last executing test programs:

8.301188837s ago: executing program 2 (id=11170):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0))
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
fstat(0xffffffffffffffff, 0x0)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_extract_tcp_res(0x0, 0x0, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000000c0)=""/83, 0x4da, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001180)=ANY=[@ANYBLOB="61154c000000000061138c0000000000bfa00000000000001503000008004e002d35010000000000950041000000000069163a0000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ff3d4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2739670b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc401000000cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be19637302f3b41eae50509fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524a3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d545ffffffff00000000a1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf857689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684ee54c0a263c806aabac2f66cb052f847c62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961ef4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fc0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bb000000000000000000000000000000884efcecca45ea4ab2ec097668456a6ff12854997f5aed737d5205ace5c0b64f87ef10784d0479cb44ca077e0c4ce6ff880e2ce3de63853a9740e9233683bfc8636bee293aeeb680b399a296e6f44c07b5fc5d9d359af007f23004a7acb6df23664ea209620b4fe0f4df81c33bd8ca2335cb4b50881937379b45a301175c3e8eb32970564ec8e25c46ee3bae079faedaad94276cfa251be8256c4c37fc84a25c3a2feb39e94a5266a10716d4a3cef499fa176018054e9149a1c9d20a809ce3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)

7.058951319s ago: executing program 2 (id=11179):
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x2f, 0xc, &(0x7f0000000380)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0x3c, &(0x7f0000000240)={0x200000000000001}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x300, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be38", 0x2}], 0x1, &(0x7f0000000080)=ANY=[@ANYRES32=r0, @ANYRES32=0x0, @ANYBLOB="ac1414aaac14140000000b001400000000000000000000000700000007038b0100000000"], 0x38}, 0x0)
getsockopt$bt_BT_SECURITY(0xffffffffffffffff, 0x28, 0x6, 0x0, 0x20000007)

6.275687694s ago: executing program 0 (id=11184):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1810714, &(0x7f0000000440)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1}}, {@init_itable_val}, {@nolazytime}, {@grpid}, {@prjquota}, {@norecovery}, {@lazytime}, {@errors_continue}, {@auto_da_alloc}, {@test_dummy_encryption}]}, 0xff, 0x468, &(0x7f0000000780)="$eJzs289vFFUcAPDvzG4BQdmKiIIgVTRp/NHSgsrBxGg08aCJiR7wWNtCkIUaWhMhjVZj8GhIvBuPJv4FnjwZ9WTiFY8mhoQoMQG9uGZ2Z0q77JbWbtlN9/NJBt6befve+3bmzb6dtxtA3xrK/kki7o6IyxFRaWSXFxhq/Hfj2vzk39fmJ5Oo1d78I6mXu35tfrKWK163I69zOI1IP03yRmJgabWz5y+cnqhWp8/l+dG5M++Nzp6/8PSpMxMnp09Onx0/duzokbHnnh1/pkWvf7u01jiz+K7v+3Bm/95X3770+uTxS+/8+E3W3z0HGsezONZa5+0MZYH/2fjbNB97vNONddm/tZtxJuVu94bVKkVEOR+cl6MSpbh58irxyidd7RywobJ79tb2hxdqwCaWRLd7AHRH8Uafff4ttjs09egJV19sfADK4r6Rb40j5UjzMgMb2P5QRBxf+OfLbIum5xC1Fs8NAADW67ts/vNUq/lfGnuWlNuZrw0NRsS9EbErIu6LiN0RcX9EvewDEfHgGtsfasrfOv9Mr/yvwFYpm/89n69tLZ//FbO/GCzluXvq8Q8kJ05Vpw/nf5PhGNia5cdaVV5U8fIvn7drf+n8L9uy9ou5YF7JlXLjAd22Ys/UxNxEpyalVz+O2FduFX+yuBKQRMTeiNi3tqp3FolTT3y9v12h28e/gg6sM9W+KiqZX4im+AvJyuuTo9uiOn14tLgqbvXTzxffaNf+uuLvgOz8b19+/TeVqPyVLF2vnV088MJq27j462dtP1OWV3/9L8qu/y3JW/U13S35vg8m5ubOjUVsSV6r55ftH7/52iJflM/iHz7Uevzvyl+Txf9QRGQX8YGIeDgiDubn7pGIeDQiDq0Q/w8vPfZuu2O9cP6nWt7/Fq//weXnf+2J0unvv23X/uruf0frqeF8T/3+dxvtu1PcRpuuZgAAANjE0vp345N0ZDGdpiMjje/w747taXVmdu7JEzPvn51qfId+MAbS4klXZcnz0LFkIa+xkR/PnxUXx4/kz42/KN1Vz49MzlSnuhw79LsdbcZ/5vdSt3sHbDi/14L+1Tz+0y71A7jzvP9D/zL+oX8Z/9C/Wo3/j5ry1gJgM6pVut0DoHvM/6F/Gf/Qv4x/6Evr+V3/RiXKK/x6X6JXEpH2RDd6JnGwh0ZTuQOju8s3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA75LwAA///foPki")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f000000d379)={0x0}}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020}, 0x2020)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000006c0)={&(0x7f0000000780)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x84, 0x84, 0x8, [@func_proto={0x0, 0x3, 0x0, 0xd, 0x0, [{}, {}, {0x3, 0x200}]}, @func_proto={0x0, 0x7, 0x0, 0xd, 0x0, [{}, {}, {}, {}, {}, {0x10}, {}]}, @enum={0x0, 0x2, 0x0, 0x6, 0x4, [{0x5}, {0x3}]}]}, {0x0, [0x0, 0x0, 0x61, 0x3e, 0x61, 0x2e]}}, &(0x7f0000000600)=""/152, 0xa4, 0x98, 0x1}, 0x20)
fchmodat(r3, &(0x7f00000000c0)='./file1\x00', 0x0)
socket$unix(0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000800)=ANY=[], 0x0)

6.109996898s ago: executing program 1 (id=11187):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x15c, 0x65, 0x0, 0x0, 0x0, {}, [@TCA_CHAIN={0x8}, @TCA_RATE={0x6}, @TCA_CHAIN={0x8}, @filter_kind_options=@f_flower={{0xb}, {0x40, 0x2, [@TCA_FLOWER_KEY_ARP_OP={0x5}, @TCA_FLOWER_KEY_ICMPV6_CODE={0x5}, @TCA_FLOWER_KEY_TCP_DST_MASK={0x6}, @TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK={0x14}, @TCA_FLOWER_KEY_UDP_SRC_MASK={0x6}, @TCA_FLOWER_KEY_ICMPV6_TYPE={0x5}]}}, @filter_kind_options=@f_flow={{0x9}, {0xc8, 0x2, [@TCA_FLOW_EMATCHES={0xbc, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x5}}, @TCA_EMATCH_TREE_LIST={0xa0, 0x2, 0x0, 0x1, [@TCF_EM_CONTAINER={0xc}, @TCF_EM_CMP={0x18}, @TCF_EM_CANID={0x14}, @TCF_EM_META={0x14, 0x0, 0x0, 0x0, {{}, [@TCA_EM_META_RVALUE={0x4, 0x3, [@TCF_META_TYPE_VAR]}, @TCA_EM_META_LVALUE={0x4, 0x2, [@TCF_META_TYPE_VAR]}]}}, @TCF_EM_IPSET={0x10}, @TCF_EM_IPT={0xc}, @TCF_EM_CMP={0x18}, @TCF_EM_U32={0x1c}]}, @TCA_EMATCH_TREE_HDR={0x8}, @TCA_EMATCH_TREE_HDR={0x8}]}, @TCA_FLOW_MASK={0x8}]}}]}, 0x15c}}, 0x4001)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0xf0}, {&(0x7f00000007c0)=""/154, 0x8}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

6.036950804s ago: executing program 1 (id=11188):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800000020b9078792"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$netlink(0x10, 0x3, 0x8000000004)
r0 = socket$unix(0x1, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee6, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x3ffffffffffffda, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$incfs(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r4 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
mount$binder(0x0, &(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000300), 0x1010020, 0x0) (fail_nth: 2)
getdents64(r4, 0xfffffffffffffffe, 0x29)

6.031299144s ago: executing program 2 (id=11189):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x56a, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0xb}}}}]}}]}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r4, &(0x7f00000077c0)={0x2020, 0x0, <r5=>0x0}, 0xfffffffffffffff3)
write$FUSE_INIT(r4, &(0x7f0000000100)={0x50, 0x0, r5, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r4, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000015000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000001f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a10000000000000000000000000000000000000000000000000000000000000000000000000000000093160000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fffffff3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f40000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff0000000000000000000000000000002000", 0x2000, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
syz_fuse_handle_req(r4, &(0x7f0000009800)="c119ed7667ec1da6ce5ad10520d9f0d916f246337b0557963a20976c5c2e3b9c50442c3aa3ad8af4490e25e8a248ad6569c868927ce88fde8f6dd47700c012579d8f5517c15a8692ebbfe31637d24da9b182159a75eb201be82b5b3482e6f7d3344eb462be4e452a789b9246974e521beb91400d62ba27d79dc7e4a2511c941b7658a426f1b03867abe8958cf54e277c8c7eba60d65881156958563b415fdfb45237d979dfffc5a2399d245c064928d88f8f2ad57fc65556fc4404b0deb7fe8b794c8f853fc356646a4bd5a3bde17b164539cde75bfbcb82189d10658affc840871f99d48a657c0a490f44959ec808a7de09590156b5f4dbe9689884f22c3388c3d735ab0a38bfa911e234a40a7700258e36df5be8b1e6e8d229a9ad553628c9e2d099d87e54328d8e75a59b5add9aa55447c933e752fc3bd90aa92645449401e7a715f3b4bcc17c799eed78a917850f05886472640ec78ba017ae6e83683db81d999696d3ad34143e5d6be46724f4086dd8480e85b070e2980ee952ef91f8467bf542428b1958ead9f7a09641d0c33c1566e77a3c923d94bee7dc9046e8b6803dc5c5a6e34ba951d2a0fe9d6d03a57391560e2328e8c581474e38e40055b45f7467b4dba95d64dac57b6fc0dc8a40f054aa801a3c022dcfadc793ecfb9968d3121157b0a8b25b99b09038c58570205b4166f3bd749d7a0f8bf89033e11c0a456bb72788cf7ccfeb980ce085711f8ea531fcc57206d8e0e0aea1f3220066c7769d71026259468604a5cc7331cc971a4cd78d8552e0e0d9955deb21282a27f0a5f8364d0f9fe91016f086c10a3662a154316891ae4fb8cc3481b2253bbd09c64629f3ffcb5e82b495e6721dce47734254ab64cc119c2a446f34d6cac813a3c0444d9a13ebbc0fa4baf1bdf78b9a9cf6620fe488bf2a1bf7e857ad6ea157542761cc6a7da8d4c2242853a1fd14629491680253603b910466927c2dd4818464d7d9c246b9cd726d123d1dda95d0325370a0f1b5751796d13501a2aa1ec0dc70a5b749f8d171cb7569d9b74354883a2216f452cc712d0829c8c5f206cc7924652473931adfd2bd3940b3adaf54967c0af599d4968da74f25d2cc309dbdbe3d6faa08f2c08205365d3c4a2c8344b1047c7d0caf6b595e5d24c89ea1b532fe3094d7a16c716110b75deb22a5a281c0f133cfcfaf5238a3c493c4f97f890bb33769ea652c67149be70e62de16b65730b3bd2f547c084ee77d456a86bf8f1f7304703d2524443c4b66ceb7d2e5d97124a6ae48158c16cefa3eb94a7ec49ae43dd02f9edd0924d73c7cec977186442518b8dc642dea31dce2b79b4ec5400210817da04caf0198e933e8c618a5f0e7123ca5786c45b10a543e7de350aa4c072c85612a99ec9534f70130eebc0ef842416091a0adba1d30730d04080928c094d49a70f0a354b918725578b27a9b65f1a43a7dc9d8b6c9a23e08ba83bb8802e69454eb316a6a0188713704b30098479f5d99497e60ffb372dbbe07642dea12bf6f3f4b6c508f1e061b0211b9be792fda7bb86f51f018085f2fd5ae316c761b35d562dcfb783b87d6da0820947f5d055f0f7cd3c50f1c61f1da1a73c7ef107f0ad957977a33cdc67f6aa82e03490f5333c1ec0a1fbd14b2aa961d2b3f6315bd06029c4c9654414bd9256de44ecf3b0485a41a9f7183d0469bd327f549201924ab80e3227f228e20e9fd3b646b3134385ed058f4bff4f714cdaa855e2c364d7bbaaf26df65bdb9dfc4f6104d219e41684493c621588ca8d01ef3211c28d613bc67e498b4b80279249bd947d029315dcabea9362e0258a5a819530459df44f7c83972299e54a29afd836fb176cdc1d86398b6c7a75cd15b1f76a0070839b5a24366603a0aee35a9f784e4a633703de42e6648a9626160a25c9033242cd97eb07ffc54a01d94c48333e832ec0eefe51a266fcb526dd2954cd1147d2a2df260affac31e4cec7ece02dce3f61078b0111b94c3bbddd41487e33820ddc8cdf7a1ebc58531f280e2c12a8514bb4e7a176208b73ec6f4cf1b660393837dea00a8474fc41039db848ad6b0375a36ba35582736cf7bdb33a051d49f966fd17a80cef2f0c458d1d5c932e4193c5018105416ff1b27eddf56d4277a49d0adbf34c998a062db4c8263f5c03696cda85a6f0db49a5c58e2809d7519e6ecaa017d90e31eef725fdb3f26d77bb15a3d924d3ccb728535dfdb7517a10b9a54a551c1ec95c6770ee0901d18f24149678f1677d1f5c447aee584c6f1dbb7a952da6b91e8af3d98fe790201b89a05b61abacfe6acd7a774e3a12436d169f54b8e2572f0ed70ca78e801bbc3b783d73c96d5424b82de2d8ba84f585c67cb4c7d8175b8a2fd75a59b24db0403064924a4a6ea5423ee818b70d1c5403da14370fbc98ab4ea6a7fe78e7d3e8da1a3f04856edd96e8b9d7e80064daed38d0ca194a638a11175a9812569a640a8d373aed41e9a1e0118ff7ecade45238544dcf5864697c4d36e444fb82bbc222a8a2bec2869c623f61aa38299d3a4e8806721d579907c31a0cf50b82dcebe08d8c5a21d97a707d5a83de1fb145227d0303334e5cc73c628e818ab6901c001ef8f02557d5ec579189b620f0e3307df5273573f707ee91985823894f9ccd80415c91d7baadd31ceedb3b26212e09a62bc22392fbbf3aa5e340dd3408c1c9e3d1d144dd5260c904812952466ba31a2dc80b8826b1354335b0d754954bc93cfce0eaf93665600f67505595ed66eb38ac98a23ae6568aac700361e784fc8ff3cf0cd19e15a3508f42fb1bca1f95a6502b5ed09df0f75859527025798b890df2f0110cc20798a7096831c9822ed5a9341fd6afc85a78736b857bbfbcae5f61fb5a3ca5577c4bfb6b1ccac7f21e95cb2c1e3fbe91f5a46522bfc49a0e11b4ccae898b5215cebacac2ac8d6685b05a9df649d39e40c66f4f1373e77a722beb0ed05167fa206fd66cae5b01741f86cc1681ce7efcee5d67cf8a89627d7d02ca8ae96e32cd5d74dffa715b7c2e0f24648932930e69667939490cadcd06b4396800152fa3dfb4810ab6c4de8f0814a9fb211517d19932befe0c0613699d481ba2d3140836d9dd074ac5dbbc27284463f190442b453d4a06e1e0053d0e097420e1406b104cc8bdc486a1fc581cf1dca50f63ce3de1403eb4a5080971aa2a2a911c3d24d0370b1c062e6b21c6a694eda76e61b877e596d34ebc507f10c3bbf969793f5b71d026d03cfcc2bdda2acdeea4b7066f07be408f6bb35ba7f3b8196e9a1d1ea30ff709d8c0fa29c40056bd53e609b5217976c422efe8052e4cbda4b12dd2a1286a4460c57bb3a138c55408fa6a0888e32299cc47efb84ad61a98385854824ec253f1279f9d1ffe6becb8c427b53c57b537e6494f6acc7902347589230aa7316523108ab38842b3b97a0840d4c3eabd229232a71302edd1f3375d0092cb3a07312400c1be8a94da53a79d2fce38fed341193f6c4dc41f396774145aa18400bf108577e714f4a4c50ce408392f954eeae696d2605bb973b147ef98fa35d576c957a01f262d81157e1c8aaafc708634366afcebbf31cd4b7190d29e0b3a2960ab5ea952eecd38becbb7cf7659a95044a1ebe4240b0d26c7a932c14c1252eb24bad57be94c5632bc42aea31f722904306d39f1d0850ac029537c4425d048ecf3fcb5428638dbcb86e17d60164fc396c706c10f0a1ccb4dff2f36b47510a749dc03e32fd7f13893db135790d29a56fe1fae6d0202831d440242be2086c6e5dc71dae14089fc080a358f159faafb397da8ad8b48b1615112c76627a0e47a7cbfd2cb0e9a9c5316e96f8c2cf4ab7c875ed1bbd5a020ff2f265a1f63b6151a2288c3e83183e68cd12dce8094d392137f061d43421eeeee504e4db172c9fabc6297a5641a9a7696f16660489fd6f7ad9421068bd1294941e51b8d2b818627e3081369583e91c6b8b68c93173dc7fae27f3bb9a4c6a3d69cf5bf28b3f8b5c8fa8a8a90bfc228acd1df93c8b3f15fb318c7524ef2e8b6bc18010b4ac5b448dd3a134531654d610cfc9b393b5b1a22e90377b74ebc64aae95987881c0602311c0fa94cd612889125da49b810acf9617263b55e504b1b9160675cfbef83170fba4134640cc2be541bdb54077dd65304eddabcef91a3445804bcdbf00f53dbd3345c190c2ec117dfa986dd04c3f02b7ba9eee47538c5fda856d432cf343596c53cf3c109ada41fc6d7b09c3f14b60c2c8a4cdf5ee0791017cd25f7ad96d0c51a5cc52e2647826662a99266a2f2072b7b1acf805d44d8064d419999df38537ffcd78a78ce3837bfe1faf7dc79f5e0d32ea5e62c06e6aa716e0e048cd5c5fa8b4212ac668ffaca2a4e8afb91aa7425a800fef89fd97587569489088b434510a38a49e8ee3e1b96a307dcd999268967405f354dc0478bac5229203eb9d6aacc2db83e233ce852ad55b799b6923653d3d5788ac56ffdfeb206acac33010161536e3573d54eea1925b6f4edc6aa193e9e362681e34564d146b49ed916ab8d6aea1a78e526c7a0dc56f5ca90d07862d17cb3f21307f2e012ffd011ec64d4cc23faa4a08c4128c0892be5d5999f681dd28bd6796f83e1e0b80ab61249e5049e81c2e692e360194129d1c9aa13d5302d3cbc6060159632c6d3c2db27c3fab53e0919a81ff5878f6328536292905883095b65581b696ee94a8a0dd7d0d11a2e269959a6f848c87eefef283e57fadf325b665ade2d6591b283c33ce9092ceb39df5bf6ff92cd6180353d8021cd3b8a7efb9be4f79b37ee19e4b9eccfec49b1f526420aed78424d5129afca3e28e1e6cb5cfdd894289abd5ee69d29413c548f65baea4c99ae73055000adb0dab38e7bc6c9c562a3214e3b279decf1dc731ceed1e4def2d70360953886da1eb7b18b745fd6d8751d038c6cde166d4101df1418689468d3add001cc44c8f2ab8105fc362cf5792d5c270441af890ba4bd563ce68b57a0f99b80ba93f7fea3765ec1fdadfc7274d4d7c46da05fbaf47e29de56ffc53f71188f94cc3ea26197eb9274aea10f793e348541feda0cb82915fbc966d317b74ef23a851f3a7886fe99c4bf917d5932dc9576313518276f690f400b8de28cc92c2b753ae283c7fa1639af82ab939e3be687621a525dbed50d33cd6366d559a75f1bd1cf25a0bc421c79debae4263beb171539835e6e5447d411383c3d7ebc8157892ab6d5013d49b0b777dc27f629e9e0924d889702dec588045563cc09cf1bea68fcfd0a2c6943248009b95cb6055b5c2f521c4120ecb4233c47d7f0454afa93063d5b26b94530b3b3089b85b64ebc684e5c38a561ba437b09582d38fd379e48e752cffc532bb8bec2999b2ce70fb9e5d7101d740008c935680537e8992b576c9f5dbcfb35513c11fa48caaedf52a6bc350aa2acbf1ec561680d8ee9837d3373e2d51183279a95d41eeb9558dee0fa43256b9a19012b3091a4bc1e94961beb05c33869915e69413122a953e0be0fb9759c9b8ac1254aabcce151638d60d197458e9757a1d1b0e7286fd66dbbe9deb51ca7274b3e0efb464ff44aafd5024cc534ce0d725bdd4e43601279231b6fda22ec25a680588794f086a9c094b751c575d0e0251afa27381c55a9c190ee3af55af0d20424db2411233fe46c537b41dc576639979469925a8c8e515539bebba248d3372ec80875afd26a04ef5d1aeb61390901eccf4df562680445ccd6a90fc70cf0ec08910b23e108ba9b35a689fecbeeacccda80a2ac86d2e7ed2990ac386ff3cc7992ea29d94bbe7d13c96cd31763cb8a5a150c6ee1781160e27df9b51678e650d009e95322a0a63a9165288be42681e3dea6262e00ffdea6f076b9bc810880cfed87a609f1096dcf6af0f053b5ed80c2053157b97396d2876f6600149cda0fcbdac08621ae99e9fd24393d30c3911da7573c3675a695f9e014a3dc2d2e45296abaff428a733cb742a01df7059828f64e515099141081ab3a263c7c38459dbc0d32fa8768b8fc3550131d286637e25466d2a129d587663d9d0eaf4079a72cf37c9fccf5f2cdda2e9db69d82a87b4cf9c20dee03d935cf6099d1d1174344d551cb569a73c21ccafa6c59b988e0681bb175edd912cd64670598b444825c8f4a280dfee91ba18f50aa0f2fb529e5f73302fa09c4b9937f19ff6175af4f1321d3dc09e692ca7e1934f31ac91fb6e6fca4b1dda3a0063c8eeb5f68d43c820f8b9e1c6903ec1a2626ca3536bc386f42e7d865102daa82db5b2d2b580825afcfb65ca9c5cca7de06d838f84a84ee4f8381c05de2a0ec53bdcc447df8e8b9921c21cdd43312e1454790d727ae9c33487239195afc93149090e3c47dd9ec03feb51551ae92e9dc21ce5ebc4e8c8b99b9dd09ecd33a949aac69299024a52680c91244fcfefb9e2def28d0cdb621d7be8442c67c61b18a1228d341014a3116e9b8f2829e291f788e368b6e36460a6a76987918caa641f06184ab0a3910a43dfa97b3e5c31c837a12a436ee8796f9f507cfc438e6b061a59342be0c0bef0b646973d58830063a28c1cd3f434173f450c2ca3a846adcedf6b5d0bfd0813948e79fb8b6bdf9a5add644ab2a1d9795faae8ab680db6a4ad933848ec6ad09b212605ce497b2dba4eea307c45c17099a3f116508c73371d6f3dad906cf8ee9a9eab88e9365fc78112dfc8a4f865e627f1f6e11357632a3a1a2e9391f56376f8e181555ffc98ab9d93874392e81aa4183e8caec57a4a29613a3c4319595553143adf28bae56b719b8be0b2acc4b03038d48de63b19ca362945637d4a385becaaddad5b3dba297ffe71ca0cc9c9c1ff843ea5f0dff511b88ec7a6001a2570d09606c36d6bede06c4c7e93c77ca3da73f9933b16650df963a39ff34a3e83bad1c14a5a9457166f13c53502e9b9600982aa99598f711ef22720204282c9b02fea3eb55d568160f0fd62633787a77fd8acaed92f2607020c26f6f9386f9021f9123204a3f20e745caf37849b25f360e174718e1d78a32dbdab5d5aeb36c9b3366167b0fee60883a9b0f8bcd9695472ff4820462fa6f75801abe45c4ce02c6de61bddb434bf020b1145f0ca58f035f46107ca63a507498d7a1ffd9f6d3071479aec5999c1e7abc0e014c5be04b92486dce4d8bd88c321f3017050c599a6ed8888f810c75f2607fd35a8795b7478d1c346ce6694a0e1e3604cbe2ec7a31415d80508dd23ffe4db304a2ca1bc65681cff1135b95fc05f0a3b8cada0f5c83e8d0f3cdcbd4bfb48a7895cc9535d81d13ccc8f9534dfc542d9837e352eddd62577ee711d26bb07f41e9948d4b917a926eb8093944ae45cc6dd13ec9b61816950d158226ab7f1b8d8a1465f3eef2e9a63b3ff097282d2541fef5102c8b651ded051d3219f6527d4b5b6fcb1bd0fffe7080abde84ea1acbd2b89b0c9577fd7273675527a12dcaec02b3262389b05c2c09792ce465f7a879de0270fc2b6f28403a1dca0c5fc28f0687351c5bb346de8cfea7532b834904bb012731ef8fe83036c95251c757683834672fa80ba8383308e3e9e536fb0e906a9727e6b2870c3a8ee056d353a3fafe8e9ffde7b0ce951b60b35fc2f7d1e476ad1c45f2559ac66dd007fc27253256f98877a4476ad273880a874023e3f75b14b32366172bf860eb6dbcb0a98b83972e23b02fd02027ca7f9eaa0ee38eef55ccbace6ea3051d79c6017c34b5b502a9b0e52c8b4bd80391af549e6f4accb1cfdf2071de59ba903dde378d9e66ed0cbbddd66ac365e64c8fdb93b97305a55cb39beb745d4a824d1de5282b1b839a72603fe033f8c7aae2cbab65fcfb54eff28eb0bd4c72e3e892f953e3251b88ce178641e79ab5484bff93a8eaaf601be15368b46690ca10e70188f581f999eac931fe48f31b8951ccff1ba5d6cc007246595bdb22a3dcbfb2c9fe0d010bbab856f4c651dc5ab7e8fb0193b1c9924facf3c05a255ef328d589a0a89bfe67c7d971bd7b708517c8540391f6a6b9724069e572be3f85ca86e46e6fdedd22695fd8b364f3d10723a34971a39e1822eac8f51661ecd13c41e6349c030434a0dff79f441cb195bb08717345cf29401c834c35d9009895b6e5c03406b202ee333d7f531898967f93aaea74265fc605fb4b5a5750305ab82203f2fb49493a5d3deb285a2777c8641b3d5df1c7cdde888786d314ccdf20b60c5e05279160fae24073027d8b8b61aa4e4760d8d7d785d2fa1e551c2ff644bb83e69fc574c754a195efbca225e7a5e5ffb1f0852cc80187661295786fa35cca2baba685f744ec9e193e212823741437dde5ca003973261a167a389f2e5ead402feecbb4045a39d3ebd76c4bfcc65f60bc841f8488d08f258a95caf36cbac22671ac59a7e3ebd22d600bc417b15daaf296b562928ca6a2d7c11c5e96d3c1f56e683f1a55c07dde2cf889be2ca901606b613a299703312e74f80092ff6128835ea200fad70e0c2d094818ba6178200a211d6b2d2b068a4a0d757361535a73ad59a309c2167c874b23b2abf4e5eaf76e7e6851d4232303b8c9073ccea7398d34732289d0530f4183d004cc4c9827668005d28799ed2b23005f70bfbdcf2f4b6a821c2ca12b7915a5bd6098753218ebc41b16475c8611f492f85b08f551fee983915a5cfc82d24abd29a281963feadfe33cfe14735168b2e0528b0493011aa234d18450d9b29322d7094f3202f6a6b49094dad52707a3a80324835bf34daf557ac5f18695069601c6011f148084355af3b531fb0e16a6ff81a8f9708e1a610d38dda66365255c7aa3a3d37bd4b58baa13d1b910280567642f97bf4836a1fcf336bf6e9a0fb347abcd1cdccfda04acdca918766a64fe7904b2e67b8872afd4366f9feb944f9b9ae5577c76c55c24b85e44b48d464333ba1a9f6e1e8ba10b57d7d8aab05e86702637485998fecc12b3fb12ff7ba3fd26223881a06350f215a8bffc46eba2cba0af2e11439ce012c667c5cafe3d0690c77b3f1ba108caffd5726393e61f194295cf4c51d0d383632cd9b75daeceb84ec450a0d344b08596530f1b95ff8b034c04b263a530c59d822e9c8c5c7328e539a18a2905c117944e22eceb60247b7aaaabdf0859a9143ffe2935454b6a87f21bc1de97893c23b48ce03782252f60e880f56b839daae71aa8a19e753506b370739ea88294ca2e0c1af31438ea33b084c43c6fa1381b7f1b9423685c53f3438e1e8893c6d157b297b336cf7f032ab4c01248ea5b2222e24f90240d8f28f6455e36cc423dbd2888d56c3fe6bdbcacf397ac13a1983797f7ccb84a1cb83339d4e9f599a154ac406a3bee3d4b3749b4f0768b0b225f31c9c91dc26a45a2e109a218ddd22af93b86b6fe336d3a051f7e07ff1d1d5eb662de4cfda0dacce0e20c37f34c75a97815591da22aacaa1e3a8028af1b5e15e470e800fd1dbdc99f21687724f07737c2c315e0836cb169f71e689fca00a2c73fe666699cd6571ea106767bd7f0bca061f0b4a21991fd02b8e695b78474ee1c9bc13bcdb9e477c02acf2343d449f9b85bd618bf7a2bc353c356b9578d3316b17f8bd3fc20f2b1a7a4cdc518e79c77d472c5cb6762693388d3124579d884a49a69d7f07c332be891c3244525c2e6b9387c041b93706a0121365cdf69aa839346e5e180945d8af7da0a8f65cd1bad1377d13ff6d02e7ea54d4377a1d3d49d3d357e61890034409b19f44fc02f5574f40fe535bd423bbd96a0a542ccade1b478b78265b25c1322fbbb8ec99cb45b22d737ee248169fe08f8a2958b925ace6372bcf1d1be57e9b4de97bd0db62425c53d869794d4390312b67db5e61d1b42c5afa549065005f359c47734f54b7f30918be1e2d0ff21596258caa287159fbe6dc0090242c43815367bb45067a55e0658d58eefd081b1541cf393561a5a369fe90c6d5d8caba63198c84fa0467fae813ecd3fb740a3783a53dfad07c9493fb3936b802e1bd9fb558bae88c44d9a4795aa634c13a5fba50923636ac6e2952da6c8424cc616eb364c11f876663d105fed392c15dbb00f9caf50af20c44e4fea91480cb4bfecaf126451e6f19146bb2ff26d310416c62410c37b000a1d1f0480419e5f5f320827fce26fbb25c9ab882ad4bdf6a674aaee87b85309a9783bbd34606ed46f6f761c5e124825b0e5df507c505814c769323bfa36170015e1720e2cbf30f79cc8515df1fb7d58695ecf8825e924e098d0dfcd5e396093d996a2fd4a9c5de03254b12dfcd2342f49acbecf18dc3417382e5b507652b1d089eed0805479546eba0fc7d17ecf11d692b4ce817f270720cf20737d3f02e302cf5e18d649bf3405fd262dba305e916280a38e3511307033dd70d2cde39d528e676f6a051ebc73b6ff0d5f63b58970e38e39ea366977a0809e22eed665620f65bbdd2f94ad82f3faaba1bfac309f60f843fe89573787092c8f7a7b44018ba7daba13e6b093b496f79adc0732574cac1cc33e5234d7770ad6cb534dab9856e390e172a91532ae77f4ec98054f4c12b02d0438ddf8d8d173e6a59f66564accb785693897b335199d9d8338e242703ad120f465a19153a1a330dcc275a399af921e0dac2b6d79ea51ec72fe932be071352c12933367487d7385de66d62b2bf5cae6c4d54f099d7c4ee10919dcb33a2b31498d979504b619a6eaf64ed400e491859f9c78c1d9d434d6ac69d570796088d76a47b4999816eb3b15e8de155f1392b75c1517c91df38ef0793610451ad31a0906eecf14c80b679202a6df9f00c7d28d1449988410c652740dde2ace85080e2a4f16024cde15ec4023b1fc4537d6947f1e001d37c90acae2995aab5476a99d3a20af07ae2e564e27e31b30d7bc3b8aa016e3b5c38feb9fc947ace24e83e7ba4f69f72e92f8f26bda8dd09ca791fe9cb1d0e14278c89a20ee2896924e88ba9cb3b916aff3b7a5924a91b4495d0305fb4adb3e036a31e2f200f272d4fa7285f96ab7e7b934464227e108511ded2ae4337aee944e4067c7b741d2f55483243d641b8bcca425bb69f591065a3b45c6f9513b472aff95c1b3e71133b3479cd5fc51e9eefe5bf0f7c2f9256f8d49a2ceb2d11ca0f0eab1e42464cb7d6aaa0c023147c1f108c3d6d1fa379638979170cb6d94fa92e5cf5f69316fd64c027eb10ddfd9b91fc91829f347cd73433e5197fd97fb10e99d2ed8868d49e24d59efa6758667f6ffc18e5258f98afeb01a3d794813fc2b9190090ccceaca0526f06a948d45bc7e2e40cdec3cf78c10676a8bb8a3e5e7200b3726b3407bf666862f9038d8216f9505cf7aa9a04f934d6da311d6500452676dccfd60977c4c99d56dcb7bb45fb2081e19803841a8edd8cc55b08082d9798a5c3a80de66f4ba2ccd90566d393d94608f17724719393b9df7725baacdf0e4e984b454576ad4f793143f4c8dc5f1ca822fbcdc90e9636727ee0638fb26759e6ff79b19c97ad224e5a85e1075833fe7fd2f3424420a5197eaa9d440c52807fc3e96c647dd745e49189f427454aae6aede782a8ac40582d85acc9ae68f95af556945889ae1fe381e69ed18aecb08866f5558ae36b6ff61c86fdb2b6f3eca083dc41c0", 0x2000, &(0x7f0000000b00)={&(0x7f0000000280)={0x50}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
fsync(r6)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000240)={0x2c, &(0x7f0000000840)={0x0, 0x0, 0xb, {0xb, 0x0, "911298dcaf650c0868"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

