last executing test programs:

18.174569781s ago: executing program 2 (id=1215):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2000000, &(0x7f0000000240), 0x21, 0x4a6, &(0x7f0000000a40)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
r2 = inotify_init1(0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@bloom_filter={0x1e, 0x0, 0x101}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x40f00, 0x2}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000001}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x90)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000a00)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x4}, {0x0, [0x61, 0x5f, 0x61, 0x0]}}, 0x0, 0x1c, 0x0, 0x400, 0xffffffff}, 0x2c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r6 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r6, 0x0, 0x0, 0x0)
inotify_add_watch(r2, &(0x7f0000000040)='./bus\x00', 0x940005ba)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x70600}], 0x1, 0x62000, 0x0, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(r1, &(0x7f0000000200)='blkio.bfq.dequeue\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0xc80e, &(0x7f00000000c0)=ANY=[], 0x1, 0x2fa, &(0x7f0000000f00)="$eJzs3M9LK1cUwPGTGDVGNFmUQluKh3bTbgZN94VQFEoDLdaU/oDCaCZtyDQJmZCSUmq66rb/RoNLd0Jr/wA33XX1No+3cfPgbQTfe/NIZvIc46gxamLI9wNyT3LvceZyo5wZMvf46z9/KhUco2DWJRpXiYq0xBWRThQUkYjXzHmv417Tkg8Xn/3/ropIJptd31TdyGx9lFbV5ZW/f/51773D+uJX+8sH83KU+v74afrx0ZtHbx2/3Pqx6GjR0XKlrqZuVx7VzW3b0nzRKRmqX9iW6VhaLDtWzeuv1P3DSrXaVLOcX0pUa5bj6KnruiWrqfWK1mtNNX8wi2U1DEOXEjI9Tla6TfWmebn25qaZGfKgO0Pm4c4dXtlbq/X+eP51z/fk2vd3TgAA4KEKrf9PRFKB+j/it9Fg/e9rSatT/3/5zbefDVD/H8yF1v+da4nr6v9uf8Gu9NX/Zrmp1P8DiV98K9eeGb7+x4SoLYi09wJX9L9/t7faDaj/AQAAAAAAAAAAAAAAAAAAAACYBCeum3RdN9lpo+LFnZ95/4GR3utxnyfuR3D9vbWOdVad9Z8SgQf34iL2H41cI+e1Xn+mIEWxxZJVScrz7ufB58Ubn2bXI6raUE3JP/aun7/byM2cz1+TpKTC89fUcz5/VhLB/LQk5Y3w/HRo/px88H4g35Ck/LcjFbEl3/1cn+X/tqb6yefZvvwFyYc8MQcAAAAAwCQy9LXQ63fDuKzfyx/k/sBq6PV5TN6OjXfuAAAAAABMC6f5S8m0bat2bfCXn3Ht4Cf+wIF/822DWX8WrnvZGIndZKZnQWSorFsGvW8dXDm4tyfzzQ/h357ZHfm8JjWI9a1F4tLByzP+qgx8iHl/V+bOOy/cvjEf779zOqqZXjznkf4bAgAAADACZ0X/uM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDpdeXGYLN3s8HYuOcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBSvAgAA///SHxpf")

17.416671253s ago: executing program 2 (id=1217):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4000000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0xe5, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x0, 0x0, 0x0, 0x4, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getpid()
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=ANY=[@ANYBLOB="5c00000025000304000000001b00000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100766c616e000000001c0002800600010000000000100003800c000100ff00000000000000080005"], 0x5c}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r4, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000900)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @empty}}}], 0x20}}], 0x1, 0x4000804)

16.145402167s ago: executing program 2 (id=1220):
pipe2$9p(&(0x7f0000000240), 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x4008040, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x111c088, &(0x7f0000000c00)=ANY=[@ANYBLOB="757466383d302c696f636861727365743d69736f383835392d312c666d61736b3d30303030303030303030303030303030303030303036362c756e695f786c6174653d312c756e695f786c6174653d302c726f6469722c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c757466383d302c757466383d312c73686f72746e616d653d77696e39352c726f6469722c6e66733d6e6f7374616c655f726f2c726f6469722c757466383d312c73686f72746e616d653d77696e6e742c636865636b3d72656c617865642c00c63b831754d4eeec4cf38c28cf1e3409b9950bbab09abe8d407d1c7c935e034461a37ac3113829124efad15a202673b20ad011cb0f0cedb0cef9f6ec5e2634db26ef8581fd506844d0133ac021c0172b4b36a109949512e8dc6a8c7d603e3ef3cd57451eaee1b0e4804b9ea88fcad7afb59594dcfeaf8d34935fa0e54a36c57d964429e7ec869287810e5d97759017ace0c3f5"], 0x0, 0x2c3, &(0x7f0000000900)="$eJzs3T+LHGUcB/Df7M3OrlrsFlYiOKCFVciltdlDEhCvMmyhFnqYC8jtItzBgX9wTWVrY2HhKxAEX4iN70CwFeyMEHhkZmeyu5dlcxuyJyafT5MnzzzfeX7Ps8PdXHHPffzq9OROGXfvffV79PtZdEYxivtZDKMTrW9ixei7AAD+z+6nFH+luW1yWUT0d1cWALBDl/v+ny+av1xJWQDADt1+/4N3Dw4Pb75Xlv24Nf32fFz9ZF/9O79+cDc+jUkcx/UYxIOI+kWhG/XbQtW8lVKa5WVlGG9MZ+fjKjn96Nfm/gd/RtT5/RjEsO56+LZR5985vLlfzi3lZ1UdLzbzj6r8jRjEyw/DK/kba/IxLuLN15fqvxaD+O2T+CwmcacuYpH/er8s307f//3lh1V5VT6bnY979biFtHfFHw0AAAAAAAAAAAAAAAAAAAAAAM+wa83ZOb2oz++puprzd/YeVP/pRtkarp7PM89n7Y2WzwdKKc1S/Nier3O9LMvUDFzk83glXz5YEAAAAAAAAAAAAAAAAAAAAJ5fZ59/cXI0mRyfPpVGexpAHhH/3I540vuMlnpei82De82cR5NJp2mujsmXe2KvHZNFbCyjWsST7kYeW639hUdqbho//bzt7P3Hj+mun+tpNtqn6+QoW7+HvWh7+s1G/VBELMYUccm5ios9aTC/T9rqIyjWXhpsvfbipbox2zAmsk2FvfXHfOeanuziKop6V9fGu01jKX7h2bjU8xz9efzRrxWZ0zoAAAAAAAAAAAAAAAAAAGCnFr/9u+bivY3RTurtrCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuFKLv/+/RWPWhI9Pz/LHDC7i9Ow/XiIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADPgX8DAAD//x0KWZ8=")
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000002d80)={0x8, 0x0, [{0x10000, 0x1000, &(0x7f0000000d80)=""/4096}, {0x0, 0x0, 0x0}, {0xf000, 0x10, &(0x7f0000000180)=""/16}, {0x1000, 0x1000, &(0x7f0000001d80)=""/4096}, {0x2, 0x64, &(0x7f0000000380)=""/100}, {0x0, 0x13, &(0x7f0000000300)=""/19}, {0x6000, 0x8d, &(0x7f0000000580)=""/141}, {0x1000, 0xac, &(0x7f0000000640)=""/172}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="240000006800b9f90000", @ANYRES8, @ANYBLOB, @ANYRES8=r1], 0x24}}, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_type(r3, &(0x7f00000001c0), 0x2, 0x0)
write$cgroup_type(r4, &(0x7f0000000280), 0x9)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000340)="be520fbd4c4474bef5de6ffb1140c72163db88ea0bd719f32bd02fb492ff10bc3bc64042bb560b80d0f2f904ff8a6362f5e2eafb566d61cd7c3dec", 0x3b, 0x400c041, &(0x7f0000000240)={0xa, 0x4e22, 0x7fffffff, @empty, 0x5}, 0x1c)
r5 = openat$cgroup_procs(r3, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f0000000c40), 0x12)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r6, 0x0, 0x0)
syz_usb_connect$hid(0x2, 0x0, 0x0, 0x0)
syz_usb_control_io$hid(r6, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="002222000000752307f7940ef7053057aeb8c2920bd2aa209083000000000b000000000b5d8c3dda9a492d55840ed4b79b7a2087c7e9035fd430d42e8fa2ec345080b0a08c5948689ef034569be90f05124b9e7c92d03cbd89af9a24242d3943ac24598ddfb36543045d6f2896861ce45b9eb63c6718fe8d144aa5baa0da96c1645b3e5bbcc4d57531bb4f362c4d52b9f4dd9bc7a7256d5c790822"], 0x0}, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r8 = openat$cgroup_ro(r7, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r8, &(0x7f0000000200)=0x1, 0x12)
r9 = openat$cgroup_procs(r2, &(0x7f0000000400)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r9, &(0x7f0000000080), 0x12)

13.91047156s ago: executing program 1 (id=1226):
bpf$MAP_CREATE(0x2000000000000013, &(0x7f0000000140), 0x48)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, 0x0, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000005c0), 0x4)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
mkdir(&(0x7f00000020c0)='./file0\x00', 0x8f)
r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
r4 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
ioctl$TCFLSH(r4, 0x540b, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x12, r4, 0x0)
r5 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ftruncate(r5, 0x8)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet(r6, &(0x7f00000019c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000008c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x2c}}}}], 0x20}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001fc0)="4efa60eef5c6c848991d3c3f70e1b7031ba0b99e62655bef88b7b13f14ae6a3ab0f8dbe4aec0c3a752ae172885c09372541a913a9febc83fe623813d0e7a82", 0x3f}], 0x1}}], 0x2, 0x48040)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, 0x0)

12.171253223s ago: executing program 2 (id=1230):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4000000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0xe5, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x0, 0x0, 0x0, 0x4, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=ANY=[@ANYBLOB="5c00000025000304000000001b00000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100766c616e000000001c0002800600010000000000100003800c000100ff00000000000000080005"], 0x5c}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r4, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000900)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @empty}}}], 0x20}}], 0x1, 0x4000804)

12.151011045s ago: executing program 1 (id=1231):
r0 = syz_usb_connect$hid(0x0, 0x49, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000000040341d0a0000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x4, 0x0, 0x401, 0x4, 0xe86, 0x1, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x9}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003580)=ANY=[], &(0x7f0000001100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0xffffffff}, 0x8}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r2}, 0x10)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000040))
add_key$fscrypt_v1(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r4, 0x8048ae66, &(0x7f0000000080)={[{0x5}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x2004cb], 0x0, 0x200})
ioctl$KVM_SET_PIT2(r4, 0x4070aea0, &(0x7f0000000240)={[{0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}]})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = syz_open_dev$usbmon(&(0x7f0000000140), 0x0, 0x0)
ioctl$MON_IOCX_GET(r6, 0x40189206, &(0x7f0000000380)={0x0, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001080)={&(0x7f0000001040)='host1x_wait_cdma\x00', r1}, 0x10)
epoll_wait(0xffffffffffffffff, 0x0, 0x0, 0x0)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0xc, {"a2e3ad21ed0d52f91b28090987f70e06d038e7ff7fc6e5539b3263078b089b0c08384d090890e0878f0e1ac6e7049b334a959b459a240a5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d076d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe2c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c63d36770243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1008892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928900d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b03000000cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c113d12a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571ebff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4804afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa34046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d789364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c220300000007b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000900000000000000000000000000000000000000000000000000000000000000000000ebffffffffffffff00", 0x1000}}, 0x12b)
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000c8d6a340ac050a038c65000000010902240001000000000904000002039d0200090509ffe700000000"], 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
socket$nl_route(0x10, 0x3, 0x0)

11.22454725s ago: executing program 2 (id=1234):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, 0x0)

10.084929714s ago: executing program 2 (id=1237):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000006100)='cmdline\x00')
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
sendmsg$netlink(r5, &(0x7f0000000a00)={&(0x7f00000001c0)=@proc={0x10, 0x0, 0x25dfdbfb, 0x100}, 0xc, &(0x7f0000000580)=[{&(0x7f0000006140)={0x24, 0x1f, 0x2, 0x70bd2c, 0x25dfdbff, "", [@nested={0x14, 0xea, 0x0, 0x1, [@typed={0x8, 0xe7, 0x0, 0x0, @uid}, @typed={0x8, 0x41, 0x0, 0x0, @uid}, @generic]}]}, 0x24}, {&(0x7f0000000700)={0x40, 0x32, 0x100, 0x70bd29, 0x25dfdbfc, "", [@nested={0x1f, 0x12e, 0x0, 0x1, [@generic, @typed={0x8, 0x14c, 0x0, 0x0, @pid}, @generic="2aa79f93cb22a7475bd8c04fca11666b63bfd9"]}, @nested={0xd, 0x140, 0x0, 0x1, [@generic='s', @generic, @typed={0x6, 0x87, 0x0, 0x0, @str='&\x00'}]}]}, 0x40}], 0x2, &(0x7f0000000980)=[@rights={{0x10}}, @cred={{0x1c, 0x1, 0x2, {r0}}}], 0x30, 0x48001}, 0xfd19db16d01b618c)
mkdir(0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000100)={0x1f, 0xffff}, 0x6)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r8, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r7, 0x400448e0, &(0x7f00000003c0))
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002640)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000001640)='G', 0x1}, {&(0x7f00000004c0)="bc62f93c203627203648f402b45412c35f0b1c169eaae0acb1e6da813b97b0ea235187db216ed2dabab345e139289ffc92c6c6e1f7af47ac603bbce44f2b25e34ca761e0706b72b8e87093", 0x4b}, {&(0x7f0000000c00)}], 0x3}}, {{&(0x7f00000006c0)={0xa, 0x4e24, 0x7, @mcast2}, 0x1c, 0x0}}, {{&(0x7f0000000bc0)={0xa, 0x0, 0x0, @local, 0x3f}, 0x1c, 0x0, 0x0, &(0x7f0000000f00)=ANY=[], 0x178}}, {{&(0x7f0000001080)={0xa, 0x4e23, 0x40, @local, 0x3}, 0x1c, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000005ac0)=[{&(0x7f00000059c0)="0a96035f3592b4a1e5ea10b3282c3fec432100a7e1d05b0133e57e6519", 0x1d}, {0x0}], 0x2}}], 0x6, 0x41)

