400 audit(1755443902.845:416): avc:  denied  { read } for  pid=1532 comm="syz.1.189" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   75.935974][ T1535] loop1: detected capacity change from 0 to 8192
[   75.996672][ T1535]  loop1: p1 p2[DM] p4
[   76.000973][ T1535] loop1: p1 size 196608 extends beyond EOD, truncated
[   76.016848][ T1535] loop1: p2 start 4292936063 is beyond EOD, truncated
[   76.023668][ T1535] loop1: p4 size 50331648 extends beyond EOD, truncated
[   76.104463][   T30] audit: type=1400 audit(1755443903.135:417): avc:  denied  { create } for  pid=1530 comm="syz.3.188" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   76.162381][   T30] audit: type=1326 audit(1755443903.195:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1540 comm="syz.3.192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f20de337ba7 code=0x7ffc0000
[   76.455967][   T30] audit: type=1326 audit(1755443903.195:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1540 comm="syz.3.192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f20de2dcdd9 code=0x7ffc0000
[   76.783533][   T30] audit: type=1326 audit(1755443903.195:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1540 comm="syz.3.192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f20de337ba7 code=0x7ffc0000
[   77.765418][ T1555] loop1: detected capacity change from 0 to 1024
[   77.972004][ T1558] device veth0_to_team entered promiscuous mode
[   78.036279][ T1555] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   78.136890][ T1555] ext4 filesystem being mounted at /52/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.179036][ T1555] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=1555 comm=syz.1.196
[   78.203203][ T1573] loop3: detected capacity change from 0 to 256
[   78.247331][ T1577] xt_hashlimit: max too large, truncated to 1048576
[   78.271169][ T1573] syz.3.201 uses obsolete (PF_INET,SOCK_PACKET)
[   78.325010][ T1586] loop3: detected capacity change from 0 to 8192
[   78.346856][ T1586]  loop3: p1 p2[DM] p4
[   78.351077][ T1586] loop3: p1 size 196608 extends beyond EOD, truncated
[   78.363417][ T1586] loop3: p2 start 4292936063 is beyond EOD, truncated
[   78.370553][ T1586] loop3: p4 size 50331648 extends beyond EOD, truncated
[   80.833663][ T1613] loop3: detected capacity change from 0 to 8192
[   80.899894][ T1614] syz.4.212[1614] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   80.899972][ T1614] syz.4.212[1614] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   80.913912][ T1613]  loop3: p1 < > p2 p4
[   80.929772][ T1545] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   80.946223][ T1616] loop2: detected capacity change from 0 to 1024
[   80.955478][ T1613] loop3: partition table partially beyond EOD, truncated
[   80.964156][ T1613] loop3: p1 start 408832 is beyond EOD, truncated
[   80.971035][ T1613] loop3: p2 size 8388352 extends beyond EOD, truncated
[   81.021892][ T1616] EXT4-fs (loop2): mounted filesystem without journal. Opts: block_validity,min_batch_time=0x0000000000000004,,errors=continue. Quota mode: writeback.
[   81.060955][   T30] kauditd_printk_skb: 27 callbacks suppressed
[   81.060971][   T30] audit: type=1400 audit(1755443908.095:448): avc:  denied  { read } for  pid=1615 comm="syz.2.214" path="/36/bus/bus" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   81.206371][ T1545] usb 1-1: Using ep0 maxpacket: 32
[   81.490862][ T1636] loop3: detected capacity change from 0 to 256
[   81.546779][ T1636] FAT-fs (loop3): Unrecognized mount option "utfH" or missing value
[   81.626423][ T1545] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[   81.641544][ T1545] usb 1-1: config 0 has no interface number 0
[   82.004849][   T30] audit: type=1400 audit(1755443908.885:449): avc:  denied  { relabelfrom } for  pid=1635 comm="syz.3.219" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   82.077252][   T30] audit: type=1400 audit(1755443908.885:450): avc:  denied  { relabelto } for  pid=1635 comm="syz.3.219" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   82.097323][ T1545] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[   82.132614][ T1545] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   82.201886][ T1545] usb 1-1: Product: syz
[   82.238043][ T1545] usb 1-1: Manufacturer: syz
[   82.283226][ T1545] usb 1-1: SerialNumber: syz
[   82.340454][ T1545] usb 1-1: config 0 descriptor??