5.35435888s ago: executing program 0 (id=11184):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1810714, &(0x7f0000000440)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1}}, {@init_itable_val}, {@nolazytime}, {@grpid}, {@prjquota}, {@norecovery}, {@lazytime}, {@errors_continue}, {@auto_da_alloc}, {@test_dummy_encryption}]}, 0xff, 0x468, &(0x7f0000000780)="$eJzs289vFFUcAPDvzG4BQdmKiIIgVTRp/NHSgsrBxGg08aCJiR7wWNtCkIUaWhMhjVZj8GhIvBuPJv4FnjwZ9WTiFY8mhoQoMQG9uGZ2Z0q77JbWbtlN9/NJBt6befve+3bmzb6dtxtA3xrK/kki7o6IyxFRaWSXFxhq/Hfj2vzk39fmJ5Oo1d78I6mXu35tfrKWK163I69zOI1IP03yRmJgabWz5y+cnqhWp8/l+dG5M++Nzp6/8PSpMxMnp09Onx0/duzokbHnnh1/pkWvf7u01jiz+K7v+3Bm/95X3770+uTxS+/8+E3W3z0HGsezONZa5+0MZYH/2fjbNB97vNONddm/tZtxJuVu94bVKkVEOR+cl6MSpbh58irxyidd7RywobJ79tb2hxdqwCaWRLd7AHRH8Uafff4ttjs09egJV19sfADK4r6Rb40j5UjzMgMb2P5QRBxf+OfLbIum5xC1Fs8NAADW67ts/vNUq/lfGnuWlNuZrw0NRsS9EbErIu6LiN0RcX9EvewDEfHgGtsfasrfOv9Mr/yvwFYpm/89n69tLZ//FbO/GCzluXvq8Q8kJ05Vpw/nf5PhGNia5cdaVV5U8fIvn7drf+n8L9uy9ou5YF7JlXLjAd22Ys/UxNxEpyalVz+O2FduFX+yuBKQRMTeiNi3tqp3FolTT3y9v12h28e/gg6sM9W+KiqZX4im+AvJyuuTo9uiOn14tLgqbvXTzxffaNf+uuLvgOz8b19+/TeVqPyVLF2vnV088MJq27j462dtP1OWV3/9L8qu/y3JW/U13S35vg8m5ubOjUVsSV6r55ftH7/52iJflM/iHz7Uevzvyl+Txf9QRGQX8YGIeDgiDubn7pGIeDQiDq0Q/w8vPfZuu2O9cP6nWt7/Fq//weXnf+2J0unvv23X/uruf0frqeF8T/3+dxvtu1PcRpuuZgAAANjE0vp345N0ZDGdpiMjje/w747taXVmdu7JEzPvn51qfId+MAbS4klXZcnz0LFkIa+xkR/PnxUXx4/kz42/KN1Vz49MzlSnuhw79LsdbcZ/5vdSt3sHbDi/14L+1Tz+0y71A7jzvP9D/zL+oX8Z/9C/Wo3/j5ry1gJgM6pVut0DoHvM/6F/Gf/Qv4x/6Evr+V3/RiXKK/x6X6JXEpH2RDd6JnGwh0ZTuQOju8s3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA75LwAA///foPki")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f000000d379)={0x0}}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020}, 0x2020)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000006c0)={&(0x7f0000000780)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x84, 0x84, 0x8, [@func_proto={0x0, 0x3, 0x0, 0xd, 0x0, [{}, {}, {0x3, 0x200}]}, @func_proto={0x0, 0x7, 0x0, 0xd, 0x0, [{}, {}, {}, {}, {}, {0x10}, {}]}, @enum={0x0, 0x2, 0x0, 0x6, 0x4, [{0x5}, {0x3}]}]}, {0x0, [0x0, 0x0, 0x61, 0x3e, 0x61, 0x2e]}}, &(0x7f0000000600)=""/152, 0xa4, 0x98, 0x1}, 0x20)
fchmodat(r3, &(0x7f00000000c0)='./file1\x00', 0x0)
socket$unix(0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000800)=ANY=[], 0x0)

5.095682371s ago: executing program 1 (id=11192):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = syz_open_procfs$namespace(0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0xa08886, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x9, 0x2a8, &(0x7f0000000500)="$eJzs3F9IU38Yx/HHPz/1Z+hGRFBQPeVNRRzcrgMdoRENjHJhCcExz2rstI2dsZqEWxB400U3/buuIEIQoosgELvoKpTwrovuvPMiu0oiOjGnudnUMnWS79fF9rDn+zl8z58dtu9g08fvXouGHSNspqS6oUqq2yUns1XilWpZkJMj10fe7zt34eLpQDDYcVa1M9Dt86tq84HR3pvDh8ZSO86/bH5dL+PeS9Mz/qnx3eN7pr93X404GnE0Fk+pqX3xeMrssy3tv+9EDdUztmU6lkZijpUs6YfteCKRUTPW39SYSFqOo2Yso1Ero6m4ppIZNa+YkZgahqFNjYKVDacfBZbvhp7Puq7MpN65bn1OXNfNv9iwidNDhc2df9ctOv93Kj0lbKKim3qDiD2UDqVDhedCPxCWiNhiSat45JvkrxH38Yg7d6nkH2/4R4KTR9++UVWvDNrZ+Xw2HaopzfvEI95CpqBQd54Kdvi0oDT/nzQW5/3ikV3l8/6y+To53FKUN8Qjk5clLrZMjB78MtU19GAhP+hTPdEVXJL/X/oXD9OzzxU6PwAAAAAAAAAArIWhP5VdvzfyA24PqGrTkn4hX+73gaXr861l1+drZW9tZfcdAAAAAIDtwskMRE3btpJ/WeS/yq/Hdv694smt3x+8v3PlMS1tNRPtH3KJrbBff1B87dkS0ygtZH71abXBNev8TlksPq3Ldqrm57f8mJO9H1+sup26X47PcsY2/q4EAAAAYCMsfuhvk2z4VTrbc+xepecEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB2s4a/HJt4WK6l+WLn03KtSu8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADASn4EAAD//xAR0Ao=")
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getrlimit(0x0, &(0x7f0000000240))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
setrlimit(0xf, &(0x7f0000000280)={0x89c, 0x4})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000e80)=@file={0x0, './file0/file1\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000840)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x12, &(0x7f0000000f00)=ANY=[@ANYBLOB="85100000f9ffffff1843000000000000000000000000000018460000fcffffff00000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000900c000085ed0f7f2da19d7e3a7acec8530000000600000018540000030000000000000000000000012a00001000000018480000070010000000000000000000"], &(0x7f0000000340)='GPL\x00'}, 0x90)
sendmmsg$unix(r4, &(0x7f0000000d40)=[{{&(0x7f0000000880)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="1c00008000000000cb3ab06902000000", @ANYRES32=r2, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r2, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32, @ANYRES32=r0, @ANYRES32=r3, @ANYRES32], 0x60, 0x24000800}}, {{&(0x7f0000000bc0)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000000b40)=[{&(0x7f0000000800)="f4", 0x1}, {&(0x7f0000000c40)="5ec8a1d618b4f9687a8e3b70acf77e4e385ad5417219270632a0827d694eaec5147886a8b0a8b279cf7c0b17db33c547937b16d7cd71b03e4ea3a18942397fee190887d3261678ee5e9e3fcee93687835499c88c905314491a7b2f96037822846e0da2ca7fb530e956ef3eb5f2bba5f19e67e7606a030454b332441b0ba0c2d5ee38307a11aadeca28ce9669ec3b84a0f01e187e3787a9bf1f382c6a21aa041799", 0xa1}], 0x2, &(0x7f0000000d00)=ANY=[@ANYBLOB="1000000000000000010000000100000014fdffffff0000000100000001000000", @ANYRES32=r3, @ANYBLOB='\x00\x00\x00\x00'], 0x28, 0x810}}], 0x2, 0x0)
open(&(0x7f0000000100)='./file0\x00', 0x60c2, 0x0)

4.50325163s ago: executing program 4 (id=11193):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file1\x00', 0x402, &(0x7f0000000800)=ANY=[@ANYBLOB="756e695f786c6174653d312c6e6f6e756d7461696c3d300000000000000008303030303030303030303034303030303030303030302c73686f72746e616d653d65722c73686f72746e616d653d6d697865642c756e695f786c6174653d312c73686f72746e616d653d6d697865642c696f630100727365743d757466f69e75731725e72216799ebd57484a7e1948a8aa65667265652c757466383d312c6e66733d6e6f7374616c655f726f2c73686f72682e616d653d6d697865642c757466383d306d653d77696e6e742c007aea3388304ddedb3208ceb9b2c23924743277bd2c0d0019d44efede967f3df81cce421f7aafa8aa7c706311ab7a0ce39abf7858b6ba6ef5206da03692650000000000000001d0559b166f8c433d34c03a60999dea3bab649a260b216354ecc726cd1f6519546e8ef6ae17a0da1b9313ef4b5633c5f1bf756a7816d304d61c4d15539bae9f6e8dc91d178c85744c5cc226ca0568f9f6da8997bc10100b836488e47d0b7e6ccffaf123b1000000d6d876f2e37dde582f497ab6d4d11f7211b4aaf087f529ffc0000ee312a30cc69ae25ac6a986a76824020b12971980e00a27786eef1c2537fdcb1de9c4bed7175c6704f0c39d14da07a8edf97525a0c8138686d6e2b8d90102027245729e944719894ebe079bf1ab2b7002c54c5c714bff93d9475ff23f653874321e4ecc1ebd2baa44aea86a1617e53fcc5683e5c7b14e5158239aebf96ef3b73359414993575bf4e880ac24d7fee38c5a22f6fae6a22a2185cd5a25b7bc11062d649340f8220bfa18cae94fd73afbb38b2fc20a263e091c5eb14ce630628aaf65b7ccab9b4d3b2c220153cd28c86e6c8e58903c66698fd27f4f22a9fd1dd67d70de664e3b985f20ada8c0f531865a9093fe6d3cd52c721dcfe391a812583c4e745b824429ce98f2a7928d22c9b5302719058f593fddbbb60ca7"], 0x1, 0x27a, &(0x7f0000000540)="$eJzs3DFrE38cx/FP0/zbNKVNhr+CgvhFF12ONj4ACdKCGFBqI+ogXO1FQ85cyYVKRGw3FwcfR3F0E9Qn0MXN3a2L4FJQjCRNTdKmitr0onm/oHff5pdP8rvkEr53kNu6+fxBqRA6BbeqWMIUk9a1LaUbVctIax1r1mPqtK7zk5/en7p+6/aVbC43t2A2n128kDGz6dOvHz5+ceZtdfLGy+lX49pM39n6mPmweXzzxNbXxfvF0IqhlYOqubYUBFV3yfdsuRiWHLNrvueGnhXLoVfpGi/4wcpKzdzy8lRypeKFobnlmpW8mlUDq1Zq5t5zi2VzHMemksLP5DcWFtxs1LNA38Qbi0ol645Kmtg3nN+IYlIAACBanf2/Bq7/b3QtP+7/1+n//wD9/zBo9P/J1ue3G/0/AAAAAAAAAAAAAAAAAAAAAAB/g+16PVWv11O7692/cUkJSbv/Rz1P9Afv/3Dr+OFeQvKfruZX85I/0lg2ZAsqypenGaX0pbk/tOzU85dzczPWlNYbf62VX1vNj3bnZ5VSund+didv3fn/lOzMZ5TS/73zmZ75MZ0725F3lNK7uwrka7m5X7fzT2bNLl3N7clPNO8HAAAAAMC/wLHveh6/O85B4zv5Xzg/sOf4Oq6T8Wi3HQAAAACAYRHWHpVc3/cq0RSfWycLIp7GgBfHJP1W/GLHVV/bQ/F9txx28SwYlJduAIuEpEN9wAn1Y6oRfikBAAAA6It20x/1TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGF5HccGzA546dsSbCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAETuWwAAAP//AmwlzQ==")
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001e80)=[{{&(0x7f0000000440)=@abs, 0x6e, 0x0}}], 0x1, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x22701, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x90)
write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000ffff00"})
r2 = syz_open_pts(r1, 0x0)
r3 = dup3(r2, r1, 0x0)
read$FUSE(r3, &(0x7f00000041c0)={0x2020}, 0x2020)
read$FUSE(r3, &(0x7f0000006200)={0x2020}, 0x2020)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
utimes(&(0x7f0000000540)='./file0\x00', 0x0)
timer_delete(0x0)

4.241132222s ago: executing program 4 (id=11194):
r0 = socket$netlink(0x10, 0x3, 0x9)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r2 = socket$unix(0x1, 0x5, 0x0)
socket$unix(0x1, 0x5, 0x0)
bind$unix(0xffffffffffffffff, &(0x7f0000000000)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
bind$unix(r2, &(0x7f0000000280)=@abs={0x1}, 0x6e)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_SIOCBRDELBR(r2, 0x89a1, &(0x7f00000001c0)='bridge0\x00')
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
setresuid(0x0, 0x0, 0x0)
r9 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000580)='/sys/kernel/fscaps', 0x4a2700, 0x44)
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newlink={0x48, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x4}, @IFLA_MACSEC_CIPHER_SUITE={0xc}]}}}]}, 0x48}}, 0x0)
sendmsg$netlink(r6, &(0x7f00000006c0)={&(0x7f0000000180)=@kern={0x10, 0x0, 0x0, 0x200}, 0xc, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="20000000000000000100160001000000", @ANYRES32=r4, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r8, @ANYBLOB="24000000000000000100000001000000", @ANYRES32=r9, @ANYRES32=r1, @ANYRES32=r7, @ANYRES32=r1, @ANYRES32=r10, @ANYBLOB='\x00\x00\x00\x00'], 0x48, 0x4000010}, 0x20048001)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r11, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @random="0106002010ff"})

4.221612293s ago: executing program 1 (id=11195):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x6}, 0x4)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e85"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x86}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00'])
chdir(&(0x7f0000000140)='./file0\x00')
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='memory.events\x00', 0x275a, 0x0)
ftruncate(r7, 0xc17a)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x30, 0x0, 0x0, 0xfffff010}, {}]}, 0x10)
syz_emit_ethernet(0x56, &(0x7f0000000540)=ANY=[], 0x0)

3.758392821s ago: executing program 3 (id=11199):
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x2f, 0xc, &(0x7f0000000380)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0x3c, &(0x7f0000000240)={0x200000000000001}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x300, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be38", 0x2}], 0x1, &(0x7f0000000080)=ANY=[@ANYRES32=r0, @ANYRES32=0x0, @ANYBLOB="ac1414aaac14140000000b001400000000000000000000000700000007038b0100000000"], 0x38}, 0x0)
getsockopt$bt_BT_SECURITY(0xffffffffffffffff, 0x28, 0x6, 0x0, 0x20000007)

3.336565686s ago: executing program 1 (id=11200):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000003140)='./bus\x00', 0x1008002, &(0x7f00000030c0)={[{@grpquota}, {@delalloc}, {@resuid}, {@errors_remount}, {@dioread_nolock}, {@jqfmt_vfsold}, {@nomblk_io_submit}, {@noauto_da_alloc}]}, 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000340)={0x0, {{0x2, 0x0, @multicast1}}}, 0x108)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{r3}, &(0x7f0000000400), &(0x7f00000004c0)=r4}, 0x20)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
r5 = socket(0x10, 0x2, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r8, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000940)=@newqdisc={0x38, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_bfifo={{0xa}, {0x8}}]}, 0x38}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)

3.292009269s ago: executing program 4 (id=11201):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1810714, &(0x7f0000000440)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1}}, {@init_itable_val}, {@nolazytime}, {@grpid}, {@prjquota}, {@norecovery}, {@lazytime}, {@errors_continue}, {@auto_da_alloc}, {@test_dummy_encryption}]}, 0xff, 0x468, &(0x7f0000000780)="$eJzs289vFFUcAPDvzG4BQdmKiIIgVTRp/NHSgsrBxGg08aCJiR7wWNtCkIUaWhMhjVZj8GhIvBuPJv4FnjwZ9WTiFY8mhoQoMQG9uGZ2Z0q77JbWbtlN9/NJBt6befve+3bmzb6dtxtA3xrK/kki7o6IyxFRaWSXFxhq/Hfj2vzk39fmJ5Oo1d78I6mXu35tfrKWK163I69zOI1IP03yRmJgabWz5y+cnqhWp8/l+dG5M++Nzp6/8PSpMxMnp09Onx0/duzokbHnnh1/pkWvf7u01jiz+K7v+3Bm/95X3770+uTxS+/8+E3W3z0HGsezONZa5+0MZYH/2fjbNB97vNONddm/tZtxJuVu94bVKkVEOR+cl6MSpbh58irxyidd7RywobJ79tb2hxdqwCaWRLd7AHRH8Uafff4ttjs09egJV19sfADK4r6Rb40j5UjzMgMb2P5QRBxf+OfLbIum5xC1Fs8NAADW67ts/vNUq/lfGnuWlNuZrw0NRsS9EbErIu6LiN0RcX9EvewDEfHgGtsfasrfOv9Mr/yvwFYpm/89n69tLZ//FbO/GCzluXvq8Q8kJ05Vpw/nf5PhGNia5cdaVV5U8fIvn7drf+n8L9uy9ou5YF7JlXLjAd22Ys/UxNxEpyalVz+O2FduFX+yuBKQRMTeiNi3tqp3FolTT3y9v12h28e/gg6sM9W+KiqZX4im+AvJyuuTo9uiOn14tLgqbvXTzxffaNf+uuLvgOz8b19+/TeVqPyVLF2vnV088MJq27j462dtP1OWV3/9L8qu/y3JW/U13S35vg8m5ubOjUVsSV6r55ftH7/52iJflM/iHz7Uevzvyl+Txf9QRGQX8YGIeDgiDubn7pGIeDQiDq0Q/w8vPfZuu2O9cP6nWt7/Fq//weXnf+2J0unvv23X/uruf0frqeF8T/3+dxvtu1PcRpuuZgAAANjE0vp345N0ZDGdpiMjje/w747taXVmdu7JEzPvn51qfId+MAbS4klXZcnz0LFkIa+xkR/PnxUXx4/kz42/KN1Vz49MzlSnuhw79LsdbcZ/5vdSt3sHbDi/14L+1Tz+0y71A7jzvP9D/zL+oX8Z/9C/Wo3/j5ry1gJgM6pVut0DoHvM/6F/Gf/Qv4x/6Evr+V3/RiXKK/x6X6JXEpH2RDd6JnGwh0ZTuQOju8s3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA75LwAA///foPki")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f000000d379)={0x0}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020}, 0x2020)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000006c0)={&(0x7f0000000780)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x84, 0x84, 0x8, [@func_proto={0x0, 0x3, 0x0, 0xd, 0x0, [{}, {}, {0x3, 0x200}]}, @func_proto={0x0, 0x7, 0x0, 0xd, 0x0, [{}, {}, {}, {}, {}, {0x10}, {}]}, @enum={0x0, 0x2, 0x0, 0x6, 0x4, [{0x5}, {0x3}]}]}, {0x0, [0x0, 0x0, 0x61, 0x3e, 0x61, 0x2e]}}, &(0x7f0000000600)=""/152, 0xa4, 0x98, 0x1}, 0x20)
fchmodat(r3, &(0x7f00000000c0)='./file1\x00', 0x0)
socket$unix(0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r4}, 0x10)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000800)=ANY=[], 0x0)

2.870675754s ago: executing program 4 (id=11202):
socket$nl_route(0x10, 0x3, 0x0) (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000088500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) (async)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
openat$cgroup_freezer_state(r2, &(0x7f0000000140), 0x2, 0x0) (async)
openat$cgroup_procs(r2, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0) (async)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) (async)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYRES8=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x11, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffec6, 0x0, 0x0, 0x3a, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) (async)
r6 = memfd_create(&(0x7f0000000040)='\x00\x00\x00\x00\x00\x00z\x9b\xb6\xe8t%\xfc\x02\x00\x00\x009\xa0\x8b\x14d\xa2\xa1\xa8!\xe8\xd1\xa0\x8a\xce0\x1c\xb7\xf1\xccm\xce\xd4\xdb\x89\xe5\x8f\xe2\xb6\xd6\x9cF\xbd\xff\x14\xec\xd4D\x8a\x1f\x1b\xf6\x18\xf3\xdc\x91\'\x06\\8\r\xfc\xeeG\xbeQ\xee\xf0\x99\x1e|C\xd8\x01\xd0\xf5\xbb}\xeb\x86P=\xe51\x9d,\xb7\xe6_M\xbe\x19\xea#\xff[\xd1\xc3\x9a\xa3\x1b\xf9\xe9\x1d \xce1\xc9\x9f\xb0\x14\xc2\xeb\xf9\xceE\xad\xa4\x92\f\xef\x87g\xb6\xabW\xac\rP\xf42\xb7\xc8\xaajnW\n\r\x802\xd7\x1b$\x95tO*\xf4\xae\xb8\xb8m\xbf\r\xd5\xbf*\xfd\xc7\x85\x1b\x8b\xe5\x97j`c\xe0\x88?\xda\x8a#t>r\xae\xe8\xc9)', 0x0) (async)
r7 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0)
syz_usb_control_io$hid(r7, 0x0, 0x0) (async)
syz_usb_control_io$hid(r7, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0xf, {[@local=@item_4={0x3, 0x2, 0x4, 'WNib'}, @local=@item_4={0x3, 0x2, 0x0, "f85edaca"}, @main=@item_4={0x3, 0x0, 0xb}]}}, 0x0}, 0x0) (async)
syz_usb_control_io(r7, 0x0, 0x0) (async)
r8 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$HIDIOCGCOLLECTIONINDEX(r8, 0x40184810, &(0x7f0000000000)={0x0, 0xffffffff}) (async)
write$binfmt_elf64(r6, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46020000000d"], 0x3c)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1e, 0x4, 0x0, 0x9, 0x0, r4, 0x40}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00'}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"}) (async)
execveat(r6, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

2.858705125s ago: executing program 4 (id=11203):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r2}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})