8.638583882s ago: executing program 1 (id=1241):
bpf$MAP_CREATE(0x0, 0x0, 0xfffffffffffffdc2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="180000", @ANYRES64], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x93}, 0x90)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000180)={&(0x7f00005c0000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000340)=""/173, 0x69, 0x1, &(0x7f0000000040)=""/6, 0x6}, &(0x7f00000001c0)=0x40)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x5)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, &(0x7f00000003c0)=ANY=[], 0x1e, 0x1517, &(0x7f0000003040)="$eJzs3AucjtXaMPDrWmvdjGnS0ySHYa113TxpsAxJckiSQ5IkW5KcEkKTJAmJcZY0JCHHSXIYQnKYhjTO50POSZI0SRISkqzvN3vbX3vv9vv69vf2fd53z/X//e7fs67nfq71XGuueZ7nvu/5PfNdj1F1mtWt2YSI4L8E/3KTAgAxADAMAG4AgAAAKsZXjM/Zn09iyn/tSdgf65H0a10Bu5a4/7kb9z934/7nbtz/3I37n7tx/3M37n/uxv1nLDfbMafIjbzl3o2v/+dm/Pn/byS77OSvNpW9uee/kML9z924/7kb9z934/7nbtz/3I37n7tx/3M37j9judl/eG2YrnbtmP928O+wXevfP8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjucMF/xsFAH8dX+u6GGOMMcYYY4wx9sfxea91BYwxxhhjjDHGGPt/D0GABAUB5IG8EAP5IBaugzi4HvLDDRCBGyEeboICcDMUhEJQGIpAAhSFYqDBgAWCEIpDCYjCLVASboVEKAWloQw4KAtJUA7Kw21QAW6HinAHVII7oTJUgapQDe6C6nA31IB7oCbcC7WgNtSBunAf1IP7oT48AA3gQWgID0EjeBgaw5+gCTwCTeFRaAaPQXN4HFpAS2gFraHN/1X+S9AHXoa+0A9SoD8MgIEwCAbDEBgKw+AVGA6vwgh4DVJhJIyC12E0vAFj4E0YC+NgPLwFE2AiTILJMAWmQhq8DdPgHZgO78IMmAmzYDakwxyYC+/BPJgPC+B9WAgfwCJYDEtgKWTAh5AJy2A5fAQr4GPIgpWwClbDGlgL62A9bICNsAk2wxbYCttgO+yAT2An7ILdsAf2wj7YD5/CAfgMDsLncAi++Bfzz/9Dfk8EBBQoUKHCPJgHYzAGYzEW4zAO82N+jGAE4zEeC2ABLIgFsTAWxgRMwGJYDA0aJCQsjsUxilEsiSUxEROxNJZGhw6TMAnL421YAStgRayIlbASVsYqWAWrYTWsjtWxBtbAmlgTa2EtrIN18D68D+/H+lgfG2ADbIgNsRE2wsbYGJtgE2yKTbEZNsPm2BxbYAtsha2wDbbBttgW22E77IAdsCN2xM7YGZMxGbtgF+yKXbEbdsPu2B17YA/sib2wF76EL+HL+DL2w1qiPw7AATgIB+EQHIpD8RUcjq/iq/gapuJIHIWv4+v4Bo7BczgWx+F4HI/VxUSchJORxFRMwzSchtNwOk7HGTgTZ+JsTMc5OBfn4jycj/PxfVyIH+AHuBgX41LMwAzMxGWY58qrLwtX4ipcjWtwLa7B9bgB1+Mm3IybcCtuxe24HT/BT3AX7sI9uAf3oQLAT/Ez/AxT8RAewsN4GI/gETyKRzEbs/EYHsPjeBxP4Ak8iSfxFJ7GM3gaz+JZPIfn8QJewIt4ES/hCwnfNN1XamMqiBxKKJFH5BExIkbEilgRJ+JEfpFfRERExIt4UUAUEAVFQVFYFBYJIkEUE8WEEUaQCEVxUVxERVSUFCVFokgUpUVp4YQTSSJJlBflRQVRQVQUd4hK4k5RWVQR7V01UU1UFx1cDXGPqClqilqitqgj6oq6op6oJ+qL+qKBaCAaioaikXhYNBb9cQg+InI600yMxOZiFLYQLUUr0Vq8gU+ItmIMthPtRQfxlBiHY7GzaOuSxTOii5iEXcVzYjI+L7qLqdhDvCh6il6it3hJ9BHtXF/RT8zA/mKAmI2DxGAxRAwV87C2yOlYHfGaSBUjxSjxuliKb4gx4k0xVowT48VbYoKYKCaJyWKKmCrSxNtimnhHTBfvihlippglZot0MUfMFe+JeWK+WCDeFwvFB2KRWCyWiKUiQ3woMsUysVx8JFaIj0WWWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie1ih/hE7BS7xG6xR+wV+8R+8ak4ID4TB8Xn4pD4QhwWX4oj4itxVHwtssU34pj4VhwX34kT4ntxUvwgTonT4oz4UZwVP4lz4ry4IH4WF8Uv4pL4VVwWXoBEKaSUSgYyj8wrY2Q+GSuvk3Hyeplf3iAj8kYZL2+SBeTNsqAsJAvLIjJBFpXFpJZGWkkylMVlCRmVt8iS8laZKEvJ0rKMdLKsTJLlZHl5m6wgb5cV5R2ykrxTVpZVZFVZTd4lq8u7ZQ15j6wp75W1ZG1ZR9aV98l68n5ZXz4gG8gHZUP5kGwkH5aN5Z9kE/mIbCoflc3kY7K5fFy2kC1lK9latpFPyLbySdlOtpcd5FOyo+wkO8unZbJ8RnaRz8qu8jnZTT4vu8sXZA/5ouwpe8ne8ld5WXrZV/aTKbK/HCAHykFysBwih8ph8hU5XL4qR8jXZKocKUfJ1+Vo+YYcI9+UY+U4OV6+JSfIiXKSnCynyKkyTb4tp8l35HT5rpwhZ8pZcrZMl3PkkCszLfg/yH/nn+SP+POzb5c75Cdyp9wld8s9cq/cJ/fL/fKAPCAPyoPykDwkD8vD8og8Io/KozJbZstj8pg8Lo/LE/KEPClPylPytPxZ/ijPyp/kOXlenpc/y4vyorx05WcACpVQUikVqDwqr4pR+VSsuk7FqetVfnWDiqgbVby6SRVQN6uCqpAqrIqoBFVUFVNaGWUVqVAVVyVUVN2CV97SVGlVRjlVViWpcv9KviqpblWJqtTf5V+tvjaqjWqr2qp2qp3qoDqojqqj6qw6q2SVrLqoLqqr6qq6qW6qu+queqgeqqfqqXqr3qqP6qP6qr4qRaWoAWqgGqQGqyFqqBqmXlHD1XA1Qo1QqSpVjVKj1Gg1Wo1RY9RYNVaNV+PVBDVBTVKT1BQ1RaWpNDVNTVPT1XQ1Q81Qs9Qsla7S1Vw1V81T89QCtUAtVAvVIrVILVFLVIbKUJkqUy1Xy9UKtUJlqZVqpVqtVqu1aq1ar9arjWqj2qw2q61qq8pSO9QOtVPtVLvVbrVX7VX71X51QB1QB9VBdUgdUofVYXVEHVFH1VGVrbLVMXVMHVfH1Ql1Qp1UJ9UpdUqdUWfUWXVWnVPn1AV1QV1UF9UldUldVpdzDvsCEYhABSrIE+QJYoKYIDaIDeKCuCB/kD+IBJEgPogPCgQ3BwWDQkHhoEiQEBQNigU6MIENKAiD4kGJIBrcEpQMbg0Sg1JB6aBM4IKyQVJQLigf3BZUCG4PKgZ3BJWCO4PKQZWgalAtuCuoHtwd1AjuCWoG9wa1gtpBnaBucF9QL7g/qB88EDQIHgwaBg8FjYKHg8bBn4ImwSNB0+DRoFnwWNA8eDxoEbQMWgWtgzZ/6Pzenyv0pOur++kU3V8P0AP1ID1YD9FD9TD9ih6uX9Uj9Gs6VY/Uo/TrerR+Q4/Rb+qxepwer9/SE/REPUlP1lP0VJ2m39bT9Dt6un5Xz9Az9Sw9W6frOXqufk/P0/P1Av2+Xqg/0Iv0Yr1EL9UZ+kOdqZfp5fojvUJ/rLP0Sr1Kr9Zr9Fq9Tq/XG/RGvUlv1lv0Vr1Nb9c79Cd6p96ld+s9eq/ep/frT/UB/Zk+qD/Xh/QX+rD+Uh/RX+mj+mudrb/Rx/S3+rj+Tp/Q3+uT+gd9Sp/WZ/SP+qz+SZ/T5/UF/bO+qH/Rl/Sv+rL2OQf3OR/vRhll8pg8JsbEmFgTa+JMnMlv8puIiZh4E28KmAKmoCloCpvCJsEkmGKmmMlBhkxxU9xETdSUNCVNokk0pU1p44wzSSbJlDflTQVTwVQ0FU0lU8lUNpVNVVPV3GXuMnebu8095h5zr7nX1Da1TV1T19Qz9Ux9U980MA1MQ9PQNDKNTGPT2DQxTUxT09Q0M81Mc9PctDAtTCvTyrQxbUxb09a0M+1MB9PBdDQdTWfT2SSbZNPFdDFdTVfTzXQz3U1308P0MD1NT9Pb9DZ9TB/T1/Q1KSbFDDADzCAzyAwxQ8wwM8wMN8PNCDPCpJpUM8qMMqPNaDPGjDFjzTgz3rxlJpiJZpKZbKaYqSbNpJlpZpqZbqabGWaGmWVmmXSTbuaauWaemWcWmAVmoVloFplFZolZYjJMhsk0mWa5WW5WmBUmy2SZVWaVWWPWmHVmndlgNphNZpPZYraYbWab2WF2mJ1mp9ltdpu9Zq/Zb/abA+aAOWgOmkPmkDlsDnsEMEfNUZNtss0xc8wcN8fNCXPCnDQnzSlzypwxZ8xZc9acM+fMBXPBXDS/mEvmV3PZeBNj89lYe52Ns9fb/PYG+49xYVvEJtiitpjVtqAt9HexsdYm2lK29F9PMW05mxiTc1vGOlvWJtlytrKtYqvaavYuW93ebWv8Lq5n77f17QO2gX3Q1rX3/V3c0D5kG9nHbGP7uG1iW9qmtrVtZh+zze3jtoVtaVvZ1raj7WQ726dtsn3GdrHP/i7OtMvsBrvRbrKb7QH7mb1gf7bH7Xf2ov3F9rX97DD7ih1uX7Uj7Gs21Y78XTzevmUn2Il2kp1sp9ipv4tn2dk23c6xc+17dp6d/7s4w35oF9rldpFdbJfYpX+Oc2pabj+yK+zHNsuutKvsarvGrrXr7Pr/Xetqu9Vus9vtfvup3Wl32d12j91r9/05zlnHQfu5PWS/sMfst/aI/coetSdstv3mz3HO+k7Y7+1J+4M9ZU/bM/ZHe9b+ZM/Z8znr9zlr/9H+ai9bb4GQBElSFFAeyksxlI9i6TqKo+spP91AEbqR4ukmKkA3U0EqRIWpCCVQUSpGmgxZIgqpOJWgKN1CJelWSqRSVJrKkKOylETlqDzdRhXodqpId1AlupMqUxWqStXoLqpOd1MNuodq0r1Ui2pTHapL91E9up/q0wPUgB6khvQQNaKHqTH9iZrQI9SUHqVm9Bg1p8epBbWkVtSa2tAT1JaepHbUnjrQU9SROlFnepqS6RnqQs9SV3qOutHz1J1eoB70IvWkXtSbXqI+9DL1pX6UQv1pAA2kQTSYhtBQGkav0HB6lUbQa5RKI2kUvU6j6Q0aQ2/SWBpH4+ktmkATaRJNpik0ldLobZpG79B0epdm0EyaRbMpnebQXHqP5tF8WkDv00L6gBbRYlpCSymDPqRMWkbL6SNaQR9TFq2kVbSa1tBaWkfraQNtpE20mbbQVtpG22kHfUI7aRftpj20l/bRfvqUDlC+Ky+4L+gwfUlH6Cs6Sl9TNn1Dx+hbOk7f0Qn6nk7SD3SKTtMZ+pHO0k90js7TBfqZLtIvdIl+pcvkCUIMRShDFQZhnjBvGBPmC2PD68K48Powf3hDGAlvDOPDm8IC4c1hwbBQWDgsEiaERcNioQ5NaEMKw7B4WCKMhreEJcNbw8SwVFg6LBO6sGyYFJYLy4e3hRXC28OK4R1hpfDOsHJYJXzswWrhXWH18O6wRnhPWDO8N6wV1g7rhHXD+8J64f1h/fCBsEH4YFghfChsFD4cwpXvqzQNHw2bhY+FzcPHwxZhy7BV2DpsEz4Rtg2fDNuF7cMO4VNhx7BT2Dl8OkwOnwm7hM9edX9K2D8cEA4MB4bePyCXRJdGM6IfRjOjy6LLox9FV0Q/jmZFV0ZXRVdH10TXRtdF10c3RDdGN0U3R7dEt0a3RbdHva+bFxw64aRTLnB5XF4X4/K5WHedi3PXu/zuBhdxN7p4d5Mr4G52BV0hV9gVcQmuqCvmtDPOOnKhK+5KuKi7xZV0t7pEV8qVdmWcc2VdkmvtENq4tu5J1861dx3cU+4p18l1ck+7p90zrot71nV1z7lu7nnX3b3gXnAvup6ul+vtXnJ93Muur+vnUlyKG+AGuEFukBvihrhhbpgb7oa7EW6ES3WpbpQb5Ua70W6MG+PGurFuvBvvJrgJbpKb5Ka4KS7Npblpbpqb7qa7AABmuVku3aW7uW6um+fmuQVugVuYuNAtcovcErfEZbgMl+ky3XK33K1wK1yWy3Kr3Cq3xq1x69w6t8FtcJvcJrfFbXHb3Da3w+1wO91Ot9vtdnvdXrff7XcH3AF30B10h9whd9gddkfcEXfUfe2y3TfumPvWHXffuRPue3fS/eBOudPujPvRnXU/uXPuvLvgfnYX3S/ukvvVXXbepUXejkyLvBOZHnk3MiMyMzIrMjuSHpkTmRt5LzIvMj+yIPJ+ZGHkg8iiyOLIksjSSEbkw0hmZFlkeeSjyIrIx5GsyMrIqsjqyJrIWgW+6M7QF/clfNTf4kv6W32iL+VL+zLe+bI+yZfz5f1tvoK/3Vf0d/hK/k5f2VfxVf3jvoVv6Vv51r6Nf8K39U/6dr697+Cf8h19J9/ZP+2T/TO+i3/Wd/XP+W7+ed/dv+B7+Bd9T9/L9/Yv+T7+Zd/X9/Mpvr8f4Af6QX6wH+KH+mH+FT/cv+pH+Nd8qh/pR/nX/Wj/hh/j3/Rj/Tg/3r/lJ/iJfpKf7Kf4qT7Nv+2n+Xf8dP+un+Fn+ll+tk/3c/xc/56f5+f7Bf59v9B/4Bf5xX6JX+oz/Ic+0y/zy/1HfoX/2Gf5lX6VX+3X+LV+nV/vN/iNfpPf7Lf4rX6b3+53+E/8Tr/L7/Z7/F6/z+/3n/oD/jN/0H/uD/kv/GH/pT/iv/JH/dc+23/jj/lv/XH/nT/hv/cn/Q/+lD/tz/gf/Vn/kz/nz/sL/md/0f/iL/lf/eV/8Ttrtf+oy+eMMcYYY//DDLzK/v7/5D4FAOLK+Bfv/fW7imT/7X4JAFsK/mU8WCR0jADAM/16PPLXrVatlJSUK4/NkhCUWAwAkX94givxSugAnSAZ2kP5f1rfYNHrIl1l/ugdALF/kxMDv8W/zf/lfzD/E0+Nz6wUXoj/T+ZfDJBY4recnLPwv8YroUPOaqA9VPin8ydAobZXqT/fV2kA7f4mJw4A2uX7x/qT4El4FpL/7pGMMcYYY4wxxthfDBZVu13t/Dnn/DxB/ZaTF36Lr3Z+zhhjjDHGGGOMsWvv+V69n34iObl9t1wxIPhvUQYPePDfYtDpP3nMtX5nYowxxhhjjP3Rfjvo/+2+fNeyIMYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjLBf6//Gfxq71GhljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLFr7X8FAAD//7JbMiI=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f00000005c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @mcast1}})