[   82.350873][ T1645] bridge0: port 3(syz_tun) entered blocking state
[   82.406175][ T1645] bridge0: port 3(syz_tun) entered disabled state
[   82.586042][   T30] audit: type=1400 audit(1755443909.615:451): avc:  denied  { unmount } for  pid=285 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   82.607155][   T30] audit: type=1400 audit(1755443909.615:452): avc:  denied  { unlink } for  pid=285 comm="syz-executor" name="bus" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   82.707926][ T1545] smsc95xx v2.0.0
[   82.713668][ T1645] device syz_tun entered promiscuous mode
[   82.719750][ T1645] bridge0: port 3(syz_tun) entered blocking state
[   82.726362][ T1645] bridge0: port 3(syz_tun) entered forwarding state
[   82.734177][  T571] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   82.750329][ T1649] device veth0_to_team entered promiscuous mode
[   82.847960][ T1655] serio: Serial port ttyS3
[   83.048155][ T1666] 9pnet: Insufficient options for proto=fd
[   83.574140][ T1668] loop3: detected capacity change from 0 to 131072
[   83.698647][   T30] audit: type=1400 audit(1755443910.645:453): avc:  denied  { mounton } for  pid=1667 comm="syz.3.227" path="/56/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1
[   83.730975][ T1668] F2FS-fs (loop3): Segment count (31) mismatch with total segments from devices (0)
[   83.740543][ T1668] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   83.749123][ T1545] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71
[   83.760333][ T1545] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[   83.794989][ T1545] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[   83.810978][ T1668] F2FS-fs (loop3): invalid crc value
[   83.846194][   T30] audit: type=1326 audit(1755443910.875:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1673 comm="syz.0.229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6accfbbe9 code=0x7ffc0000
[   83.870249][ T1545] smsc95xx: probe of 1-1:0.67 failed with error -71
[   83.888166][ T1668] F2FS-fs (loop3): Found nat_bits in checkpoint
[   83.922314][ T1545] usb 1-1: USB disconnect, device number 4
[   83.936635][ T1668] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[   83.943932][ T1668] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[   83.960514][   T30] audit: type=1326 audit(1755443910.875:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1673 comm="syz.0.229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6accfbbe9 code=0x7ffc0000
[   83.994184][   T30] audit: type=1326 audit(1755443910.875:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1673 comm="syz.0.229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6accfbbe9 code=0x7ffc0000
[   84.044454][   T30] audit: type=1326 audit(1755443910.875:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1673 comm="syz.0.229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6accfbbe9 code=0x7ffc0000
[   84.525771][ T1686] syz.1.231[1686] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   84.525849][ T1686] syz.1.231[1686] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   84.969552][ T1697] netlink: 28 bytes leftover after parsing attributes in process `syz.2.232'.
[   86.298546][ T1710] loop1: detected capacity change from 0 to 8192
[   88.108174][ T1710]  loop1: p1 p2[DM] p4
[   88.112542][ T1710] loop1: p1 size 196608 extends beyond EOD, truncated
[   88.120037][ T1710] loop1: p2 start 4292936063 is beyond EOD, truncated
[   88.127156][ T1710] loop1: p4 size 50331648 extends beyond EOD, truncated
[   88.451991][ T1731] overlayfs: failed to clone upperpath
[   88.466489][  T289] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   88.476543][ T1336] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   88.481979][ T1731] 9pnet: Insufficient options for proto=fd
[   88.716444][ T1336] usb 1-1: Using ep0 maxpacket: 8
[   88.846426][ T1336] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   88.860378][ T1336] usb 1-1: New USB device found, idVendor=06a3, idProduct=0621, bcdDevice= 0.00
[   88.879162][ T1336] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   88.886366][  T289] usb 3-1: Using ep0 maxpacket: 8
[   88.897456][ T1336] usb 1-1: config 0 descriptor??
[   88.910329][ T1733] loop1: detected capacity change from 0 to 40427
[   88.957273][ T1733] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x12010)
[   88.965577][ T1733] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   88.974771][ T1733] F2FS-fs (loop1): Wrong SIT boundary, start(1536) end(7) blocks(1024)
[   88.983497][ T1733] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[   89.006410][  T289] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   89.016406][  T289] usb 3-1: New USB device found, idVendor=06a3, idProduct=0621, bcdDevice= 0.00
[   89.025510][  T289] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   89.034975][  T289] usb 3-1: config 0 descriptor??
[   89.044614][ T1738] syz.4.247[1738] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   89.044663][ T1738] syz.4.247[1738] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   89.433744][ T1741] netlink: 84 bytes leftover after parsing attributes in process `syz.4.248'.
[   89.559839][ T1336] saitek 0003:06A3:0621.0007: unknown main item tag 0x0
[   89.702397][ T1336] saitek 0003:06A3:0621.0007: hidraw0: USB HID v0.03 Device [HID 06a3:0621] on usb-dummy_hcd.0-1/input0
[   89.764023][  T342] usb 1-1: USB disconnect, device number 5
[   89.770521][ T1752] netlink: 8 bytes leftover after parsing attributes in process `syz.3.249'.
[   89.776472][  T289] usbhid 3-1:0.0: can't add hid device: -71
[   89.785344][  T289] usbhid: probe of 3-1:0.0 failed with error -71
[   89.792570][  T289] usb 3-1: USB disconnect, device number 6
[   92.788920][ T1769] netlink: 4 bytes leftover after parsing attributes in process `syz.1.255'.
[   92.848453][   T30] kauditd_printk_skb: 15 callbacks suppressed
[   92.848468][   T30] audit: type=1400 audit(1755443919.885:473): avc:  denied  { setopt } for  pid=1765 comm="syz.1.255" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   92.921862][   T30] audit: type=1400 audit(1755443919.955:474): avc:  denied  { read } for  pid=1765 comm="syz.1.255" name="ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   92.948128][ T1767] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[   92.949892][   T30] audit: type=1400 audit(1755443919.955:475): avc:  denied  { open } for  pid=1765 comm="syz.1.255" path="/dev/ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   92.960453][ T1767] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[   92.979858][   T30] audit: type=1400 audit(1755443919.955:476): avc:  denied  { ioctl } for  pid=1765 comm="syz.1.255" path="/dev/ppp" dev="devtmpfs" ino=154 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   93.042613][ T1782] overlayfs: failed to clone upperpath
[   93.048519][   T30] audit: type=1400 audit(1755443919.955:477): avc:  denied  { write } for  pid=1765 comm="syz.1.255" name="ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   93.136143][ T1780] 9pnet: Insufficient options for proto=fd
[   93.225668][ T1789] loop2: detected capacity change from 0 to 8192
[   93.305393][ T1789]  loop2: p1 p2[DM] p4
[   93.314068][ T1789] loop2: p1 size 196608 extends beyond EOD, truncated
[   93.381448][ T1789] loop2: p2 start 4292936063 is beyond EOD, truncated
[   93.388572][ T1789] loop2: p4 size 50331648 extends beyond EOD, truncated
[   93.929499][ T1336] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[   93.937345][   T30] audit: type=1400 audit(1755443920.525:478): avc:  denied  { getopt } for  pid=1792 comm="syz.1.262" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   95.146367][ T1336] usb 4-1: Using ep0 maxpacket: 8
[   96.047907][ T1819] syz.1.266[1819] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   96.048222][ T1819] syz.1.266[1819] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   96.125257][ T1336] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   97.286885][ T1336] usb 4-1: New USB device found, idVendor=06a3, idProduct=0621, bcdDevice= 0.00
[   97.298428][ T1336] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.313901][ T1336] usb 4-1: config 0 descriptor??