2.842645647s ago: executing program 3 (id=11204):
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a40)=ANY=[], &(0x7f0000000340)='syzkaller\x00'}, 0x90)
ioctl$FICLONE(r1, 0x40049409, r1)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r1, 0x18000000000002a0, 0x8, 0x0, &(0x7f00000002c0)="f6ea090003000060", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f0000000340)={0x30}, 0x30)

2.788498631s ago: executing program 2 (id=11205):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = syz_open_procfs$namespace(0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0xa08886, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x9, 0x2a8, &(0x7f0000000500)="$eJzs3F9IU38Yx/HHPz/1Z+hGRFBQPeVNRRzcrgMdoRENjHJhCcExz2rstI2dsZqEWxB400U3/buuIEIQoosgELvoKpTwrovuvPMiu0oiOjGnudnUMnWS79fF9rDn+zl8z58dtu9g08fvXouGHSNspqS6oUqq2yUns1XilWpZkJMj10fe7zt34eLpQDDYcVa1M9Dt86tq84HR3pvDh8ZSO86/bH5dL+PeS9Mz/qnx3eN7pr93X404GnE0Fk+pqX3xeMrssy3tv+9EDdUztmU6lkZijpUs6YfteCKRUTPW39SYSFqOo2Yso1Ero6m4ppIZNa+YkZgahqFNjYKVDacfBZbvhp7Puq7MpN65bn1OXNfNv9iwidNDhc2df9ctOv93Kj0lbKKim3qDiD2UDqVDhedCPxCWiNhiSat45JvkrxH38Yg7d6nkH2/4R4KTR9++UVWvDNrZ+Xw2HaopzfvEI95CpqBQd54Kdvi0oDT/nzQW5/3ikV3l8/6y+To53FKUN8Qjk5clLrZMjB78MtU19GAhP+hTPdEVXJL/X/oXD9OzzxU6PwAAAAAAAAAArIWhP5VdvzfyA24PqGrTkn4hX+73gaXr861l1+drZW9tZfcdAAAAAIDtwskMRE3btpJ/WeS/yq/Hdv694smt3x+8v3PlMS1tNRPtH3KJrbBff1B87dkS0ygtZH71abXBNev8TlksPq3Ldqrm57f8mJO9H1+sup26X47PcsY2/q4EAAAAYCMsfuhvk2z4VTrbc+xepecEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB2s4a/HJt4WK6l+WLn03KtSu8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADASn4EAAD//xAR0Ao=")
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getrlimit(0x0, &(0x7f0000000240))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
setrlimit(0xf, &(0x7f0000000280)={0x89c, 0x4})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000e80)=@file={0x0, './file0/file1\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000840)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x12, &(0x7f0000000f00)=ANY=[@ANYBLOB="85100000f9ffffff1843000000000000000000000000000018460000fcffffff00000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000900c000085ed0f7f2da19d7e3a7acec8530000000600000018540000030000000000000000000000012a00001000000018480000070010000000000000000000"], &(0x7f0000000340)='GPL\x00'}, 0x90)
sendmmsg$unix(r4, &(0x7f0000000d40)=[{{&(0x7f0000000880)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="1c00008000000000cb3ab06902000000", @ANYRES32=r2, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r2, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32, @ANYRES32=r0, @ANYRES32=r3, @ANYRES32], 0x60, 0x24000800}}, {{&(0x7f0000000bc0)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000000b40)=[{&(0x7f0000000800)="f48dda298a5b", 0x6}, {&(0x7f0000000c40)="5ec8a1d618b4f9687a8e3b70acf77e4e385ad5417219270632a0827d694eaec5147886a8b0a8b279cf7c0b17db33c547937b16d7cd71b03e4ea3a18942397fee190887d3261678ee5e9e3fcee93687835499c88c905314491a7b2f96037822846e0da2ca7fb530e956ef3eb5f2bba5f19e67e7606a030454b332441b0ba0c2d5ee38307a11aadeca28ce9669ec3b84a0f01e187e3787a9bf1f382c6a21aa041799", 0xa1}], 0x2, &(0x7f0000000d00)=ANY=[@ANYBLOB="1000000000000000010000000100000014fdffffff0000000100000001000000", @ANYRES32=r3, @ANYBLOB='\x00\x00\x00\x00'], 0x28, 0x810}}], 0x2, 0x0)
open(&(0x7f0000000100)='./file0\x00', 0x60c2, 0x0)

2.769322903s ago: executing program 4 (id=11206):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRES64=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r2}, 0x10)
setitimer(0x2, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='io.stat\x00', 0x26e1, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bind$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4}, 0xe)
connect$bt_l2cap(r3, &(0x7f0000000100)={0x1f, 0x0, @fixed, 0x9}, 0xe)
setsockopt$bt_BT_SECURITY(r3, 0x112, 0x4, 0x0, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r4, &(0x7f0000000040)={0x1f, 0x0, @any, 0xfffa}, 0xe)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x5, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x2a}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0x0, 0xe, 0x0, &(0x7f0000000480)="1f6c00c2231bc4cb50017d870800", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r6 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000994bd740f60d5600b5a0000000010902120001000000000904"], 0x0)
syz_usb_control_io$printer(r6, &(0x7f0000000600)={0x14, &(0x7f0000000180)={0x0, 0xe, 0x88, {0x88, 0x21, "0802c844959000b8b94fcabbeed206d370ab006b4a8bf30b14849debc41442adf5d7664eac468f1c1e38bd02d1b6509ad0a7ff7a302ef1391780450ca242737f859e13d1d6802143e39af9110a4b4416369cee0eddc01a692c389b6bdccae7215c7722b29f6a720316cfa47d98fffdf6de5cd2ade53faee71ddcd7154227528ebf91715cb684"}}, 0xfffffffffffffffc}, &(0x7f00000005c0)={0x34, &(0x7f0000000240)={0x20, 0x12, 0xfffffe49, "7687c59daa0f15f8b0c6b5002f473d883621c24480c5de8a679b862ee9e92bbc9d7779f61ca3c26fbe3fc9619395216be699428eab1c17686c5d0b25d5abe91a72ad06520e8a4028b52e414c7a7803c0284c8fc555e9857a770d507689626ad9fe61d09318b120870b906931b02ee002699e34716bb15f925c858138f34ac6b2e5f58ca0895bf0d3da21adc3c8df113304f12256f10c109cda752e3f2ac1e4b6498a858dd1fbfbed5d011bc4ea719f881b250072808f2b008db40a6081ba04"}, &(0x7f00000003c0)={0x0, 0xa, 0x1}, &(0x7f0000000400)={0x0, 0x8, 0x1, 0x5}, &(0x7f0000000440)={0x20, 0x0, 0xcc, {0xca, "e16f7491621230ed4598432fe21ec31f89cb4fa6729f526aca4f774f260eb3d5330382ee02de00c0d864de031b473060d8ced87edf71b0303f810ece99f4e570fd9e7b1e5cb5a58635c7e9f6baa2f9bc510cbcc51f4ce8a0a54efdd1b4a6f570693f70bdd66c404f1d2913407e8ce0b8b9f01538d7f7580e0e6989f7cc9ed253e8e95bad97a3e683f3d480a022cb0c25945a7ad6d82ad2441dfa91df725aa8734c529d0bb7d1a8ef4c40bd72bcf98f105d18d32560003331ba9b9926fb681f7bb8826372308e8c4a50c6"}}, &(0x7f0000000540)={0x20, 0x1, 0x1}, &(0x7f0000000580)={0x20, 0x0, 0x1, 0xb}})
syz_usb_control_io$cdc_ncm(r6, 0x0, &(0x7f0000000340)={0x44, &(0x7f0000000140)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r6, &(0x7f0000000180)={0x14, &(0x7f00000000c0)={0x40, 0x11, 0x5f, {0x5f, 0x21, "8ddece344d77188a13858adfd77c7980709457b9348930364566cad9220c3bc585f1617e832327b5d7b87c100e814630a038fe41503066a261bea7d30006d4b90056c2af092fa569e558418b6b9981f9299a2047706c4e44bab5ae4e43"}}, &(0x7f0000000140)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000440)={0x44, &(0x7f0000000640)={0x20, 0x7, 0xb1, "45ad79bb3943c5ff0727b7529a7fe2eefcf5ae29388515faccb5df3170f95ab2731606c13acc0cc15fd9e88a4fed2dd5175270d4f826e79aa2d6d4663fa73ce7da81d3a80dd96f08af0e7fa068fdc74c8a3bd4c3c3992b5f5942e9b36816163fc8df8411acc4f5b03bd3e3d916ed1861a84275bbe53622a5b1a22e03557dcc2d5da94333e9276e9ef84073336321501627c71a1f293ba7ceda7bd29ba9541479da6fa310fcfe4248e661dbe27c5c93fd39"}, &(0x7f0000000280)={0x0, 0xa, 0x1, 0x3}, &(0x7f00000002c0)={0x0, 0x8, 0x1, 0xf}, &(0x7f0000000300)={0x20, 0x80, 0x1c, {0x101, 0x9, 0x4000000, 0x8, 0x1, 0x40, 0x1, 0x8, 0xfffe, 0x15, 0x458a, 0xc0ea}}, &(0x7f0000000340)={0x20, 0x85, 0x4, 0x5}, &(0x7f0000000380)={0x20, 0x83, 0x2}, &(0x7f00000003c0)={0x20, 0x87, 0x2, 0x1}, &(0x7f0000000400)={0x20, 0x89, 0x2}})
syz_usb_control_io$uac1(r6, &(0x7f00000008c0)={0x14, &(0x7f0000000700)={0x0, 0x2a, 0x72, {0x72, 0x1, "e9d953476826dc0c5a49c688e02c1e93093a21be2c70401647e0acb7bfa581d34aa0be56bd66afb53de347347f861f499f9260b88bf5b8b91b4f1ce82562d9734c9ba41c5905eede836ef5e7315bb2277eb2692fb8ad7fe49266263ce52db7968bf961fd752af5b457f378ff1a6ee092"}}, &(0x7f0000000780)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x424}}}, &(0x7f0000000c40)={0x44, &(0x7f0000000a40)={0x0, 0x30, 0xbd, "c01b9870364f4619146b070791c7e2011d219d31eb062a579369a2302419793646e2984dcf38a191c88a0d3985450275a54c7f5ec03abe1057153b942d0708e7aa9e8f4a3f07e13c745784588970d18ca09dffb9f0851dfa43ec1a4445f49e01628b52d3178ca3b4d7af475d338a6b3300ad8dbd16a8d26f00fdb8f67348573d76b969a7fdb3dd0de4447ead970b86af04c8dcd12ec542aec2c9ddaee95f0c859c93962cbc0a7190dc59713629394b3b4dde243888e571acb758fc27e7"}, &(0x7f0000000900)={0x0, 0xa, 0x1, 0x81}, &(0x7f0000000940)={0x0, 0x8, 0x1, 0x6}, &(0x7f0000000980)={0x20, 0x81, 0x2, "9cfc"}, &(0x7f0000000b40)={0x20, 0x82, 0x3, "06c0eb"}, &(0x7f0000000b80)={0x20, 0x83, 0x2, "9ec2"}, &(0x7f0000000bc0)={0x20, 0x84, 0x1, '!'}, &(0x7f0000000c00)={0x20, 0x85, 0x3, "d54cef"}})
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuset.memory_pressure_enabled\x00', 0x0, 0x0)
dup3(r0, r4, 0x0)

2.30792164s ago: executing program 1 (id=11207):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYRES64=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r2}, 0x10)
setitimer(0x2, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='io.stat\x00', 0x26e1, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bind$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4}, 0xe)
connect$bt_l2cap(r3, &(0x7f0000000100)={0x1f, 0x0, @fixed, 0x9}, 0xe)
setsockopt$bt_BT_SECURITY(r3, 0x112, 0x4, 0x0, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r4, &(0x7f0000000040)={0x1f, 0x0, @any, 0xfffa}, 0xe)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x5, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x2a}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0x0, 0xe, 0x0, &(0x7f0000000480)="1f6c00c2231bc4cb50017d870800", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r6 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000994bd740f60d5600b5a0000000010902120001000000000904"], 0x0)
syz_usb_control_io$printer(r6, 0x0, &(0x7f00000005c0)={0x34, &(0x7f0000000240)={0x20, 0x12, 0xbf, "7687c59daa0f15f8b0c6b5002f473d883621c24480c5de8a679b862ee9e92bbc9d7779f61ca3c26fbe3fc9619395216be699428eab1c17686c5d0b25d5abe91a72ad06520e8a4028b52e414c7a7803c0284c8fc555e9857a770d507689626ad9fe61d09318b120870b906931b02ee002699e34716bb15f925c858138f34ac6b2e5f58ca0895bf0d3da21adc3c8df113304f12256f10c109cda752e3f2ac1e4b6498a858dd1fbfbed5d011bc4ea719f881b250072808f2b008db40a6081ba04"}, &(0x7f00000003c0)={0x0, 0xa, 0x1}, &(0x7f0000000400)={0x0, 0x8, 0x1, 0x5}, &(0x7f0000000440)={0x20, 0x0, 0xcc, {0xca, "e16f7491621230ed4598432fe21ec31f89cb4fa6729f526aca4f774f260eb3d5330382ee02de00c0d864de031b473060d8ced87edf71b0303f810ece99f4e570fd9e7b1e5cb5a58635c7e9f6baa2f9bc510cbcc51f4ce8a0a54efdd1b4a6f570693f70bdd66c404f1d2913407e8ce0b8b9f01538d7f7580e0e6989f7cc9ed253e8e95bad97a3e683f3d480a022cb0c25945a7ad6d82ad2441dfa91df725aa8734c529d0bb7d1a8ef4c40bd72bcf98f105d18d32560003331ba9b9926fb681f7bb8826372308e8c4a50c6"}}, &(0x7f0000000540)={0x20, 0x1, 0x1}, &(0x7f0000000580)={0x20, 0x0, 0x1, 0xb}})
syz_usb_control_io$cdc_ncm(r6, 0x0, &(0x7f0000000340)={0x44, &(0x7f0000000140)=ANY=[@ANYBLOB="17000600000061e1248a9986"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r6, &(0x7f0000000180)={0x14, &(0x7f00000000c0)={0x40, 0x11, 0x5f, {0x5f, 0x21, "8ddece344d77188a13858adfd77c7980709457b9348930364566cad9220c3bc585f1617e832327b5d7b87c100e814630a038fe41503066a261bea7d30006d4b90056c2af092fa569e558418b6b9981f9299a2047706c4e44bab5ae4e43"}}, &(0x7f0000000140)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000440)={0x44, &(0x7f0000000640)={0x20, 0x7, 0xb1, "45ad79bb3943c5ff0727b7529a7fe2eefcf5ae29388515faccb5df3170f95ab2731606c13acc0cc15fd9e88a4fed2dd5175270d4f826e79aa2d6d4663fa73ce7da81d3a80dd96f08af0e7fa068fdc74c8a3bd4c3c3992b5f5942e9b36816163fc8df8411acc4f5b03bd3e3d916ed1861a84275bbe53622a5b1a22e03557dcc2d5da94333e9276e9ef84073336321501627c71a1f293ba7ceda7bd29ba9541479da6fa310fcfe4248e661dbe27c5c93fd39"}, &(0x7f0000000280)={0x0, 0xa, 0x1, 0x3}, &(0x7f00000002c0)={0x0, 0x8, 0x1, 0xf}, &(0x7f0000000300)={0x20, 0x80, 0x1c, {0x101, 0x9, 0x4000000, 0x8, 0x1, 0x40, 0x1, 0x8, 0xfffe, 0x15, 0x458a, 0xc0ea}}, &(0x7f0000000340)={0x20, 0x85, 0x4, 0x5}, &(0x7f0000000380)={0x20, 0x83, 0x2}, &(0x7f00000003c0)={0x20, 0x87, 0x2, 0x1}, &(0x7f0000000400)={0x20, 0x89, 0x2}})
syz_usb_control_io$uac1(r6, &(0x7f00000008c0)={0x14, &(0x7f0000000700)={0x0, 0x2a, 0x72, {0x72, 0x1, "e9d953476826dc0c5a49c688e02c1e93093a21be2c70401647e0acb7bfa581d34aa0be56bd66afb53de347347f861f499f9260b88bf5b8b91b4f1ce82562d9734c9ba41c5905eede836ef5e7315bb2277eb2692fb8ad7fe49266263ce52db7968bf961fd752af5b457f378ff1a6ee092"}}, &(0x7f0000000780)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x424}}}, &(0x7f0000000c40)={0x44, &(0x7f0000000a40)={0x0, 0x30, 0xbd, "c01b9870364f4619146b070791c7e2011d219d31eb062a579369a2302419793646e2984dcf38a191c88a0d3985450275a54c7f5ec03abe1057153b942d0708e7aa9e8f4a3f07e13c745784588970d18ca09dffb9f0851dfa43ec1a4445f49e01628b52d3178ca3b4d7af475d338a6b3300ad8dbd16a8d26f00fdb8f67348573d76b969a7fdb3dd0de4447ead970b86af04c8dcd12ec542aec2c9ddaee95f0c859c93962cbc0a7190dc59713629394b3b4dde243888e571acb758fc27e7"}, &(0x7f0000000900)={0x0, 0xa, 0x1, 0x81}, &(0x7f0000000940)={0x0, 0x8, 0x1, 0x6}, &(0x7f0000000980)={0x20, 0x81, 0x2, "9cfc"}, &(0x7f0000000b40)={0x20, 0x82, 0x3, "06c0eb"}, &(0x7f0000000b80)={0x20, 0x83, 0x2, "9ec2"}, &(0x7f0000000bc0)={0x20, 0x84, 0x1, '!'}, &(0x7f0000000c00)={0x20, 0x85, 0x3, "d54cef"}})
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuset.memory_pressure_enabled\x00', 0x0, 0x0)
dup3(r0, r4, 0x0)

2.149682694s ago: executing program 0 (id=11208):
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000000000001860000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000180000000000e52e000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70200001400a685b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file1\x00', 0x402, &(0x7f0000000800)=ANY=[@ANYBLOB="756e695f786c6174653d312c6e6f6e756d7461696c3d300000000000000008303030303030303030303034303030303030303030302c73686f72746e616d653d65722c73686f72746e616d653d6d697865642c756e695f786c6174653d312c73686f72746e616d653d6d697865642c696f630100727365743d757466f69e75731725e72216799ebd57484a7e1948a8aa65667265652c757466383d312c6e66733d6e6f7374616c655f726f2c73686f72682e616d653d6d697865642c757466383d306d653d77696e6e742c007aea3388304ddedb3208ceb9b2c23924743277bd2c0d0019d44efede967f3df81cce421f7aafa8aa7c706311ab7a0ce39abf7858b6ba6ef5206da03692650000000000000001d0559b166f8c433d34c03a60999dea3bab649a260b216354ecc726cd1f6519546e8ef6ae17a0da1b9313ef4b5633c5f1bf756a7816d304d61c4d15539bae9f6e8dc91d178c85744c5cc226ca0568f9f6da8997bc10100b836488e47d0b7e6ccffaf123b1000000d6d876f2e37dde582f497ab6d4d11f7211b4aaf087f529ffc0000ee312a30cc69ae25ac6a986a76824020b12971980e00a27786eef1c2537fdcb1de9c4bed7175c6704f0c39d14da07a8edf97525a0c8138686d6e2b8d90102027245729e944719894ebe079bf1ab2b7002c54c5c714bff93d9475ff23f653874321e4ecc1ebd2baa44aea86a1617e53fcc5683e5c7b14e5158239aebf96ef3b73359414993575bf4e880ac24d7fee38c5a22f6fae6a22a2185cd5a25b7bc11062d649340f8220bfa18cae94fd73afbb38b2fc20a263e091c5eb14ce630628aaf65b7ccab9b4d3b2c220153cd28c86e6c8e58903c66698fd27f4f22a9fd1dd67d70de664e3b985f20ada8c0f531865a9093fe6d3cd52c721dcfe391a812583c4e745b824429ce98f2a7928d22c9b5302719058f593fddbbb60ca7"], 0x1, 0x27a, &(0x7f0000000540)="$eJzs3DFrE38cx/FP0/zbNKVNhr+CgvhFF12ONj4ACdKCGFBqI+ogXO1FQ85cyYVKRGw3FwcfR3F0E9Qn0MXN3a2L4FJQjCRNTdKmitr0onm/oHff5pdP8rvkEr53kNu6+fxBqRA6BbeqWMIUk9a1LaUbVctIax1r1mPqtK7zk5/en7p+6/aVbC43t2A2n128kDGz6dOvHz5+ceZtdfLGy+lX49pM39n6mPmweXzzxNbXxfvF0IqhlYOqubYUBFV3yfdsuRiWHLNrvueGnhXLoVfpGi/4wcpKzdzy8lRypeKFobnlmpW8mlUDq1Zq5t5zi2VzHMemksLP5DcWFtxs1LNA38Qbi0ol645Kmtg3nN+IYlIAACBanf2/Bq7/b3QtP+7/1+n//wD9/zBo9P/J1ue3G/0/AAAAAAAAAAAAAAAAAAAAAAB/g+16PVWv11O7692/cUkJSbv/Rz1P9Afv/3Dr+OFeQvKfruZX85I/0lg2ZAsqypenGaX0pbk/tOzU85dzczPWlNYbf62VX1vNj3bnZ5VSund+didv3fn/lOzMZ5TS/73zmZ75MZ0725F3lNK7uwrka7m5X7fzT2bNLl3N7clPNO8HAAAAAMC/wLHveh6/O85B4zv5Xzg/sOf4Oq6T8Wi3HQAAAACAYRHWHpVc3/cq0RSfWycLIp7GgBfHJP1W/GLHVV/bQ/F9txx28SwYlJduAIuEpEN9wAn1Y6oRfikBAAAA6It20x/1TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGF5HccGzA546dsSbCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAETuWwAAAP//AmwlzQ==")
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x14113e, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000380), &(0x7f0000001340), 0x2931990f, r3}, 0x38)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = dup2(r4, r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r5}, 0x10)
rmdir(&(0x7f0000000180)='./file0/../file0\x00')

2.044083922s ago: executing program 0 (id=11209):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])

1.988285987s ago: executing program 0 (id=11210):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020701200000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
timer_create(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYBLOB="7f454c460000"], 0x78)
r4 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
execveat(r4, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0)
poll(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)

1.930327582s ago: executing program 3 (id=11211):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x6}, 0x4)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e85"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x86}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00'])
chdir(&(0x7f0000000140)='./file0\x00')
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='memory.events\x00', 0x275a, 0x0)
ftruncate(r7, 0xc17a)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x30, 0x0, 0x0, 0xfffff010}, {}]}, 0x10)
syz_emit_ethernet(0x56, &(0x7f0000000540)=ANY=[], 0x0)

1.818992781s ago: executing program 2 (id=11212):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000011811", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = getpid()
sched_setscheduler(r3, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = epoll_create1(0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, 0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r6 = userfaultfd(0x801)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r6, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f000076e000/0x4000)=nil, 0x400000, 0x0, 0x2})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f00000000c0)={0x60002015})
getpgrp(0x0)
epoll_ctl$EPOLL_CTL_MOD(r4, 0x3, r5, &(0x7f0000000000)) (fail_nth: 2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10)

969.653611ms ago: executing program 0 (id=11213):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1810714, &(0x7f0000000440)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1}}, {@init_itable_val}, {@nolazytime}, {@grpid}, {@prjquota}, {@norecovery}, {@lazytime}, {@errors_continue}, {@auto_da_alloc}, {@test_dummy_encryption}]}, 0xff, 0x468, &(0x7f0000000780)="$eJzs289vFFUcAPDvzG4BQdmKiIIgVTRp/NHSgsrBxGg08aCJiR7wWNtCkIUaWhMhjVZj8GhIvBuPJv4FnjwZ9WTiFY8mhoQoMQG9uGZ2Z0q77JbWbtlN9/NJBt6befve+3bmzb6dtxtA3xrK/kki7o6IyxFRaWSXFxhq/Hfj2vzk39fmJ5Oo1d78I6mXu35tfrKWK163I69zOI1IP03yRmJgabWz5y+cnqhWp8/l+dG5M++Nzp6/8PSpMxMnp09Onx0/duzokbHnnh1/pkWvf7u01jiz+K7v+3Bm/95X3770+uTxS+/8+E3W3z0HGsezONZa5+0MZYH/2fjbNB97vNONddm/tZtxJuVu94bVKkVEOR+cl6MSpbh58irxyidd7RywobJ79tb2hxdqwCaWRLd7AHRH8Uafff4ttjs09egJV19sfADK4r6Rb40j5UjzMgMb2P5QRBxf+OfLbIum5xC1Fs8NAADW67ts/vNUq/lfGnuWlNuZrw0NRsS9EbErIu6LiN0RcX9EvewDEfHgGtsfasrfOv9Mr/yvwFYpm/89n69tLZ//FbO/GCzluXvq8Q8kJ05Vpw/nf5PhGNia5cdaVV5U8fIvn7drf+n8L9uy9ou5YF7JlXLjAd22Ys/UxNxEpyalVz+O2FduFX+yuBKQRMTeiNi3tqp3FolTT3y9v12h28e/gg6sM9W+KiqZX4im+AvJyuuTo9uiOn14tLgqbvXTzxffaNf+uuLvgOz8b19+/TeVqPyVLF2vnV088MJq27j462dtP1OWV3/9L8qu/y3JW/U13S35vg8m5ubOjUVsSV6r55ftH7/52iJflM/iHz7Uevzvyl+Txf9QRGQX8YGIeDgiDubn7pGIeDQiDq0Q/w8vPfZuu2O9cP6nWt7/Fq//weXnf+2J0unvv23X/uruf0frqeF8T/3+dxvtu1PcRpuuZgAAANjE0vp345N0ZDGdpiMjje/w747taXVmdu7JEzPvn51qfId+MAbS4klXZcnz0LFkIa+xkR/PnxUXx4/kz42/KN1Vz49MzlSnuhw79LsdbcZ/5vdSt3sHbDi/14L+1Tz+0y71A7jzvP9D/zL+oX8Z/9C/Wo3/j5ry1gJgM6pVut0DoHvM/6F/Gf/Qv4x/6Evr+V3/RiXKK/x6X6JXEpH2RDd6JnGwh0ZTuQOju8s3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA75LwAA///foPki")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f000000d379)={0x0}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020}, 0x2020)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000006c0)={&(0x7f0000000780)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x84, 0x84, 0x8, [@func_proto={0x0, 0x3, 0x0, 0xd, 0x0, [{}, {}, {0x3, 0x200}]}, @func_proto={0x0, 0x7, 0x0, 0xd, 0x0, [{}, {}, {}, {}, {}, {0x10}, {}]}, @enum={0x0, 0x2, 0x0, 0x6, 0x4, [{0x5}, {0x3}]}]}, {0x0, [0x0, 0x0, 0x61, 0x3e, 0x61, 0x2e]}}, &(0x7f0000000600)=""/152, 0xa4, 0x98, 0x1}, 0x20)
fchmodat(r3, &(0x7f00000000c0)='./file1\x00', 0x0)
socket$unix(0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r4}, 0x10)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000800)=ANY=[], 0x0)

937.636993ms ago: executing program 3 (id=11214):
r0 = socket(0x28, 0x801, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x2f, 0xc, &(0x7f0000000380)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0x3c, &(0x7f0000000240)={0x200000000000001}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x300, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be38", 0x2}], 0x1, &(0x7f0000000080)=ANY=[@ANYRES32=r1, @ANYRES32=0x0, @ANYBLOB="ac1414aaac14140000000b001400000000000000000000000700000007038b0100000000"], 0x38}, 0x0)
getsockopt$bt_BT_SECURITY(r0, 0x28, 0x6, 0x0, 0x20000007)

207.404153ms ago: executing program 2 (id=11215):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = eventfd(0x800a6)
write$eventfd(r1, &(0x7f0000000000)=0xfffffffffffffffb, 0x8)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x15)
r4 = syz_usb_connect(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0)
ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000240)={@mcast1, @local, @private1})
syz_usb_ep_write$ath9k_ep2(r4, 0x83, 0x8, &(0x7f0000000240)=ANY=[])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x6b, 0x11, 0x23}, [@ldst={0x6, 0x0, 0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
read$FUSE(r5, &(0x7f0000000a40)={0x2020}, 0x2020)
syz_usb_connect$uac1(0x0, 0x71, &(0x7f0000000ac0)=ANY=[@ANYBLOB="12010000000000086b1d01014000010203010902"], 0x0)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)