8.198607719s ago: executing program 0 (id=1242):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2000000, &(0x7f0000000240), 0x21, 0x4a6, &(0x7f0000000a40)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48)
r1 = open(0x0, 0x64842, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@bloom_filter={0x1e, 0x0, 0x101}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x40f00, 0x2}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000001}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x90)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000a00)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x4}, {0x0, [0x61, 0x5f, 0x61, 0x0]}}, 0x0, 0x1c, 0x0, 0x400, 0xffffffff}, 0x2c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r5 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r5, 0x0, 0x0, 0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000040)='./bus\x00', 0x940005ba)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x70600}], 0x1, 0x62000, 0x0, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(r1, &(0x7f0000000200)='blkio.bfq.dequeue\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0xc80e, &(0x7f00000000c0)=ANY=[], 0x1, 0x2fa, &(0x7f0000000f00)="$eJzs3M9LK1cUwPGTGDVGNFmUQluKh3bTbgZN94VQFEoDLdaU/oDCaCZtyDQJmZCSUmq66rb/RoNLd0Jr/wA33XX1No+3cfPgbQTfe/NIZvIc46gxamLI9wNyT3LvceZyo5wZMvf46z9/KhUco2DWJRpXiYq0xBWRThQUkYjXzHmv417Tkg8Xn/3/ropIJptd31TdyGx9lFbV5ZW/f/51773D+uJX+8sH83KU+v74afrx0ZtHbx2/3Pqx6GjR0XKlrqZuVx7VzW3b0nzRKRmqX9iW6VhaLDtWzeuv1P3DSrXaVLOcX0pUa5bj6KnruiWrqfWK1mtNNX8wi2U1DEOXEjI9Tla6TfWmebn25qaZGfKgO0Pm4c4dXtlbq/X+eP51z/fk2vd3TgAA4KEKrf9PRFKB+j/it9Fg/e9rSatT/3/5zbefDVD/H8yF1v+da4nr6v9uf8Gu9NX/Zrmp1P8DiV98K9eeGb7+x4SoLYi09wJX9L9/t7faDaj/AQAAAAAAAAAAAAAAAAAAAACYBCeum3RdN9lpo+LFnZ95/4GR3utxnyfuR3D9vbWOdVad9Z8SgQf34iL2H41cI+e1Xn+mIEWxxZJVScrz7ufB58Ubn2bXI6raUE3JP/aun7/byM2cz1+TpKTC89fUcz5/VhLB/LQk5Y3w/HRo/px88H4g35Ck/LcjFbEl3/1cn+X/tqb6yefZvvwFyYc8MQcAAAAAwCQy9LXQ63fDuKzfyx/k/sBq6PV5TN6OjXfuAAAAAABMC6f5S8m0bat2bfCXn3Ht4Cf+wIF/822DWX8WrnvZGIndZKZnQWSorFsGvW8dXDm4tyfzzQ/h357ZHfm8JjWI9a1F4tLByzP+qgx8iHl/V+bOOy/cvjEf779zOqqZXjznkf4bAgAAADACZ0X/uM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDpdeXGYLN3s8HYuOcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBSvAgAA///SHxpf")

8.156029392s ago: executing program 4 (id=1243):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'macsec0\x00', 0x8001})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000002180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8923, &(0x7f0000000800)={'pim6reg1\x00', @link_local={0x1, 0x36}})
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000280), 0xf0100, 0x0)
r6 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0)
fstat(r6, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, <r7=>0x0, <r8=>0x0})
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file1\x00', 0x4, &(0x7f0000000280)=ANY=[@ANYRES32=r8, @ANYBLOB="091e21b81dfc6fb0feb157135f914b110011504efbf790845429946409a9244bffb818fbbc5ead98aeff6a5549e74cef0600", @ANYRESOCT, @ANYRES16=r7, @ANYRESHEX=r6, @ANYRES16, @ANYRESOCT=r7, @ANYRES64], 0x2, 0x1d8, &(0x7f0000000840)="$eJzsmb/L00AYx793SdNaRHFxcHGwYEWbJqlKlw4VHAWhFXUsNpZq2koboS0IFhcXRwfB1X/AwaGTg5ubqw4qCA52dI7kck3Oxhb7/oDC+3zgvXzv7rnnnruXfjMEBEEcWb5/+/31xbVq8xKA4yggK8d/akkMV+K/vHp88WXt+uu3n9986J94Ml/NxwAEwf/vbwB4X9eApydFPwj+Xl2QzyZ4rG+B44LUt8FgLmsNktUuGO7K4QeKHhyTwnPNewOvfb/ruVbY2GHjhE1F3V8HsJgxtAHk5BZMmR9Npg9bHjCMhOcuRSZY7pOa2lZsuj9RX52jplxB+P+68/zZLOybctxS7s8Ghy11BQwNqavIwjTN5EqU85/Rk/xa6vwHcMjDEKdKO1EGid0SbHUk/EHHI6cX84/pVT92pfg9CGFcAFJTn/Ked2MfmQ1pAv+MSfyJ6cB5xZ906LF/lP3eo/JoMi11e62O23H7jlO5al22rCtOWRhR1G7wv5zwp7ySP7Mm1mAGxi3fH9pjwB/acd+JWsVxG+8Gv8QaLvyPo3guysHkOyt+Ua7A5B8Xz1AVtbXFEwRBEARBEARBEARBEARBbMVZsOhDWPShKliDc1NE/wkAAP//X9JszA==")
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x5, 0x100000, 0x1, 0x28, r5, 0x54, '\x00', 0x0, r6, 0x2, 0x2, 0x5, 0xb}, 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r10}, 0x10)
r11 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r11, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
sendto$inet6(r11, &(0x7f00000002c0), 0x0, 0xc001, 0x0, 0x0)
setsockopt$inet6_udp_int(r11, 0x11, 0x1, &(0x7f0000000080), 0x4)

7.300552112s ago: executing program 1 (id=1245):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x2006}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000001000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008180000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x9, 0x40, 0x6, 0x8}, 0x48)
close(r5)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2}, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x69, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="b8000000190001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f5"], 0xb8}}, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
setsockopt$sock_int(r6, 0x1, 0x28, &(0x7f0000000000)=0x101, 0x4)
readv(r6, &(0x7f00000006c0)=[{&(0x7f0000001900)=""/4096, 0x1000}], 0x1)

5.832291732s ago: executing program 1 (id=1246):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_usb_connect$uac1(0x2, 0xa6, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x94, 0x3, 0x1, 0xc, 0x60, 0x40, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x0, 0xb1}, [@input_terminal={0xc, 0x24, 0x2, 0x0, 0x205, 0x0, 0x0, 0x0, 0x0, 0x2}, @input_terminal={0xc, 0x24, 0x2, 0x0, 0x0, 0xfe}, @processing_unit={0xd, 0x24, 0x7, 0x0, 0x0, 0x0, "4336d88b1a56"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x40, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_ii_discrete={0x9, 0x24, 0x2, 0x2, 0x0, 0x2, 0x2}, @as_header={0x7, 0x24, 0x1, 0xfe}]}, {{0x9, 0x5, 0x82, 0x9, 0x20, 0xfc, 0x0, 0xb, {0x7, 0x25, 0x1, 0x2}}}}}}}]}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000"], 0x128}, 0x0)
recvmsg$unix(r0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x408, 0xcd, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)

5.829916233s ago: executing program 4 (id=1247):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2000000, &(0x7f0000000240), 0x21, 0x4a6, &(0x7f0000000a40)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
r2 = inotify_init1(0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@bloom_filter={0x1e, 0x0, 0x101}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x40f00, 0x2}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000001}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x90)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000a00)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x4}, {0x0, [0x61, 0x5f, 0x61, 0x0]}}, 0x0, 0x1c, 0x0, 0x400, 0xffffffff}, 0x2c)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
mknodat$loop(0xffffffffffffffff, 0x0, 0x0, 0x0)
inotify_add_watch(r2, &(0x7f0000000040)='./bus\x00', 0x940005ba)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x70600}], 0x1, 0x62000, 0x0, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0xc80e, &(0x7f00000000c0)=ANY=[], 0x1, 0x2fa, &(0x7f0000000f00)="$eJzs3M9LK1cUwPGTGDVGNFmUQluKh3bTbgZN94VQFEoDLdaU/oDCaCZtyDQJmZCSUmq66rb/RoNLd0Jr/wA33XX1No+3cfPgbQTfe/NIZvIc46gxamLI9wNyT3LvceZyo5wZMvf46z9/KhUco2DWJRpXiYq0xBWRThQUkYjXzHmv417Tkg8Xn/3/ropIJptd31TdyGx9lFbV5ZW/f/51773D+uJX+8sH83KU+v74afrx0ZtHbx2/3Pqx6GjR0XKlrqZuVx7VzW3b0nzRKRmqX9iW6VhaLDtWzeuv1P3DSrXaVLOcX0pUa5bj6KnruiWrqfWK1mtNNX8wi2U1DEOXEjI9Tla6TfWmebn25qaZGfKgO0Pm4c4dXtlbq/X+eP51z/fk2vd3TgAA4KEKrf9PRFKB+j/it9Fg/e9rSatT/3/5zbefDVD/H8yF1v+da4nr6v9uf8Gu9NX/Zrmp1P8DiV98K9eeGb7+x4SoLYi09wJX9L9/t7faDaj/AQAAAAAAAAAAAAAAAAAAAACYBCeum3RdN9lpo+LFnZ95/4GR3utxnyfuR3D9vbWOdVad9Z8SgQf34iL2H41cI+e1Xn+mIEWxxZJVScrz7ufB58Ubn2bXI6raUE3JP/aun7/byM2cz1+TpKTC89fUcz5/VhLB/LQk5Y3w/HRo/px88H4g35Ck/LcjFbEl3/1cn+X/tqb6yefZvvwFyYc8MQcAAAAAwCQy9LXQ63fDuKzfyx/k/sBq6PV5TN6OjXfuAAAAAABMC6f5S8m0bat2bfCXn3Ht4Cf+wIF/822DWX8WrnvZGIndZKZnQWSorFsGvW8dXDm4tyfzzQ/h357ZHfm8JjWI9a1F4tLByzP+qgx8iHl/V+bOOy/cvjEf779zOqqZXjznkf4bAgAAADACZ0X/uM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDpdeXGYLN3s8HYuOcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBSvAgAA///SHxpf")

5.710662032s ago: executing program 0 (id=1248):
r0 = syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x10, &(0x7f00000014c0), 0x1, 0x793, &(0x7f0000001700)="$eJzs3c1rXFUbAPDnTpKmb9r3TV4QbF0FBA2UTkyNrYKLigsRLBR0bTtMpqFmkimZSWlCoBYR3AhaXAi66dqPunPrx1b/Bd2ISEvVtFhxISN3PjqTZiadtvloze8Htz3n3jM595l77zln5h7mBrBjjab/ZCL2R8R7ScRwY30SEQO1VH/E0Xq5myvL+XRJolp99bekVubGynI+2l6T2tPI7IuIb96OOJBZW295cWkmVywW5hv58crsmfHy4tLB07O56cJ0Ye7wxOTkoSPPHBncuFj/+H5p79X3X3ry86N/vfXo5Xe/TeJo7G1sa49jo4zGaOM9GUjfwlVe3OjKtlmy3TvAPUkvzb76VR77Yzj6aqne9F4SAHiQnI+IKgCwwyT6fwDYYZrfA9xYWc6nS/X89n4fsdWuvRARu+vxN+9v1rf0N+7Z7a7dBx26kay635FExMgG1D8aER9/+fqn6RKbdB8SoJM3L0TEyZHRZvvfan+SNXMW6nqfkPFUD2VGb8tr/2DrfJWOf55tjf9a11/m1vgnOox/Bjtcu/diNGJXe37t9Z+5sgHVdJWO/54faM1tu9kWf8NIXyP339qYbyA5dbpYSNu2/0XEWAwMpvmJdeoYu/739VUr+lrJ9vHf7xff+CStP/2/VSJzpf+2JncqV8ndb9xN1y5EPNbfKf7k1vFPuox/j/dYx8vPvfNRt21p/Gm8zWV1/Js/q6x6KeKJ6Bx/U7Le/MTD47XTYbx5UnTwxU8fDnWrv/34p0taf/OzwFZIj//Q+vGPJO3zNct3X8d3l4a/7rbtzvF3Pv93Ja/V0s3G41yuUpmfiNiVvLJ2/aHWa5v5Zvk0/rHHO1//653/6WfCkz3G33/118/uPf7NlcY/dVfH/+4Tl2/O9HWrv7fjP1lLjTXW9NL+9bqD9/PeAQAAAAAAAAAAAAAAAAAAAAAAAECvMhGxN5JM9lY6k8lm68/wfiSGMsVSuXLgVGlhbipqz8oeiYFM86cuh9t+D3Wi8Xv4zfyh2/JPR8T/I+KDwf/U8tl8qTi13cEDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMOeLs//T/0yuN17BwBsmt13LHG9sCU7AgBsmTv3/wDAv43+HwB2Hv0/AOw8+n8A2Hn0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGyy48eOpUv1z5XlfJqfOru4MFM6e3CqUJ7Jzi7ks/nS/JnsdKk0XSxk86XZtpf+0OnvFUulM5Mxt3BuvFIoV8bLi0snZksLc5UTp2dz04UThYEtiwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeldeXJrJFYuFeYmHJVEdrh+6B2V/Nj/x88Ef961X5qLTeOMT290yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwc/gkAAP//skMoxA==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = open(&(0x7f0000007fc0)='./bus\x00', 0x60142, 0x0)
r5 = open(&(0x7f0000000380)='./file1\x00', 0x42042, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000001740)={0x9c02, <r6=>0x0}, 0x8)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYRESOCT=r6], &(0x7f0000000180)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00}, 0x90)
openat$full(0xffffffffffffff9c, &(0x7f0000001780), 0x20100, 0x0)
r8 = socket(0x10, 0x80002, 0x4)
sendmsg$nl_route_sched(r8, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000006c0)=@newtaction={0x70, 0x13, 0x53b, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_sample={0x58, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0xe80}}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x11}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0)
r9 = socket(0x10, 0x80002, 0x4)
setsockopt$CAN_RAW_FILTER(r4, 0x65, 0x1, &(0x7f0000000200)=[{{0x0, 0x1, 0x0, 0x1}, {0x4, 0x0, 0x1}}, {{0x4, 0x1, 0x0, 0x1}, {0x1, 0x1, 0x1, 0x1}}, {{0x0, 0x1, 0x0, 0x1}, {0x4, 0x0, 0x1, 0x1}}], 0x18)
sendmsg$nl_route_sched(r9, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000600), 0x70}}, 0x0)
sendmmsg$unix(r3, &(0x7f00000003c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000012c0)=ANY=[@ANYBLOB="28000000000000000100000001000000b5376e51ab324160b1445009bfc3f82936bb8364a6e2f1156c4edfa76c8fd8a62c975d37d61c58094e0f4f8a9c48d4e621360d15ca9ab3e8ffa4ab41ed51e8cda603426f09bdeed81216d158e19abc17785c9854077c81c9", @ANYRESHEX=r4, @ANYRES32=r5, @ANYRES32, @ANYRES32=r4, @ANYRES32, @ANYRES32=<r10=>0xffffffffffffffff, @ANYRESHEX=r7, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32, @ANYRES32=0xee00, @ANYRES16, @ANYBLOB="000000001c000000000000fa", @ANYRESHEX, @ANYBLOB="00000000280000000100cc8d26e9ce24e5c36be347000001000000", @ANYRESOCT=r1, @ANYRES32=r8, @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYRES32=r9], 0xa8, 0x40040}}], 0x1, 0x4000)
r11 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/kernel/fscaps', 0x200, 0x54)
r12 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r12, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c0000001200010000000000000000000a000000000000000101000004000000000000000000000000000000001d0346a7c0f7fafa62090100000000000080000000", @ANYRES32=0x0, @ANYBLOB="01000000fcffffff0000000000000000"], 0x4c}}, 0x0)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r4, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000040)={&(0x7f0000001240)=ANY=[@ANYBLOB, @ANYRES8=r10, @ANYRES32=0x0, @ANYBLOB="0c00990004000000580000000800010057000000080001002e0000000800db00", @ANYRES32=r11], 0x48}, 0x1, 0x0, 0x0, 0x4001}, 0x11)
ioctl$sock_SIOCSIFBR(r8, 0x8941, &(0x7f0000000680)=@add_del={0x2, &(0x7f00000001c0)='syzkaller1\x00'})
ftruncate(r5, 0x2007ffb)
sendfile(r4, r5, 0x0, 0x1000000211005)