[   97.812212][ T1336] usb 4-1: can't set config #0, error -71
[   97.826192][ T1336] usb 4-1: USB disconnect, device number 5
[   98.153940][ T1837] loop2: detected capacity change from 0 to 8192
[   98.197112][ T1837]  loop2: p1 p2[DM] p4
[   98.201546][ T1837] loop2: p1 size 196608 extends beyond EOD, truncated
[   98.209481][ T1837] loop2: p2 start 4292936063 is beyond EOD, truncated
[   98.216958][ T1837] loop2: p4 size 50331648 extends beyond EOD, truncated
[   98.382143][ T1874] 9pnet: Insufficient options for proto=fd
[  100.780151][ T1901] loop1: detected capacity change from 0 to 4096
[  100.844747][ T1863] Bluetooth: hci0: command 0x1003 tx timeout
[  100.856404][ T1901] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  100.867564][  T395] Bluetooth: hci0: sending frame failed (-49)
[  100.875493][ T1899] overlayfs: failed to clone upperpath
[  100.882664][ T1899] 9pnet: Insufficient options for proto=fd
[  101.354600][   T30] audit: type=1400 audit(1755443928.385:479): avc:  denied  { ioctl } for  pid=1909 comm="syz.4.286" path="socket:[18945]" dev="sockfs" ino=18945 ioctlcmd=0x9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  101.386540][   T30] audit: type=1400 audit(1755443928.415:480): avc:  denied  { getopt } for  pid=1913 comm="syz.4.288" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  101.428921][ T1912] loop3: detected capacity change from 0 to 8192
[  101.467148][ T1912]  loop3: p1 p2[DM] p4
[  101.471334][ T1912] loop3: p1 size 196608 extends beyond EOD, truncated
[  101.480192][ T1912] loop3: p2 start 4292936063 is beyond EOD, truncated
[  101.487274][ T1912] loop3: p4 size 50331648 extends beyond EOD, truncated
[  101.598872][ T1920] loop3: detected capacity change from 0 to 512
[  101.673382][ T1920] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2228: inode #15: comm syz.3.290: corrupted in-inode xattr
[  101.685554][ T1920] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.290: couldn't read orphan inode 15 (err -117)
[  101.699625][ T1920] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,inode_readahead_blks=0x0000000004000000,abort,noload,delalloc,max_batch_time=0x0000000000000001,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000000800,bsdgroups,init_itable=0x0000000000000fff,,errors=continue. Quota mode: none.
[  102.253028][  T499] Bluetooth: hci1: Frame reassembly failed (-84)
[  103.574914][    T6] Bluetooth: hci0: command 0x1001 tx timeout
[  103.581415][  T427] Bluetooth: hci0: sending frame failed (-49)
[  103.759900][ T1945] 9pnet: Insufficient options for proto=fd
[  103.779375][ T1946] 9pnet: Insufficient options for proto=fd
[  104.266389][ T1854] Bluetooth: hci1: command 0x1003 tx timeout
[  104.272499][  T427] Bluetooth: hci1: sending frame failed (-49)
[  104.996597][ T1854] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[  105.555691][ T1854] usb 4-1: device descriptor read/64, error -71
[  105.626417][ T1864] Bluetooth: hci0: command 0x1009 tx timeout
[  105.946571][ T1854] usb 4-1: device descriptor read/64, error -71
[  106.004363][ T1966] overlayfs: failed to resolve './file1': -2
[  106.226400][ T1854] usb 4-1: new full-speed USB device number 7 using dummy_hcd
[  106.346460][ T1864] Bluetooth: hci1: command 0x1001 tx timeout
[  106.352623][  T427] Bluetooth: hci1: sending frame failed (-49)
[  106.496596][ T1854] usb 4-1: device descriptor read/64, error -71
[  106.686012][   T30] audit: type=1400 audit(1755443933.715:481): avc:  denied  { read } for  pid=1969 comm="syz.1.304" name="loop-control" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  106.710623][   T30] audit: type=1400 audit(1755443933.715:482): avc:  denied  { open } for  pid=1969 comm="syz.1.304" path="/dev/loop-control" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  106.736200][   T30] audit: type=1400 audit(1755443933.735:483): avc:  denied  { ioctl } for  pid=1969 comm="syz.1.304" path="/dev/loop-control" dev="devtmpfs" ino=115 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  106.896488][ T1854] usb 4-1: device descriptor read/64, error -71
[  107.016984][ T1854] usb usb4-port1: attempt power cycle
[  107.426571][ T1854] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[  107.789603][ T1983] loop3: detected capacity change from 0 to 512
[  107.826447][ T1854] usb 4-1: device descriptor read/8, error -71
[  107.960314][ T1990] loop3: detected capacity change from 0 to 1024
[  108.019397][ T1990] EXT4-fs (loop3): Ignoring removed bh option
[  108.025628][ T1990] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  108.038565][ T1854] usb 4-1: device descriptor read/8, error -71
[  108.048449][ T1990] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,resgid=0x0000000000000000,data_err=ignore,grpquota,nodioread_nolock,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  108.086006][   T30] audit: type=1400 audit(1755443935.115:484): avc:  denied  { append } for  pid=1988 comm="syz.3.310" path="/72/file1/cpuset.effective_mems" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  108.136430][   T30] audit: type=1400 audit(1755443935.115:485): avc:  denied  { map } for  pid=1988 comm="syz.3.310" path="/72/file1/cpuset.effective_mems" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  108.177228][ T2001] 9pnet: Insufficient options for proto=fd
[  108.188390][   T30] audit: type=1400 audit(1755443935.115:486): avc:  denied  { execute } for  pid=1988 comm="syz.3.310" path="/72/file1/cpuset.effective_mems" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  108.426373][ T1850] Bluetooth: hci1: command 0x1009 tx timeout
[  108.510586][  T282] EXT4-fs error (device loop3): ext4_lookup:1858: inode #14: comm syz-executor: iget: bad extended attribute block 17179869184
[  108.524326][  T282] EXT4-fs error (device loop3): ext4_lookup:1858: inode #14: comm syz-executor: iget: bad extended attribute block 17179869184
[  108.702885][ T2006] overlayfs: failed to resolve './file1': -2
[  108.937665][   T30] audit: type=1400 audit(1755443935.975:487): avc:  denied  { mounton } for  pid=2014 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  109.026854][ T2014] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.034231][ T2014] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.466613][ T2014] device bridge_slave_0 entered promiscuous mode