58.389406ms ago: executing program 3 (id=11216):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r2}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})

0s ago: executing program 3 (id=11217):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000003140)='./bus\x00', 0x1008002, &(0x7f00000030c0)={[{@grpquota}, {@delalloc}, {@resuid}, {@errors_remount}, {@dioread_nolock}, {@jqfmt_vfsold}, {@nomblk_io_submit}, {@noauto_da_alloc}]}, 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000340)={0x0, {{0x2, 0x0, @multicast1}}}, 0x108)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{r2}, &(0x7f0000000400), &(0x7f00000004c0)=r3}, 0x20)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
r4 = socket(0x10, 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r7, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000940)=@newqdisc={0x38, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_bfifo={{0xa}, {0x8}}]}, 0x38}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)

kernel console output (not intermixed with test programs):

DRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2280.612574][T12395] device veth1_macvtap entered promiscuous mode
[ 2280.625523][T21339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2280.633872][T21339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2280.645181][T21339] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2280.666905][T12317] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2280.675137][T12317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2280.698235][T12317] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2280.723897][T12317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2280.999704][ T1438] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[ 2281.320345][T12223] asix 3-1:0.0 eth1: register 'asix' at usb-dummy_hcd.2-1, ASIX AX88178 USB 2.0 Ethernet, 6e:e2:3d:77:00:56
[ 2281.334405][T15243] device bridge_slave_1 left promiscuous mode
[ 2281.530059][T12446] syz.3.10922[12446] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2281.530140][T12446] syz.3.10922[12446] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2281.761903][T15243] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2281.797962][T12315] usb 3-1: USB disconnect, device number 124
[ 2281.803907][ T1438] usb 5-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[ 2281.819801][T12315] asix 3-1:0.0 eth1: unregister 'asix' usb-dummy_hcd.2-1, ASIX AX88178 USB 2.0 Ethernet
[ 2281.842185][ T1438] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2281.868949][T15243] device bridge_slave_0 left promiscuous mode
[ 2281.882066][ T1438] usb 5-1: config 0 descriptor??
[ 2281.886977][T15243] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2281.916188][T15243] device veth1_macvtap left promiscuous mode
[ 2281.927805][T15243] device veth0_vlan left promiscuous mode
[ 2282.951122][T12489] netlink: 'syz.3.10928': attribute type 12 has an invalid length.
[ 2283.048061][T12489] netlink: 7 bytes leftover after parsing attributes in process `syz.3.10928'.
[ 2283.058117][T12489] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10928'.
[ 2283.079632][T12223] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[ 2283.269013][T12503] syz.3.10930[12503] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2283.269073][T12503] syz.3.10930[12503] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2283.373331][ T1438] asix 5-1:0.0 eth1: register 'asix' at usb-dummy_hcd.4-1, ASIX AX88178 USB 2.0 Ethernet, 76:87:c5:9d:aa:0f
[ 2283.403263][T12223] usb 2-1: Using ep0 maxpacket: 16
[ 2283.412239][ T1438] usb 5-1: USB disconnect, device number 9
[ 2283.418574][ T1438] asix 5-1:0.0 eth1: unregister 'asix' usb-dummy_hcd.4-1, ASIX AX88178 USB 2.0 Ethernet
[ 2283.618212][T12507] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10931'.
[ 2283.789678][T12223] usb 2-1: config 1 interface 0 altsetting 13 bulk endpoint 0x82 has invalid maxpacket 96
[ 2283.800050][T12223] usb 2-1: config 1 interface 0 altsetting 13 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 2283.812864][T12223] usb 2-1: config 1 interface 0 has no altsetting 0
[ 2283.896645][   T24] audit: type=1400 audit(1721469530.750:5067): avc:  denied  { getopt } for  pid=12510 comm="syz.0.10933" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 2283.979699][T12223] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2283.990689][T12515] device pim6reg1 entered promiscuous mode
[ 2284.004752][T12223] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2284.016711][T12223] usb 2-1: Product: ࠔ
[ 2284.024545][T12223] usb 2-1: Manufacturer: 㧺⧣ꦧṕﴙ䛷퉄妏視黃㒷冶﹯ᚂ쟐党ⳣⴈ᳂⥞ᳬ媑㟨좚霃⟸בֿ߯腞쉟곲
[ 2284.048965][T12223] usb 2-1: SerialNumber: ˸럏涭ﲔ᩼ަ皀熌醚ⴹۋ코泬옪鴌⽚㏎Ɗꪩ秝笌䑱ᗝ絻箟嬮雬璍賏ਔ㲓爂䧅∁暝≤暏埇䂑ᴜ檓擻럿⟷啜簁櫯⢴鰯澐ὡⵀ吅ూ덷䬨㤎䗁沭䊇滭ᶓ㶎믓驧痺孩茑휤텿툞盒찎䰥괐പ韢Ὡ᱊ᶚퟆ캳ꝥ您ᆪ嗴뭇ធꏱ狈쟑꿧联὘ୡ꫽頕㪌ኤ됯됦ᕏ豲덥䇩
[ 2284.119867][T12474] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 2284.130539][T12474] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 2286.135598][T12544] FAULT_INJECTION: forcing a failure.
[ 2286.135598][T12544] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2286.161044][T12223] cdc_ether: probe of 2-1:1.0 failed with error -22
[ 2286.169100][T12223] usb 2-1: USB disconnect, device number 39
[ 2286.177296][T12544] CPU: 0 PID: 12544 Comm: syz.1.10943 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2286.189635][T12544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2286.201746][T12544] Call Trace:
[ 2286.204981][T12544]  dump_stack_lvl+0x1e2/0x24b
[ 2286.209596][T12544]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2286.214843][T12544]  dump_stack+0x15/0x17
[ 2286.218819][T12544]  should_fail+0x3c6/0x510
[ 2286.223180][T12544]  should_fail_usercopy+0x1a/0x20
[ 2286.228060][T12544]  _copy_from_user+0x20/0xd0
[ 2286.232474][T12544]  __se_sys_memfd_create+0x131/0x3c0
[ 2286.237594][T12544]  __x64_sys_memfd_create+0x5b/0x70
[ 2286.243266][T12544]  do_syscall_64+0x34/0x70
[ 2286.247514][T12544]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2286.253245][T12544] RIP: 0033:0x7f1f15d5cb59
[ 2286.257488][T12544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2286.279208][T12544] RSP: 002b:00007f1f14fdde28 EFLAGS: 00000206 ORIG_RAX: 000000000000013f
[ 2286.288225][T12544] RAX: ffffffffffffffda RBX: 00000000000004a6 RCX: 00007f1f15d5cb59
[ 2286.297254][T12544] RDX: 00007f1f14fddf00 RSI: 0000000000000000 RDI: 00007f1f15dcad36
[ 2286.305381][T12544] RBP: 0000000020000a40 R08: 00007f1f14fddbc7 R09: 00007f1f14fdde50
[ 2286.313450][T12544] R10: 000000000000000a R11: 0000000000000206 R12: 0000000020000500
[ 2286.327596][T12544] R13: 00007f1f14fddf00 R14: 00007f1f14fddec0 R15: 0000000020000240
[ 2287.599050][T12562] device pim6reg1 entered promiscuous mode
[ 2287.635292][T12564] device pim6reg1 entered promiscuous mode
[ 2287.649704][ T8761] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[ 2288.574601][T12585] overlayfs: missing 'workdir'
[ 2288.864625][ T8761] usb 4-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[ 2288.894725][ T8761] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2288.922442][ T8761] usb 4-1: config 0 descriptor??
[ 2289.294330][   T24] audit: type=1326 audit(1721469536.150:5068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12597 comm="syz.4.10960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f53c7181b59 code=0x7ffc0000
[ 2289.353988][   T24] audit: type=1326 audit(1721469536.190:5069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12597 comm="syz.4.10960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f53c7181b59 code=0x7ffc0000
[ 2289.387471][   T24] audit: type=1326 audit(1721469536.190:5070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12597 comm="syz.4.10960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f53c7181b59 code=0x7ffc0000
[ 2289.411756][   T24] audit: type=1326 audit(1721469536.190:5071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12597 comm="syz.4.10960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f53c7181b59 code=0x7ffc0000
[ 2289.417071][T12606] device pim6reg1 entered promiscuous mode
[ 2289.436317][   T24] audit: type=1326 audit(1721469536.190:5072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12597 comm="syz.4.10960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f53c7181b59 code=0x7ffc0000
[ 2289.470905][   T24] audit: type=1326 audit(1721469536.190:5073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12597 comm="syz.4.10960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f53c7181b59 code=0x7ffc0000
[ 2289.471860][T12607] syz.1.10961[12607] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2289.498911][T12607] syz.1.10961[12607] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2289.498935][   T24] audit: type=1326 audit(1721469536.190:5074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12597 comm="syz.4.10960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f53c7181b59 code=0x7ffc0000
[ 2289.548136][   T24] audit: type=1326 audit(1721469536.190:5075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12597 comm="syz.4.10960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f53c7181b59 code=0x7ffc0000
[ 2289.575128][   T24] audit: type=1326 audit(1721469536.190:5076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12597 comm="syz.4.10960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f53c7181b59 code=0x7ffc0000
[ 2289.599051][   T24] audit: type=1326 audit(1721469536.200:5077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12597 comm="syz.4.10960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f53c7181b59 code=0x7ffc0000
[ 2289.751930][T25634] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[ 2290.168330][ T8761] asix 4-1:0.0 eth1: register 'asix' at usb-dummy_hcd.3-1, ASIX AX88178 USB 2.0 Ethernet, 76:87:c5:9d:aa:0f
[ 2290.237180][ T8761] usb 4-1: USB disconnect, device number 16
[ 2290.295475][ T8761] asix 4-1:0.0 eth1: unregister 'asix' usb-dummy_hcd.3-1, ASIX AX88178 USB 2.0 Ethernet
[ 2290.309408][T25634] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2290.346804][T25634] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2290.605730][T25634] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2290.616550][T25634] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2290.624431][T25634] usb 5-1: SerialNumber: syz
[ 2290.656347][T12642] device pim6reg1 entered promiscuous mode
[ 2291.060266][T25634] usb 5-1: 0:2 : does not exist
[ 2291.140540][T25634] usb 5-1: USB disconnect, device number 10
[ 2291.181515][T12675] device pim6reg1 entered promiscuous mode
[ 2291.420894][T12685] overlayfs: missing 'lowerdir'
[ 2291.579025][T12686] syz.0.10976[12686] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2291.579097][T12686] syz.0.10976[12686] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2292.277545][T12711] device pim6reg1 entered promiscuous mode
[ 2292.337549][T12713] FAULT_INJECTION: forcing a failure.
[ 2292.337549][T12713] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2292.350849][T12713] CPU: 1 PID: 12713 Comm: syz.3.10985 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2292.362885][T12713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2292.369601][T12223] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[ 2292.372776][T12713] Call Trace:
[ 2292.372794][T12713]  dump_stack_lvl+0x1e2/0x24b
[ 2292.372811][T12713]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2292.406638][T12713]  dump_stack+0x15/0x17
[ 2292.410681][T12713]  should_fail+0x3c6/0x510
[ 2292.415360][T12713]  should_fail_usercopy+0x1a/0x20
[ 2292.420142][T12713]  _copy_to_user+0x20/0x90
[ 2292.424596][T12713]  simple_read_from_buffer+0xc7/0x150
[ 2292.429949][T12713]  proc_fail_nth_read+0x1a3/0x210
[ 2292.434899][T12713]  ? security_file_permission+0x7b/0xb0
[ 2292.440551][T12713]  ? proc_fault_inject_write+0x390/0x390
[ 2292.446143][T12713]  ? security_file_permission+0x86/0xb0
[ 2292.451734][T12713]  ? rw_verify_area+0x1c3/0x360
[ 2292.458472][T12713]  ? proc_fault_inject_write+0x390/0x390
[ 2292.466401][T12713]  vfs_read+0x204/0xbb0
[ 2292.472860][T12713]  ? kernel_read+0x70/0x70
[ 2292.478552][T12713]  ? do_sys_openat2+0x5e1/0x6f0
[ 2292.484729][T12713]  ? put_files_struct+0x236/0x320
[ 2292.489579][T12713]  ? do_sys_open+0x220/0x220
[ 2292.494650][T12713]  ? __kasan_check_read+0x11/0x20
[ 2292.499509][T12713]  ? __fdget_pos+0x2ee/0x3a0
[ 2292.503937][T12713]  ksys_read+0x199/0x2c0
[ 2292.508167][T12713]  ? vfs_write+0xe70/0xe70
[ 2292.512755][T12713]  ? debug_smp_processor_id+0x17/0x20
[ 2292.518045][T12713]  __x64_sys_read+0x7b/0x90
[ 2292.523281][T12713]  do_syscall_64+0x34/0x70
[ 2292.528451][T12713]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2292.534642][T12713] RIP: 0033:0x7f69df0a963c
[ 2292.539159][T12713] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[ 2292.565641][T12713] RSP: 002b:00007f69de32c040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2292.573884][T12713] RAX: ffffffffffffffda RBX: 00007f69df23af60 RCX: 00007f69df0a963c
[ 2292.581804][T12713] RDX: 000000000000000f RSI: 00007f69de32c0b0 RDI: 0000000000000003
[ 2292.589609][T12713] RBP: 00007f69de32c0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2292.599276][T12713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2292.608990][T12713] R13: 000000000000000b R14: 00007f69df23af60 R15: 00007ffebdbaecc8
[ 2292.679994][T12717] device pim6reg1 entered promiscuous mode
[ 2292.799745][T12223] usb 2-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[ 2292.809100][T12223] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2292.824023][T12223] usb 2-1: config 0 descriptor??
[ 2293.741335][T12736] overlayfs: missing 'lowerdir'
[ 2293.878690][T12738] overlayfs: missing 'lowerdir'
[ 2293.963850][T25634] usb 3-1: new high-speed USB device number 125 using dummy_hcd
[ 2294.209621][T25634] usb 3-1: Using ep0 maxpacket: 8
[ 2294.221030][T12223] asix 2-1:0.0 eth1: register 'asix' at usb-dummy_hcd.1-1, ASIX AX88178 USB 2.0 Ethernet, 76:87:c5:9d:aa:0f
[ 2294.256208][T12163] usb 2-1: USB disconnect, device number 40
[ 2294.265892][T12163] asix 2-1:0.0 eth1: unregister 'asix' usb-dummy_hcd.1-1, ASIX AX88178 USB 2.0 Ethernet
[ 2294.329721][  T290] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[ 2294.349835][T25634] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11
[ 2294.361004][T25634] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 16
[ 2294.371227][T25634] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18
[ 2294.479682][T25634] usb 3-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00
[ 2294.489490][T25634] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 2294.497504][T25634] usb 3-1: SerialNumber: syz
[ 2294.519686][T12734] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[ 2294.540195][T25634] hub 3-1:1.0: bad descriptor, ignoring hub
[ 2294.546286][T25634] hub: probe of 3-1:1.0 failed with error -5
[ 2294.599760][  T290] usb 4-1: device descriptor read/64, error -71
[ 2294.740224][T12734] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[ 2295.109150][  T290] usb 4-1: device descriptor read/64, error -71
[ 2295.338838][T12783] syz.4.10998[12783] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2295.338892][T12783] syz.4.10998[12783] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2295.389595][  T290] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[ 2295.489728][T25634] cdc_ether: probe of 3-1:1.0 failed with error -71
[ 2295.526070][T25634] usb 3-1: USB disconnect, device number 125
[ 2295.536741][T12789] device pim6reg1 entered promiscuous mode
[ 2295.598297][T12791] FAULT_INJECTION: forcing a failure.
[ 2295.598297][T12791] name failslab, interval 1, probability 0, space 0, times 0
[ 2295.610839][T12791] CPU: 0 PID: 12791 Comm: syz.4.11001 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2295.622068][T12791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2295.632546][T12791] Call Trace:
[ 2295.635805][T12791]  dump_stack_lvl+0x1e2/0x24b
[ 2295.641941][T12791]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2295.647261][T12791]  ? stack_trace_save+0x113/0x1c0
[ 2295.652088][T12791]  dump_stack+0x15/0x17
[ 2295.657856][T12791]  should_fail+0x3c6/0x510
[ 2295.662246][T12791]  ? sock_kmalloc+0x9c/0x100
[ 2295.666625][T12791]  __should_failslab+0xa4/0xe0
[ 2295.669643][  T290] usb 4-1: device descriptor read/64, error -71
[ 2295.671233][T12791]  should_failslab+0x9/0x20
[ 2295.682060][T12791]  __kmalloc+0x60/0x330
[ 2295.686040][T12791]  ? kasan_set_free_info+0x23/0x40
[ 2295.691667][T12791]  ? ____kasan_slab_free+0x121/0x160
[ 2295.699582][T12791]  ? __kasan_slab_free+0x11/0x20
[ 2295.705077][T12791]  sock_kmalloc+0x9c/0x100
[ 2295.709322][T12791]  ____sys_sendmsg+0x219/0x8f0
[ 2295.719890][T12791]  ? __sys_sendmsg_sock+0x40/0x40
[ 2295.724756][T12791]  ? import_iovec+0xe5/0x120
[ 2295.729295][T12791]  ___sys_sendmsg+0x252/0x2e0
[ 2295.734011][T12791]  ? __sys_sendmsg+0x280/0x280
[ 2295.738783][T12791]  ? rw_verify_area+0x1c3/0x360
[ 2295.743475][T12791]  ? __fdget+0x1bc/0x240
[ 2295.751001][T12791]  __se_sys_sendmsg+0x1b1/0x280
[ 2295.757522][T12791]  ? __x64_sys_sendmsg+0x90/0x90
[ 2295.762372][T12791]  ? ksys_write+0x260/0x2c0
[ 2295.766916][T12791]  ? debug_smp_processor_id+0x17/0x20
[ 2295.772135][T12791]  __x64_sys_sendmsg+0x7b/0x90
[ 2295.776737][T12791]  do_syscall_64+0x34/0x70
[ 2295.781309][T12791]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2295.787532][T12791] RIP: 0033:0x7f53c7181b59
[ 2295.792137][T12791] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2295.813479][T12791] RSP: 002b:00007f53c6403048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2295.824515][T12791] RAX: ffffffffffffffda RBX: 00007f53c7311f60 RCX: 00007f53c7181b59
[ 2295.832841][T12791] RDX: 0000000000000000 RSI: 0000000020003ec0 RDI: 0000000000000004
[ 2295.841116][T12791] RBP: 00007f53c64030a0 R08: 0000000000000000 R09: 0000000000000000
[ 2295.849017][T12791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2295.859006][T12791] R13: 000000000000000b R14: 00007f53c7311f60 R15: 00007ffc21e453a8
[ 2295.912777][   T24] kauditd_printk_skb: 92 callbacks suppressed
[ 2295.912790][   T24] audit: type=1326 audit(1721469542.770:5170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12794 comm="syz.1.11003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f15d5cb59 code=0x7ffc0000
[ 2295.943795][   T24] audit: type=1326 audit(1721469542.770:5171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12794 comm="syz.1.11003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f1f15d5cb59 code=0x7ffc0000
[ 2295.974659][   T24] audit: type=1326 audit(1721469542.770:5172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12794 comm="syz.1.11003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f15d5cb59 code=0x7ffc0000
[ 2295.999720][   T24] audit: type=1326 audit(1721469542.770:5173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12794 comm="syz.1.11003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f1f15d5cb59 code=0x7ffc0000
[ 2296.024719][   T24] audit: type=1326 audit(1721469542.770:5174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12794 comm="syz.1.11003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f15d5cb59 code=0x7ffc0000
[ 2296.049744][   T24] audit: type=1326 audit(1721469542.770:5175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12794 comm="syz.1.11003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1f15d5cb59 code=0x7ffc0000
[ 2296.079551][   T24] audit: type=1326 audit(1721469542.770:5176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12794 comm="syz.1.11003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f15d5cb59 code=0x7ffc0000
[ 2296.107566][  T290] usb 4-1: device descriptor read/64, error -71
[ 2296.113810][   T24] audit: type=1326 audit(1721469542.770:5177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12794 comm="syz.1.11003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1f15d5cb59 code=0x7ffc0000
[ 2296.139749][   T24] audit: type=1326 audit(1721469542.770:5178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12794 comm="syz.1.11003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f15d5cb59 code=0x7ffc0000
[ 2296.177103][   T24] audit: type=1326 audit(1721469542.770:5179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12794 comm="syz.1.11003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1f15d5cb59 code=0x7ffc0000
[ 2296.259891][  T290] usb usb4-port1: attempt power cycle
[ 2296.709658][  T290] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[ 2296.899699][  T290] usb 4-1: device descriptor read/8, error -71
[ 2296.953648][T12811] overlayfs: missing 'lowerdir'
[ 2297.136427][T12816] FAULT_INJECTION: forcing a failure.
[ 2297.136427][T12816] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2297.149401][T12816] CPU: 0 PID: 12816 Comm: syz.3.11009 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2297.149937][  T290] usb 4-1: device descriptor read/8, error -71
[ 2297.163468][T12816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2297.163475][T12816] Call Trace:
[ 2297.163496][T12816]  dump_stack_lvl+0x1e2/0x24b
[ 2297.163508][T12816]  ? panic+0x812/0x812
[ 2297.163528][T12816]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2297.199493][T12816]  dump_stack+0x15/0x17
[ 2297.203552][T12816]  should_fail+0x3c6/0x510
[ 2297.209624][T12816]  should_fail_usercopy+0x1a/0x20
[ 2297.214481][T12816]  strncpy_from_user+0x24/0x2d0
[ 2297.219167][T12816]  ? getname_flags+0xba/0x520
[ 2297.223679][T12816]  getname_flags+0xf2/0x520
[ 2297.228025][T12816]  user_path_at_empty+0x2d/0x50
[ 2297.235362][T12816]  __x64_sys_chmod+0xda/0x180
[ 2297.244230][T12816]  ? __ia32_sys_fchmodat+0x1a0/0x1a0
[ 2297.249322][T12816]  ? debug_smp_processor_id+0x17/0x20
[ 2297.254539][T12816]  do_syscall_64+0x34/0x70
[ 2297.258791][T12816]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2297.265572][T12816] RIP: 0033:0x7f69df0aab59
[ 2297.270958][T12816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2297.290945][T12816] RSP: 002b:00007f69de32c048 EFLAGS: 00000246 ORIG_RAX: 000000000000005a
[ 2297.299914][T12816] RAX: ffffffffffffffda RBX: 00007f69df23af60 RCX: 00007f69df0aab59
[ 2297.310791][T12816] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080
[ 2297.324189][T12816] RBP: 00007f69de32c0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2297.332397][T12816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2297.340212][T12816] R13: 000000000000000b R14: 00007f69df23af60 R15: 00007ffebdbaecc8
[ 2297.394272][T12821] device pim6reg1 entered promiscuous mode
[ 2297.414269][T12822] syz.3.11010[12822] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2297.414310][T12822] syz.3.11010[12822] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2297.429598][T29842] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[ 2297.583079][T12829] FAULT_INJECTION: forcing a failure.
[ 2297.583079][T12829] name failslab, interval 1, probability 0, space 0, times 0
[ 2297.599286][T12829] CPU: 1 PID: 12829 Comm: syz.3.11013 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2297.610557][T12829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2297.620745][T12829] Call Trace:
[ 2297.623877][T12829]  dump_stack_lvl+0x1e2/0x24b
[ 2297.628382][T12829]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2297.633672][T12829]  ? vfs_write+0x854/0xe70
[ 2297.637922][T12829]  dump_stack+0x15/0x17
[ 2297.642042][T12829]  should_fail+0x3c6/0x510
[ 2297.646287][T12829]  ? copy_fs_struct+0x4e/0x230
[ 2297.650905][T12829]  __should_failslab+0xa4/0xe0
[ 2297.655679][T12829]  should_failslab+0x9/0x20
[ 2297.660008][T12829]  kmem_cache_alloc+0x3d/0x2e0
[ 2297.664782][T12829]  ? mutex_trylock+0xa0/0xa0
[ 2297.669335][T12829]  copy_fs_struct+0x4e/0x230
[ 2297.673749][T12829]  ksys_unshare+0x4a6/0x9a0
[ 2297.678093][T12829]  ? ksys_write+0x260/0x2c0
[ 2297.682620][T12829]  ? unshare_fd+0x240/0x240
[ 2297.686951][T12829]  ? debug_smp_processor_id+0x17/0x20
[ 2297.692173][T12829]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 2297.699901][T12829]  __x64_sys_unshare+0x38/0x40
[ 2297.704500][T12829]  do_syscall_64+0x34/0x70
[ 2297.708915][T12829]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2297.714636][T12829] RIP: 0033:0x7f69df0aab59
[ 2297.718895][T12829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2297.738462][T12829] RSP: 002b:00007f69de32c048 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 2297.747505][T12829] RAX: ffffffffffffffda RBX: 00007f69df23af60 RCX: 00007f69df0aab59
[ 2297.755397][T12829] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000064000600
[ 2297.763211][T12829] RBP: 00007f69de32c0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2297.771028][T12829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2297.778838][T12829] R13: 000000000000000b R14: 00007f69df23af60 R15: 00007ffebdbaecc8
[ 2298.162304][T29842] usb 5-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[ 2298.172314][T29842] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2298.204647][T12837] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11015'.
[ 2298.409643][T29842] usb 5-1: config 0 descriptor??
[ 2298.869597][  T290] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[ 2298.993875][T12854] syz.3.11021[12854] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2298.993926][T12854] syz.3.11021[12854] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2299.183290][  T290] usb 2-1: device descriptor read/64, error -71
[ 2299.317419][T12863] overlayfs: missing 'lowerdir'
[ 2299.717532][T29842] asix 5-1:0.0 eth1: register 'asix' at usb-dummy_hcd.4-1, ASIX AX88178 USB 2.0 Ethernet, 76:87:c5:9d:aa:0f
[ 2299.729953][T29842] usb 5-1: USB disconnect, device number 11
[ 2299.736463][T29842] asix 5-1:0.0 eth1: unregister 'asix' usb-dummy_hcd.4-1, ASIX AX88178 USB 2.0 Ethernet
[ 2299.789640][  T290] usb 2-1: device descriptor read/64, error -71