5.691302724s ago: executing program 3 (id=1249):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'macsec0\x00', 0x8001})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000002180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8923, &(0x7f0000000800)={'pim6reg1\x00', @link_local={0x1, 0x36}})
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000280), 0xf0100, 0x0)
r6 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0)
fstat(r6, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, <r7=>0x0, <r8=>0x0})
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file1\x00', 0x4, &(0x7f0000000280)=ANY=[@ANYRES32=r8, @ANYBLOB="091e21b81dfc6fb0feb157135f914b110011504efbf790845429946409a9244bffb818fbbc5ead98aeff6a5549e74cef0600", @ANYRESOCT, @ANYRES16=r7, @ANYRESHEX=r6, @ANYRES16, @ANYRESOCT=r7, @ANYRES64], 0x2, 0x1d8, &(0x7f0000000840)="$eJzsmb/L00AYx793SdNaRHFxcHGwYEWbJqlKlw4VHAWhFXUsNpZq2koboS0IFhcXRwfB1X/AwaGTg5ubqw4qCA52dI7kck3Oxhb7/oDC+3zgvXzv7rnnnruXfjMEBEEcWb5/+/31xbVq8xKA4yggK8d/akkMV+K/vHp88WXt+uu3n9986J94Ml/NxwAEwf/vbwB4X9eApydFPwj+Xl2QzyZ4rG+B44LUt8FgLmsNktUuGO7K4QeKHhyTwnPNewOvfb/ruVbY2GHjhE1F3V8HsJgxtAHk5BZMmR9Npg9bHjCMhOcuRSZY7pOa2lZsuj9RX52jplxB+P+68/zZLOybctxS7s8Ghy11BQwNqavIwjTN5EqU85/Rk/xa6vwHcMjDEKdKO1EGid0SbHUk/EHHI6cX84/pVT92pfg9CGFcAFJTn/Ked2MfmQ1pAv+MSfyJ6cB5xZ906LF/lP3eo/JoMi11e62O23H7jlO5al22rCtOWRhR1G7wv5zwp7ySP7Mm1mAGxi3fH9pjwB/acd+JWsVxG+8Gv8QaLvyPo3guysHkOyt+Ua7A5B8Xz1AVtbXFEwRBEARBEARBEARBEARBbMVZsOhDWPShKliDc1NE/wkAAP//X9JszA==")
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x5, 0x100000, 0x1, 0x28, r5, 0x54, '\x00', 0x0, r6, 0x2, 0x2, 0x5, 0xb}, 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r10}, 0x10)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
r11 = socket$inet6(0xa, 0x80002, 0x0)
llistxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180)=""/115, 0x73)
connect$inet6(r11, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
sendto$inet6(r11, &(0x7f00000002c0)="c7cfcaaa22e10542fca5c0195350f15147657e0bfc59d383a47190db88690e6fedc3040ab5809ae02a54cd429cc3338c5afa0c9dce3f91950d1f567f358ac21154159130e88cbb6c43197813b2f23f3e442f80877490b393408142ebcfea6821f543e5ee9e27032e2b75d78f1b79f5a6bb6f0645e267770ef7e8f3a92148091217450ce8581e54223eeb6486205a209bf1fe85", 0x93, 0xc001, 0x0, 0x0)
setsockopt$inet6_udp_int(r11, 0x11, 0x1, &(0x7f0000000080), 0x4)

3.719612036s ago: executing program 3 (id=1250):
bpf$MAP_CREATE(0x0, 0x0, 0xfffffffffffffdc2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="180000", @ANYRES64], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x93}, 0x90)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000180)={&(0x7f00005c0000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000340)=""/173, 0x69, 0x1, &(0x7f0000000040)=""/6, 0x6}, &(0x7f00000001c0)=0x40)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x5)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, &(0x7f00000003c0)=ANY=[], 0x1e, 0x1517, &(0x7f0000003040)="$eJzs3AucjtXaMPDrWmvdjGnS0ySHYa113TxpsAxJckiSQ5IkW5KcEkKTJAmJcZY0JCHHSXIYQnKYhjTO50POSZI0SRISkqzvN3vbX3vv9vv69vf2fd53z/X//e7fs67nfq71XGuueZ7nvu/5PfNdj1F1mtWt2YSI4L8E/3KTAgAxADAMAG4AgAAAKsZXjM/Zn09iyn/tSdgf65H0a10Bu5a4/7kb9z934/7nbtz/3I37n7tx/3M37n/uxv1nLDfbMafIjbzl3o2v/+dm/Pn/byS77OSvNpW9uee/kML9z924/7kb9z934/7nbtz/3I37n7tx/3M37j9judl/eG2YrnbtmP928O+wXevfP8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjucMF/xsFAH8dX+u6GGOMMcYYY4wx9sfxea91BYwxxhhjjDHGGPt/D0GABAUB5IG8EAP5IBaugzi4HvLDDRCBGyEeboICcDMUhEJQGIpAAhSFYqDBgAWCEIpDCYjCLVASboVEKAWloQw4KAtJUA7Kw21QAW6HinAHVII7oTJUgapQDe6C6nA31IB7oCbcC7WgNtSBunAf1IP7oT48AA3gQWgID0EjeBgaw5+gCTwCTeFRaAaPQXN4HFpAS2gFraHN/1X+S9AHXoa+0A9SoD8MgIEwCAbDEBgKw+AVGA6vwgh4DVJhJIyC12E0vAFj4E0YC+NgPLwFE2AiTILJMAWmQhq8DdPgHZgO78IMmAmzYDakwxyYC+/BPJgPC+B9WAgfwCJYDEtgKWTAh5AJy2A5fAQr4GPIgpWwClbDGlgL62A9bICNsAk2wxbYCttgO+yAT2An7ILdsAf2wj7YD5/CAfgMDsLncAi++Bfzz/9Dfk8EBBQoUKHCPJgHYzAGYzEW4zAO82N+jGAE4zEeC2ABLIgFsTAWxgRMwGJYDA0aJCQsjsUxilEsiSUxEROxNJZGhw6TMAnL421YAStgRayIlbASVsYqWAWrYTWsjtWxBtbAmlgTa2EtrIN18D68D+/H+lgfG2ADbIgNsRE2wsbYGJtgE2yKTbEZNsPm2BxbYAtsha2wDbbBttgW22E77IAdsCN2xM7YGZMxGbtgF+yKXbEbdsPu2B17YA/sib2wF76EL+HL+DL2w1qiPw7AATgIB+EQHIpD8RUcjq/iq/gapuJIHIWv4+v4Bo7BczgWx+F4HI/VxUSchJORxFRMwzSchtNwOk7HGTgTZ+JsTMc5OBfn4jycj/PxfVyIH+AHuBgX41LMwAzMxGWY58qrLwtX4ipcjWtwLa7B9bgB1+Mm3IybcCtuxe24HT/BT3AX7sI9uAf3oQLAT/Ez/AxT8RAewsN4GI/gETyKRzEbs/EYHsPjeBxP4Ak8iSfxFJ7GM3gaz+JZPIfn8QJewIt4ES/hCwnfNN1XamMqiBxKKJFH5BExIkbEilgRJ+JEfpFfRERExIt4UUAUEAVFQVFYFBYJIkEUE8WEEUaQCEVxUVxERVSUFCVFokgUpUVp4YQTSSJJlBflRQVRQVQUd4hK4k5RWVQR7V01UU1UFx1cDXGPqClqilqitqgj6oq6op6oJ+qL+qKBaCAaioaikXhYNBb9cQg+InI600yMxOZiFLYQLUUr0Vq8gU+ItmIMthPtRQfxlBiHY7GzaOuSxTOii5iEXcVzYjI+L7qLqdhDvCh6il6it3hJ9BHtXF/RT8zA/mKAmI2DxGAxRAwV87C2yOlYHfGaSBUjxSjxuliKb4gx4k0xVowT48VbYoKYKCaJyWKKmCrSxNtimnhHTBfvihlippglZot0MUfMFe+JeWK+WCDeFwvFB2KRWCyWiKUiQ3woMsUysVx8JFaIj0WWWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie1ih/hE7BS7xG6xR+wV+8R+8ak4ID4TB8Xn4pD4QhwWX4oj4itxVHwtssU34pj4VhwX34kT4ntxUvwgTonT4oz4UZwVP4lz4ry4IH4WF8Uv4pL4VVwWXoBEKaSUSgYyj8wrY2Q+GSuvk3Hyeplf3iAj8kYZL2+SBeTNsqAsJAvLIjJBFpXFpJZGWkkylMVlCRmVt8iS8laZKEvJ0rKMdLKsTJLlZHl5m6wgb5cV5R2ykrxTVpZVZFVZTd4lq8u7ZQ15j6wp75W1ZG1ZR9aV98l68n5ZXz4gG8gHZUP5kGwkH5aN5Z9kE/mIbCoflc3kY7K5fFy2kC1lK9latpFPyLbySdlOtpcd5FOyo+wkO8unZbJ8RnaRz8qu8jnZTT4vu8sXZA/5ouwpe8ne8ld5WXrZV/aTKbK/HCAHykFysBwih8ph8hU5XL4qR8jXZKocKUfJ1+Vo+YYcI9+UY+U4OV6+JSfIiXKSnCynyKkyTb4tp8l35HT5rpwhZ8pZcrZMl3PkkCszLfg/yH/nn+SP+POzb5c75Cdyp9wld8s9cq/cJ/fL/fKAPCAPyoPykDwkD8vD8og8Io/KozJbZstj8pg8Lo/LE/KEPClPylPytPxZ/ijPyp/kOXlenpc/y4vyorx05WcACpVQUikVqDwqr4pR+VSsuk7FqetVfnWDiqgbVby6SRVQN6uCqpAqrIqoBFVUFVNaGWUVqVAVVyVUVN2CV97SVGlVRjlVViWpcv9KviqpblWJqtTf5V+tvjaqjWqr2qp2qp3qoDqojqqj6qw6q2SVrLqoLqqr6qq6qW6qu+queqgeqqfqqXqr3qqP6qP6qr4qRaWoAWqgGqQGqyFqqBqmXlHD1XA1Qo1QqSpVjVKj1Gg1Wo1RY9RYNVaNV+PVBDVBTVKT1BQ1RaWpNDVNTVPT1XQ1Q81Qs9Qsla7S1Vw1V81T89QCtUAtVAvVIrVILVFLVIbKUJkqUy1Xy9UKtUJlqZVqpVqtVqu1aq1ar9arjWqj2qw2q61qq8pSO9QOtVPtVLvVbrVX7VX71X51QB1QB9VBdUgdUofVYXVEHVFH1VGVrbLVMXVMHVfH1Ql1Qp1UJ9UpdUqdUWfUWXVWnVPn1AV1QV1UF9UldUldVpdzDvsCEYhABSrIE+QJYoKYIDaIDeKCuCB/kD+IBJEgPogPCgQ3BwWDQkHhoEiQEBQNigU6MIENKAiD4kGJIBrcEpQMbg0Sg1JB6aBM4IKyQVJQLigf3BZUCG4PKgZ3BJWCO4PKQZWgalAtuCuoHtwd1AjuCWoG9wa1gtpBnaBucF9QL7g/qB88EDQIHgwaBg8FjYKHg8bBn4ImwSNB0+DRoFnwWNA8eDxoEbQMWgWtgzZ/6Pzenyv0pOur++kU3V8P0AP1ID1YD9FD9TD9ih6uX9Uj9Gs6VY/Uo/TrerR+Q4/Rb+qxepwer9/SE/REPUlP1lP0VJ2m39bT9Dt6un5Xz9Az9Sw9W6frOXqufk/P0/P1Av2+Xqg/0Iv0Yr1EL9UZ+kOdqZfp5fojvUJ/rLP0Sr1Kr9Zr9Fq9Tq/XG/RGvUlv1lv0Vr1Nb9c79Cd6p96ld+s9eq/ep/frT/UB/Zk+qD/Xh/QX+rD+Uh/RX+mj+mudrb/Rx/S3+rj+Tp/Q3+uT+gd9Sp/WZ/SP+qz+SZ/T5/UF/bO+qH/Rl/Sv+rL2OQf3OR/vRhll8pg8JsbEmFgTa+JMnMlv8puIiZh4E28KmAKmoCloCpvCJsEkmGKmmMlBhkxxU9xETdSUNCVNokk0pU1p44wzSSbJlDflTQVTwVQ0FU0lU8lUNpVNVVPV3GXuMnebu8095h5zr7nX1Da1TV1T19Qz9Ux9U980MA1MQ9PQNDKNTGPT2DQxTUxT09Q0M81Mc9PctDAtTCvTyrQxbUxb09a0M+1MB9PBdDQdTWfT2SSbZNPFdDFdTVfTzXQz3U1308P0MD1NT9Pb9DZ9TB/T1/Q1KSbFDDADzCAzyAwxQ8wwM8wMN8PNCDPCpJpUM8qMMqPNaDPGjDFjzTgz3rxlJpiJZpKZbKaYqSbNpJlpZpqZbqabGWaGmWVmmXSTbuaauWaemWcWmAVmoVloFplFZolZYjJMhsk0mWa5WW5WmBUmy2SZVWaVWWPWmHVmndlgNphNZpPZYraYbWab2WF2mJ1mp9ltdpu9Zq/Zb/abA+aAOWgOmkPmkDlsDnsEMEfNUZNtss0xc8wcN8fNCXPCnDQnzSlzypwxZ8xZc9acM+fMBXPBXDS/mEvmV3PZeBNj89lYe52Ns9fb/PYG+49xYVvEJtiitpjVtqAt9HexsdYm2lK29F9PMW05mxiTc1vGOlvWJtlytrKtYqvaavYuW93ebWv8Lq5n77f17QO2gX3Q1rX3/V3c0D5kG9nHbGP7uG1iW9qmtrVtZh+zze3jtoVtaVvZ1raj7WQ726dtsn3GdrHP/i7OtMvsBrvRbrKb7QH7mb1gf7bH7Xf2ov3F9rX97DD7ih1uX7Uj7Gs21Y78XTzevmUn2Il2kp1sp9ipv4tn2dk23c6xc+17dp6d/7s4w35oF9rldpFdbJfYpX+Oc2pabj+yK+zHNsuutKvsarvGrrXr7Pr/Xetqu9Vus9vtfvup3Wl32d12j91r9/05zlnHQfu5PWS/sMfst/aI/coetSdstv3mz3HO+k7Y7+1J+4M9ZU/bM/ZHe9b+ZM/Z8znr9zlr/9H+ai9bb4GQBElSFFAeyksxlI9i6TqKo+spP91AEbqR4ukmKkA3U0EqRIWpCCVQUSpGmgxZIgqpOJWgKN1CJelWSqRSVJrKkKOylETlqDzdRhXodqpId1AlupMqUxWqStXoLqpOd1MNuodq0r1Ui2pTHapL91E9up/q0wPUgB6khvQQNaKHqTH9iZrQI9SUHqVm9Bg1p8epBbWkVtSa2tAT1JaepHbUnjrQU9SROlFnepqS6RnqQs9SV3qOutHz1J1eoB70IvWkXtSbXqI+9DL1pX6UQv1pAA2kQTSYhtBQGkav0HB6lUbQa5RKI2kUvU6j6Q0aQ2/SWBpH4+ktmkATaRJNpik0ldLobZpG79B0epdm0EyaRbMpnebQXHqP5tF8WkDv00L6gBbRYlpCSymDPqRMWkbL6SNaQR9TFq2kVbSa1tBaWkfraQNtpE20mbbQVtpG22kHfUI7aRftpj20l/bRfvqUDlC+Ky+4L+gwfUlH6Cs6Sl9TNn1Dx+hbOk7f0Qn6nk7SD3SKTtMZ+pHO0k90js7TBfqZLtIvdIl+pcvkCUIMRShDFQZhnjBvGBPmC2PD68K48Powf3hDGAlvDOPDm8IC4c1hwbBQWDgsEiaERcNioQ5NaEMKw7B4WCKMhreEJcNbw8SwVFg6LBO6sGyYFJYLy4e3hRXC28OK4R1hpfDOsHJYJXzswWrhXWH18O6wRnhPWDO8N6wV1g7rhHXD+8J64f1h/fCBsEH4YFghfChsFD4cwpXvqzQNHw2bhY+FzcPHwxZhy7BV2DpsEz4Rtg2fDNuF7cMO4VNhx7BT2Dl8OkwOnwm7hM9edX9K2D8cEA4MB4bePyCXRJdGM6IfRjOjy6LLox9FV0Q/jmZFV0ZXRVdH10TXRtdF10c3RDdGN0U3R7dEt0a3RbdHva+bFxw64aRTLnB5XF4X4/K5WHedi3PXu/zuBhdxN7p4d5Mr4G52BV0hV9gVcQmuqCvmtDPOOnKhK+5KuKi7xZV0t7pEV8qVdmWcc2VdkmvtENq4tu5J1861dx3cU+4p18l1ck+7p90zrot71nV1z7lu7nnX3b3gXnAvup6ul+vtXnJ93Muur+vnUlyKG+AGuEFukBvihrhhbpgb7oa7EW6ES3WpbpQb5Ua70W6MG+PGurFuvBvvJrgJbpKb5Ka4KS7Npblpbpqb7qa7AABmuVku3aW7uW6um+fmuQVugVuYuNAtcovcErfEZbgMl+ky3XK33K1wK1yWy3Kr3Cq3xq1x69w6t8FtcJvcJrfFbXHb3Da3w+1wO91Ot9vtdnvdXrff7XcH3AF30B10h9whd9gddkfcEXfUfe2y3TfumPvWHXffuRPue3fS/eBOudPujPvRnXU/uXPuvLvgfnYX3S/ukvvVXXbepUXejkyLvBOZHnk3MiMyMzIrMjuSHpkTmRt5LzIvMj+yIPJ+ZGHkg8iiyOLIksjSSEbkw0hmZFlkeeSjyIrIx5GsyMrIqsjqyJrIWgW+6M7QF/clfNTf4kv6W32iL+VL+zLe+bI+yZfz5f1tvoK/3Vf0d/hK/k5f2VfxVf3jvoVv6Vv51r6Nf8K39U/6dr697+Cf8h19J9/ZP+2T/TO+i3/Wd/XP+W7+ed/dv+B7+Bd9T9/L9/Yv+T7+Zd/X9/Mpvr8f4Af6QX6wH+KH+mH+FT/cv+pH+Nd8qh/pR/nX/Wj/hh/j3/Rj/Tg/3r/lJ/iJfpKf7Kf4qT7Nv+2n+Xf8dP+un+Fn+ll+tk/3c/xc/56f5+f7Bf59v9B/4Bf5xX6JX+oz/Ic+0y/zy/1HfoX/2Gf5lX6VX+3X+LV+nV/vN/iNfpPf7Lf4rX6b3+53+E/8Tr/L7/Z7/F6/z+/3n/oD/jN/0H/uD/kv/GH/pT/iv/JH/dc+23/jj/lv/XH/nT/hv/cn/Q/+lD/tz/gf/Vn/kz/nz/sL/md/0f/iL/lf/eV/8Ttrtf+oy+eMMcYYY//DDLzK/v7/5D4FAOLK+Bfv/fW7imT/7X4JAFsK/mU8WCR0jADAM/16PPLXrVatlJSUK4/NkhCUWAwAkX94givxSugAnSAZ2kP5f1rfYNHrIl1l/ugdALF/kxMDv8W/zf/lfzD/E0+Nz6wUXoj/T+ZfDJBY4recnLPwv8YroUPOaqA9VPin8ydAobZXqT/fV2kA7f4mJw4A2uX7x/qT4El4FpL/7pGMMcYYY4wxxthfDBZVu13t/Dnn/DxB/ZaTF36Lr3Z+zhhjjDHGGGOMsWvv+V69n34iObl9t1wxIPhvUQYPePDfYtDpP3nMtX5nYowxxhhjjP3Rfjvo/+2+fNeyIMYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjLBf6//Gfxq71GhljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLFr7X8FAAD//7JbMiI=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f00000005c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @mcast1}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r7, 0x89f3, &(0x7f0000000200)={'syztnl1\x00', &(0x7f0000000100)={'ip6tnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @mcast2, @loopback={0xff00000000000000}}})