[  109.584764][ T2014] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.609585][   T30] audit: type=1400 audit(1755443936.645:488): avc:  denied  { mount } for  pid=2010 comm="syz.0.318" name="/" dev="ramfs" ino=19057 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  110.733749][ T2014] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.741630][ T2014] device bridge_slave_1 entered promiscuous mode
[  111.656914][  T707] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  111.664574][  T707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  111.786690][  T707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  111.795695][  T707] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  111.804550][  T707] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.811712][  T707] bridge0: port 1(bridge_slave_0) entered forwarding state
[  111.820746][  T707] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  111.829165][  T707] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  111.837800][  T707] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.844831][  T707] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.886827][  T707] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  111.894650][  T707] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  111.902931][  T707] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  111.920001][  T707] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  111.929182][  T707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  111.940482][ T2014] device veth0_vlan entered promiscuous mode
[  111.949260][ T1075] device bridge_slave_1 left promiscuous mode
[  111.955405][ T1075] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.963586][ T1075] device bridge_slave_0 left promiscuous mode
[  111.970282][ T1075] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.285355][  T707] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  112.293612][  T707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  112.309932][  T707] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  112.317620][  T707] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  112.463851][  T707] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  112.489783][  T707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  112.498252][ T1850] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  112.509433][ T2014] device veth1_macvtap entered promiscuous mode
[  112.549355][  T707] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  112.559689][  T707] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  112.570715][  T707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  112.614605][  T707] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  112.625692][  T707] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  112.706529][   T30] audit: type=1400 audit(1755443939.695:489): avc:  denied  { mounton } for  pid=2014 comm="syz-executor" path="/root/syzkaller.v29L9s/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  112.736674][ T1850] usb 1-1: Using ep0 maxpacket: 8
[  112.896765][ T1850] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  112.935177][ T1850] usb 1-1: New USB device found, idVendor=06a3, idProduct=0621, bcdDevice= 0.00
[  113.498963][ T1850] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.556769][ T1850] usb 1-1: config 0 descriptor??
[  114.148458][ T1850] usbhid 1-1:0.0: can't add hid device: -71
[  114.154467][ T1850] usbhid: probe of 1-1:0.0 failed with error -71
[  114.164149][ T1850] usb 1-1: USB disconnect, device number 6
[  115.250877][ T2092] device veth0_to_team entered promiscuous mode
[  115.264382][  T362] Bluetooth: hci0: Frame reassembly failed (-84)
[  115.299102][  T362] Bluetooth: hci0: Frame reassembly failed (-84)
[  115.395251][ T2095] overlayfs: failed to clone upperpath
[  116.779210][   T30] audit: type=1326 audit(1755443943.815:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2099 comm="syz.5.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33c496dbe9 code=0x7ffc0000
[  116.865654][   T30] audit: type=1326 audit(1755443943.815:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2099 comm="syz.5.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33c496dbe9 code=0x7ffc0000
[  116.893554][   T30] audit: type=1326 audit(1755443943.815:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2099 comm="syz.5.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=290 compat=0 ip=0x7f33c496dbe9 code=0x7ffc0000
[  117.173529][   T30] audit: type=1326 audit(1755443943.815:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2099 comm="syz.5.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33c496dbe9 code=0x7ffc0000
[  117.197017][   T30] audit: type=1326 audit(1755443943.815:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2099 comm="syz.5.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f33c496dbe9 code=0x7ffc0000
[  117.220404][   T30] audit: type=1326 audit(1755443943.815:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2099 comm="syz.5.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33c496dbe9 code=0x7ffc0000
[  117.244095][   T30] audit: type=1326 audit(1755443943.815:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2099 comm="syz.5.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f33c496dbe9 code=0x7ffc0000
[  117.270613][   T30] audit: type=1326 audit(1755443943.815:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2099 comm="syz.5.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33c496dbe9 code=0x7ffc0000
[  117.297163][   T30] audit: type=1326 audit(1755443943.815:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2099 comm="syz.5.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f33c496dbe9 code=0x7ffc0000
[  117.326517][ T1863] Bluetooth: hci0: command 0x1003 tx timeout
[  117.332732][  T379] Bluetooth: hci0: sending frame failed (-49)
[  117.493729][ T2115] loop5: detected capacity change from 0 to 8192
[  117.517611][ T2115]  loop5: p1 p2[DM] p4
[  117.521831][ T2115] loop5: p1 size 196608 extends beyond EOD, truncated
[  117.529276][ T2115] loop5: p2 start 4292936063 is beyond EOD, truncated
[  117.536157][ T2115] loop5: p4 size 50331648 extends beyond EOD, truncated
[  117.845807][ T2126] overlayfs: failed to clone upperpath
[  117.883838][ T2126] 9pnet: Insufficient options for proto=fd
[  118.404795][ T2133] FAULT_INJECTION: forcing a failure.