[ 2300.458635][  T290] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[ 2300.742350][T12895] syz.4.11032[12895] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2300.742411][T12895] syz.4.11032[12895] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2300.764169][T12897] FAULT_INJECTION: forcing a failure.
[ 2300.764169][T12897] name failslab, interval 1, probability 0, space 0, times 0
[ 2300.790506][T12897] CPU: 0 PID: 12897 Comm: syz.2.11033 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2300.803509][T12897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2300.813397][T12897] Call Trace:
[ 2300.816528][T12897]  dump_stack_lvl+0x1e2/0x24b
[ 2300.821045][T12897]  ? panic+0x812/0x812
[ 2300.825026][T12897]  ? do_syscall_64+0x34/0x70
[ 2300.829450][T12897]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2300.834844][T12897]  dump_stack+0x15/0x17
[ 2300.838831][T12897]  should_fail+0x3c6/0x510
[ 2300.843115][T12897]  ? __get_vm_area_node+0x116/0x470
[ 2300.848118][T12897]  __should_failslab+0xa4/0xe0
[ 2300.852731][T12897]  should_failslab+0x9/0x20
[ 2300.857057][T12897]  kmem_cache_alloc_trace+0x3a/0x2e0
[ 2300.862175][T12897]  __get_vm_area_node+0x116/0x470
[ 2300.867045][T12897]  __vmalloc_node_range+0xdc/0x7c0
[ 2300.872164][T12897]  ? copy_process+0x5c8/0x3340
[ 2300.877801][T12897]  ? kmem_cache_alloc+0x168/0x2e0
[ 2300.882769][T12897]  dup_task_struct+0x429/0xc30
[ 2300.887517][T12897]  ? copy_process+0x5c8/0x3340
[ 2300.892165][T12897]  copy_process+0x5c8/0x3340
[ 2300.896628][T12897]  ? proc_fail_nth_write+0x20b/0x290
[ 2300.903857][T12897]  ? proc_fail_nth_read+0x210/0x210
[ 2300.911143][T12897]  ? security_file_permission+0x86/0xb0
[ 2300.916587][T12897]  ? rw_verify_area+0x1c3/0x360
[ 2300.922526][T12897]  ? slab_free_freelist_hook+0xc0/0x190
[ 2300.927868][T12897]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2300.932808][T12897]  ? vfs_write+0x854/0xe70
[ 2300.937152][T12897]  kernel_clone+0x21e/0x9e0
[ 2300.941577][T12897]  ? create_io_thread+0x1e0/0x1e0
[ 2300.946534][T12897]  __x64_sys_clone+0x23f/0x290
[ 2300.951212][T12897]  ? __do_sys_vfork+0x130/0x130
[ 2300.956325][T12897]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2300.961498][T12897]  ? syscall_enter_from_user_mode+0x144/0x1a0
[ 2300.967654][T12897]  do_syscall_64+0x34/0x70
[ 2300.971907][T12897]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2300.977749][T12897] RIP: 0033:0x7f4e7fc78b59
[ 2300.981997][T12897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2301.001705][T12897] RSP: 002b:00007f4e7eef9ff8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2301.010087][T12897] RAX: ffffffffffffffda RBX: 00007f4e7fe08f60 RCX: 00007f4e7fc78b59
[ 2301.018198][T12897] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2301.025997][T12897] RBP: 00007f4e7eefa0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2301.035198][T12897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2301.043614][T12897] R13: 000000000000000b R14: 00007f4e7fe08f60 R15: 00007ffcf1b042a8
[ 2301.065633][T12897] syz.2.11033: vmalloc: allocation failure: 32768 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0
[ 2301.079589][T12897] CPU: 0 PID: 12897 Comm: syz.2.11033 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2301.091127][T12897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2301.101019][T12897] Call Trace:
[ 2301.104153][T12897]  dump_stack_lvl+0x1e2/0x24b
[ 2301.108660][T12897]  ? wake_up_klogd+0xb8/0xf0
[ 2301.113925][T12897]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2301.119224][T12897]  ? pr_cont_kernfs_name+0xf0/0x100
[ 2301.124521][T12897]  dump_stack+0x15/0x17
[ 2301.128512][T12897]  warn_alloc+0x21a/0x390
[ 2301.132678][T12897]  ? __get_vm_area_node+0x116/0x470
[ 2301.137700][T12897]  ? zone_watermark_ok_safe+0x2b0/0x2b0
[ 2301.143896][T12897]  ? __get_vm_area_node+0x34b/0x470
[ 2301.149044][T12897]  __vmalloc_node_range+0x287/0x7c0
[ 2301.154135][T12897]  ? kmem_cache_alloc+0x168/0x2e0
[ 2301.158944][T12897]  dup_task_struct+0x429/0xc30
[ 2301.164495][T12897]  ? copy_process+0x5c8/0x3340
[ 2301.169087][T12897]  copy_process+0x5c8/0x3340
[ 2301.173518][T12897]  ? proc_fail_nth_write+0x20b/0x290
[ 2301.178637][T12897]  ? proc_fail_nth_read+0x210/0x210
[ 2301.184104][T12897]  ? security_file_permission+0x86/0xb0
[ 2301.189497][T12897]  ? rw_verify_area+0x1c3/0x360
[ 2301.194383][T12897]  ? slab_free_freelist_hook+0xc0/0x190
[ 2301.199749][T12897]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2301.205212][T12897]  ? vfs_write+0x854/0xe70
[ 2301.209486][T12897]  kernel_clone+0x21e/0x9e0
[ 2301.213817][T12897]  ? create_io_thread+0x1e0/0x1e0
[ 2301.218686][T12897]  __x64_sys_clone+0x23f/0x290
[ 2301.224269][T12897]  ? __do_sys_vfork+0x130/0x130
[ 2301.229480][T12897]  ? __bpf_trace_sys_enter+0x62/0x70
[ 2301.234726][T12897]  ? syscall_enter_from_user_mode+0x144/0x1a0
[ 2301.240716][T12897]  do_syscall_64+0x34/0x70
[ 2301.246376][T12897]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2301.253932][T12897] RIP: 0033:0x7f4e7fc78b59
[ 2301.258268][T12897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2301.277791][T12897] RSP: 002b:00007f4e7eef9ff8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2301.289769][T12897] RAX: ffffffffffffffda RBX: 00007f4e7fe08f60 RCX: 00007f4e7fc78b59
[ 2301.300006][T12897] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2301.311714][T12897] RBP: 00007f4e7eefa0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2301.320472][T12897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2301.332818][T12897] R13: 000000000000000b R14: 00007f4e7fe08f60 R15: 00007ffcf1b042a8
[ 2301.342689][  T290] usb 2-1: device descriptor read/64, error -71
[ 2301.349140][T12897] Mem-Info:
[ 2301.352118][T12897] active_anon:452 inactive_anon:5200 isolated_anon:0
[ 2301.352118][T12897]  active_file:23787 inactive_file:4915 isolated_file:0
[ 2301.352118][T12897]  unevictable:0 dirty:679 writeback:0
[ 2301.352118][T12897]  slab_reclaimable:8030 slab_unreclaimable:87474
[ 2301.352118][T12897]  mapped:25603 shmem:733 pagetables:602 bounce:0
[ 2301.352118][T12897]  free:1550768 free_pcp:1209 free_cma:0
[ 2301.409055][T12897] Node 0 active_anon:1808kB inactive_anon:22700kB active_file:95148kB inactive_file:19660kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:104312kB dirty:2716kB writeback:0kB shmem:4732kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:6144kB all_unreclaimable? no
[ 2301.443929][T12897] DMA32 free:2981840kB min:62624kB low:78280kB high:93936kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2984780kB mlocked:0kB pagetables:0kB bounce:0kB free_pcp:2940kB local_pcp:1496kB free_cma:0kB
[ 2301.481768][T12897] lowmem_reserve[]: 0 3941 3941
[ 2301.486510][T12897] Normal free:3207892kB min:84828kB low:106032kB high:127236kB reserved_highatomic:0KB active_anon:1808kB inactive_anon:31400kB active_file:95148kB inactive_file:19660kB unevictable:0kB writepending:2716kB present:5242880kB managed:4035856kB mlocked:0kB pagetables:2556kB bounce:0kB free_pcp:1316kB local_pcp:860kB free_cma:0kB
[ 2301.518398][T12897] lowmem_reserve[]: 0 0 0
[ 2301.523078][T12897] DMA32: 6*4kB (UM) 5*8kB (M) 3*16kB (M) 7*32kB (UM) 8*64kB (UM) 7*128kB (UM) 7*256kB (UM) 5*512kB (M) 4*1024kB (UM) 3*2048kB (UM) 724*4096kB (M) = 2981840kB
[ 2301.539738][T12897] Normal: 232*4kB (UM) 1186*8kB (UME) 1912*16kB (UME) 534*32kB (UME) 249*64kB (UME) 207*128kB (UME) 80*256kB (UM) 32*512kB (UME) 25*1024kB (UM) 13*2048kB (UME) 736*4096kB (M) = 3204272kB
[ 2301.559034][T12897] 34466 total pagecache pages
[ 2301.566291][T12897] 695 pages in swap cache
[ 2301.574476][T12897] Swap cache stats: add 308623, delete 307928, find 2757/2759
[ 2301.582460][T12897] Free swap  = 121592kB
[ 2301.586677][T12897] Total swap = 124996kB
[ 2301.619343][T12897] 2097051 pages RAM
[ 2301.636598][T12897] 0 pages HighMem/MovableOnly
[ 2301.641291][T12897] 341892 pages reserved
[ 2301.645323][T12897] 0 pages cma reserved
[ 2302.382019][T12912] device veth0_vlan left promiscuous mode
[ 2302.388167][T12912] device veth0_vlan entered promiscuous mode
[ 2302.395491][T23432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2302.405102][T23432] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2302.413260][T12912] syz.1.11037[12912] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2302.413316][T12912] syz.1.11037[12912] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2302.420318][T23432] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2302.594467][T12925] FAULT_INJECTION: forcing a failure.
[ 2302.594467][T12925] name failslab, interval 1, probability 0, space 0, times 0
[ 2302.607135][T12925] CPU: 1 PID: 12925 Comm: syz.1.11042 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2302.618483][T12925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2302.628532][T12925] Call Trace:
[ 2302.631666][T12925]  dump_stack_lvl+0x1e2/0x24b
[ 2302.636173][T12925]  ? panic+0x812/0x812
[ 2302.640165][T12925]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2302.645599][T12925]  dump_stack+0x15/0x17
[ 2302.649586][T12925]  should_fail+0x3c6/0x510
[ 2302.653840][T12925]  ? security_inode_alloc+0x29/0x120
[ 2302.658961][T12925]  __should_failslab+0xa4/0xe0
[ 2302.663651][T12925]  should_failslab+0x9/0x20
[ 2302.668333][T12925]  kmem_cache_alloc+0x3d/0x2e0
[ 2302.672918][T12925]  security_inode_alloc+0x29/0x120
[ 2302.680307][T12925]  inode_init_always+0x767/0x9f0
[ 2302.685201][T12925]  ? sockfs_init_fs_context+0xb0/0xb0
[ 2302.690825][T12925]  new_inode_pseudo+0x93/0x220
[ 2302.695408][T12925]  __sock_create+0x135/0x760
[ 2302.699831][T12925]  ? get_unused_fd_flags+0x94/0xa0
[ 2302.704792][T12925]  __sys_socketpair+0x29f/0x6e0
[ 2302.709464][T12925]  ? __ia32_sys_socket+0x90/0x90
[ 2302.714321][T12925]  ? __ia32_sys_read+0x90/0x90
[ 2302.720320][T12925]  __x64_sys_socketpair+0x9b/0xb0
[ 2302.728390][T12925]  do_syscall_64+0x34/0x70
[ 2302.732650][T12925]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2302.738379][T12925] RIP: 0033:0x7f1f15d5cb59
[ 2302.742628][T12925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2302.762781][T12925] RSP: 002b:00007f1f14fde048 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[ 2302.771141][T12925] RAX: ffffffffffffffda RBX: 00007f1f15eecf60 RCX: 00007f1f15d5cb59
[ 2302.778951][T12925] RDX: 0000000000000002 RSI: 0000000000000002 RDI: 000000000000001d
[ 2302.786726][T12925] RBP: 00007f1f14fde0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2302.794847][T12925] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[ 2302.802751][T12925] R13: 000000000000000b R14: 00007f1f15eecf60 R15: 00007ffcbdae9c98
[ 2302.814804][T12925] socket: no more sockets
[ 2302.852253][T12934] FAULT_INJECTION: forcing a failure.
[ 2302.852253][T12934] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2302.870772][T12934] CPU: 1 PID: 12934 Comm: syz.3.11044 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2302.882671][T12934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2302.895772][T12934] Call Trace:
[ 2302.898991][T12934]  dump_stack_lvl+0x1e2/0x24b
[ 2302.904990][T12934]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2302.910975][T12934]  ? kmem_cache_free+0xa9/0x1e0
[ 2302.915663][T12934]  dump_stack+0x15/0x17
[ 2302.919649][T12934]  should_fail+0x3c6/0x510
[ 2302.923900][T12934]  should_fail_usercopy+0x1a/0x20
[ 2302.929196][T12934]  _copy_from_user+0x20/0xd0
[ 2302.934931][T12934]  __copy_msghdr_from_user+0x587/0x7c0
[ 2302.940325][T12934]  ? __ia32_sys_shutdown+0x70/0x70
[ 2302.945292][T12934]  ___sys_sendmsg+0x166/0x2e0
[ 2302.949881][T12934]  ? __sys_sendmsg+0x280/0x280
[ 2302.954481][T12934]  ? rw_verify_area+0x1c3/0x360
[ 2302.959435][T12934]  ? __fdget+0x1bc/0x240
[ 2302.963886][T12934]  __se_sys_sendmsg+0x1b1/0x280
[ 2302.968697][T12934]  ? __x64_sys_sendmsg+0x90/0x90
[ 2302.973913][T12934]  ? ksys_write+0x260/0x2c0
[ 2302.978253][T12934]  ? debug_smp_processor_id+0x17/0x20
[ 2302.983662][T12934]  __x64_sys_sendmsg+0x7b/0x90
[ 2302.988254][T12934]  do_syscall_64+0x34/0x70
[ 2302.992527][T12934]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2302.998236][T12934] RIP: 0033:0x7f69df0aab59
[ 2303.002496][T12934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2303.022105][T12934] RSP: 002b:00007f69de32c048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2303.030353][T12934] RAX: ffffffffffffffda RBX: 00007f69df23af60 RCX: 00007f69df0aab59
[ 2303.038169][T12934] RDX: 0000000000000000 RSI: 0000000020004440 RDI: 0000000000000006
[ 2303.047094][T12934] RBP: 00007f69de32c0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2303.055261][T12934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2303.063475][T12934] R13: 000000000000000b R14: 00007f69df23af60 R15: 00007ffebdbaecc8
[ 2303.104181][T12919] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2303.118383][T12919] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2303.129727][T12919] device bridge_slave_0 entered promiscuous mode
[ 2303.140313][T12919] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2303.147746][T12919] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2303.155501][T12919] device bridge_slave_1 entered promiscuous mode
[ 2303.212046][T12919] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2303.218949][T12919] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2303.226394][T12919] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2303.233653][T12919] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2303.761822][T15243] Bluetooth: hci0: Frame reassembly failed (-84)
[ 2303.777780][T12315] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2303.787084][T12315] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2303.794824][T12954] FAULT_INJECTION: forcing a failure.
[ 2303.794824][T12954] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2303.809124][T12954] CPU: 1 PID: 12954 Comm: syz.2.11051 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2303.820311][T12954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2303.830655][T12954] Call Trace:
[ 2303.833791][T12954]  dump_stack_lvl+0x1e2/0x24b
[ 2303.838668][T12954]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2303.844079][T12954]  dump_stack+0x15/0x17
[ 2303.848066][T12954]  should_fail+0x3c6/0x510
[ 2303.852327][T12954]  should_fail_usercopy+0x1a/0x20
[ 2303.857178][T12954]  strncpy_from_user+0x24/0x2d0
[ 2303.862155][T12954]  ? getname_flags+0xba/0x520
[ 2303.866665][T12954]  getname_flags+0xf2/0x520
[ 2303.871008][T12954]  getname+0x19/0x20
[ 2303.875105][T12954]  __x64_sys_execve+0x78/0xb0
[ 2303.879633][T12954]  do_syscall_64+0x34/0x70
[ 2303.886455][T12954]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2303.895355][T12954] RIP: 0033:0x7f4e7fc78b59
[ 2303.899712][T12954] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2303.933703][T12954] RSP: 002b:00007f4e7eefa048 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[ 2303.949828][T12954] RAX: ffffffffffffffda RBX: 00007f4e7fe08f60 RCX: 00007f4e7fc78b59
[ 2303.960781][T12954] RDX: 0000000020002500 RSI: 0000000000000000 RDI: 0000000020000280
[ 2303.970178][T12954] RBP: 00007f4e7eefa0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2303.978786][T12954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2303.986837][T12954] R13: 000000000000000b R14: 00007f4e7fe08f60 R15: 00007ffcf1b042a8
[ 2304.051669][T12452] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2304.129171][T12961] syz.2.11052[12961] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2304.129230][T12961] syz.2.11052[12961] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2304.132280][T12452] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2304.180641][T12315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2304.190109][T12315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2304.481405][T12315] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2304.488642][T12315] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2304.497670][T12315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2304.513353][T12315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2304.522995][T12315] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2304.530224][T12315] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2304.542364][T12315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2304.556186][T12315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2304.592823][T29842] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2304.608171][T29842] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2304.650127][T12315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2304.660905][T12315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2304.686272][T12919] device veth0_vlan entered promiscuous mode
[ 2304.696621][T12315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2304.704914][T12315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2304.721164][T12315] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2304.728963][T12315] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2304.736616][T12315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2304.745236][T12315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2304.753864][T12969] device pim6reg1 entered promiscuous mode
[ 2304.770568][T12919] device veth1_macvtap entered promiscuous mode
[ 2304.779826][T12315] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2304.793084][T12452] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2304.808383][T12452] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2304.831823][   T24] kauditd_printk_skb: 22 callbacks suppressed
[ 2304.831835][   T24] audit: type=1400 audit(1721469551.690:5202): avc:  denied  { create } for  pid=12974 comm="syz.2.11058" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 2304.876134][   T24] audit: type=1400 audit(1721469551.690:5203): avc:  denied  { read } for  pid=12974 comm="syz.2.11058" name="file0" dev="tmpfs" ino=273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 2304.906101][   T24] audit: type=1400 audit(1721469551.690:5204): avc:  denied  { open } for  pid=12974 comm="syz.2.11058" path="/47/file0" dev="tmpfs" ino=273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 2304.906330][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2304.933581][   T24] audit: type=1400 audit(1721469551.690:5205): avc:  denied  { ioctl } for  pid=12974 comm="syz.2.11058" path="/47/file0" dev="tmpfs" ino=273 ioctlcmd=0x127b scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 2304.969261][   T24] audit: type=1326 audit(1721469551.700:5206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12974 comm="syz.2.11058" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4e7fc78b59 code=0x0
[ 2304.998393][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2305.007576][T12976] fuse: Unknown parameter 'group	@'
[ 2305.012635][   T24] audit: type=1400 audit(1721469551.860:5207): avc:  denied  { write } for  pid=12974 comm="syz.2.11058" name="file0" dev="tmpfs" ino=273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 2305.038119][T12978] FAULT_INJECTION: forcing a failure.
[ 2305.038119][T12978] name failslab, interval 1, probability 0, space 0, times 0
[ 2305.051597][T12978] CPU: 1 PID: 12978 Comm: syz.1.11059 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2305.064001][T12978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2305.074095][T12978] Call Trace:
[ 2305.077227][T12978]  dump_stack_lvl+0x1e2/0x24b
[ 2305.080522][   T24] audit: type=1400 audit(1721469551.860:5208): avc:  denied  { mounton } for  pid=12974 comm="syz.2.11058" path="/47/file0" dev="tmpfs" ino=273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 2305.085756][T12978]  ? panic+0x812/0x812
[ 2305.114588][   T24] audit: type=1326 audit(1721469551.890:5209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12977 comm="syz.1.11059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f15d5cb59 code=0x7ffc0000
[ 2305.122209][T12978]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2305.122223][T12978]  dump_stack+0x15/0x17
[ 2305.122242][T12978]  should_fail+0x3c6/0x510
[ 2305.154812][   T24] audit: type=1326 audit(1721469551.890:5210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12977 comm="syz.1.11059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1f15d5b590 code=0x7ffc0000
[ 2305.157800][T12978]  ? __alloc_skb+0x80/0x510
[ 2305.163050][   T24] audit: type=1326 audit(1721469551.890:5211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12977 comm="syz.1.11059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f1f15d5b6df code=0x7ffc0000
[ 2305.198832][T12978]  __should_failslab+0xa4/0xe0
[ 2305.198845][T12978]  should_failslab+0x9/0x20
[ 2305.198856][T12978]  kmem_cache_alloc+0x3d/0x2e0
[ 2305.198867][T12978]  __alloc_skb+0x80/0x510
[ 2305.198877][T12978]  ? kmem_cache_alloc+0x168/0x2e0
[ 2305.198887][T12978]  ? audit_log_start+0x48c/0x9b0
[ 2305.198902][T12978]  audit_log_start+0x4ae/0x9b0
[ 2305.198911][T12978]  ? _kstrtoull+0x3a0/0x4a0
[ 2305.198922][T12978]  ? audit_serial+0x30/0x30
[ 2305.198931][T12978]  ? kstrtol_from_user+0x310/0x310
[ 2305.198940][T12978]  ? audit_log_end+0x1c8/0x230
[ 2305.198950][T12978]  ? __traceiter_kmem_cache_free+0x2e/0x50
[ 2305.198959][T12978]  ? memset+0x35/0x40
[ 2305.198970][T12978]  ? __fsnotify_parent+0x4b9/0x6c0
[ 2305.198982][T12978]  audit_seccomp+0x61/0x1e0
[ 2305.198993][T12978]  __seccomp_filter+0xd03/0x1e10
[ 2305.199004][T12978]  ? vfs_write+0x854/0xe70
[ 2305.199014][T12978]  ? __secure_computing+0x300/0x300
[ 2305.199024][T12978]  ? kernel_write+0x3d0/0x3d0
[ 2305.199034][T12978]  ? __kasan_check_write+0x14/0x20
[ 2305.199043][T12978]  ? mutex_lock+0xa5/0x110
[ 2305.199052][T12978]  ? mutex_trylock+0xa0/0xa0
[ 2305.199073][T12978]  ? fput_many+0x160/0x1b0
[ 2305.364464][T12978]  ? fput+0x1a/0x20
[ 2305.368088][T12978]  ? ksys_write+0x260/0x2c0
[ 2305.372615][T12978]  ? __ia32_sys_read+0x90/0x90
[ 2305.377199][T12978]  __secure_computing+0xf0/0x300
[ 2305.381980][T12978]  syscall_enter_from_user_mode+0xbf/0x1a0
[ 2305.387749][T12978]  do_syscall_64+0x13/0x70
[ 2305.392085][T12978]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2305.397808][T12978] RIP: 0033:0x7f1f15d5cb59
[ 2305.402174][T12978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2305.422955][T12978] RSP: 002b:00007f1f14fde048 EFLAGS: 00000246 ORIG_RAX: 0000000000000079
[ 2305.431540][T12978] RAX: ffffffffffffffda RBX: 00007f1f15eecf60 RCX: 00007f1f15d5cb59
[ 2305.439346][T12978] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff
[ 2305.447268][T12978] RBP: 00007f1f14fde0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2305.455081][T12978] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2305.463360][T12978] R13: 000000000000000b R14: 00007f1f15eecf60 R15: 00007ffcbdae9c98
[ 2305.476974][T31198] device bridge_slave_1 left promiscuous mode
[ 2305.487835][T31198] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2305.502455][T12983] FAULT_INJECTION: forcing a failure.
[ 2305.502455][T12983] name failslab, interval 1, probability 0, space 0, times 0
[ 2305.524068][T31198] device bridge_slave_0 left promiscuous mode
[ 2305.530455][T12983] CPU: 0 PID: 12983 Comm: syz.0.11038 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2305.530591][T31198] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2305.543216][T12983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2305.543221][T12983] Call Trace:
[ 2305.543240][T12983]  dump_stack_lvl+0x1e2/0x24b
[ 2305.543251][T12983]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2305.543263][T12983]  ? vfs_write+0x854/0xe70
[ 2305.543282][T12983]  dump_stack+0x15/0x17
[ 2305.588794][T12983]  should_fail+0x3c6/0x510
[ 2305.593127][T12983]  ? write_ldt+0x416/0x8a0
[ 2305.597365][T12983]  __should_failslab+0xa4/0xe0
[ 2305.602070][T12983]  should_failslab+0x9/0x20
[ 2305.606409][T12983]  kmem_cache_alloc_trace+0x3a/0x2e0
[ 2305.611625][T12983]  ? __kasan_check_write+0x14/0x20
[ 2305.616745][T12983]  write_ldt+0x416/0x8a0
[ 2305.622790][T12983]  ? fput_many+0x160/0x1b0
[ 2305.627211][T12983]  ? fput+0x1a/0x20
[ 2305.630845][T12983]  ? __ia32_sys_modify_ldt+0x80/0x80
[ 2305.635960][T12983]  ? __ia32_sys_read+0x90/0x90
[ 2305.640653][T12983]  __se_sys_modify_ldt+0x17a/0x1c0
[ 2305.647928][T12983]  __x64_sys_modify_ldt+0x76/0x80
[ 2305.653292][T12983]  do_syscall_64+0x34/0x70
[ 2305.657838][T12983]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2305.663573][T12983] RIP: 0033:0x7f4695907b59
[ 2305.668073][T12983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2305.688284][T12983] RSP: 002b:00007f4694b89048 EFLAGS: 00000246 ORIG_RAX: 000000000000009a
[ 2305.696802][T12983] RAX: ffffffffffffffda RBX: 00007f4695a97f60 RCX: 00007f4695907b59
[ 2305.704705][T12983] RDX: 0000000000000010 RSI: 0000000020000000 RDI: 0000000000000001
[ 2305.712894][T12983] RBP: 00007f4694b890a0 R08: 0000000000000000 R09: 0000000000000000
[ 2305.720714][T12983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2305.728721][T12983] R13: 000000000000000b R14: 00007f4695a97f60 R15: 00007ffea6d553a8
[ 2305.738201][T31198] device veth1_macvtap left promiscuous mode
[ 2305.769711][T12452] Bluetooth: hci0: command 0x1003 tx timeout
[ 2305.776421][T10862] Bluetooth: hci0: sending frame failed (-49)
[ 2305.855295][T13000] syz.0.11066[13000] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2305.855352][T13000] syz.0.11066[13000] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2306.023910][T13003] netlink: 12 bytes leftover after parsing attributes in process `syz.4.11063'.
[ 2306.234036][T13007] FAULT_INJECTION: forcing a failure.
[ 2306.234036][T13007] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2306.256471][T13007] CPU: 0 PID: 13007 Comm: syz.1.11068 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2306.267958][T13007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2306.278205][T13007] Call Trace:
[ 2306.282058][T13007]  dump_stack_lvl+0x1e2/0x24b
[ 2306.289085][T13007]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2306.294592][T13007]  ? 0xffffffffa002a000