3.719023446s ago: executing program 4 (id=1251):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe4, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = socket(0x200000100000011, 0x803, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'xfrm0\x00', <r5=>0x0})
sendto$packet(r3, &(0x7f0000000100)="4dcdc7d96a76000000060005e000000000060000", 0x34, 0x0, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @link_local}, 0x14)
syz_clone3(&(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
syz_emit_ethernet(0x3e, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff080047000030000000000006907800000000000000008608ffffffff0102"], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

3.708474146s ago: executing program 0 (id=1252):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'macsec0\x00', 0x8001})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000002180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8923, &(0x7f0000000800)={'pim6reg1\x00', @link_local={0x1, 0x36}})
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000280), 0xf0100, 0x0)
r6 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0)
fstat(r6, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, <r7=>0x0, <r8=>0x0})
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file1\x00', 0x4, &(0x7f0000000280)=ANY=[@ANYRES32=r8, @ANYBLOB="091e21b81dfc6fb0feb157135f914b110011504efbf790845429946409a9244bffb818fbbc5ead98aeff6a5549e74cef0600", @ANYRESOCT, @ANYRES16=r7, @ANYRESHEX=r6, @ANYRES16, @ANYRESOCT=r7, @ANYRES64], 0x2, 0x1d8, &(0x7f0000000840)="$eJzsmb/L00AYx793SdNaRHFxcHGwYEWbJqlKlw4VHAWhFXUsNpZq2koboS0IFhcXRwfB1X/AwaGTg5ubqw4qCA52dI7kck3Oxhb7/oDC+3zgvXzv7rnnnruXfjMEBEEcWb5/+/31xbVq8xKA4yggK8d/akkMV+K/vHp88WXt+uu3n9986J94Ml/NxwAEwf/vbwB4X9eApydFPwj+Xl2QzyZ4rG+B44LUt8FgLmsNktUuGO7K4QeKHhyTwnPNewOvfb/ruVbY2GHjhE1F3V8HsJgxtAHk5BZMmR9Npg9bHjCMhOcuRSZY7pOa2lZsuj9RX52jplxB+P+68/zZLOybctxS7s8Ghy11BQwNqavIwjTN5EqU85/Rk/xa6vwHcMjDEKdKO1EGid0SbHUk/EHHI6cX84/pVT92pfg9CGFcAFJTn/Ked2MfmQ1pAv+MSfyJ6cB5xZ906LF/lP3eo/JoMi11e62O23H7jlO5al22rCtOWRhR1G7wv5zwp7ySP7Mm1mAGxi3fH9pjwB/acd+JWsVxG+8Gv8QaLvyPo3guysHkOyt+Ua7A5B8Xz1AVtbXFEwRBEARBEARBEARBEARBbMVZsOhDWPShKliDc1NE/wkAAP//X9JszA==")
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x5, 0x100000, 0x1, 0x28, r5, 0x54, '\x00', 0x0, r6, 0x2, 0x2, 0x5, 0xb}, 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r10}, 0x10)
r11 = socket$inet6(0xa, 0x80002, 0x0)
llistxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180)=""/115, 0x73)
connect$inet6(r11, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
sendto$inet6(r11, 0x0, 0x0, 0xc001, 0x0, 0x0)
setsockopt$inet6_udp_int(r11, 0x11, 0x1, &(0x7f0000000080), 0x4)