[  118.404795][ T2133] name failslab, interval 1, probability 0, space 0, times 0
[  118.417853][ T2133] CPU: 1 PID: 2133 Comm: syz.1.348 Not tainted 5.15.189-syzkaller-android13-5.15.189_r00 #0
[  118.427913][ T2133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  118.438141][ T2133] Call Trace:
[  118.441429][ T2133]  <TASK>
[  118.444445][ T2133]  __dump_stack+0x21/0x30
[  118.448785][ T2133]  dump_stack_lvl+0xee/0x150
[  118.453478][ T2133]  ? show_regs_print_info+0x20/0x20
[  118.458712][ T2133]  dump_stack+0x15/0x20
[  118.462874][ T2133]  should_fail+0x3c1/0x510
[  118.467392][ T2133]  __should_failslab+0xa4/0xe0
[  118.472144][ T2133]  should_failslab+0x9/0x20
[  118.476635][ T2133]  slab_pre_alloc_hook+0x3b/0xe0
[  118.481661][ T2133]  __kmalloc+0x6d/0x2c0
[  118.486502][ T2133]  ? kmem_cache_alloc_trace+0x119/0x270
[  118.492077][ T2133]  ? __se_sys_io_uring_setup+0x353/0x29a0
[  118.497968][ T2133]  __se_sys_io_uring_setup+0x353/0x29a0
[  118.503703][ T2133]  ? file_end_write+0x1b0/0x1b0
[  118.508651][ T2133]  ? __kasan_check_write+0x14/0x20
[  118.513932][ T2133]  ? mutex_unlock+0x89/0x220
[  118.518690][ T2133]  ? __mutex_lock_slowpath+0x10/0x10
[  118.523964][ T2133]  ? __x64_sys_io_uring_setup+0x70/0x70
[  118.529624][ T2133]  ? __kasan_check_write+0x14/0x20
[  118.534739][ T2133]  ? fput_many+0x15a/0x1a0
[  118.539238][ T2133]  ? debug_smp_processor_id+0x17/0x20
[  118.544778][ T2133]  __x64_sys_io_uring_setup+0x5b/0x70
[  118.550404][ T2133]  x64_sys_call+0x5f4/0x9a0
[  118.554923][ T2133]  do_syscall_64+0x4c/0xa0
[  118.559329][ T2133]  ? clear_bhb_loop+0x50/0xa0
[  118.564000][ T2133]  ? clear_bhb_loop+0x50/0xa0
[  118.568668][ T2133]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  118.574645][ T2133] RIP: 0033:0x7f2f6482bbe9
[  118.579061][ T2133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.599140][ T2133] RSP: 002b:00007f2f63293fc8 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  118.607632][ T2133] RAX: ffffffffffffffda RBX: 00007f2f64a52fa0 RCX: 00007f2f6482bbe9
[  118.615957][ T2133] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000111
[  118.623919][ T2133] RBP: 0000200000000340 R08: 0000000000000000 R09: 0000000000000000
[  118.631879][ T2133] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[  118.639833][ T2133] R13: 0000000000000000 R14: 0000000000000111 R15: 0000000000000000
[  118.647880][ T2133]  </TASK>
[  118.680829][ T2139] netlink: 8 bytes leftover after parsing attributes in process `syz.2.350'.
[  118.690249][ T2139] netlink: 12 bytes leftover after parsing attributes in process `syz.2.350'.
[  118.699445][ T2139] netlink: 8 bytes leftover after parsing attributes in process `syz.2.350'.
[  118.709495][ T2139] netlink: 8 bytes leftover after parsing attributes in process `syz.2.350'.
[  118.718507][ T2112] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  119.386503][ T1862] Bluetooth: hci0: command 0x1001 tx timeout
[  119.393186][  T379] Bluetooth: hci0: sending frame failed (-49)
[  119.546866][  T566] Bluetooth: hci1: Frame reassembly failed (-84)
[  119.666387][ T2112] usb 6-1: Using ep0 maxpacket: 8
[  119.762730][   T30] kauditd_printk_skb: 44 callbacks suppressed
[  119.762745][   T30] audit: type=1400 audit(1755443946.795:543): avc:  denied  { create } for  pid=2155 comm="syz.1.354" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  119.789751][   T30] audit: type=1400 audit(1755443946.805:544): avc:  denied  { mounton } for  pid=2155 comm="syz.1.354" path="/88/file0" dev="tmpfs" ino=543 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  119.812724][ T2112] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  119.822807][ T2112] usb 6-1: New USB device found, idVendor=06a3, idProduct=0621, bcdDevice= 0.00
[  119.833163][ T2112] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.841965][ T2112] usb 6-1: config 0 descriptor??