[ 2306.298589][T13007]  ? is_bpf_text_address+0x172/0x190
[ 2306.303851][T13007]  dump_stack+0x15/0x17
[ 2306.307775][T13007]  should_fail+0x3c6/0x510
[ 2306.312265][T13007]  should_fail_usercopy+0x1a/0x20
[ 2306.317373][T13007]  strncpy_from_user+0x24/0x2d0
[ 2306.322061][T13007]  __se_sys_bpf+0x1389/0x11cb0
[ 2306.329754][T13007]  ? stack_trace_save+0x113/0x1c0
[ 2306.334597][T13007]  ? terminate_walk+0x407/0x4f0
[ 2306.339286][T13007]  ? stack_trace_snprint+0xf0/0xf0
[ 2306.344236][T13007]  ? kmem_cache_free+0xa9/0x1e0
[ 2306.348920][T13007]  ? kmem_cache_free+0xa9/0x1e0
[ 2306.353603][T13007]  ? kasan_set_track+0x5d/0x70
[ 2306.358219][T13007]  ? kasan_set_track+0x4b/0x70
[ 2306.362816][T13007]  ? kasan_set_free_info+0x23/0x40
[ 2306.367755][T13007]  ? ____kasan_slab_free+0x121/0x160
[ 2306.372877][T13007]  ? __kasan_slab_free+0x11/0x20
[ 2306.377965][T13007]  ? __x64_sys_bpf+0x90/0x90
[ 2306.382590][T13007]  ? do_sys_openat2+0x5e1/0x6f0
[ 2306.387277][T13007]  ? __x64_sys_openat+0x243/0x290
[ 2306.392141][T13007]  ? do_syscall_64+0x34/0x70
[ 2306.396575][T13007]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2306.402587][T13007]  ? _kstrtoull+0x3a0/0x4a0
[ 2306.408686][T13007]  ? memset+0x35/0x40
[ 2306.414177][T13007]  ? __fsnotify_parent+0x4b9/0x6c0
[ 2306.419117][T13007]  ? __fsnotify_update_child_dentry_flags+0x2b0/0x2b0
[ 2306.426496][T13007]  ? proc_fail_nth_write+0x20b/0x290
[ 2306.432055][T13007]  ? proc_fail_nth_read+0x210/0x210
[ 2306.437516][T13007]  ? security_file_permission+0x86/0xb0
[ 2306.442939][T13007]  ? rw_verify_area+0x1c3/0x360
[ 2306.447666][T13007]  ? slab_free_freelist_hook+0xc0/0x190
[ 2306.453319][T13007]  ? preempt_count_add+0x92/0x1a0
[ 2306.458787][T13007]  ? vfs_write+0x854/0xe70
[ 2306.463041][T13007]  ? kernel_write+0x3d0/0x3d0
[ 2306.467700][T13007]  ? __kasan_check_write+0x14/0x20
[ 2306.472649][T13007]  ? mutex_lock+0xa5/0x110
[ 2306.477096][T13007]  ? mutex_trylock+0xa0/0xa0
[ 2306.482047][T13007]  ? __kasan_check_write+0x14/0x20
[ 2306.486990][T13007]  ? fput_many+0x160/0x1b0
[ 2306.491778][T13007]  ? debug_smp_processor_id+0x17/0x20
[ 2306.497265][T13007]  __x64_sys_bpf+0x7b/0x90
[ 2306.501635][T13007]  do_syscall_64+0x34/0x70
[ 2306.505888][T13007]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2306.511984][T13007] RIP: 0033:0x7f1f15d5cb59
[ 2306.516229][T13007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2306.535674][T13007] RSP: 002b:00007f1f14fde048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 2306.544176][T13007] RAX: ffffffffffffffda RBX: 00007f1f15eecf60 RCX: 00007f1f15d5cb59
[ 2306.552647][T13007] RDX: 0000000000000080 RSI: 0000000020000180 RDI: 0000000000000005
[ 2306.560454][T13007] RBP: 00007f1f14fde0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2306.568768][T13007] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2306.576580][T13007] R13: 000000000000000b R14: 00007f1f15eecf60 R15: 00007ffcbdae9c98
[ 2306.706671][T13014] FAULT_INJECTION: forcing a failure.
[ 2306.706671][T13014] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2306.899523][T13014] CPU: 0 PID: 13014 Comm: syz.1.11070 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2306.910926][T13014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2306.921351][T13014] Call Trace:
[ 2306.924499][T13014]  dump_stack_lvl+0x1e2/0x24b
[ 2306.930199][T13014]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2306.935492][T13014]  ? tracing_record_taskinfo_sched_switch+0x84/0x390
[ 2306.942002][T13014]  dump_stack+0x15/0x17
[ 2306.946103][T13014]  should_fail+0x3c6/0x510
[ 2306.950447][T13014]  should_fail_usercopy+0x1a/0x20
[ 2306.955306][T13014]  copy_fpstate_to_sigframe+0x8ce/0xbb0
[ 2306.960781][T13014]  ? fpregs_set+0x6f0/0x6f0
[ 2306.965372][T13014]  ? preempt_schedule+0xd9/0xe0
[ 2306.974750][T13014]  ? __kasan_check_read+0x11/0x20
[ 2306.979608][T13014]  ? preempt_schedule_common+0xbe/0xf0
[ 2306.985035][T13014]  ? preempt_schedule+0xd9/0xe0
[ 2306.989765][T13014]  ? schedule_preempt_disabled+0x20/0x20
[ 2306.995888][T13014]  ? sysvec_reschedule_ipi+0x83/0x160
[ 2307.001095][T13014]  ? asm_sysvec_reschedule_ipi+0x12/0x20
[ 2307.006580][T13014]  ? fpu__alloc_mathframe+0x89/0x150
[ 2307.011683][T13014]  get_sigframe+0x378/0x4b0
[ 2307.016028][T13014]  ? restore_sigcontext+0x710/0x710
[ 2307.021056][T13014]  arch_do_signal_or_restart+0x434/0x17c0
[ 2307.026616][T13014]  ? asm_sysvec_reschedule_ipi+0x12/0x20
[ 2307.032097][T13014]  ? preempt_schedule_thunk+0x16/0x18
[ 2307.037598][T13014]  ? __do_sys_rt_sigreturn+0x1e0/0x1e0
[ 2307.042890][T13014]  ? force_sig_info_to_task+0x297/0x320
[ 2307.048272][T13014]  ? force_sig+0x112/0x1d0
[ 2307.052519][T13014]  ? send_sig+0x60/0x60
[ 2307.057031][T13014]  exit_to_user_mode_loop+0x9b/0xd0
[ 2307.062068][T13014]  irqentry_exit_to_user_mode+0x4e/0x80
[ 2307.068789][T13014]  irqentry_exit+0x12/0x60
[ 2307.073041][T13014]  exc_general_protection+0x415/0x490
[ 2307.078680][T13014]  ? switch_fpu_return+0x1e4/0x3c0
[ 2307.083632][T13014]  ? __kasan_check_write+0x14/0x20
[ 2307.088581][T13014]  ? fpu__clear_all+0x20/0x20
[ 2307.093092][T13014]  ? irqentry_exit+0x12/0x60
[ 2307.097529][T13014]  ? asm_exc_general_protection+0x8/0x30
[ 2307.102987][T13014]  asm_exc_general_protection+0x1e/0x30
[ 2307.108544][T13014] RIP: 0033:0x7f1f15d35479
[ 2307.112862][T13014] Code: f8 77 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 89 f8 48 89 fa c5 f9 ef c0 25 ff 0f 00 00 3d e0 0f 00 00 0f 87 27 01 00 00 <c5> fd 74 0f c5 fd d7 c1 85 c0 74 5b f3 0f bc c0 e9 30 01 00 00 66
[ 2307.134316][T13014] RSP: 002b:00007f1f14fdd7d8 EFLAGS: 00010283
[ 2307.140219][T13014] RAX: 0000000000000999 RBX: 00007f1f14fddd40 RCX: 00007f1f15eac160
[ 2307.148425][T13014] RDX: 9999999999999999 RSI: 00007f1f15dca36c RDI: 9999999999999999
[ 2307.156232][T13014] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000
[ 2307.166855][T13014] R10: 00000000ffffffff R11: 0000000000000000 R12: 0000000000000073
[ 2307.169958][T13021] overlayfs: missing 'workdir'
[ 2307.174660][T13014] R13: 00007f1f14fddec0 R14: 9999999999999999 R15: 0000000000000000
[ 2307.481113][T13035] FAULT_INJECTION: forcing a failure.
[ 2307.481113][T13035] name failslab, interval 1, probability 0, space 0, times 0
[ 2307.502504][T13035] CPU: 0 PID: 13035 Comm: syz.4.11076 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2307.515529][T13035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2307.525798][T13035] Call Trace:
[ 2307.528934][T13035]  dump_stack_lvl+0x1e2/0x24b
[ 2307.533446][T13035]  ? panic+0x812/0x812
[ 2307.537369][T13035]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2307.543163][T13035]  dump_stack+0x15/0x17
[ 2307.547217][T13035]  should_fail+0x3c6/0x510
[ 2307.551583][T13035]  ? __alloc_skb+0x80/0x510
[ 2307.556651][T13035]  __should_failslab+0xa4/0xe0
[ 2307.561415][T13035]  should_failslab+0x9/0x20
[ 2307.566278][T13035]  kmem_cache_alloc+0x3d/0x2e0
[ 2307.570966][T13035]  __alloc_skb+0x80/0x510
[ 2307.575123][T13035]  ? kmem_cache_alloc+0x168/0x2e0
[ 2307.579986][T13035]  ? audit_log_start+0x48c/0x9b0
[ 2307.584970][T13035]  audit_log_start+0x4ae/0x9b0
[ 2307.589682][T13035]  ? _kstrtoull+0x3a0/0x4a0
[ 2307.594089][T13035]  ? audit_serial+0x30/0x30
[ 2307.598576][T13035]  ? kstrtol_from_user+0x310/0x310
[ 2307.603572][T13035]  ? audit_log_end+0x1c8/0x230
[ 2307.608111][T13035]  ? __traceiter_kmem_cache_free+0x2e/0x50
[ 2307.613746][T13035]  ? memset+0x35/0x40
[ 2307.617584][T13035]  ? __fsnotify_parent+0x4b9/0x6c0
[ 2307.622522][T13035]  audit_seccomp+0x61/0x1e0
[ 2307.628674][T13035]  __seccomp_filter+0xd03/0x1e10
[ 2307.633461][T13035]  ? vfs_write+0x854/0xe70
[ 2307.637897][T13035]  ? __secure_computing+0x300/0x300
[ 2307.643161][T13035]  ? kernel_write+0x3d0/0x3d0
[ 2307.647681][T13035]  ? __kasan_check_write+0x14/0x20
[ 2307.652621][T13035]  ? mutex_lock+0xa5/0x110
[ 2307.656871][T13035]  ? mutex_trylock+0xa0/0xa0
[ 2307.662134][T13035]  ? fput_many+0x160/0x1b0
[ 2307.667307][T13035]  ? fput+0x1a/0x20
[ 2307.671911][T13035]  ? __kasan_check_write+0x14/0x20
[ 2307.676849][T13035]  ? switch_fpu_return+0x1e4/0x3c0
[ 2307.681998][T13035]  ? __ia32_sys_read+0x90/0x90
[ 2307.686687][T13035]  __secure_computing+0xf0/0x300
[ 2307.691467][T13035]  syscall_enter_from_user_mode+0xbf/0x1a0
[ 2307.697128][T13035]  do_syscall_64+0x13/0x70
[ 2307.705183][T13035]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2307.711181][T13035] RIP: 0033:0x7f53c7181b59
[ 2307.715527][T13035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2307.737988][T13035] RSP: 002b:00007f53c6403048 EFLAGS: 00000246 ORIG_RAX: 00000000000000c7
[ 2307.746238][T13035] RAX: ffffffffffffffda RBX: 00007f53c7311f60 RCX: 00007f53c7181b59
[ 2307.754440][T13035] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff
[ 2307.766098][T13035] RBP: 00007f53c64030a0 R08: 0000000000000000 R09: 0000000000000000
[ 2307.777735][T13035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2307.785783][T13035] R13: 000000000000000b R14: 00007f53c7311f60 R15: 00007ffc21e453a8
[ 2307.851095][T25634] Bluetooth: hci0: command 0x1001 tx timeout
[ 2307.857117][T10862] Bluetooth: hci0: sending frame failed (-49)
[ 2308.718534][ T1438] usb 1-1: new high-speed USB device number 127 using dummy_hcd
[ 2309.122892][T13061] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1544 sclass=netlink_route_socket pid=13061 comm=syz.4.11083
[ 2309.136222][T13061] netlink: 24 bytes leftover after parsing attributes in process `syz.4.11083'.
[ 2309.162905][T13063] FAULT_INJECTION: forcing a failure.
[ 2309.162905][T13063] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2309.176417][T13063] CPU: 1 PID: 13063 Comm: syz.4.11084 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2309.187636][T13063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2309.197540][T13063] Call Trace:
[ 2309.200799][T13063]  dump_stack_lvl+0x1e2/0x24b
[ 2309.205482][T13063]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2309.210774][T13063]  ? get_sigframe+0x378/0x4b0
[ 2309.215593][T13063]  ? memcpy+0x56/0x70
[ 2309.219512][T13063]  dump_stack+0x15/0x17
[ 2309.223493][T13063]  should_fail+0x3c6/0x510
[ 2309.227891][T13063]  should_fail_usercopy+0x1a/0x20
[ 2309.232737][T13063]  _copy_to_user+0x20/0x90
[ 2309.236998][T13063]  copy_siginfo_to_user+0x24/0x80
[ 2309.241849][T13063]  arch_do_signal_or_restart+0xa9f/0x17c0
[ 2309.247413][T13063]  ? __do_sys_rt_sigreturn+0x1e0/0x1e0
[ 2309.252700][T13063]  ? fput+0x1a/0x20
[ 2309.256373][T13063]  ? ksys_read+0x260/0x2c0
[ 2309.260703][T13063]  exit_to_user_mode_loop+0x9b/0xd0
[ 2309.265823][T13063]  syscall_exit_to_user_mode+0xa2/0x1a0
[ 2309.271203][T13063]  do_syscall_64+0x40/0x70
[ 2309.275737][T13063]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2309.283540][T13063] RIP: 0033:0x7f53c7181b57
[ 2309.288660][T13063] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[ 2309.313338][T13063] RSP: 002b:00007f53c6403048 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2309.321799][T13063] RAX: 0000000000000000 RBX: 00007f53c7311f60 RCX: 00007f53c7181b59
[ 2309.329611][T13063] RDX: 00000000000000c4 RSI: 0000000020000140 RDI: 0000000000000003
[ 2309.337706][T13063] RBP: 00007f53c64030a0 R08: 0000000000000000 R09: 0000000000000000
[ 2309.345906][T13063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2309.353811][T13063] R13: 000000000000000b R14: 00007f53c7311f60 R15: 00007ffc21e453a8
[ 2309.359745][ T1438] usb 1-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[ 2309.374455][ T1438] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2309.384850][ T1438] usb 1-1: config 0 descriptor??
[ 2309.929616][ T6356] Bluetooth: hci0: command 0x1009 tx timeout
[ 2309.945725][T13079] device pim6reg1 entered promiscuous mode
[ 2310.002346][   T24] kauditd_printk_skb: 89 callbacks suppressed
[ 2310.002359][   T24] audit: type=1400 audit(1721469556.860:5297): avc:  denied  { read } for  pid=13082 comm="syz.2.11092" name="msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[ 2310.031559][   T24] audit: type=1400 audit(1721469556.860:5298): avc:  denied  { open } for  pid=13082 comm="syz.2.11092" path="/dev/cpu/0/msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[ 2310.259157][   T24] audit: type=1400 audit(2000000000.180:5299): avc:  denied  { mounton } for  pid=13088 comm="syz.4.11094" path="/proc/93/cgroup" dev="proc" ino=188183 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[ 2310.529746][ T8761] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[ 2310.561031][ T1438] asix 1-1:0.0 eth1: register 'asix' at usb-dummy_hcd.0-1, ASIX AX88178 USB 2.0 Ethernet, 76:87:c5:9d:aa:0f
[ 2310.625816][ T1438] usb 1-1: USB disconnect, device number 127
[ 2310.631985][ T1438] asix 1-1:0.0 eth1: unregister 'asix' usb-dummy_hcd.0-1, ASIX AX88178 USB 2.0 Ethernet
[ 2310.889744][ T8761] usb 5-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[ 2310.900561][ T8761] usb 5-1: config 8 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 116
[ 2310.911292][ T8761] usb 5-1: config 8 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2311.118014][ T8761] usb 5-1: New USB device found, idVendor=04b4, idProduct=009b, bcdDevice=16.89
[ 2311.127599][ T8761] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2311.135820][ T8761] usb 5-1: Product: syz
[ 2311.140250][ T8761] usb 5-1: Manufacturer: syz
[ 2311.145025][ T8761] usb 5-1: SerialNumber: syz
[ 2311.169646][T13089] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[ 2311.192897][ T8761] ftdi_sio 5-1:8.0: FTDI USB Serial Device converter detected
[ 2311.212002][ T8761] usb 5-1: Detected FT-X
[ 2311.489679][ T8761] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[ 2311.509590][ T8761] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[ 2311.529943][ T8761] ftdi_sio 5-1:8.0: GPIO initialisation failed: -71
[ 2311.538716][ T8761] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 2311.556452][ T8761] usb 5-1: USB disconnect, device number 12
[ 2311.573572][ T8761] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 2311.586357][ T8761] ftdi_sio 5-1:8.0: device disconnected
[ 2311.603511][T13140] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2311.610957][T13140] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2311.618510][T13140] device bridge_slave_0 entered promiscuous mode
[ 2311.628865][T13140] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2311.635889][T13140] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2311.643113][T13140] device bridge_slave_1 entered promiscuous mode
[ 2311.686241][T13140] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2311.693900][T13140] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2311.701228][T13140] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2311.708071][T13140] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2311.730976][ T6356] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2311.738780][ T6356] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2311.746036][ T6356] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2311.756195][T12315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2311.764600][T12315] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2311.771495][T12315] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2311.780621][T12452] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2311.788795][T12452] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2311.798376][T12452] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2311.815608][ T8761] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2311.825234][ T8761] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2311.842143][T12315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2311.853848][ T8761] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2311.862323][ T8761] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2311.870358][ T8761] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2311.881636][T13140] device veth0_vlan entered promiscuous mode
[ 2311.892438][T12315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2311.901721][T13140] device veth1_macvtap entered promiscuous mode
[ 2311.919510][ T8761] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2311.933043][T12452] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2311.968194][T13147] device pim6reg1 entered promiscuous mode
[ 2312.120786][T24794] device bridge_slave_1 left promiscuous mode
[ 2312.127021][T24794] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2312.134325][T24794] device bridge_slave_0 left promiscuous mode
[ 2312.140313][T24794] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2312.148319][T24794] device veth1_macvtap left promiscuous mode
[ 2312.155258][T24794] device veth0_vlan left promiscuous mode
[ 2312.268081][T13164] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11105'.
[ 2312.905622][T13169] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11109'.
[ 2313.741051][T29842] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[ 2313.770636][T13181] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2313.779301][T13181] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2313.786833][T13181] device bridge_slave_0 entered promiscuous mode
[ 2313.800851][T13181] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2313.808380][T13181] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2313.816125][T13181] device bridge_slave_1 entered promiscuous mode
[ 2313.859245][   T24] audit: type=1326 audit(2000000003.780:5300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13189 comm="syz.2.11115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e7fc78b59 code=0x7ffc0000
[ 2313.891499][   T24] audit: type=1326 audit(2000000003.820:5301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13189 comm="syz.2.11115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4e7fc78b59 code=0x7ffc0000
[ 2313.916326][   T24] audit: type=1326 audit(2000000003.820:5302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13189 comm="syz.2.11115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e7fc78b59 code=0x7ffc0000
[ 2313.941501][   T24] audit: type=1326 audit(2000000003.820:5303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13189 comm="syz.2.11115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4e7fc78b59 code=0x7ffc0000
[ 2313.972092][   T24] audit: type=1326 audit(2000000003.820:5304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13189 comm="syz.2.11115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e7fc78b59 code=0x7ffc0000
[ 2313.999056][   T24] audit: type=1326 audit(2000000003.820:5305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13189 comm="syz.2.11115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e7fc78b59 code=0x7ffc0000
[ 2314.045033][T12452] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2314.052497][T12452] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2314.072683][T12452] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2314.081068][T12452] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2314.089194][T12452] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2314.096060][T12452] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2314.104598][T12452] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2314.113812][T12452] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2314.122278][T12452] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2314.129609][T12452] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2314.136839][T12452] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2314.144680][T13196] device pim6reg1 entered promiscuous mode
[ 2314.151136][T29842] usb 2-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[ 2314.160085][T29842] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2314.168836][ T6356] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2314.173199][T29842] usb 2-1: config 0 descriptor??
[ 2314.177619][ T6356] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2314.200504][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2314.209382][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2314.217718][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2314.226086][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2314.234773][T13181] device veth0_vlan entered promiscuous mode
[ 2314.287141][T12315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2314.297480][T13181] device veth1_macvtap entered promiscuous mode
[ 2314.309965][T12315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2314.328666][T12315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2314.439653][T29842] asix 2-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[ 2314.781147][T13210] FAULT_INJECTION: forcing a failure.
[ 2314.781147][T13210] name failslab, interval 1, probability 0, space 0, times 0
[ 2314.794163][T13210] CPU: 1 PID: 13210 Comm: syz.4.11120 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2314.805549][T13210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2314.815745][T13210] Call Trace:
[ 2314.818982][T13210]  dump_stack_lvl+0x1e2/0x24b
[ 2314.823603][T13210]  ? panic+0x812/0x812
[ 2314.827474][T13210]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2314.833100][T13210]  dump_stack+0x15/0x17
[ 2314.837174][T13210]  should_fail+0x3c6/0x510
[ 2314.841427][T13210]  ? kvm_mmu_topup_memory_cache+0xe5/0x2a0
[ 2314.848544][T13210]  __should_failslab+0xa4/0xe0
[ 2314.853140][T13210]  should_failslab+0x9/0x20
[ 2314.857889][T13210]  kmem_cache_alloc+0x3d/0x2e0
[ 2314.864573][T13210]  ? kvm_mmu_topup_memory_cache+0xe5/0x2a0
[ 2314.873867][T13210]  kvm_mmu_topup_memory_cache+0xe5/0x2a0
[ 2314.880290][T13210]  kvm_mmu_load+0x7b/0x15d0
[ 2314.884809][T13210]  vcpu_enter_guest+0x7593/0x9330
[ 2314.889674][T13210]  ? avc_has_perm_noaudit+0x240/0x240
[ 2314.895357][T13210]  ? local_bh_enable+0x30/0x30
[ 2314.899942][T13210]  ? 0xffffffffa00282f8
[ 2314.904214][T13210]  ? is_bpf_text_address+0x172/0x190
[ 2314.909314][T13210]  ? stack_trace_save+0x1c0/0x1c0
[ 2314.914324][T13210]  ? __kernel_text_address+0x9b/0x110
[ 2314.919536][T13210]  ? unwind_get_return_address+0x4d/0x90
[ 2314.925165][T13210]  ? arch_stack_walk+0xf3/0x140
[ 2314.930289][T13210]  ? stack_trace_save+0x113/0x1c0
[ 2314.935149][T13210]  ? terminate_walk+0x407/0x4f0
[ 2314.939827][T13210]  ? stack_trace_snprint+0xf0/0xf0
[ 2314.944782][T13210]  ? kmem_cache_free+0xa9/0x1e0
[ 2314.949457][T13210]  ? kmem_cache_free+0xa9/0x1e0
[ 2314.954456][T13210]  ? kasan_set_track+0x5d/0x70
[ 2314.959144][T13210]  ? kasan_set_track+0x4b/0x70
[ 2314.963737][T13210]  ? kasan_set_free_info+0x23/0x40
[ 2314.968686][T13210]  ? ____kasan_slab_free+0x121/0x160
[ 2314.974131][T13210]  ? __kasan_slab_free+0x11/0x20
[ 2314.978977][T13210]  ? slab_free_freelist_hook+0xc0/0x190
[ 2314.984908][T13210]  ? kmem_cache_free+0xa9/0x1e0
[ 2314.989575][T13210]  ? putname+0xe7/0x140
[ 2314.999903][T13210]  ? do_sys_openat2+0x5e1/0x6f0
[ 2315.004591][T13210]  ? __x64_sys_openat+0x243/0x290
[ 2315.009657][T13210]  ? do_syscall_64+0x34/0x70
[ 2315.014870][T13210]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2315.021591][T13210]  ? htab_map_hash+0x356/0x7e0
[ 2315.026204][T13210]  ? htab_lru_percpu_map_lookup_elem+0x1cf/0x390
[ 2315.033007][T13210]  ? bpf_trace_run1+0xc7/0x210
[ 2315.037694][T13210]  ? vmx_vcpu_pi_load+0x9b/0x3d0
[ 2315.042855][T13210]  ? memset+0x35/0x40
[ 2315.046754][T13210]  ? bpf_put_raw_tracepoint+0x60/0x60
[ 2315.052043][T13210]  ? __fsnotify_parent+0x4b9/0x6c0
[ 2315.057351][T13210]  ? __bpf_trace_kvm_fpu+0x1b/0x20
[ 2315.062287][T13210]  ? kvm_load_guest_fpu+0x2bb/0x2d0
[ 2315.067315][T13210]  kvm_arch_vcpu_ioctl_run+0x851/0x1a20
[ 2315.074535][T13210]  kvm_vcpu_ioctl+0x7d6/0xce0
[ 2315.079015][T13210]  ? kvm_create_vcpu_debugfs+0x170/0x170
[ 2315.084642][T13210]  ? selinux_file_ioctl+0x3cc/0x540
[ 2315.089677][T13210]  ? selinux_file_alloc_security+0x120/0x120
[ 2315.095812][T13210]  ? __fget_files+0x31e/0x380
[ 2315.100312][T13210]  ? security_file_ioctl+0x84/0xb0
[ 2315.105367][T13210]  ? kvm_create_vcpu_debugfs+0x170/0x170
[ 2315.110832][T13210]  __se_sys_ioctl+0x114/0x190
[ 2315.115870][T13210]  __x64_sys_ioctl+0x7b/0x90
[ 2315.120857][T13210]  do_syscall_64+0x34/0x70
[ 2315.125123][T13210]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2315.130831][T13210] RIP: 0033:0x7f53c7181b59
[ 2315.135082][T13210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2315.154520][T13210] RSP: 002b:00007f53c6403048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2315.162788][T13210] RAX: ffffffffffffffda RBX: 00007f53c7311f60 RCX: 00007f53c7181b59
[ 2315.171757][T13210] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[ 2315.186228][T13210] RBP: 00007f53c64030a0 R08: 0000000000000000 R09: 0000000000000000
[ 2315.196737][T13210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2315.204738][T13210] R13: 000000000000000b R14: 00007f53c7311f60 R15: 00007ffc21e453a8
[ 2315.349135][   T24] audit: type=1400 audit(2000000005.270:5306): avc:  denied  { name_bind } for  pid=13224 comm="syz.2.11126" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[ 2315.478596][T13232] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11122'.
[ 2315.548366][   T24] audit: type=1400 audit(2000000005.450:5307): avc:  denied  { mount } for  pid=13230 comm="syz.4.11128" name="/" dev="ramfs" ino=189687 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[ 2315.622389][T24794] device bridge_slave_1 left promiscuous mode
[ 2315.631536][T24794] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2315.639207][T24794] device bridge_slave_0 left promiscuous mode
[ 2315.646460][T24794] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2315.655545][T24794] device veth1_macvtap left promiscuous mode
[ 2315.663080][T24794] device veth0_vlan left promiscuous mode
[ 2315.822307][T29842] asix 2-1:0.0 eth1: register 'asix' at usb-dummy_hcd.1-1, ASIX AX88178 USB 2.0 Ethernet, d6:49:ed:0c:a9:7f
[ 2315.853341][T29842] usb 2-1: USB disconnect, device number 43