2.776693313s ago: executing program 3 (id=1253):
bpf$MAP_CREATE(0x0, 0x0, 0xfffffffffffffdc2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="180000", @ANYRES64], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x93}, 0x90)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000180)={&(0x7f00005c0000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000340)=""/173, 0x69, 0x1, &(0x7f0000000040)=""/6, 0x6}, &(0x7f00000001c0)=0x40)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x5)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, &(0x7f00000003c0)=ANY=[], 0x1e, 0x1517, &(0x7f0000003040)="$eJzs3AucjtXaMPDrWmvdjGnS0ySHYa113TxpsAxJckiSQ5IkW5KcEkKTJAmJcZY0JCHHSXIYQnKYhjTO50POSZI0SRISkqzvN3vbX3vv9vv69vf2fd53z/X//e7fs67nfq71XGuueZ7nvu/5PfNdj1F1mtWt2YSI4L8E/3KTAgAxADAMAG4AgAAAKsZXjM/Zn09iyn/tSdgf65H0a10Bu5a4/7kb9z934/7nbtz/3I37n7tx/3M37n/uxv1nLDfbMafIjbzl3o2v/+dm/Pn/byS77OSvNpW9uee/kML9z924/7kb9z934/7nbtz/3I37n7tx/3M37j9judl/eG2YrnbtmP928O+wXevfP8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjucMF/xsFAH8dX+u6GGOMMcYYY4wx9sfxea91BYwxxhhjjDHGGPt/D0GABAUB5IG8EAP5IBaugzi4HvLDDRCBGyEeboICcDMUhEJQGIpAAhSFYqDBgAWCEIpDCYjCLVASboVEKAWloQw4KAtJUA7Kw21QAW6HinAHVII7oTJUgapQDe6C6nA31IB7oCbcC7WgNtSBunAf1IP7oT48AA3gQWgID0EjeBgaw5+gCTwCTeFRaAaPQXN4HFpAS2gFraHN/1X+S9AHXoa+0A9SoD8MgIEwCAbDEBgKw+AVGA6vwgh4DVJhJIyC12E0vAFj4E0YC+NgPLwFE2AiTILJMAWmQhq8DdPgHZgO78IMmAmzYDakwxyYC+/BPJgPC+B9WAgfwCJYDEtgKWTAh5AJy2A5fAQr4GPIgpWwClbDGlgL62A9bICNsAk2wxbYCttgO+yAT2An7ILdsAf2wj7YD5/CAfgMDsLncAi++Bfzz/9Dfk8EBBQoUKHCPJgHYzAGYzEW4zAO82N+jGAE4zEeC2ABLIgFsTAWxgRMwGJYDA0aJCQsjsUxilEsiSUxEROxNJZGhw6TMAnL421YAStgRayIlbASVsYqWAWrYTWsjtWxBtbAmlgTa2EtrIN18D68D+/H+lgfG2ADbIgNsRE2wsbYGJtgE2yKTbEZNsPm2BxbYAtsha2wDbbBttgW22E77IAdsCN2xM7YGZMxGbtgF+yKXbEbdsPu2B17YA/sib2wF76EL+HL+DL2w1qiPw7AATgIB+EQHIpD8RUcjq/iq/gapuJIHIWv4+v4Bo7BczgWx+F4HI/VxUSchJORxFRMwzSchtNwOk7HGTgTZ+JsTMc5OBfn4jycj/PxfVyIH+AHuBgX41LMwAzMxGWY58qrLwtX4ipcjWtwLa7B9bgB1+Mm3IybcCtuxe24HT/BT3AX7sI9uAf3oQLAT/Ez/AxT8RAewsN4GI/gETyKRzEbs/EYHsPjeBxP4Ak8iSfxFJ7GM3gaz+JZPIfn8QJewIt4ES/hCwnfNN1XamMqiBxKKJFH5BExIkbEilgRJ+JEfpFfRERExIt4UUAUEAVFQVFYFBYJIkEUE8WEEUaQCEVxUVxERVSUFCVFokgUpUVp4YQTSSJJlBflRQVRQVQUd4hK4k5RWVQR7V01UU1UFx1cDXGPqClqilqitqgj6oq6op6oJ+qL+qKBaCAaioaikXhYNBb9cQg+InI600yMxOZiFLYQLUUr0Vq8gU+ItmIMthPtRQfxlBiHY7GzaOuSxTOii5iEXcVzYjI+L7qLqdhDvCh6il6it3hJ9BHtXF/RT8zA/mKAmI2DxGAxRAwV87C2yOlYHfGaSBUjxSjxuliKb4gx4k0xVowT48VbYoKYKCaJyWKKmCrSxNtimnhHTBfvihlippglZot0MUfMFe+JeWK+WCDeFwvFB2KRWCyWiKUiQ3woMsUysVx8JFaIj0WWWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie1ih/hE7BS7xG6xR+wV+8R+8ak4ID4TB8Xn4pD4QhwWX4oj4itxVHwtssU34pj4VhwX34kT4ntxUvwgTonT4oz4UZwVP4lz4ry4IH4WF8Uv4pL4VVwWXoBEKaSUSgYyj8wrY2Q+GSuvk3Hyeplf3iAj8kYZL2+SBeTNsqAsJAvLIjJBFpXFpJZGWkkylMVlCRmVt8iS8laZKEvJ0rKMdLKsTJLlZHl5m6wgb5cV5R2ykrxTVpZVZFVZTd4lq8u7ZQ15j6wp75W1ZG1ZR9aV98l68n5ZXz4gG8gHZUP5kGwkH5aN5Z9kE/mIbCoflc3kY7K5fFy2kC1lK9latpFPyLbySdlOtpcd5FOyo+wkO8unZbJ8RnaRz8qu8jnZTT4vu8sXZA/5ouwpe8ne8ld5WXrZV/aTKbK/HCAHykFysBwih8ph8hU5XL4qR8jXZKocKUfJ1+Vo+YYcI9+UY+U4OV6+JSfIiXKSnCynyKkyTb4tp8l35HT5rpwhZ8pZcrZMl3PkkCszLfg/yH/nn+SP+POzb5c75Cdyp9wld8s9cq/cJ/fL/fKAPCAPyoPykDwkD8vD8og8Io/KozJbZstj8pg8Lo/LE/KEPClPylPytPxZ/ijPyp/kOXlenpc/y4vyorx05WcACpVQUikVqDwqr4pR+VSsuk7FqetVfnWDiqgbVby6SRVQN6uCqpAqrIqoBFVUFVNaGWUVqVAVVyVUVN2CV97SVGlVRjlVViWpcv9KviqpblWJqtTf5V+tvjaqjWqr2qp2qp3qoDqojqqj6qw6q2SVrLqoLqqr6qq6qW6qu+queqgeqqfqqXqr3qqP6qP6qr4qRaWoAWqgGqQGqyFqqBqmXlHD1XA1Qo1QqSpVjVKj1Gg1Wo1RY9RYNVaNV+PVBDVBTVKT1BQ1RaWpNDVNTVPT1XQ1Q81Qs9Qsla7S1Vw1V81T89QCtUAtVAvVIrVILVFLVIbKUJkqUy1Xy9UKtUJlqZVqpVqtVqu1aq1ar9arjWqj2qw2q61qq8pSO9QOtVPtVLvVbrVX7VX71X51QB1QB9VBdUgdUofVYXVEHVFH1VGVrbLVMXVMHVfH1Ql1Qp1UJ9UpdUqdUWfUWXVWnVPn1AV1QV1UF9UldUldVpdzDvsCEYhABSrIE+QJYoKYIDaIDeKCuCB/kD+IBJEgPogPCgQ3BwWDQkHhoEiQEBQNigU6MIENKAiD4kGJIBrcEpQMbg0Sg1JB6aBM4IKyQVJQLigf3BZUCG4PKgZ3BJWCO4PKQZWgalAtuCuoHtwd1AjuCWoG9wa1gtpBnaBucF9QL7g/qB88EDQIHgwaBg8FjYKHg8bBn4ImwSNB0+DRoFnwWNA8eDxoEbQMWgWtgzZ/6Pzenyv0pOur++kU3V8P0AP1ID1YD9FD9TD9ih6uX9Uj9Gs6VY/Uo/TrerR+Q4/Rb+qxepwer9/SE/REPUlP1lP0VJ2m39bT9Dt6un5Xz9Az9Sw9W6frOXqufk/P0/P1Av2+Xqg/0Iv0Yr1EL9UZ+kOdqZfp5fojvUJ/rLP0Sr1Kr9Zr9Fq9Tq/XG/RGvUlv1lv0Vr1Nb9c79Cd6p96ld+s9eq/ep/frT/UB/Zk+qD/Xh/QX+rD+Uh/RX+mj+mudrb/Rx/S3+rj+Tp/Q3+uT+gd9Sp/WZ/SP+qz+SZ/T5/UF/bO+qH/Rl/Sv+rL2OQf3OR/vRhll8pg8JsbEmFgTa+JMnMlv8puIiZh4E28KmAKmoCloCpvCJsEkmGKmmMlBhkxxU9xETdSUNCVNokk0pU1p44wzSSbJlDflTQVTwVQ0FU0lU8lUNpVNVVPV3GXuMnebu8095h5zr7nX1Da1TV1T19Qz9Ux9U980MA1MQ9PQNDKNTGPT2DQxTUxT09Q0M81Mc9PctDAtTCvTyrQxbUxb09a0M+1MB9PBdDQdTWfT2SSbZNPFdDFdTVfTzXQz3U1308P0MD1NT9Pb9DZ9TB/T1/Q1KSbFDDADzCAzyAwxQ8wwM8wMN8PNCDPCpJpUM8qMMqPNaDPGjDFjzTgz3rxlJpiJZpKZbKaYqSbNpJlpZpqZbqabGWaGmWVmmXSTbuaauWaemWcWmAVmoVloFplFZolZYjJMhsk0mWa5WW5WmBUmy2SZVWaVWWPWmHVmndlgNphNZpPZYraYbWab2WF2mJ1mp9ltdpu9Zq/Zb/abA+aAOWgOmkPmkDlsDnsEMEfNUZNtss0xc8wcN8fNCXPCnDQnzSlzypwxZ8xZc9acM+fMBXPBXDS/mEvmV3PZeBNj89lYe52Ns9fb/PYG+49xYVvEJtiitpjVtqAt9HexsdYm2lK29F9PMW05mxiTc1vGOlvWJtlytrKtYqvaavYuW93ebWv8Lq5n77f17QO2gX3Q1rX3/V3c0D5kG9nHbGP7uG1iW9qmtrVtZh+zze3jtoVtaVvZ1raj7WQ726dtsn3GdrHP/i7OtMvsBrvRbrKb7QH7mb1gf7bH7Xf2ov3F9rX97DD7ih1uX7Uj7Gs21Y78XTzevmUn2Il2kp1sp9ipv4tn2dk23c6xc+17dp6d/7s4w35oF9rldpFdbJfYpX+Oc2pabj+yK+zHNsuutKvsarvGrrXr7Pr/Xetqu9Vus9vtfvup3Wl32d12j91r9/05zlnHQfu5PWS/sMfst/aI/coetSdstv3mz3HO+k7Y7+1J+4M9ZU/bM/ZHe9b+ZM/Z8znr9zlr/9H+ai9bb4GQBElSFFAeyksxlI9i6TqKo+spP91AEbqR4ukmKkA3U0EqRIWpCCVQUSpGmgxZIgqpOJWgKN1CJelWSqRSVJrKkKOylETlqDzdRhXodqpId1AlupMqUxWqStXoLqpOd1MNuodq0r1Ui2pTHapL91E9up/q0wPUgB6khvQQNaKHqTH9iZrQI9SUHqVm9Bg1p8epBbWkVtSa2tAT1JaepHbUnjrQU9SROlFnepqS6RnqQs9SV3qOutHz1J1eoB70IvWkXtSbXqI+9DL1pX6UQv1pAA2kQTSYhtBQGkav0HB6lUbQa5RKI2kUvU6j6Q0aQ2/SWBpH4+ktmkATaRJNpik0ldLobZpG79B0epdm0EyaRbMpnebQXHqP5tF8WkDv00L6gBbRYlpCSymDPqRMWkbL6SNaQR9TFq2kVbSa1tBaWkfraQNtpE20mbbQVtpG22kHfUI7aRftpj20l/bRfvqUDlC+Ky+4L+gwfUlH6Cs6Sl9TNn1Dx+hbOk7f0Qn6nk7SD3SKTtMZ+pHO0k90js7TBfqZLtIvdIl+pcvkCUIMRShDFQZhnjBvGBPmC2PD68K48Powf3hDGAlvDOPDm8IC4c1hwbBQWDgsEiaERcNioQ5NaEMKw7B4WCKMhreEJcNbw8SwVFg6LBO6sGyYFJYLy4e3hRXC28OK4R1hpfDOsHJYJXzswWrhXWH18O6wRnhPWDO8N6wV1g7rhHXD+8J64f1h/fCBsEH4YFghfChsFD4cwpXvqzQNHw2bhY+FzcPHwxZhy7BV2DpsEz4Rtg2fDNuF7cMO4VNhx7BT2Dl8OkwOnwm7hM9edX9K2D8cEA4MB4bePyCXRJdGM6IfRjOjy6LLox9FV0Q/jmZFV0ZXRVdH10TXRtdF10c3RDdGN0U3R7dEt0a3RbdHva+bFxw64aRTLnB5XF4X4/K5WHedi3PXu/zuBhdxN7p4d5Mr4G52BV0hV9gVcQmuqCvmtDPOOnKhK+5KuKi7xZV0t7pEV8qVdmWcc2VdkmvtENq4tu5J1861dx3cU+4p18l1ck+7p90zrot71nV1z7lu7nnX3b3gXnAvup6ul+vtXnJ93Muur+vnUlyKG+AGuEFukBvihrhhbpgb7oa7EW6ES3WpbpQb5Ua70W6MG+PGurFuvBvvJrgJbpKb5Ka4KS7Npblpbpqb7qa7AABmuVku3aW7uW6um+fmuQVugVuYuNAtcovcErfEZbgMl+ky3XK33K1wK1yWy3Kr3Cq3xq1x69w6t8FtcJvcJrfFbXHb3Da3w+1wO91Ot9vtdnvdXrff7XcH3AF30B10h9whd9gddkfcEXfUfe2y3TfumPvWHXffuRPue3fS/eBOudPujPvRnXU/uXPuvLvgfnYX3S/ukvvVXXbepUXejkyLvBOZHnk3MiMyMzIrMjuSHpkTmRt5LzIvMj+yIPJ+ZGHkg8iiyOLIksjSSEbkw0hmZFlkeeSjyIrIx5GsyMrIqsjqyJrIWgW+6M7QF/clfNTf4kv6W32iL+VL+zLe+bI+yZfz5f1tvoK/3Vf0d/hK/k5f2VfxVf3jvoVv6Vv51r6Nf8K39U/6dr697+Cf8h19J9/ZP+2T/TO+i3/Wd/XP+W7+ed/dv+B7+Bd9T9/L9/Yv+T7+Zd/X9/Mpvr8f4Af6QX6wH+KH+mH+FT/cv+pH+Nd8qh/pR/nX/Wj/hh/j3/Rj/Tg/3r/lJ/iJfpKf7Kf4qT7Nv+2n+Xf8dP+un+Fn+ll+tk/3c/xc/56f5+f7Bf59v9B/4Bf5xX6JX+oz/Ic+0y/zy/1HfoX/2Gf5lX6VX+3X+LV+nV/vN/iNfpPf7Lf4rX6b3+53+E/8Tr/L7/Z7/F6/z+/3n/oD/jN/0H/uD/kv/GH/pT/iv/JH/dc+23/jj/lv/XH/nT/hv/cn/Q/+lD/tz/gf/Vn/kz/nz/sL/md/0f/iL/lf/eV/8Ttrtf+oy+eMMcYYY//DDLzK/v7/5D4FAOLK+Bfv/fW7imT/7X4JAFsK/mU8WCR0jADAM/16PPLXrVatlJSUK4/NkhCUWAwAkX94givxSugAnSAZ2kP5f1rfYNHrIl1l/ugdALF/kxMDv8W/zf/lfzD/E0+Nz6wUXoj/T+ZfDJBY4recnLPwv8YroUPOaqA9VPin8ydAobZXqT/fV2kA7f4mJw4A2uX7x/qT4El4FpL/7pGMMcYYY4wxxthfDBZVu13t/Dnn/DxB/ZaTF36Lr3Z+zhhjjDHGGGOMsWvv+V69n34iObl9t1wxIPhvUQYPePDfYtDpP3nMtX5nYowxxhhjjP3Rfjvo/+2+fNeyIMYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjLBf6//Gfxq71GhljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLFr7X8FAAD//7JbMiI=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
mount(0x0, &(0x7f00000000c0)='./file0/../file0\x00', &(0x7f0000000100)='tmpfs\x00', 0x0, 0x0)

2.776267043s ago: executing program 4 (id=1254):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000840)=ANY=[@ANYBLOB], 0x15)
r0 = dup(0xffffffffffffffff)
write$FUSE_BMAP(r0, &(0x7f0000000000)={0x18, 0x0, 0x0, {0x43c8}}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@bloom_filter={0x1e, 0x1, 0x8, 0xffffffff, 0xa48, r0, 0x6b3, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1, 0x3, 0xf}, 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, 0x0, 0x0, 0x2, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(0xffffffffffffffff, 0x4004f50d, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, &(0x7f0000000300)=ANY=[@ANYRESHEX, @ANYBLOB=',rootmode=00000000', @ANYRESDEC=0x0, @ANYBLOB=',grou', @ANYRESDEC=0x0], 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x9801}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gre={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8}, @IFLA_GRE_REMOTE={0x8, 0x7, @initdev={0xac, 0x1e, 0x0, 0x0}}]}}}]}, 0x40}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