[  119.909216][   T30] audit: type=1400 audit(1755443946.945:545): avc:  denied  { unlink } for  pid=284 comm="syz-executor" name="file0" dev="tmpfs" ino=543 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  120.219782][ T2165] syz.4.356[2165] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  120.220137][ T2165] syz.4.356[2165] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  121.492892][ T1862] Bluetooth: hci0: command 0x1009 tx timeout
[  121.511053][ T2112] usbhid 6-1:0.0: can't add hid device: -71
[  121.511112][ T2112] usbhid: probe of 6-1:0.0 failed with error -71
[  121.511871][ T2112] usb 6-1: USB disconnect, device number 2
[  121.591293][ T2177] FAULT_INJECTION: forcing a failure.
[  121.591293][ T2177] name failslab, interval 1, probability 0, space 0, times 0
[  121.609639][ T2173] loop5: detected capacity change from 0 to 8192
[  121.616397][ T2177] CPU: 0 PID: 2177 Comm: syz.1.360 Not tainted 5.15.189-syzkaller-android13-5.15.189_r00 #0
[  121.626692][ T2177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  121.636751][ T2177] Call Trace:
[  121.640030][ T2177]  <TASK>
[  121.642970][ T2177]  __dump_stack+0x21/0x30
[  121.647345][ T2177]  dump_stack_lvl+0xee/0x150
[  121.651939][ T2177]  ? show_regs_print_info+0x20/0x20
[  121.657144][ T2177]  dump_stack+0x15/0x20
[  121.661326][ T2177]  should_fail+0x3c1/0x510
[  121.665827][ T2177]  __should_failslab+0xa4/0xe0
[  121.670592][ T2177]  should_failslab+0x9/0x20
[  121.675101][ T2177]  slab_pre_alloc_hook+0x3b/0xe0
[  121.676633][ T1862] Bluetooth: hci1: command 0x1003 tx timeout
[  121.680268][ T2177]  kmem_cache_alloc_trace+0x48/0x270
[  121.680291][ T2177]  ? __se_sys_io_uring_setup+0x3f6/0x29a0
[  121.680308][ T2177]  __se_sys_io_uring_setup+0x3f6/0x29a0
[  121.687716][  T427] Bluetooth: hci1: sending frame failed (-49)
[  121.691867][ T2177]  ? __kasan_check_write+0x14/0x20
[  121.714739][ T2177]  ? mutex_unlock+0x89/0x220
[  121.719441][ T2177]  ? __mutex_lock_slowpath+0x10/0x10
[  121.724826][ T2177]  ? __x64_sys_io_uring_setup+0x70/0x70
[  121.730386][ T2177]  ? __kasan_check_write+0x14/0x20
[  121.735698][ T2177]  ? fput_many+0x15a/0x1a0
[  121.740228][ T2177]  ? debug_smp_processor_id+0x17/0x20
[  121.745883][ T2177]  __x64_sys_io_uring_setup+0x5b/0x70
[  121.751382][ T2177]  x64_sys_call+0x5f4/0x9a0
[  121.756061][ T2177]  do_syscall_64+0x4c/0xa0
[  121.760495][ T2177]  ? clear_bhb_loop+0x50/0xa0
[  121.765201][ T2177]  ? clear_bhb_loop+0x50/0xa0
[  121.770062][ T2177]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  121.775985][ T2177] RIP: 0033:0x7f2f6482bbe9
[  121.780585][ T2177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.800399][ T2177] RSP: 002b:00007f2f63293fc8 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  121.808834][ T2177] RAX: ffffffffffffffda RBX: 00007f2f64a52fa0 RCX: 00007f2f6482bbe9
[  121.816813][ T2177] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000111
[  121.824793][ T2177] RBP: 0000200000000340 R08: 0000000000000000 R09: 0000000000000000
[  121.832787][ T2177] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[  121.840851][ T2177] R13: 0000000000000000 R14: 0000000000000111 R15: 0000000000000000
[  121.848838][ T2177]  </TASK>
[  122.617437][ T2173]  loop5: p1 p2[DM] p4
[  122.621693][ T2173] loop5: p1 size 196608 extends beyond EOD, truncated
[  122.630182][ T2173] loop5: p2 start 4292936063 is beyond EOD, truncated
[  122.637714][ T2173] loop5: p4 size 50331648 extends beyond EOD, truncated
[  122.734527][   T30] audit: type=1400 audit(1755443949.765:546): avc:  denied  { create } for  pid=2196 comm="syz.5.365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  122.798136][   T30] audit: type=1400 audit(1755443949.785:547): avc:  denied  { connect } for  pid=2196 comm="syz.5.365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  122.825122][   T30] audit: type=1400 audit(1755443949.785:548): avc:  denied  { ioctl } for  pid=2196 comm="syz.5.365" path="socket:[20361]" dev="sockfs" ino=20361 ioctlcmd=0x7437 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  122.967967][ T2218] netlink: 76 bytes leftover after parsing attributes in process `syz.1.375'.
[  122.998896][ T2224] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=2224 comm=syz.5.378
[  123.013283][ T2224] netlink: 12 bytes leftover after parsing attributes in process `syz.5.378'.