[ 2315.860299][T29842] asix 2-1:0.0 eth1: unregister 'asix' usb-dummy_hcd.1-1, ASIX AX88178 USB 2.0 Ethernet
[ 2316.139592][T23432] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 2316.317884][T13271] FAULT_INJECTION: forcing a failure.
[ 2316.317884][T13271] name failslab, interval 1, probability 0, space 0, times 0
[ 2316.332133][T13271] CPU: 1 PID: 13271 Comm: syz.3.11130 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2316.343752][T13271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2316.355665][T13271] Call Trace:
[ 2316.358791][T13271]  dump_stack_lvl+0x1e2/0x24b
[ 2316.363581][T13271]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2316.368956][T13271]  ? find_next_bit+0xc7/0x100
[ 2316.373553][T13271]  ? cpumask_next+0x11/0x30
[ 2316.379281][T13271]  dump_stack+0x15/0x17
[ 2316.383280][T13271]  should_fail+0x3c6/0x510
[ 2316.388359][T13271]  ? percpu_ref_init+0xad/0x310
[ 2316.393135][T13271]  __should_failslab+0xa4/0xe0
[ 2316.397723][T13271]  should_failslab+0x9/0x20
[ 2316.402178][T13271]  kmem_cache_alloc_trace+0x3a/0x2e0
[ 2316.407673][T13271]  percpu_ref_init+0xad/0x310
[ 2316.412264][T13271]  ? ioctx_alloc+0x710/0x710
[ 2316.416695][T13271]  ? __kasan_check_write+0x14/0x20
[ 2316.421788][T13271]  ioctx_alloc+0x22e/0x710
[ 2316.426074][T13271]  ? __ia32_sys_read+0x90/0x90
[ 2316.430864][T13271]  __se_sys_io_setup+0x72/0x230
[ 2316.435480][T13271]  ? __kasan_check_read+0x11/0x20
[ 2316.440954][T13271]  __x64_sys_io_setup+0x5b/0x70
[ 2316.448447][T13271]  do_syscall_64+0x34/0x70
[ 2316.452706][T13271]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2316.458428][T13271] RIP: 0033:0x7fcd9e3a2b59
[ 2316.462859][T13271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2316.483662][T13271] RSP: 002b:00007fcd9d5e2048 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[ 2316.495961][T13271] RAX: ffffffffffffffda RBX: 00007fcd9e533110 RCX: 00007fcd9e3a2b59
[ 2316.503889][T13271] RDX: 0000000000000000 RSI: 0000000020000680 RDI: 0000000000002004
[ 2316.512329][T13271] RBP: 00007fcd9d5e20a0 R08: 0000000000000000 R09: 0000000000000000
[ 2316.520225][T13271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2316.528216][T13271] R13: 000000000000006e R14: 00007fcd9e533110 R15: 00007ffdaca855b8
[ 2316.543251][T13278] FAULT_INJECTION: forcing a failure.
[ 2316.543251][T13278] name failslab, interval 1, probability 0, space 0, times 0
[ 2316.556823][T13278] CPU: 0 PID: 13278 Comm: syz.2.11134 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2316.568083][T13278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2316.585574][T13278] Call Trace:
[ 2316.592758][T13278]  dump_stack_lvl+0x1e2/0x24b
[ 2316.602154][T13278]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2316.610672][T13278]  ? avc_has_perm+0x14d/0x400
[ 2316.616340][T13278]  dump_stack+0x15/0x17
[ 2316.620328][T13278]  should_fail+0x3c6/0x510
[ 2316.628249][T13278]  ? bpf_test_init+0x101/0x1b0
[ 2316.635546][T13278]  __should_failslab+0xa4/0xe0
[ 2316.641446][T13278]  should_failslab+0x9/0x20
[ 2316.645810][T13278]  __kmalloc+0x60/0x330
[ 2316.649920][T13278]  bpf_test_init+0x101/0x1b0
[ 2316.654436][T13278]  bpf_prog_test_run_skb+0x262/0x1410
[ 2316.659634][T13278]  ? 0xffffffffa0028da8
[ 2316.664087][T13278]  ? __bpf_prog_test_run_raw_tp+0x240/0x240
[ 2316.669864][T13278]  ? __kasan_check_write+0x14/0x20
[ 2316.675220][T13278]  ? fput_many+0x160/0x1b0
[ 2316.679814][T13278]  ? __bpf_prog_test_run_raw_tp+0x240/0x240
[ 2316.685985][T13278]  __se_sys_bpf+0x5235/0x11cb0
[ 2316.690684][T13278]  ? stack_trace_save+0x113/0x1c0
[ 2316.695547][T13278]  ? terminate_walk+0x407/0x4f0
[ 2316.700229][T13278]  ? stack_trace_snprint+0xf0/0xf0
[ 2316.705285][T13278]  ? kmem_cache_free+0xa9/0x1e0
[ 2316.710055][T13278]  ? kmem_cache_free+0xa9/0x1e0
[ 2316.715055][T13278]  ? kasan_set_track+0x5d/0x70
[ 2316.719764][T13278]  ? kasan_set_track+0x4b/0x70
[ 2316.724337][T13278]  ? kasan_set_free_info+0x23/0x40
[ 2316.730639][T13278]  ? ____kasan_slab_free+0x121/0x160
[ 2316.735707][T13278]  ? __kasan_slab_free+0x11/0x20
[ 2316.740574][T13278]  ? __x64_sys_bpf+0x90/0x90
[ 2316.745563][T13278]  ? do_sys_openat2+0x5e1/0x6f0
[ 2316.750911][T13278]  ? __x64_sys_openat+0x243/0x290
[ 2316.755853][T13278]  ? do_syscall_64+0x34/0x70
[ 2316.760287][T13278]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2316.766402][T13278]  ? _kstrtoull+0x3a0/0x4a0
[ 2316.770736][T13278]  ? kstrtouint_from_user+0x20a/0x2a0
[ 2316.775942][T13278]  ? kstrtol_from_user+0x310/0x310
[ 2316.781606][T13278]  ? memset+0x35/0x40
[ 2316.785414][T13278]  ? __fsnotify_parent+0x4b9/0x6c0
[ 2316.791253][T13278]  ? __fsnotify_update_child_dentry_flags+0x2b0/0x2b0
[ 2316.798471][T13278]  ? proc_fail_nth_write+0x20b/0x290
[ 2316.804490][T13278]  ? proc_fail_nth_read+0x210/0x210
[ 2316.810246][T13278]  ? security_file_permission+0x86/0xb0
[ 2316.815831][T13278]  ? rw_verify_area+0x1c3/0x360
[ 2316.820510][T13278]  ? slab_free_freelist_hook+0xc0/0x190
[ 2316.826592][T13278]  ? preempt_count_add+0x92/0x1a0
[ 2316.831650][T13278]  ? vfs_write+0x854/0xe70
[ 2316.836234][T13278]  ? kernel_write+0x3d0/0x3d0
[ 2316.840853][T13278]  ? __kasan_check_write+0x14/0x20
[ 2316.845795][T13278]  ? mutex_lock+0xa5/0x110
[ 2316.850040][T13278]  ? mutex_trylock+0xa0/0xa0
[ 2316.854477][T13278]  ? __kasan_check_write+0x14/0x20
[ 2316.859425][T13278]  ? fput_many+0x160/0x1b0
[ 2316.863674][T13278]  ? debug_smp_processor_id+0x17/0x20
[ 2316.868878][T13278]  __x64_sys_bpf+0x7b/0x90
[ 2316.873129][T13278]  do_syscall_64+0x34/0x70
[ 2316.877389][T13278]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2316.885636][T13278] RIP: 0033:0x7f4e7fc78b59
[ 2316.892936][T13278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2316.915584][T13278] RSP: 002b:00007f4e7eefa048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 2316.923819][T13278] RAX: ffffffffffffffda RBX: 00007f4e7fe08f60 RCX: 00007f4e7fc78b59
[ 2316.931639][T13278] RDX: 000000000000001e RSI: 0000000020000080 RDI: 000000000000000a
[ 2316.939451][T13278] RBP: 00007f4e7eefa0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2316.947256][T13278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2316.962824][T13278] R13: 000000000000000b R14: 00007f4e7fe08f60 R15: 00007ffcf1b042a8
[ 2316.980490][T23432] usb 1-1: device descriptor read/64, error -71
[ 2317.050138][T13291] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=13291 comm=syz.2.11136
[ 2317.092894][T13294] device pim6reg1 entered promiscuous mode
[ 2317.329742][T29842] usb 3-1: new high-speed USB device number 126 using dummy_hcd
[ 2317.351039][T13300] device syzkaller0 entered promiscuous mode
[ 2317.370021][T23432] usb 1-1: device descriptor read/64, error -71
[ 2317.376733][T13300] FAULT_INJECTION: forcing a failure.
[ 2317.376733][T13300] name failslab, interval 1, probability 0, space 0, times 0
[ 2317.389935][T13300] CPU: 0 PID: 13300 Comm: syz.4.11141 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2317.401534][T13300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2317.412556][T13300] Call Trace:
[ 2317.415697][T13300]  dump_stack_lvl+0x1e2/0x24b
[ 2317.420193][T13300]  ? panic+0x812/0x812
[ 2317.424096][T13300]  ? arch_stack_walk+0xf3/0x140
[ 2317.429418][T13300]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2317.435463][T13300]  dump_stack+0x15/0x17
[ 2317.439441][T13300]  should_fail+0x3c6/0x510
[ 2317.444179][T13300]  ? __alloc_skb+0x80/0x510
[ 2317.448514][T13300]  __should_failslab+0xa4/0xe0
[ 2317.453117][T13300]  should_failslab+0x9/0x20
[ 2317.457449][T13300]  kmem_cache_alloc+0x3d/0x2e0
[ 2317.462058][T13300]  __alloc_skb+0x80/0x510
[ 2317.466467][T25634] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[ 2317.466672][T13300]  ? if_nlmsg_size+0x59c/0x5f0
[ 2317.478651][T13300]  rtmsg_ifinfo_build_skb+0x7f/0x180
[ 2317.484095][T13300]  rtnetlink_event+0xf3/0x1b0
[ 2317.489126][T13300]  raw_notifier_call_chain+0x8c/0xf0
[ 2317.494345][T13300]  dev_change_tx_queue_len+0x1d9/0x350
[ 2317.499644][T13300]  ? dev_set_mtu+0x180/0x180
[ 2317.504185][T13300]  dev_ifsioc+0x60b/0xae0
[ 2317.508947][T13300]  ? dev_ioctl+0xb40/0xb40
[ 2317.513210][T13300]  ? dev_get_by_name_rcu+0xc5/0xf0
[ 2317.518237][T13300]  dev_ioctl+0x526/0xb40
[ 2317.522329][T13300]  sock_do_ioctl+0x295/0x3a0
[ 2317.527837][T13300]  ? sock_show_fdinfo+0xa0/0xa0
[ 2317.532718][T13300]  ? kernel_write+0x3d0/0x3d0
[ 2317.537228][T13300]  ? selinux_file_ioctl+0x3cc/0x540
[ 2317.542255][T13300]  sock_ioctl+0x4a6/0x760
[ 2317.546436][T13300]  ? sock_poll+0x340/0x340
[ 2317.550771][T13300]  ? security_file_ioctl+0x84/0xb0
[ 2317.555866][T13300]  ? sock_poll+0x340/0x340
[ 2317.560459][T13300]  __se_sys_ioctl+0x114/0x190
[ 2317.564969][T13300]  __x64_sys_ioctl+0x7b/0x90
[ 2317.569402][T13300]  do_syscall_64+0x34/0x70
[ 2317.575290][T13300]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2317.581007][T13300] RIP: 0033:0x7f53c7181b59
[ 2317.585447][T13300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2317.605212][T13300] RSP: 002b:00007f53c6403048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2317.613545][T13300] RAX: ffffffffffffffda RBX: 00007f53c7311f60 RCX: 00007f53c7181b59
[ 2317.621479][T13300] RDX: 0000000020002280 RSI: 0000000000008943 RDI: 0000000000000007
[ 2317.629369][T13300] RBP: 00007f53c64030a0 R08: 0000000000000000 R09: 0000000000000000
[ 2317.637419][T13300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2317.645563][T13300] R13: 000000000000000b R14: 00007f53c7311f60 R15: 00007ffc21e453a8
[ 2317.664260][T13298] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11140'.
[ 2317.809924][T23432] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[ 2318.082135][T25634] usb 4-1: Using ep0 maxpacket: 8
[ 2318.149669][T29842] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2318.160536][T29842] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2318.170825][T29842] usb 3-1: New USB device found, idVendor=056a, idProduct=030a, bcdDevice= 0.00
[ 2318.179876][T29842] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2318.188715][T29842] usb 3-1: config 0 descriptor??
[ 2318.229636][T25634] usb 4-1: config 0 has no interfaces?
[ 2318.235931][T25634] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 2318.250788][T25634] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2318.261506][T25634] usb 4-1: config 0 descriptor??
[ 2318.309618][T23432] usb 1-1: device descriptor read/64, error -71
[ 2318.389640][ T3507] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[ 2318.534811][T12223] usb 4-1: USB disconnect, device number 21
[ 2318.651030][T13291] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=30 sclass=netlink_audit_socket pid=13291 comm=syz.2.11136
[ 2318.692119][T29842] wacom 0003:056A:030A.00EE: hidraw0: USB HID v0.00 Device [HID 056a:030a] on usb-dummy_hcd.2-1/input0
[ 2318.709228][T13317] FAULT_INJECTION: forcing a failure.
[ 2318.709228][T13317] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2318.722681][T13317] CPU: 0 PID: 13317 Comm: syz.0.11147 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2318.734012][T13317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2318.747411][T13317] Call Trace:
[ 2318.752618][T13317]  dump_stack_lvl+0x1e2/0x24b
[ 2318.759713][T13317]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2318.764993][T13317]  dump_stack+0x15/0x17
[ 2318.768984][T13317]  should_fail+0x3c6/0x510
[ 2318.774025][T13317]  should_fail_usercopy+0x1a/0x20
[ 2318.779750][T13317]  _copy_from_user+0x20/0xd0
[ 2318.784285][T13317]  iovec_from_user+0xc7/0x330
[ 2318.788799][T13317]  __import_iovec+0x6d/0x3b0
[ 2318.793226][T13317]  ? __fget_files+0x31e/0x380
[ 2318.797748][T13317]  import_iovec+0xe5/0x120
[ 2318.802110][T13317]  __se_sys_vmsplice+0x217/0x1010
[ 2318.808634][T13317]  ? __fsnotify_update_child_dentry_flags+0x2b0/0x2b0
[ 2318.815159][T13317]  ? proc_fail_nth_read+0x210/0x210
[ 2318.820280][T13317]  ? security_file_permission+0x86/0xb0
[ 2318.827395][T13317]  ? __x64_sys_vmsplice+0xb0/0xb0
[ 2318.832613][T13317]  ? preempt_count_add+0x92/0x1a0
[ 2318.837425][T13317]  ? vfs_write+0x854/0xe70
[ 2318.841873][T13317]  ? kernel_write+0x3d0/0x3d0
[ 2318.846454][T13317]  ? __kasan_check_write+0x14/0x20
[ 2318.851404][T13317]  ? mutex_lock+0xa5/0x110
[ 2318.855654][T13317]  ? mutex_trylock+0xa0/0xa0
[ 2318.860273][T13317]  ? ksys_write+0x260/0x2c0
[ 2318.864703][T13317]  __x64_sys_vmsplice+0x9b/0xb0
[ 2318.869392][T13317]  do_syscall_64+0x34/0x70
[ 2318.873652][T13317]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2318.879362][T13317] RIP: 0033:0x7f4695907b59
[ 2318.884004][T13317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2318.909377][T13317] RSP: 002b:00007f4694b89048 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[ 2318.921042][T13317] RAX: ffffffffffffffda RBX: 00007f4695a97f60 RCX: 00007f4695907b59
[ 2318.929033][T13317] RDX: 000000000000000f RSI: 00000000200014c0 RDI: 000000000000000a
[ 2318.939832][T13317] RBP: 00007f4694b890a0 R08: 0000000000000000 R09: 0000000000000000
[ 2318.949809][T13317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2318.957795][T13317] R13: 000000000000000b R14: 00007f4695a97f60 R15: 00007ffea6d553a8
[ 2318.969912][T13322] FAULT_INJECTION: forcing a failure.
[ 2318.969912][T13322] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2318.972228][T25634] usb 3-1: USB disconnect, device number 126
[ 2318.983429][ T3507] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2319.001987][T13322] CPU: 0 PID: 13322 Comm: syz.4.11149 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2319.013254][T13322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2319.023245][T13322] Call Trace:
[ 2319.026385][T13322]  dump_stack_lvl+0x1e2/0x24b
[ 2319.032199][T13322]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2319.037599][T13322]  dump_stack+0x15/0x17
[ 2319.042015][T13322]  should_fail+0x3c6/0x510
[ 2319.046271][T13322]  should_fail_usercopy+0x1a/0x20
[ 2319.051219][T13322]  _copy_to_user+0x20/0x90
[ 2319.056051][T13322]  simple_read_from_buffer+0xc7/0x150
[ 2319.061464][T13322]  proc_fail_nth_read+0x1a3/0x210
[ 2319.066411][T13322]  ? security_file_permission+0x7b/0xb0
[ 2319.071788][T13322]  ? proc_fault_inject_write+0x390/0x390
[ 2319.077263][T13322]  ? security_file_permission+0x86/0xb0
[ 2319.083059][T13322]  ? rw_verify_area+0x1c3/0x360
[ 2319.087740][T13322]  ? proc_fault_inject_write+0x390/0x390
[ 2319.093214][T13322]  vfs_read+0x204/0xbb0
[ 2319.097202][T13322]  ? kernel_read+0x70/0x70
[ 2319.101454][T13322]  ? __kasan_check_write+0x14/0x20
[ 2319.106400][T13322]  ? mutex_lock+0xa5/0x110
[ 2319.112708][T13322]  ? mutex_trylock+0xa0/0xa0
[ 2319.119052][T13322]  ? __fdget_pos+0x2e7/0x3a0
[ 2319.123468][T13322]  ? ksys_read+0x77/0x2c0
[ 2319.127641][T13322]  ksys_read+0x199/0x2c0
[ 2319.131717][T13322]  ? vfs_write+0xe70/0xe70
[ 2319.136395][T13322]  ? debug_smp_processor_id+0x17/0x20
[ 2319.141772][T13322]  __x64_sys_read+0x7b/0x90
[ 2319.146211][T13322]  do_syscall_64+0x34/0x70
[ 2319.150454][T13322]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2319.156267][T13322] RIP: 0033:0x7f53c718063c
[ 2319.160519][T13322] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[ 2319.181517][T13322] RSP: 002b:00007f53c63e2040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2319.189918][T13322] RAX: ffffffffffffffda RBX: 00007f53c7312038 RCX: 00007f53c718063c
[ 2319.197735][T13322] RDX: 000000000000000f RSI: 00007f53c63e20b0 RDI: 0000000000000003
[ 2319.205845][T13322] RBP: 00007f53c63e20a0 R08: 0000000000000000 R09: 0000000000000000
[ 2319.213786][T13322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2319.221590][T13322] R13: 000000000000006e R14: 00007f53c7312038 R15: 00007ffc21e453a8
[ 2319.233033][ T3507] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2319.319673][ T3507] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2319.329919][ T3507] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2319.341928][ T3507] usb 2-1: SerialNumber: syz
[ 2319.519618][T12452] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[ 2319.767190][T13331] FAULT_INJECTION: forcing a failure.
[ 2319.767190][T13331] name failslab, interval 1, probability 0, space 0, times 0
[ 2319.811592][T13331] CPU: 0 PID: 13331 Comm: syz.2.11152 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2319.823161][T13331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2319.833154][T13331] Call Trace:
[ 2319.836293][T13331]  dump_stack_lvl+0x1e2/0x24b
[ 2319.840805][T13331]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2319.846365][T13331]  dump_stack+0x15/0x17
[ 2319.850355][T13331]  should_fail+0x3c6/0x510
[ 2319.858007][T13331]  ? bpf_test_init+0x101/0x1b0
[ 2319.863755][T13331]  __should_failslab+0xa4/0xe0
[ 2319.870148][T13331]  should_failslab+0x9/0x20
[ 2319.874759][T13331]  __kmalloc+0x60/0x330
[ 2319.878741][T13331]  bpf_test_init+0x101/0x1b0
[ 2319.883878][T13331]  bpf_prog_test_run_skb+0x262/0x1410
[ 2319.889185][T13331]  ? preempt_schedule_notrace+0x140/0x140
[ 2319.894730][T13331]  ? irqentry_exit+0x4f/0x60
[ 2319.899765][T13331]  ? sysvec_reschedule_ipi+0x83/0x160
[ 2319.905814][T13331]  ? irqentry_exit+0x4f/0x60
[ 2319.910761][T13331]  ? __bpf_prog_test_run_raw_tp+0x240/0x240
[ 2319.917080][T13331]  ? __kasan_check_write+0x14/0x20
[ 2319.922021][T13331]  ? fput_many+0x160/0x1b0
[ 2319.926307][T13331]  ? __bpf_prog_test_run_raw_tp+0x240/0x240
[ 2319.932153][T13331]  __se_sys_bpf+0x5235/0x11cb0
[ 2319.936856][T13331]  ? _raw_spin_unlock_irq+0x4e/0x70
[ 2319.941890][T13331]  ? finish_task_switch+0x130/0x5a0
[ 2319.946928][T13331]  ? switch_mm_irqs_off+0x71b/0x9a0
[ 2319.951958][T13331]  ? __switch_to_asm+0x34/0x60
[ 2319.956560][T13331]  ? __schedule+0xbee/0x1330
[ 2319.960985][T13331]  ? release_firmware_map_entry+0x192/0x192
[ 2319.966968][T13331]  ? __x64_sys_bpf+0x90/0x90
[ 2319.971395][T13331]  ? __kasan_check_read+0x11/0x20
[ 2319.976253][T13331]  ? preempt_schedule_irq+0xe7/0x140
[ 2319.981588][T13331]  ? preempt_schedule_notrace+0x140/0x140
[ 2319.987253][T13331]  ? irqentry_exit+0x4f/0x60
[ 2319.990829][T12452] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2319.994192][T13331]  ? sysvec_reschedule_ipi+0x83/0x160
[ 2319.994203][T13331]  ? memset+0x35/0x40
[ 2319.994216][T13331]  ? __fsnotify_parent+0x4b9/0x6c0
[ 2319.994229][T13331]  ? __fsnotify_update_child_dentry_flags+0x2b0/0x2b0
[ 2319.994247][T13331]  ? __kasan_check_write+0x14/0x20
[ 2320.006975][T12452] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2320.015817][T13331]  ? __switch_to+0x5f6/0x1240
[ 2320.015835][T13331]  ? plist_check_list+0x254/0x270
[ 2320.015847][T13331]  ? compat_start_thread+0x80/0x80
[ 2320.015860][T13331]  ? native_set_ldt+0x360/0x360
[ 2320.015883][T13331]  ? _raw_spin_unlock_irq+0x4e/0x70
[ 2320.072955][T13331]  ? finish_task_switch+0x130/0x5a0
[ 2320.078260][T13331]  ? switch_mm_irqs_off+0x71b/0x9a0
[ 2320.083472][T13331]  ? __switch_to_asm+0x34/0x60
[ 2320.088079][T13331]  ? __schedule+0xbee/0x1330
[ 2320.092606][T13331]  ? fpu__clear_all+0x20/0x20
[ 2320.097114][T13331]  ? __kasan_check_read+0x11/0x20
[ 2320.102084][T13331]  __x64_sys_bpf+0x7b/0x90
[ 2320.106596][T13331]  do_syscall_64+0x34/0x70
[ 2320.111282][T13331]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2320.119138][T13331] RIP: 0033:0x7f4e7fc78b59
[ 2320.120546][T12452] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2320.126515][T13331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2320.126523][T13331] RSP: 002b:00007f4e7eefa048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 2320.126537][T13331] RAX: ffffffffffffffda RBX: 00007f4e7fe08f60 RCX: 00007f4e7fc78b59
[ 2320.126545][T13331] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a
[ 2320.126551][T13331] RBP: 00007f4e7eefa0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2320.126558][T13331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2320.126565][T13331] R13: 000000000000000b R14: 00007f4e7fe08f60 R15: 00007ffcf1b042a8
[ 2320.129195][ T3507] usb 2-1: invalid UAC_HEADER (v1)
[ 2320.221081][ T3507] snd-usb-audio: probe of 2-1:1.0 failed with error -22
[ 2320.229735][ T3507] usb 2-1: USB disconnect, device number 44
[ 2320.249458][T12452] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2320.261812][T12452] usb 5-1: SerialNumber: syz
[ 2320.341668][T13341] netlink: 12 bytes leftover after parsing attributes in process `syz.0.11153'.
[ 2320.549598][T12315] usb 3-1: new high-speed USB device number 127 using dummy_hcd
[ 2320.552337][T13325] netlink: 'syz.4.11150': attribute type 3 has an invalid length.
[ 2320.577060][T13325] overlayfs: failed to resolve './file2': -2
[ 2320.623045][T12452] usb 5-1: 0:2 : does not exist
[ 2320.628445][T12452] usb 5-1: unit 5 not found!
[ 2320.643299][T12452] usb 5-1: USB disconnect, device number 13
[ 2320.749620][ T3507] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[ 2320.889965][ T8604] udevd[8604]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 2320.919727][T12315] usb 3-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[ 2320.931056][T12315] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2320.950279][T12315] usb 3-1: config 0 descriptor??
[ 2320.968175][T13351] netlink: 12 bytes leftover after parsing attributes in process `syz.0.11158'.
[ 2320.999575][ T3507] usb 2-1: Using ep0 maxpacket: 8
[ 2321.119605][ T3507] usb 2-1: config 0 has no interfaces?
[ 2321.125692][ T3507] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 2321.137842][ T3507] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2321.172799][ T3507] usb 2-1: config 0 descriptor??
[ 2321.437657][T25634] usb 2-1: USB disconnect, device number 45
[ 2321.647925][T13369] FAULT_INJECTION: forcing a failure.
[ 2321.647925][T13369] name failslab, interval 1, probability 0, space 0, times 0
[ 2321.660727][T13369] CPU: 1 PID: 13369 Comm: syz.0.11165 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2321.672884][T13369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2321.682775][T13369] Call Trace:
[ 2321.686317][T13369]  dump_stack_lvl+0x1e2/0x24b
[ 2321.690915][T13369]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2321.696226][T13369]  ? stack_trace_save+0x113/0x1c0
[ 2321.701066][T13369]  dump_stack+0x15/0x17
[ 2321.705048][T13369]  should_fail+0x3c6/0x510
[ 2321.712467][T13369]  ? sock_kmalloc+0x9c/0x100
[ 2321.716886][T13369]  __should_failslab+0xa4/0xe0
[ 2321.721547][T13369]  should_failslab+0x9/0x20
[ 2321.726264][T13369]  __kmalloc+0x60/0x330
[ 2321.729628][T23432] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[ 2321.730257][T13369]  ? kasan_set_free_info+0x23/0x40
[ 2321.742667][T13369]  ? ____kasan_slab_free+0x121/0x160
[ 2321.747893][T13369]  ? __kasan_slab_free+0x11/0x20
[ 2321.752735][T13369]  sock_kmalloc+0x9c/0x100
[ 2321.757316][T13369]  ____sys_sendmsg+0x219/0x8f0
[ 2321.763962][T13369]  ? __sys_sendmsg_sock+0x40/0x40
[ 2321.769076][T13369]  ? import_iovec+0xe5/0x120
[ 2321.773505][T13369]  ___sys_sendmsg+0x252/0x2e0
[ 2321.778010][T13369]  ? __sys_sendmsg+0x280/0x280
[ 2321.782824][T13369]  ? rw_verify_area+0x1c3/0x360
[ 2321.787514][T13369]  ? __fdget+0x1bc/0x240
[ 2321.792129][T13369]  __se_sys_sendmsg+0x1b1/0x280
[ 2321.796818][T13369]  ? __x64_sys_sendmsg+0x90/0x90
[ 2321.801796][T13369]  ? ksys_write+0x260/0x2c0
[ 2321.806278][T13369]  ? debug_smp_processor_id+0x17/0x20
[ 2321.812060][T13369]  __x64_sys_sendmsg+0x7b/0x90
[ 2321.816658][T13369]  do_syscall_64+0x34/0x70
[ 2321.820915][T13369]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2321.826829][T13369] RIP: 0033:0x7f4695907b59
[ 2321.832352][T13369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2321.852477][T13369] RSP: 002b:00007f4694b89048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2321.860943][T13369] RAX: ffffffffffffffda RBX: 00007f4695a97f60 RCX: 00007f4695907b59
[ 2321.869717][T13369] RDX: 0000000000000000 RSI: 0000000020003ec0 RDI: 0000000000000004
[ 2321.877656][T13369] RBP: 00007f4694b890a0 R08: 0000000000000000 R09: 0000000000000000
[ 2321.886849][T13369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2321.901735][T13369] R13: 000000000000000b R14: 00007f4695a97f60 R15: 00007ffea6d553a8
[ 2322.309707][T23432] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2322.320923][T23432] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2322.409675][T23432] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2322.418836][T23432] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2322.427479][T23432] usb 5-1: SerialNumber: syz
[ 2322.471851][T12315] asix 3-1:0.0 eth1: register 'asix' at usb-dummy_hcd.2-1, ASIX AX88178 USB 2.0 Ethernet, 76:87:c5:9d:aa:0f
[ 2322.496063][T13382] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11167'.
[ 2322.524775][T12315] usb 3-1: USB disconnect, device number 127
[ 2322.534819][T12315] asix 3-1:0.0 eth1: unregister 'asix' usb-dummy_hcd.2-1, ASIX AX88178 USB 2.0 Ethernet
[ 2322.566107][T13383] netlink: 28 bytes leftover after parsing attributes in process `syz.3.11168'.
[ 2322.701038][T23432] usb 5-1: invalid UAC_HEADER (v1)
[ 2322.707633][T23432] snd-usb-audio: probe of 5-1:1.0 failed with error -22
[ 2322.717417][T23432] usb 5-1: USB disconnect, device number 14
[ 2323.495666][   T24] audit: type=1326 audit(2323.487:5308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13430 comm="syz.4.11176" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f53c7181b59 code=0x0
[ 2323.549576][T23432] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[ 2323.919634][T23432] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2323.953812][T23432] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2323.964785][ T3507] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[ 2324.119637][T23432] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2324.144993][T23432] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2324.192888][T23432] usb 2-1: SerialNumber: syz
[ 2324.249566][T31696] EXT4-fs warning (device loop4): kmmpd:170: kmmpd being stopped since MMP feature has been disabled.