2.776010573s ago: executing program 1 (id=1255):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0)
ioctl$BTRFS_IOC_RESIZE(r0, 0x50009403, &(0x7f0000000600)=ANY=[@ANYRESOCT=r0])
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x15, 0x3, &(0x7f0000000900)=ANY=[@ANYRES32=r0], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195}, 0x90)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f00000000c0)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfff}, 0x20)
fcntl$F_GET_RW_HINT(r1, 0x40b, &(0x7f0000000280))
pipe2(&(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000080)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=<r5=>r4, @ANYBLOB="05"], 0x0)
getpid()
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r0}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000180)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r8 = dup(r7)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r8])
write$FUSE_BMAP(r8, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r8, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[{@loose}]}})
r9 = open_tree(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0)
symlinkat(&(0x7f0000000040)='./file0\x00', r9, &(0x7f0000000080)='./file0\x00')
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000500)={'syztnl2\x00', &(0x7f00000003c0)={'ip6tnl0\x00', <r10=>0x0, 0x29, 0xd, 0x0, 0x80000000, 0x30, @loopback, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7, 0x1, 0xf, 0xaf05}})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x6, 0x3, &(0x7f0000000640)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="00080e009deb00c94070ba4b4ffc25b965af219b5001ff8da02295fdbb72caf3419c40817ba90495a7334875503c92b9fb910f942ce40f81e01e118adc882ad0c6dcb3"], &(0x7f0000000300)='syzkaller\x00', 0x6, 0x69, &(0x7f0000000340)=""/105, 0x40f00, 0x47, '\x00', r10, 0x25, r0, 0x8, &(0x7f0000000580)={0x0, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[r0]}, 0x90)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32], 0x0}, 0x90)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfffffcce)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r11}, 0x10)

2.642095824s ago: executing program 0 (id=1256):
r0 = syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x10, &(0x7f00000014c0), 0x1, 0x793, &(0x7f0000001700)="$eJzs3c1rXFUbAPDnTpKmb9r3TV4QbF0FBA2UTkyNrYKLigsRLBR0bTtMpqFmkimZSWlCoBYR3AhaXAi66dqPunPrx1b/Bd2ISEvVtFhxISN3PjqTZiadtvloze8Htz3n3jM595l77zln5h7mBrBjjab/ZCL2R8R7ScRwY30SEQO1VH/E0Xq5myvL+XRJolp99bekVubGynI+2l6T2tPI7IuIb96OOJBZW295cWkmVywW5hv58crsmfHy4tLB07O56cJ0Ye7wxOTkoSPPHBncuFj/+H5p79X3X3ry86N/vfXo5Xe/TeJo7G1sa49jo4zGaOM9GUjfwlVe3OjKtlmy3TvAPUkvzb76VR77Yzj6aqne9F4SAHiQnI+IKgCwwyT6fwDYYZrfA9xYWc6nS/X89n4fsdWuvRARu+vxN+9v1rf0N+7Z7a7dBx26kay635FExMgG1D8aER9/+fqn6RKbdB8SoJM3L0TEyZHRZvvfan+SNXMW6nqfkPFUD2VGb8tr/2DrfJWOf55tjf9a11/m1vgnOox/Bjtcu/diNGJXe37t9Z+5sgHVdJWO/54faM1tu9kWf8NIXyP339qYbyA5dbpYSNu2/0XEWAwMpvmJdeoYu/739VUr+lrJ9vHf7xff+CStP/2/VSJzpf+2JncqV8ndb9xN1y5EPNbfKf7k1vFPuox/j/dYx8vPvfNRt21p/Gm8zWV1/Js/q6x6KeKJ6Bx/U7Le/MTD47XTYbx5UnTwxU8fDnWrv/34p0taf/OzwFZIj//Q+vGPJO3zNct3X8d3l4a/7rbtzvF3Pv93Ja/V0s3G41yuUpmfiNiVvLJ2/aHWa5v5Zvk0/rHHO1//653/6WfCkz3G33/118/uPf7NlcY/dVfH/+4Tl2/O9HWrv7fjP1lLjTXW9NL+9bqD9/PeAQAAAAAAAAAAAAAAAAAAAAAAAECvMhGxN5JM9lY6k8lm68/wfiSGMsVSuXLgVGlhbipqz8oeiYFM86cuh9t+D3Wi8Xv4zfyh2/JPR8T/I+KDwf/U8tl8qTi13cEDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMOeLs//T/0yuN17BwBsmt13LHG9sCU7AgBsmTv3/wDAv43+HwB2Hv0/AOw8+n8A2Hn0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGyy48eOpUv1z5XlfJqfOru4MFM6e3CqUJ7Jzi7ks/nS/JnsdKk0XSxk86XZtpf+0OnvFUulM5Mxt3BuvFIoV8bLi0snZksLc5UTp2dz04UThYEtiwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeldeXJrJFYuFeYmHJVEdrh+6B2V/Nj/x88Ef961X5qLTeOMT290yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwc/gkAAP//skMoxA==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = open(&(0x7f0000007fc0)='./bus\x00', 0x60142, 0x0)
r5 = open(&(0x7f0000000380)='./file1\x00', 0x42042, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000001740)={0x9c02, <r6=>0x0}, 0x8)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYRESOCT=r6], &(0x7f0000000180)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00}, 0x90)
openat$full(0xffffffffffffff9c, &(0x7f0000001780), 0x20100, 0x0)
r8 = socket(0x10, 0x80002, 0x4)
sendmsg$nl_route_sched(r8, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000006c0)=@newtaction={0x70, 0x13, 0x53b, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_sample={0x58, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0xe80}}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x11}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0)
r9 = socket(0x10, 0x80002, 0x4)
setsockopt$CAN_RAW_FILTER(r4, 0x65, 0x1, &(0x7f0000000200)=[{{0x0, 0x1, 0x0, 0x1}, {0x4, 0x0, 0x1}}, {{0x4, 0x1, 0x0, 0x1}, {0x1, 0x1, 0x1, 0x1}}, {{0x0, 0x1, 0x0, 0x1}, {0x4, 0x0, 0x1, 0x1}}], 0x18)
sendmsg$nl_route_sched(r9, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000600), 0x70}}, 0x0)
sendmmsg$unix(r3, &(0x7f00000003c0)=[{{0x0, 0x0, &(0x7f0000000c80), 0x0, &(0x7f00000012c0)=ANY=[@ANYBLOB="28000000000000000100000001000000b5376e51ab324160b1445009bfc3f82936bb8364a6e2f1156c4edfa76c8fd8a62c975d37d61c58094e0f4f8a9c48d4e621360d15ca9ab3e8ffa4ab41ed51e8cda603426f09bdeed81216d158e19abc17785c9854077c81c9", @ANYRESHEX=r4, @ANYRES32=r5, @ANYRES32, @ANYRES32=r4, @ANYRES32, @ANYRES32=<r10=>0xffffffffffffffff, @ANYRESHEX=r7, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32, @ANYRES32=0xee00, @ANYRES16, @ANYBLOB="000000001c000000000000fa", @ANYRESHEX, @ANYBLOB="00000000280000000100cc8d26e9ce24e5c36be347000001000000", @ANYRESOCT=r1, @ANYRES32=r8, @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYRES32=r9], 0xa8, 0x40040}}], 0x1, 0x4000)
r11 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/kernel/fscaps', 0x200, 0x54)
r12 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r12, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c0000001200010000000000000000000a000000000000000101000004000000000000000000000000000000001d0346a7c0f7fafa62090100000000000080000000", @ANYRES32=0x0, @ANYBLOB="01000000fcffffff0000000000000000"], 0x4c}}, 0x0)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r4, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000040)={&(0x7f0000001240)=ANY=[@ANYBLOB, @ANYRES8=r10, @ANYRES32=0x0, @ANYBLOB="0c00990004000000580000000800010057000000080001002e0000000800db00", @ANYRES32=r11], 0x48}, 0x1, 0x0, 0x0, 0x4001}, 0x11)
ioctl$sock_SIOCSIFBR(r8, 0x8941, &(0x7f0000000680)=@add_del={0x2, &(0x7f00000001c0)='syzkaller1\x00'})
ftruncate(r5, 0x2007ffb)
sendfile(r4, r5, 0x0, 0x1000000211005)