[  123.044014][   T30] audit: type=1400 audit(1755443950.075:549): avc:  denied  { bind } for  pid=2233 comm="syz.4.383" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  123.073780][   T30] audit: type=1400 audit(1755443950.105:550): avc:  denied  { write } for  pid=2237 comm="syz.5.385" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  123.099938][   T30] audit: type=1400 audit(1755443950.105:551): avc:  denied  { read } for  pid=2237 comm="syz.5.385" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  123.123807][   T30] audit: type=1400 audit(1755443950.105:552): avc:  denied  { bind } for  pid=2242 comm="syz.1.388" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  123.159336][ T2260] bridge0: port 1(bridge_slave_0) entered blocking state
[  123.166550][ T2260] bridge0: port 1(bridge_slave_0) entered forwarding state
[  123.413569][ T2323] ==================================================================
[  123.421672][ T2323] BUG: KASAN: slab-out-of-bounds in xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[  123.431063][ T2323] Read of size 1 at addr ffff88812055fbf8 by task syz.4.427/2323
[  123.439163][ T2323] 
[  123.441475][ T2323] CPU: 1 PID: 2323 Comm: syz.4.427 Not tainted 5.15.189-syzkaller-android13-5.15.189_r00 #0
[  123.451896][ T2323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  123.462054][ T2323] Call Trace:
[  123.465409][ T2323]  <TASK>
[  123.468330][ T2323]  __dump_stack+0x21/0x30
[  123.472786][ T2323]  dump_stack_lvl+0xee/0x150
[  123.477741][ T2323]  ? show_regs_print_info+0x20/0x20
[  123.483021][ T2323]  ? load_image+0x3a0/0x3a0
[  123.487794][ T2323]  ? unwind_get_return_address+0x4d/0x90
[  123.493429][ T2323]  print_address_description+0x7f/0x2c0
[  123.498983][ T2323]  ? xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[  123.505499][ T2323]  kasan_report+0xf1/0x140
[  123.510101][ T2323]  ? xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[  123.516597][ T2323]  __asan_report_load1_noabort+0x14/0x20
[  123.522240][ T2323]  xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[  123.528571][ T2323]  xfrm_policy_inexact_insert_node+0x938/0xb50
[  123.534721][ T2323]  ? xfrm_netlink_rcv+0x72/0x90
[  123.539583][ T2323]  ? netlink_unicast+0x876/0xa40
[  123.544718][ T2323]  ? netlink_sendmsg+0x86a/0xb70
[  123.549833][ T2323]  ? ____sys_sendmsg+0x5a2/0x8c0
[  123.554797][ T2323]  ? ___sys_sendmsg+0x1f0/0x260
[  123.559641][ T2323]  ? x64_sys_call+0x4b/0x9a0
[  123.564229][ T2323]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  123.570409][ T2323]  xfrm_policy_inexact_alloc_chain+0x53a/0xb30
[  123.576576][ T2323]  xfrm_policy_inexact_insert+0x70/0x1130
[  123.582460][ T2323]  ? __get_hash_thresh+0x10c/0x420
[  123.587561][ T2323]  ? policy_hash_bysel+0x110/0x4f0
[  123.592768][ T2323]  xfrm_policy_insert+0x126/0x9a0
[  123.597799][ T2323]  ? xfrm_policy_construct+0x54f/0x1f00
[  123.603573][ T2323]  xfrm_add_policy+0x4d1/0x830
[  123.608424][ T2323]  ? xfrm_dump_sa_done+0xc0/0xc0
[  123.613440][ T2323]  xfrm_user_rcv_msg+0x45c/0x6e0
[  123.618496][ T2323]  ? xfrm_netlink_rcv+0x90/0x90
[  123.623366][ T2323]  ? avc_has_perm_noaudit+0x460/0x460
[  123.628853][ T2323]  ? x64_sys_call+0x4b/0x9a0
[  123.633442][ T2323]  ? selinux_nlmsg_lookup+0x237/0x4c0
[  123.638826][ T2323]  netlink_rcv_skb+0x1e0/0x430
[  123.643583][ T2323]  ? xfrm_netlink_rcv+0x90/0x90
[  123.648472][ T2323]  ? netlink_ack+0xb60/0xb60
[  123.653066][ T2323]  ? wait_for_completion_killable_timeout+0x10/0x10
[  123.659648][ T2323]  ? __netlink_lookup+0x387/0x3b0
[  123.664675][ T2323]  xfrm_netlink_rcv+0x72/0x90
[  123.669433][ T2323]  netlink_unicast+0x876/0xa40
[  123.674194][ T2323]  netlink_sendmsg+0x86a/0xb70
[  123.678945][ T2323]  ? netlink_getsockopt+0x530/0x530
[  123.684130][ T2323]  ? sock_alloc_file+0xba/0x260
[  123.688976][ T2323]  ? security_socket_sendmsg+0x82/0xa0
[  123.694470][ T2323]  ? netlink_getsockopt+0x530/0x530
[  123.699770][ T2323]  ____sys_sendmsg+0x5a2/0x8c0
[  123.704551][ T2323]  ? __sys_sendmsg_sock+0x40/0x40
[  123.709719][ T2323]  ? import_iovec+0x7c/0xb0
[  123.714237][ T2323]  ___sys_sendmsg+0x1f0/0x260
[  123.719042][ T2323]  ? __sys_sendmsg+0x250/0x250
[  123.723822][ T2323]  ? __fdget+0x1a1/0x230
[  123.728367][ T2323]  __x64_sys_sendmsg+0x1e2/0x2a0
[  123.733432][ T2323]  ? ___sys_sendmsg+0x260/0x260
[  123.738297][ T2323]  ? __kasan_check_write+0x14/0x20
[  123.743419][ T2323]  ? switch_fpu_return+0x15d/0x2c0
[  123.748614][ T2323]  x64_sys_call+0x4b/0x9a0
[  123.753113][ T2323]  do_syscall_64+0x4c/0xa0
[  123.757814][ T2323]  ? clear_bhb_loop+0x50/0xa0
[  123.762690][ T2323]  ? clear_bhb_loop+0x50/0xa0
[  123.767369][ T2323]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  123.773375][ T2323] RIP: 0033:0x7fdb79e0ebe9