[ 2324.339658][ T3507] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2324.375262][ T3507] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2324.394988][ T3507] usb 1-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00
[ 2324.404444][ T3507] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2324.432096][ T3507] usb 1-1: config 0 descriptor??
[ 2324.461640][T13417] netlink: 'syz.1.11171': attribute type 3 has an invalid length.
[ 2324.481658][T13417] overlayfs: failed to resolve './file2': -2
[ 2324.687969][T13436] udc-core: couldn't find an available UDC or it's busy
[ 2324.722067][T13436] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 2324.740204][T23432] usb 2-1: 0:2 : does not exist
[ 2324.744889][T23432] usb 2-1: unit 5 not found!
[ 2324.755931][T13446] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13446 comm=syz.3.11180
[ 2324.771898][T23432] usb 2-1: USB disconnect, device number 46
[ 2325.059661][ T3507] usbhid 1-1:0.0: can't add hid device: -71
[ 2325.065624][ T3507] usbhid: probe of 1-1:0.0 failed with error -71
[ 2325.076205][ T3507] usb 1-1: USB disconnect, device number 4
[ 2325.089615][T25634] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[ 2325.196762][ T8604] udevd[8604]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 2325.334936][   T24] audit: type=1400 audit(2325.323:5309): avc:  denied  { unmount } for  pid=13140 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[ 2325.385347][T13461] netlink: 12 bytes leftover after parsing attributes in process `syz.4.11182'.
[ 2325.466522][T13458] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2325.473439][T13458] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2325.483643][T13458] device bridge_slave_0 entered promiscuous mode
[ 2325.491503][T13458] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2325.501634][T13458] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2325.512393][T13458] device bridge_slave_1 entered promiscuous mode
[ 2325.539893][T25634] usb 4-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[ 2325.552590][T25634] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2325.561267][T25634] usb 4-1: config 0 descriptor??
[ 2325.614682][T13458] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2325.621564][T13458] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2325.628767][T13458] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2325.635649][T13458] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2325.657776][T12452] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2325.665814][T12452] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2325.673436][T12452] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2325.683333][ T3507] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2325.691582][ T3507] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2325.698521][ T3507] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2325.720991][T12452] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2325.729755][T12452] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2325.737428][T12452] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2325.766402][T13474] FAULT_INJECTION: forcing a failure.
[ 2325.766402][T13474] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2325.780317][T13474] CPU: 1 PID: 13474 Comm: syz.1.11188 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2325.793037][T13474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2325.804320][T13474] Call Trace:
[ 2325.808841][T13474]  dump_stack_lvl+0x1e2/0x24b
[ 2325.815775][T13474]  ? panic+0x812/0x812
[ 2325.819669][T13474]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2325.825142][T13474]  ? __check_object_size+0x73/0x3c0
[ 2325.830171][T13474]  dump_stack+0x15/0x17
[ 2325.834285][T13474]  should_fail+0x3c6/0x510
[ 2325.839614][T13474]  should_fail_usercopy+0x1a/0x20
[ 2325.846738][T13474]  _copy_from_user+0x20/0xd0
[ 2325.847153][   T24] audit: type=1400 audit(2325.753:5310): avc:  denied  { mounton } for  pid=13471 comm="syz.1.11188" path="/17/file0" dev="incremental-fs" ino=112 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 2325.852893][T13474]  strndup_user+0xb3/0x150
[ 2325.852905][T13474]  __se_sys_mount+0x9b/0x3b0
[ 2325.852925][T13474]  ? __kasan_check_write+0x14/0x20
[ 2325.877677][   T24] audit: type=1400 audit(2325.753:5311): avc:  denied  { getattr } for  pid=13471 comm="syz.1.11188" name="/" dev="incremental-fs" ino=112 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 2325.881462][T13474]  ? __x64_sys_mount+0xd0/0xd0
[ 2325.881476][T13474]  ? fpu__clear_all+0x20/0x20
[ 2325.881495][T13474]  __x64_sys_mount+0xbf/0xd0
[ 2325.907595][T13458] device veth0_vlan entered promiscuous mode
[ 2325.921459][T13474]  do_syscall_64+0x34/0x70
[ 2325.921473][T13474]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2325.921483][T13474] RIP: 0033:0x7f78db3cbb59
[ 2325.921496][T13474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2325.921503][T13474] RSP: 002b:00007f78da60b048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2325.921526][T13474] RAX: ffffffffffffffda RBX: 00007f78db55c110 RCX: 00007f78db3cbb59
[ 2325.937701][T13458] device veth1_macvtap entered promiscuous mode
[ 2325.942166][T13474] RDX: 0000000020000300 RSI: 00000000200000c0 RDI: 0000000000000000
[ 2325.942175][T13474] RBP: 00007f78da60b0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2325.942182][T13474] R10: 0000000001010020 R11: 0000000000000246 R12: 0000000000000001
[ 2325.942198][T13474] R13: 000000000000006e R14: 00007f78db55c110 R15: 00007fff81b12de8
[ 2326.072734][ T8761] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2326.081509][ T8761] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2326.090399][ T8761] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2326.101732][ T8761] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2326.109663][T10651] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[ 2326.117204][ T8761] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2326.125263][ T8761] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2326.133082][ T8761] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2326.141295][ T8761] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2326.197573][ T8761] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2326.370090][T10651] usb 3-1: Using ep0 maxpacket: 16
[ 2326.510989][T13301] device bridge_slave_1 left promiscuous mode
[ 2326.517568][T13301] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2326.524976][T13301] device bridge_slave_0 left promiscuous mode
[ 2326.540624][T13301] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2326.559984][T13301] device veth1_macvtap left promiscuous mode
[ 2326.566460][T13301] device veth0_vlan left promiscuous mode
[ 2326.589867][T10651] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2326.604607][T10651] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2326.618386][T10651] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2326.634028][T10651] usb 3-1: New USB device found, idVendor=056a, idProduct=00f0, bcdDevice= 0.00
[ 2326.643185][T10651] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2326.687820][T10651] usb 3-1: config 0 descriptor??
[ 2326.979577][ T3507] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[ 2326.982580][T25634] asix 4-1:0.0 eth1: register 'asix' at usb-dummy_hcd.3-1, ASIX AX88178 USB 2.0 Ethernet, 76:87:c5:9d:aa:0f
[ 2327.001515][T25634] usb 4-1: USB disconnect, device number 22
[ 2327.008353][T25634] asix 4-1:0.0 eth1: unregister 'asix' usb-dummy_hcd.3-1, ASIX AX88178 USB 2.0 Ethernet
[ 2327.158007][   T24] audit: type=1326 audit(2327.143:5312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13490 comm="syz.4.11193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c7181b59 code=0x7ffc0000
[ 2327.184675][   T24] audit: type=1326 audit(2327.143:5313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13490 comm="syz.4.11193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f53c7180497 code=0x7ffc0000
[ 2327.207645][   T24] audit: type=1326 audit(2327.143:5314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13490 comm="syz.4.11193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c7181b59 code=0x7ffc0000
[ 2327.231234][   T24] audit: type=1326 audit(2327.143:5315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13490 comm="syz.4.11193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7f53c7181b59 code=0x7ffc0000
[ 2327.256696][   T24] audit: type=1326 audit(2327.143:5316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13490 comm="syz.4.11193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c7181b59 code=0x7ffc0000
[ 2327.279759][   T24] audit: type=1326 audit(2327.143:5317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13490 comm="syz.4.11193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7f53c7181b59 code=0x7ffc0000
[ 2327.313480][ T3507] usb 1-1: device descriptor read/64, error -71
[ 2327.412588][T10651] wacom 0003:056A:00F0.00EF: hidraw0: USB HID v0.00 Device [HID 056a:00f0] on usb-dummy_hcd.2-1/input0
[ 2327.875625][T13511] device veth0_vlan left promiscuous mode
[ 2327.887967][T13511] device veth0_vlan entered promiscuous mode
[ 2328.178748][ T3507] usb 1-1: device descriptor read/64, error -71
[ 2328.496413][T13520] overlayfs: missing 'workdir'
[ 2328.629395][T13522] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11200'.
[ 2328.641353][ T3507] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[ 2328.734468][T13533] device pim6reg1 entered promiscuous mode
[ 2328.777217][ T6356] usb 3-1: USB disconnect, device number 2
[ 2329.319734][T12315] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[ 2329.319752][ T3507] usb 1-1: device descriptor read/64, error -71
[ 2329.549619][T25634] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[ 2329.789726][T12315] usb 5-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[ 2330.586354][T12315] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2330.598724][T12315] usb 5-1: config 0 descriptor??
[ 2330.670233][T13561] FAULT_INJECTION: forcing a failure.
[ 2330.670233][T13561] name failslab, interval 1, probability 0, space 0, times 0
[ 2330.684586][T13561] CPU: 0 PID: 13561 Comm: syz.2.11212 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2330.696140][T13561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2330.706024][T13561] Call Trace:
[ 2330.709291][T13561]  dump_stack_lvl+0x1e2/0x24b
[ 2330.713900][T13561]  ? panic+0x812/0x812
[ 2330.717970][T13561]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2330.723456][T13561]  ? __kasan_slab_free+0x11/0x20
[ 2330.728363][T13561]  ? slab_free_freelist_hook+0xc0/0x190
[ 2330.733745][T13561]  dump_stack+0x15/0x17
[ 2330.737726][T13561]  should_fail+0x3c6/0x510
[ 2330.743984][T13561]  ? kobject_uevent_env+0x269/0x700
[ 2330.751551][T13561]  __should_failslab+0xa4/0xe0
[ 2330.758001][T13561]  should_failslab+0x9/0x20
[ 2330.762804][T13561]  kmem_cache_alloc_trace+0x3a/0x2e0
[ 2330.769089][T13561]  ? mutex_lock+0xa5/0x110
[ 2330.776406][T13561]  ? dev_uevent_filter+0xb0/0xb0
[ 2330.785198][T13561]  kobject_uevent_env+0x269/0x700
[ 2330.791621][T13561]  ? mutex_unlock+0x1c/0x40
[ 2330.797940][T13561]  kobject_uevent+0x1f/0x30
[ 2330.804149][T13561]  device_del+0xd2f/0xf00
[ 2330.808826][T13561]  ? detach_if_pending+0xcd/0x390
[ 2330.817224][T13561]  ? kill_device+0xd0/0xd0
[ 2330.823925][T13561]  ? try_to_del_timer_sync+0x150/0x150
[ 2330.829994][T13561]  device_unregister+0x15/0x40
[ 2330.834595][T13561]  wakeup_source_sysfs_remove+0x3b/0x40
[ 2330.840125][T13561]  wakeup_source_unregister+0x170/0x190
[ 2330.845693][T13561]  ep_destroy_wakeup_source+0x5d/0x70
[ 2330.851018][T13561]  ep_modify+0x1a5/0x800
[ 2330.855276][T13561]  ? ep_insert+0x1450/0x1450
[ 2330.859966][T13561]  ? mutex_lock+0xa5/0x110
[ 2330.864353][T13561]  ? __fdget+0x1bc/0x240
[ 2330.868422][T13561]  do_epoll_ctl+0x73b/0xec0
[ 2330.872962][T13561]  ? do_epoll_ctl+0x3a1/0xec0
[ 2330.877798][T13561]  __x64_sys_epoll_ctl+0x15d/0x1a0
[ 2330.882837][T13561]  ? ep_modify+0x800/0x800
[ 2330.887263][T13561]  ? debug_smp_processor_id+0x17/0x20
[ 2330.892590][T13561]  do_syscall_64+0x34/0x70
[ 2330.897507][T13561]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2330.903763][T13561] RIP: 0033:0x7f4e7fc78b59
[ 2330.908536][T13561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2330.933274][T13561] RSP: 002b:00007f4e7eefa048 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[ 2330.942866][T13561] RAX: ffffffffffffffda RBX: 00007f4e7fe08f60 RCX: 00007f4e7fc78b59
[ 2330.950669][T13561] RDX: 0000000000000004 RSI: 0000000000000003 RDI: 0000000000000003
[ 2330.959122][T13561] RBP: 00007f4e7eefa0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2330.973904][T13561] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[ 2330.981954][T13561] R13: 000000000000000b R14: 00007f4e7fe08f60 R15: 00007ffcf1b042a8
[ 2331.215746][T13570] overlayfs: missing 'workdir'
[ 2331.239896][T25634] usb 2-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[ 2331.261572][T25634] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2331.404423][T25634] usb 2-1: config 0 descriptor??
[ 2331.440091][T12315] asix 5-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[ 2331.489740][T12315] asix 5-1:0.0 (unnamed net_device) (uninitialized): Error reading PHYID register: 00
[ 2331.521881][T13576] device pim6reg1 entered promiscuous mode
[ 2331.683109][T13580] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11217'.
[ 2331.739636][ T3507] usb 1-1: device descriptor read/64, error -71
[ 2331.746781][T23432] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[ 2331.869714][ T3507] usb usb1-port1: attempt power cycle
[ 2331.989616][T23432] usb 3-1: Using ep0 maxpacket: 8
[ 2332.100909][T12315] asix 5-1:0.0 eth1: register 'asix' at usb-dummy_hcd.4-1, ASIX AX88178 USB 2.0 Ethernet, 7a:59:f8:9b:92:be
[ 2332.112602][T23432] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[ 2332.123882][T23432] usb 3-1: config 179 has no interface number 0
[ 2332.130231][T23432] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 2332.134318][T10651] usb 5-1: USB disconnect, device number 15
[ 2332.141228][T23432] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 2332.158525][T10651] asix 5-1:0.0 eth1: unregister 'asix' usb-dummy_hcd.4-1, ASIX AX88178 USB 2.0 Ethernet
[ 2332.177170][T23432] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 2332.188915][T23432] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[ 2332.201135][T23432] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 2332.214585][T23432] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 2332.224248][T23432] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2332.232679][T12315] ==================================================================
[ 2332.240559][T12315] BUG: KASAN: use-after-free in __list_del_entry_valid+0xa6/0x120
[ 2332.248186][T12315] Read of size 8 at addr ffff88811edbec68 by task kworker/0:14/12315
[ 2332.256218][T12315] 
[ 2332.258397][T12315] CPU: 0 PID: 12315 Comm: kworker/0:14 Tainted: G        W         5.10.221-syzkaller-01371-g1240968f7644 #0
[ 2332.269862][T12315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2332.279909][T12315] Workqueue: events_long br_fdb_cleanup
[ 2332.285454][T12315] Call Trace:
[ 2332.288588][T12315]  dump_stack_lvl+0x1e2/0x24b
[ 2332.293100][T12315]  ? printk+0xd1/0x111
[ 2332.296999][T12315]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 2332.302388][T12315]  ? wake_up_klogd+0xb8/0xf0
[ 2332.306958][T12315]  ? panic+0x812/0x812
[ 2332.310852][T12315]  print_address_description+0x81/0x3b0
[ 2332.318062][T12315]  ? finish_task_switch+0x130/0x5a0
[ 2332.323283][T12315]  kasan_report+0x179/0x1c0
[ 2332.327619][T12315]  ? __list_del_entry_valid+0xa6/0x120
[ 2332.333444][T12315]  ? __list_del_entry_valid+0xa6/0x120
[ 2332.338728][T12315]  __asan_report_load8_noabort+0x14/0x20
[ 2332.344433][T12315]  __list_del_entry_valid+0xa6/0x120
[ 2332.349651][T12315]  process_one_work+0x43f/0xbd0
[ 2332.354681][T12315]  worker_thread+0xaea/0x1510
[ 2332.360234][T12315]  ? _raw_spin_lock+0x1b0/0x1b0
[ 2332.365376][T12315]  ? __kasan_check_read+0x11/0x20
[ 2332.371047][T12315]  kthread+0x34b/0x3d0
[ 2332.375303][T12315]  ? worker_clr_flags+0x180/0x180
[ 2332.380938][T12315]  ? kthread_blkcg+0xd0/0xd0
[ 2332.387395][T12315]  ret_from_fork+0x1f/0x30
[ 2332.395780][T12315] 
[ 2332.401901][T12315] Allocated by task 12315:
[ 2332.409121][T12315]  ____kasan_kmalloc+0xdb/0x110
[ 2332.414874][T12315]  __kasan_kmalloc+0x9/0x10
[ 2332.419212][T12315]  __kmalloc+0x1aa/0x330
[ 2332.423297][T12315]  kvmalloc_node+0x82/0x130
[ 2332.427812][T12315]  alloc_netdev_mqs+0x8e/0xcd0
[ 2332.432497][T12315]  alloc_etherdev_mqs+0x33/0x40
[ 2332.437177][T12315]  usbnet_probe+0x1ff/0x2860
[ 2332.441718][T12315]  usb_probe_interface+0x5b6/0xa90
[ 2332.446657][T12315]  really_probe+0x3eb/0xaf0
[ 2332.451172][T12315]  driver_probe_device+0xfd/0x260
[ 2332.456045][T12315]  __device_attach_driver+0x29b/0x410
[ 2332.462171][T12315]  bus_for_each_drv+0x183/0x200
[ 2332.467185][T12315]  __device_attach+0x30a/0x500
[ 2332.471771][T12315]  device_initial_probe+0x1a/0x20
[ 2332.476640][T12315]  bus_probe_device+0xbe/0x1e0
[ 2332.481230][T12315]  device_add+0x889/0xbc0
[ 2332.485489][T12315]  usb_set_configuration+0x19a5/0x1f30
[ 2332.491185][T12315]  usb_generic_driver_probe+0x8b/0x150
[ 2332.496516][T12315]  usb_probe_device+0x144/0x260
[ 2332.502177][T12315]  really_probe+0x3eb/0xaf0
[ 2332.507527][T12315]  driver_probe_device+0xfd/0x260
[ 2332.512389][T12315]  __device_attach_driver+0x29b/0x410
[ 2332.517672][T12315]  bus_for_each_drv+0x183/0x200
[ 2332.522975][T12315]  __device_attach+0x30a/0x500
[ 2332.531699][T12315]  device_initial_probe+0x1a/0x20
[ 2332.539604][T12315]  bus_probe_device+0xbe/0x1e0
[ 2332.544284][T12315]  device_add+0x889/0xbc0
[ 2332.549604][T12315]  usb_new_device+0xbbc/0x1760
[ 2332.554240][T12315]  hub_event+0x2d3b/0x47c0
[ 2332.558431][T12315]  process_one_work+0x6dc/0xbd0
[ 2332.563123][T12315]  worker_thread+0xaea/0x1510
[ 2332.567642][T12315]  kthread+0x34b/0x3d0
[ 2332.571966][T12315]  ret_from_fork+0x1f/0x30
[ 2332.576210][T12315] 
[ 2332.578377][T12315] Freed by task 10651:
[ 2332.582291][T12315]  kasan_set_track+0x4b/0x70
[ 2332.586810][T12315]  kasan_set_free_info+0x23/0x40
[ 2332.591685][T12315]  ____kasan_slab_free+0x121/0x160
[ 2332.596615][T12315]  __kasan_slab_free+0x11/0x20
[ 2332.601210][T12315]  slab_free_freelist_hook+0xc0/0x190
[ 2332.606411][T12315]  kfree+0xc3/0x270
[ 2332.610058][T12315]  kvfree+0x35/0x40
[ 2332.613705][T12315]  netdev_freemem+0x3f/0x60
[ 2332.618180][T12315]  netdev_release+0x7f/0xb0
[ 2332.622478][T12315]  device_release+0x95/0x1c0
[ 2332.627241][T12315]  kobject_put+0x178/0x260
[ 2332.631734][T12315]  put_device+0x1f/0x30
[ 2332.635707][T12315]  free_netdev+0x384/0x470
[ 2332.640057][T12315]  usbnet_disconnect+0x242/0x3a0
[ 2332.644835][T12315]  usb_unbind_interface+0x1fa/0x8c0
[ 2332.649985][T12315]  device_release_driver_internal+0x506/0x7c0
[ 2332.655891][T12315]  device_release_driver+0x19/0x20
[ 2332.662190][T12315]  bus_remove_device+0x2f8/0x360
[ 2332.666911][T12315]  device_del+0x68b/0xf00
[ 2332.671262][T12315]  usb_disable_device+0x380/0x720
[ 2332.676306][T12315]  usb_disconnect+0x32a/0x890
[ 2332.680824][T12315]  hub_event+0x1e73/0x47c0
[ 2332.685063][T12315]  process_one_work+0x6dc/0xbd0
[ 2332.689746][T12315]  worker_thread+0xaea/0x1510
[ 2332.694420][T12315]  kthread+0x34b/0x3d0
[ 2332.698396][T12315]  ret_from_fork+0x1f/0x30
[ 2332.702672][T12315] 
[ 2332.704817][T12315] Last potentially related work creation:
[ 2332.710379][T12315]  kasan_save_stack+0x3b/0x60
[ 2332.714973][T12315]  __kasan_record_aux_stack+0xd3/0x100
[ 2332.720276][T12315]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 2332.725920][T12315]  insert_work+0x56/0x310
[ 2332.730236][T12315]  __queue_work+0x970/0xd10
[ 2332.734580][T12315]  queue_work_on+0x105/0x160
[ 2332.739256][T12315]  usbnet_link_change+0xeb/0x100
[ 2332.745454][T12315]  usbnet_probe+0x1dff/0x2860
[ 2332.750056][T12315]  usb_probe_interface+0x5b6/0xa90
[ 2332.755194][T12315]  really_probe+0x3eb/0xaf0
[ 2332.759626][T12315]  driver_probe_device+0xfd/0x260
[ 2332.764713][T12315]  __device_attach_driver+0x29b/0x410
[ 2332.769921][T12315]  bus_for_each_drv+0x183/0x200
[ 2332.774616][T12315]  __device_attach+0x30a/0x500
[ 2332.779206][T12315]  device_initial_probe+0x1a/0x20
[ 2332.784580][T12315]  bus_probe_device+0xbe/0x1e0
[ 2332.793733][T12315]  device_add+0x889/0xbc0
[ 2332.798648][T12315]  usb_set_configuration+0x19a5/0x1f30
[ 2332.803945][T12315]  usb_generic_driver_probe+0x8b/0x150
[ 2332.811361][T12315]  usb_probe_device+0x144/0x260
[ 2332.816747][T12315]  really_probe+0x3eb/0xaf0
[ 2332.821081][T12315]  driver_probe_device+0xfd/0x260
[ 2332.826058][T12315]  __device_attach_driver+0x29b/0x410
[ 2332.831267][T12315]  bus_for_each_drv+0x183/0x200
[ 2332.836391][T12315]  __device_attach+0x30a/0x500
[ 2332.840986][T12315]  device_initial_probe+0x1a/0x20
[ 2332.845845][T12315]  bus_probe_device+0xbe/0x1e0
[ 2332.850455][T12315]  device_add+0x889/0xbc0
[ 2332.854617][T12315]  usb_new_device+0xbbc/0x1760
[ 2332.859207][T12315]  hub_event+0x2d3b/0x47c0
[ 2332.863463][T12315]  process_one_work+0x6dc/0xbd0
[ 2332.868153][T12315]  worker_thread+0xaea/0x1510
[ 2332.872817][T12315]  kthread+0x34b/0x3d0
[ 2332.876739][T12315]  ret_from_fork+0x1f/0x30
[ 2332.880966][T12315] 
[ 2332.883141][T12315] The buggy address belongs to the object at ffff88811edbe000
[ 2332.883141][T12315]  which belongs to the cache kmalloc-4k of size 4096
[ 2332.906121][T12315] The buggy address is located 3176 bytes inside of
[ 2332.906121][T12315]  4096-byte region [ffff88811edbe000, ffff88811edbf000)
[ 2332.920876][T12315] The buggy address belongs to the page:
[ 2332.926382][T12315] page:ffffea00047b6e00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11edb8
[ 2332.936622][T12315] head:ffffea00047b6e00 order:3 compound_mapcount:0 compound_pincount:0
[ 2332.945508][T12315] flags: 0x4000000000010200(slab|head)
[ 2332.952500][T12315] raw: 4000000000010200 dead000000000100 dead000000000122 ffff888100042c00
[ 2332.961167][T12315] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000
[ 2332.972861][T12315] page dumped because: kasan: bad access detected
[ 2332.979123][T12315] page_owner tracks the page as allocated
[ 2332.984942][T12315] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 93, ts 63968880436, free_ts 51879744510
[ 2333.008312][T12315]  prep_new_page+0x166/0x180
[ 2333.012827][T12315]  get_page_from_freelist+0x2d8c/0x2f30
[ 2333.018458][T12315]  __alloc_pages_nodemask+0x435/0xaf0
[ 2333.023702][T12315]  new_slab+0x80/0x400
[ 2333.027579][T12315]  ___slab_alloc+0x302/0x4b0
[ 2333.032018][T12315]  __slab_alloc+0x63/0xa0
[ 2333.036195][T12315]  kmem_cache_alloc_trace+0x1bd/0x2e0
[ 2333.041371][T12315]  uevent_show+0x160/0x330
[ 2333.045706][T12315]  dev_attr_show+0x56/0xd0
[ 2333.050059][T12315]  sysfs_kf_seq_show+0x265/0x3e0
[ 2333.055455][T12315]  kernfs_seq_show+0x119/0x160
[ 2333.060046][T12315]  seq_read_iter+0x430/0xd00
[ 2333.064652][T12315]  kernfs_fop_read_iter+0x145/0x470
[ 2333.069771][T12315]  vfs_read+0x999/0xbb0
[ 2333.073850][T12315]  ksys_read+0x199/0x2c0
[ 2333.078058][T12315]  __x64_sys_read+0x7b/0x90
[ 2333.082836][T12315] page last free stack trace:
[ 2333.087666][T12315]  free_unref_page_prepare+0x2ae/0x2d0
[ 2333.092948][T12315]  free_the_page+0x9e/0x370
[ 2333.097296][T12315]  __free_pages+0x67/0xc0
[ 2333.101581][T12315]  __vunmap+0x7bc/0x8f0
[ 2333.105568][T12315]  vfree+0x5c/0x80
[ 2333.109222][T12315]  kcov_close+0x2b/0x50
[ 2333.113215][T12315]  __fput+0x309/0x760
[ 2333.117458][T12315]  ____fput+0x15/0x20
[ 2333.121696][T12315]  task_work_run+0x129/0x190
[ 2333.128395][T12315]  do_exit+0xc83/0x2a50
[ 2333.132358][T12315]  do_group_exit+0x141/0x310
[ 2333.136792][T12315]  get_signal+0x10a0/0x1410
[ 2333.141278][T12315]  arch_do_signal_or_restart+0xbd/0x17c0
[ 2333.146744][T12315]  exit_to_user_mode_loop+0x9b/0xd0
[ 2333.152065][T12315]  syscall_exit_to_user_mode+0xa2/0x1a0
[ 2333.157453][T12315]  do_syscall_64+0x40/0x70
[ 2333.161872][T12315] 
[ 2333.164044][T12315] Memory state around the buggy address:
[ 2333.171960][T12315]  ffff88811edbeb00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2333.180119][T12315]  ffff88811edbeb80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2333.188154][T12315] >ffff88811edbec00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2333.196138][T12315]                                                           ^
[ 2333.204006][T12315]  ffff88811edbec80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2333.212122][T12315]  ffff88811edbed00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2333.220037][T12315] ==================================================================
[ 2333.228016][T12315] Disabling lock debugging due to kernel taint
[ 2333.236084][ T3507] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[ 2333.279688][T13574] raw-gadget.3 gadget: fail, usb_ep_enable returned -22
[ 2333.305934][T25634] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 2333.316187][T25634] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 2333.429813][ T3507] usb 1-1: device descriptor read/8, error -71
[ 2333.500869][T25634] asix 2-1:0.0 eth1: register 'asix' at usb-dummy_hcd.1-1, ASIX AX88178 USB 2.0 Ethernet, 76:87:c5:9d:aa:0f
[ 2333.513484][T25634] usb 2-1: USB disconnect, device number 47
[ 2333.520215][T25634] asix 2-1:0.0 eth1: unregister 'asix' usb-dummy_hcd.1-1, ASIX AX88178 USB 2.0 Ethernet
[ 2333.669605][ T3507] usb 1-1: device descriptor read/8, error -71
[ 2333.713314][T13574] udc-core: couldn't find an available UDC or it's busy
[ 2333.720181][T13574] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 2333.740522][T23432] usb 3-1: USB disconnect, device number 3
[ 2333.759627][    C0] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19