[  123.777809][ T2323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.797507][ T2323] RSP: 002b:00007fdb78877038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  123.806114][ T2323] RAX: ffffffffffffffda RBX: 00007fdb7a035fa0 RCX: 00007fdb79e0ebe9
[  123.814085][ T2323] RDX: 0000000000004000 RSI: 0000200000000580 RDI: 0000000000000004
[  123.822054][ T2323] RBP: 00007fdb79e91e19 R08: 0000000000000000 R09: 0000000000000000
[  123.830192][ T2323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  123.838176][ T2323] R13: 00007fdb7a036038 R14: 00007fdb7a035fa0 R15: 00007ffcea2789d8
[  123.846153][ T2323]  </TASK>
[  123.849164][ T2323] 
[  123.851542][ T2323] Allocated by task 2323:
[  123.855852][ T2323]  __kasan_kmalloc+0xda/0x110
[  123.860534][ T2323]  __kmalloc+0x13d/0x2c0
[  123.864789][ T2323]  sk_prot_alloc+0xed/0x320
[  123.869341][ T2323]  sk_alloc+0x38/0x430
[  123.873581][ T2323]  pfkey_create+0x12a/0x660
[  123.878075][ T2323]  __sock_create+0x38d/0x7a0
[  123.882650][ T2323]  __sys_socket+0xec/0x190
[  123.887053][ T2323]  __x64_sys_socket+0x7a/0x90
[  123.891801][ T2323]  x64_sys_call+0x8c5/0x9a0
[  123.896307][ T2323]  do_syscall_64+0x4c/0xa0
[  123.900711][ T2323]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  123.906701][ T2323] 
[  123.909014][ T2323] The buggy address belongs to the object at ffff88812055f800
[  123.909014][ T2323]  which belongs to the cache kmalloc-1k of size 1024
[  123.923341][ T2323] The buggy address is located 1016 bytes inside of
[  123.923341][ T2323]  1024-byte region [ffff88812055f800, ffff88812055fc00)
[  123.936889][ T2323] The buggy address belongs to the page:
[  123.942590][ T2323] page:ffffea0004815600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x120558
[  123.952821][ T2323] head:ffffea0004815600 order:3 compound_mapcount:0 compound_pincount:0
[  123.961205][ T2323] flags: 0x4000000000010200(slab|head|zone=1)
[  123.967388][ T2323] raw: 4000000000010200 0000000000000000 dead000000000122 ffff888100043080
[  123.976038][ T2323] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[  123.984637][ T2323] page dumped because: kasan: bad access detected
[  123.991028][ T2323] page_owner tracks the page as allocated
[  123.996726][ T2323] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 283, ts 123392560636, free_ts 123392068026
[  124.017407][ T2323]  post_alloc_hook+0x192/0x1b0
[  124.022171][ T2323]  prep_new_page+0x1c/0x110
[  124.026769][ T2323]  get_page_from_freelist+0x2cc5/0x2d50
[  124.032304][ T2323]  __alloc_pages+0x18f/0x440
[  124.036963][ T2323]  new_slab+0xa1/0x4d0
[  124.041022][ T2323]  ___slab_alloc+0x381/0x810
[  124.045596][ T2323]  __slab_alloc+0x49/0x90
[  124.049913][ T2323]  __kmalloc+0x16a/0x2c0
[  124.054260][ T2323]  kvmalloc_node+0x206/0x300
[  124.058839][ T2323]  xt_alloc_table_info+0x3b/0xa0
[  124.063760][ T2323]  do_ipt_set_ctl+0x861/0xce0
[  124.068419][ T2323]  nf_setsockopt+0x272/0x2a0
[  124.072991][ T2323]  ip_setsockopt+0x25e6/0x3520
[  124.077751][ T2323]  tcp_setsockopt+0x1f8/0x1d30
[  124.082508][ T2323]  sock_common_setsockopt+0xa0/0xb0
[  124.087878][ T2323]  __sys_setsockopt+0x2f0/0x460
[  124.092907][ T2323] page last free stack trace:
[  124.097655][ T2323]  free_unref_page_prepare+0x542/0x550
[  124.103220][ T2323]  free_unref_page+0xa2/0x550
[  124.107890][ T2323]  free_compound_page+0x78/0xa0
[  124.112726][ T2323]  __put_compound_page+0x77/0xb0
[  124.117827][ T2323]  __put_page+0xbc/0xe0
[  124.121969][ T2323]  page_to_skb+0x7b9/0xb60
[  124.126390][ T2323]  receive_buf+0xc64/0x4ad0
[  124.130891][ T2323]  virtnet_poll+0x545/0xef0
[  124.135376][ T2323]  __napi_poll+0xbe/0x590
[  124.139714][ T2323]  net_rx_action+0x371/0x8e0
[  124.144289][ T2323]  handle_softirqs+0x250/0x560
[  124.149046][ T2323]  __do_softirq+0xb/0xd
[  124.153220][ T2323] 
[  124.155524][ T2323] Memory state around the buggy address:
[  124.161135][ T2323]  ffff88812055fa80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  124.169176][ T2323]  ffff88812055fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  124.177217][ T2323] >ffff88812055fb80: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc
[  124.185272][ T2323]                                                                 ^
[  124.193314][ T2323]  ffff88812055fc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  124.201389][ T2323]  ffff88812055fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  124.209717][ T2323] ==================================================================
[  124.217854][ T2323] Disabling lock debugging due to kernel taint
[  124.224889][ T1854] Bluetooth: hci1: command 0x1001 tx timeout
[  124.241086][  T427] Bluetooth: hci1: sending frame failed (-49)
[  126.266412][ T1865] Bluetooth: hci1: command 0x1009 tx timeout