1.772733615s ago: executing program 4 (id=1257):
bpf$MAP_CREATE(0x0, 0x0, 0xfffffffffffffdc2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="180000", @ANYRES64], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x93}, 0x90)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000180)={&(0x7f00005c0000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000340)=""/173, 0x69, 0x1, &(0x7f0000000040)=""/6, 0x6}, &(0x7f00000001c0)=0x40)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x5)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, &(0x7f00000003c0)=ANY=[], 0x1e, 0x1517, &(0x7f0000003040)="$eJzs3AucjtXaMPDrWmvdjGnS0ySHYa113TxpsAxJckiSQ5IkW5KcEkKTJAmJcZY0JCHHSXIYQnKYhjTO50POSZI0SRISkqzvN3vbX3vv9vv69vf2fd53z/X//e7fs67nfq71XGuueZ7nvu/5PfNdj1F1mtWt2YSI4L8E/3KTAgAxADAMAG4AgAAAKsZXjM/Zn09iyn/tSdgf65H0a10Bu5a4/7kb9z934/7nbtz/3I37n7tx/3M37n/uxv1nLDfbMafIjbzl3o2v/+dm/Pn/byS77OSvNpW9uee/kML9z924/7kb9z934/7nbtz/3I37n7tx/3M37j9judl/eG2YrnbtmP928O+wXevfP8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjucMF/xsFAH8dX+u6GGOMMcYYY4wx9sfxea91BYwxxhhjjDHGGPt/D0GABAUB5IG8EAP5IBaugzi4HvLDDRCBGyEeboICcDMUhEJQGIpAAhSFYqDBgAWCEIpDCYjCLVASboVEKAWloQw4KAtJUA7Kw21QAW6HinAHVII7oTJUgapQDe6C6nA31IB7oCbcC7WgNtSBunAf1IP7oT48AA3gQWgID0EjeBgaw5+gCTwCTeFRaAaPQXN4HFpAS2gFraHN/1X+S9AHXoa+0A9SoD8MgIEwCAbDEBgKw+AVGA6vwgh4DVJhJIyC12E0vAFj4E0YC+NgPLwFE2AiTILJMAWmQhq8DdPgHZgO78IMmAmzYDakwxyYC+/BPJgPC+B9WAgfwCJYDEtgKWTAh5AJy2A5fAQr4GPIgpWwClbDGlgL62A9bICNsAk2wxbYCttgO+yAT2An7ILdsAf2wj7YD5/CAfgMDsLncAi++Bfzz/9Dfk8EBBQoUKHCPJgHYzAGYzEW4zAO82N+jGAE4zEeC2ABLIgFsTAWxgRMwGJYDA0aJCQsjsUxilEsiSUxEROxNJZGhw6TMAnL421YAStgRayIlbASVsYqWAWrYTWsjtWxBtbAmlgTa2EtrIN18D68D+/H+lgfG2ADbIgNsRE2wsbYGJtgE2yKTbEZNsPm2BxbYAtsha2wDbbBttgW22E77IAdsCN2xM7YGZMxGbtgF+yKXbEbdsPu2B17YA/sib2wF76EL+HL+DL2w1qiPw7AATgIB+EQHIpD8RUcjq/iq/gapuJIHIWv4+v4Bo7BczgWx+F4HI/VxUSchJORxFRMwzSchtNwOk7HGTgTZ+JsTMc5OBfn4jycj/PxfVyIH+AHuBgX41LMwAzMxGWY58qrLwtX4ipcjWtwLa7B9bgB1+Mm3IybcCtuxe24HT/BT3AX7sI9uAf3oQLAT/Ez/AxT8RAewsN4GI/gETyKRzEbs/EYHsPjeBxP4Ak8iSfxFJ7GM3gaz+JZPIfn8QJewIt4ES/hCwnfNN1XamMqiBxKKJFH5BExIkbEilgRJ+JEfpFfRERExIt4UUAUEAVFQVFYFBYJIkEUE8WEEUaQCEVxUVxERVSUFCVFokgUpUVp4YQTSSJJlBflRQVRQVQUd4hK4k5RWVQR7V01UU1UFx1cDXGPqClqilqitqgj6oq6op6oJ+qL+qKBaCAaioaikXhYNBb9cQg+InI600yMxOZiFLYQLUUr0Vq8gU+ItmIMthPtRQfxlBiHY7GzaOuSxTOii5iEXcVzYjI+L7qLqdhDvCh6il6it3hJ9BHtXF/RT8zA/mKAmI2DxGAxRAwV87C2yOlYHfGaSBUjxSjxuliKb4gx4k0xVowT48VbYoKYKCaJyWKKmCrSxNtimnhHTBfvihlippglZot0MUfMFe+JeWK+WCDeFwvFB2KRWCyWiKUiQ3woMsUysVx8JFaIj0WWWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie1ih/hE7BS7xG6xR+wV+8R+8ak4ID4TB8Xn4pD4QhwWX4oj4itxVHwtssU34pj4VhwX34kT4ntxUvwgTonT4oz4UZwVP4lz4ry4IH4WF8Uv4pL4VVwWXoBEKaSUSgYyj8wrY2Q+GSuvk3Hyeplf3iAj8kYZL2+SBeTNsqAsJAvLIjJBFpXFpJZGWkkylMVlCRmVt8iS8laZKEvJ0rKMdLKsTJLlZHl5m6wgb5cV5R2ykrxTVpZVZFVZTd4lq8u7ZQ15j6wp75W1ZG1ZR9aV98l68n5ZXz4gG8gHZUP5kGwkH5aN5Z9kE/mIbCoflc3kY7K5fFy2kC1lK9latpFPyLbySdlOtpcd5FOyo+wkO8unZbJ8RnaRz8qu8jnZTT4vu8sXZA/5ouwpe8ne8ld5WXrZV/aTKbK/HCAHykFysBwih8ph8hU5XL4qR8jXZKocKUfJ1+Vo+YYcI9+UY+U4OV6+JSfIiXKSnCynyKkyTb4tp8l35HT5rpwhZ8pZcrZMl3PkkCszLfg/yH/nn+SP+POzb5c75Cdyp9wld8s9cq/cJ/fL/fKAPCAPyoPykDwkD8vD8og8Io/KozJbZstj8pg8Lo/LE/KEPClPylPytPxZ/ijPyp/kOXlenpc/y4vyorx05WcACpVQUikVqDwqr4pR+VSsuk7FqetVfnWDiqgbVby6SRVQN6uCqpAqrIqoBFVUFVNaGWUVqVAVVyVUVN2CV97SVGlVRjlVViWpcv9KviqpblWJqtTf5V+tvjaqjWqr2qp2qp3qoDqojqqj6qw6q2SVrLqoLqqr6qq6qW6qu+queqgeqqfqqXqr3qqP6qP6qr4qRaWoAWqgGqQGqyFqqBqmXlHD1XA1Qo1QqSpVjVKj1Gg1Wo1RY9RYNVaNV+PVBDVBTVKT1BQ1RaWpNDVNTVPT1XQ1Q81Qs9Qsla7S1Vw1V81T89QCtUAtVAvVIrVILVFLVIbKUJkqUy1Xy9UKtUJlqZVqpVqtVqu1aq1ar9arjWqj2qw2q61qq8pSO9QOtVPtVLvVbrVX7VX71X51QB1QB9VBdUgdUofVYXVEHVFH1VGVrbLVMXVMHVfH1Ql1Qp1UJ9UpdUqdUWfUWXVWnVPn1AV1QV1UF9UldUldVpdzDvsCEYhABSrIE+QJYoKYIDaIDeKCuCB/kD+IBJEgPogPCgQ3BwWDQkHhoEiQEBQNigU6MIENKAiD4kGJIBrcEpQMbg0Sg1JB6aBM4IKyQVJQLigf3BZUCG4PKgZ3BJWCO4PKQZWgalAtuCuoHtwd1AjuCWoG9wa1gtpBnaBucF9QL7g/qB88EDQIHgwaBg8FjYKHg8bBn4ImwSNB0+DRoFnwWNA8eDxoEbQMWgWtgzZ/6Pzenyv0pOur++kU3V8P0AP1ID1YD9FD9TD9ih6uX9Uj9Gs6VY/Uo/TrerR+Q4/Rb+qxepwer9/SE/REPUlP1lP0VJ2m39bT9Dt6un5Xz9Az9Sw9W6frOXqufk/P0/P1Av2+Xqg/0Iv0Yr1EL9UZ+kOdqZfp5fojvUJ/rLP0Sr1Kr9Zr9Fq9Tq/XG/RGvUlv1lv0Vr1Nb9c79Cd6p96ld+s9eq/ep/frT/UB/Zk+qD/Xh/QX+rD+Uh/RX+mj+mudrb/Rx/S3+rj+Tp/Q3+uT+gd9Sp/WZ/SP+qz+SZ/T5/UF/bO+qH/Rl/Sv+rL2OQf3OR/vRhll8pg8JsbEmFgTa+JMnMlv8puIiZh4E28KmAKmoCloCpvCJsEkmGKmmMlBhkxxU9xETdSUNCVNokk0pU1p44wzSSbJlDflTQVTwVQ0FU0lU8lUNpVNVVPV3GXuMnebu8095h5zr7nX1Da1TV1T19Qz9Ux9U980MA1MQ9PQNDKNTGPT2DQxTUxT09Q0M81Mc9PctDAtTCvTyrQxbUxb09a0M+1MB9PBdDQdTWfT2SSbZNPFdDFdTVfTzXQz3U1308P0MD1NT9Pb9DZ9TB/T1/Q1KSbFDDADzCAzyAwxQ8wwM8wMN8PNCDPCpJpUM8qMMqPNaDPGjDFjzTgz3rxlJpiJZpKZbKaYqSbNpJlpZpqZbqabGWaGmWVmmXSTbuaauWaemWcWmAVmoVloFplFZolZYjJMhsk0mWa5WW5WmBUmy2SZVWaVWWPWmHVmndlgNphNZpPZYraYbWab2WF2mJ1mp9ltdpu9Zq/Zb/abA+aAOWgOmkPmkDlsDnsEMEfNUZNtss0xc8wcN8fNCXPCnDQnzSlzypwxZ8xZc9acM+fMBXPBXDS/mEvmV3PZeBNj89lYe52Ns9fb/PYG+49xYVvEJtiitpjVtqAt9HexsdYm2lK29F9PMW05mxiTc1vGOlvWJtlytrKtYqvaavYuW93ebWv8Lq5n77f17QO2gX3Q1rX3/V3c0D5kG9nHbGP7uG1iW9qmtrVtZh+zze3jtoVtaVvZ1raj7WQ726dtsn3GdrHP/i7OtMvsBrvRbrKb7QH7mb1gf7bH7Xf2ov3F9rX97DD7ih1uX7Uj7Gs21Y78XTzevmUn2Il2kp1sp9ipv4tn2dk23c6xc+17dp6d/7s4w35oF9rldpFdbJfYpX+Oc2pabj+yK+zHNsuutKvsarvGrrXr7Pr/Xetqu9Vus9vtfvup3Wl32d12j91r9/05zlnHQfu5PWS/sMfst/aI/coetSdstv3mz3HO+k7Y7+1J+4M9ZU/bM/ZHe9b+ZM/Z8znr9zlr/9H+ai9bb4GQBElSFFAeyksxlI9i6TqKo+spP91AEbqR4ukmKkA3U0EqRIWpCCVQUSpGmgxZIgqpOJWgKN1CJelWSqRSVJrKkKOylETlqDzdRhXodqpId1AlupMqUxWqStXoLqpOd1MNuodq0r1Ui2pTHapL91E9up/q0wPUgB6khvQQNaKHqTH9iZrQI9SUHqVm9Bg1p8epBbWkVtSa2tAT1JaepHbUnjrQU9SROlFnepqS6RnqQs9SV3qOutHz1J1eoB70IvWkXtSbXqI+9DL1pX6UQv1pAA2kQTSYhtBQGkav0HB6lUbQa5RKI2kUvU6j6Q0aQ2/SWBpH4+ktmkATaRJNpik0ldLobZpG79B0epdm0EyaRbMpnebQXHqP5tF8WkDv00L6gBbRYlpCSymDPqRMWkbL6SNaQR9TFq2kVbSa1tBaWkfraQNtpE20mbbQVtpG22kHfUI7aRftpj20l/bRfvqUDlC+Ky+4L+gwfUlH6Cs6Sl9TNn1Dx+hbOk7f0Qn6nk7SD3SKTtMZ+pHO0k90js7TBfqZLtIvdIl+pcvkCUIMRShDFQZhnjBvGBPmC2PD68K48Powf3hDGAlvDOPDm8IC4c1hwbBQWDgsEiaERcNioQ5NaEMKw7B4WCKMhreEJcNbw8SwVFg6LBO6sGyYFJYLy4e3hRXC28OK4R1hpfDOsHJYJXzswWrhXWH18O6wRnhPWDO8N6wV1g7rhHXD+8J64f1h/fCBsEH4YFghfChsFD4cwpXvqzQNHw2bhY+FzcPHwxZhy7BV2DpsEz4Rtg2fDNuF7cMO4VNhx7BT2Dl8OkwOnwm7hM9edX9K2D8cEA4MB4bePyCXRJdGM6IfRjOjy6LLox9FV0Q/jmZFV0ZXRVdH10TXRtdF10c3RDdGN0U3R7dEt0a3RbdHva+bFxw64aRTLnB5XF4X4/K5WHedi3PXu/zuBhdxN7p4d5Mr4G52BV0hV9gVcQmuqCvmtDPOOnKhK+5KuKi7xZV0t7pEV8qVdmWcc2VdkmvtENq4tu5J1861dx3cU+4p18l1ck+7p90zrot71nV1z7lu7nnX3b3gXnAvup6ul+vtXnJ93Muur+vnUlyKG+AGuEFukBvihrhhbpgb7oa7EW6ES3WpbpQb5Ua70W6MG+PGurFuvBvvJrgJbpKb5Ka4KS7Npblpbpqb7qa7AABmuVku3aW7uW6um+fmuQVugVuYuNAtcovcErfEZbgMl+ky3XK33K1wK1yWy3Kr3Cq3xq1x69w6t8FtcJvcJrfFbXHb3Da3w+1wO91Ot9vtdnvdXrff7XcH3AF30B10h9whd9gddkfcEXfUfe2y3TfumPvWHXffuRPue3fS/eBOudPujPvRnXU/uXPuvLvgfnYX3S/ukvvVXXbepUXejkyLvBOZHnk3MiMyMzIrMjuSHpkTmRt5LzIvMj+yIPJ+ZGHkg8iiyOLIksjSSEbkw0hmZFlkeeSjyIrIx5GsyMrIqsjqyJrIWgW+6M7QF/clfNTf4kv6W32iL+VL+zLe+bI+yZfz5f1tvoK/3Vf0d/hK/k5f2VfxVf3jvoVv6Vv51r6Nf8K39U/6dr697+Cf8h19J9/ZP+2T/TO+i3/Wd/XP+W7+ed/dv+B7+Bd9T9/L9/Yv+T7+Zd/X9/Mpvr8f4Af6QX6wH+KH+mH+FT/cv+pH+Nd8qh/pR/nX/Wj/hh/j3/Rj/Tg/3r/lJ/iJfpKf7Kf4qT7Nv+2n+Xf8dP+un+Fn+ll+tk/3c/xc/56f5+f7Bf59v9B/4Bf5xX6JX+oz/Ic+0y/zy/1HfoX/2Gf5lX6VX+3X+LV+nV/vN/iNfpPf7Lf4rX6b3+53+E/8Tr/L7/Z7/F6/z+/3n/oD/jN/0H/uD/kv/GH/pT/iv/JH/dc+23/jj/lv/XH/nT/hv/cn/Q/+lD/tz/gf/Vn/kz/nz/sL/md/0f/iL/lf/eV/8Ttrtf+oy+eMMcYYY//DDLzK/v7/5D4FAOLK+Bfv/fW7imT/7X4JAFsK/mU8WCR0jADAM/16PPLXrVatlJSUK4/NkhCUWAwAkX94givxSugAnSAZ2kP5f1rfYNHrIl1l/ugdALF/kxMDv8W/zf/lfzD/E0+Nz6wUXoj/T+ZfDJBY4recnLPwv8YroUPOaqA9VPin8ydAobZXqT/fV2kA7f4mJw4A2uX7x/qT4El4FpL/7pGMMcYYY4wxxthfDBZVu13t/Dnn/DxB/ZaTF36Lr3Z+zhhjjDHGGGOMsWvv+V69n34iObl9t1wxIPhvUQYPePDfYtDpP3nMtX5nYowxxhhjjP3Rfjvo/+2+fNeyIMYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjLBf6//Gfxq71GhljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLFr7X8FAAD//7JbMiI=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
mount(0x0, &(0x7f00000000c0)='./file0/../file0\x00', &(0x7f0000000100)='tmpfs\x00', 0x0, 0x0)

1.747571107s ago: executing program 3 (id=1258):
syz_mount_image$ext4(&(0x7f0000000ac0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x3810744, &(0x7f0000000700)={[{@noauto_da_alloc}, {@user_xattr}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x9}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10000}}, {@jqfmt_vfsv0}, {@delalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x400000}}, {@noauto_da_alloc}, {@test_dummy_encryption}]}, 0x1, 0x451, &(0x7f0000000d00)="$eJzs281vVFUbAPDn3pkCL/DSivgBglbR2PjR0oLKwo1GExeamOgCl7UtBBmooTUR0mg1BpeGxL1xaeJf4MqVUVcmbnVvSIg2JqAbx9yZe9vOdKb0Y8pU5vdLBs6Ze+ae8+Tcc+fMOb0B9KzB7J8kYm9E/BIR/fVsY4HB+n83F+Ym/lqYm0iiWn3j96RW7sbC3ERRtPjcnjwzlEaknyR5JY1mLl0+N16pTF3M8yOz598dmbl0+emz58fPTJ2ZujB28uSJ46PPPTv2TEfizNp049AH04cPvvLW1dcmTl19+4evs/bee6R+fHkcnTKYBf5Htab52GOdrqzL/qkuxZmUu90a1qoUEVl39dXGf3+UYqnz+uPlj7vaOGBLZffsne0Pz1eBO1gS3W4B0B3FF332+7d43aapx7Zw/YX6D6As7pv5q36kHGlepm8L6x+MiFPzf3+RvaJpHaLaYt0AAGCzvs3mP0+tnP/V9kaWlUvyvaGBiLgrIvZHxN0RcSAi7snL3hcR96+z/uatoZXzz/TaBkNbk2z+93y+t9U4/ytmfzFQynP/r8Xfl5w+W5k6FhH7ImIo+nZm+dFWJy9O8dLPn7Wrf/n8L3tl9Rdzwfwk18pNC3ST47PjnZqUXv8o4lC5VfzJ4k5A1vcHI+LQ+k69r0icfeKrw+0K3Tr+VXRgn6n6ZcTj9f6fj6b4C8nq+5Mju6IydWykuCpW+vGnK6+3q39T8XdA1v+7G6//phL9fybL92tn1l/HlV8/bfubsrzB639H8mZtz3pH/t7747OzF0cjdiSv1vIN748tfbbIF+Wz+IeOth7/+/PPZPE/EBHZRXwkIh6MiIfyvns4Ih6JiKOrxP/9i4++0+7Yduj/yZb3v8Xrf6Cx/9efKJ377pt29a/t/neilhrK36nd/26hfXN25SU2ejUDAADAf08aEXsjSYcX02k6PFz/e/kDsTutTM/MPnl6+r0Lk/VnBAaiLy1WuvqXrYeOJvP5Gev5sXytuDh+PF83/rz0v1p+eGK6Mtnl2KHX7Wkz/jO/lbrdOmDLeV4Lelfz+E+71A7g9vP9D73L+IfeZfxD72o1/j9sytsLgDuT73/oXcY/9C7jH3qX8Q89aTPP9W9VorzK0/sS2yUR6bZohkSLRLkDo7vLNyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAO+TcAAP//uZjx6g==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@metacopy_on}], [], 0x2c})
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0xb}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000580)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
renameat2(r1, &(0x7f0000000380)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', r4, &(0x7f0000000040)='./file1\x00', 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000200)='kvm_vcpu_wakeup\x00', r0}, 0x10)

1.330153741s ago: executing program 0 (id=1259):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x2006}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000001000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008180000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x9, 0x40, 0x6, 0x8}, 0x48)
close(r5)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2}, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x69, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="b8000000190001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f5"], 0xb8}}, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
setsockopt$sock_int(r6, 0x1, 0x28, &(0x7f0000000000)=0x101, 0x4)
readv(r6, &(0x7f00000006c0)=[{&(0x7f0000001900)=""/4096, 0x1000}], 0x1)

1.048230465s ago: executing program 3 (id=1260):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2000000, &(0x7f0000000240), 0x21, 0x4a6, &(0x7f0000000a40)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48)
r1 = open(0x0, 0x64842, 0x0)
r2 = inotify_init1(0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@bloom_filter={0x1e, 0x0, 0x101}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x40f00, 0x2}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000001}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x90)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000a00)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x4}, {0x0, [0x61, 0x5f, 0x61, 0x0]}}, 0x0, 0x1c, 0x0, 0x400, 0xffffffff}, 0x2c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r6 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r6, 0x0, 0x0, 0x0)
inotify_add_watch(r2, &(0x7f0000000040)='./bus\x00', 0x940005ba)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x70600}], 0x1, 0x62000, 0x0, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(r1, &(0x7f0000000200)='blkio.bfq.dequeue\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0xc80e, &(0x7f00000000c0)=ANY=[], 0x1, 0x2fa, &(0x7f0000000f00)="$eJzs3M9LK1cUwPGTGDVGNFmUQluKh3bTbgZN94VQFEoDLdaU/oDCaCZtyDQJmZCSUmq66rb/RoNLd0Jr/wA33XX1No+3cfPgbQTfe/NIZvIc46gxamLI9wNyT3LvceZyo5wZMvf46z9/KhUco2DWJRpXiYq0xBWRThQUkYjXzHmv417Tkg8Xn/3/ropIJptd31TdyGx9lFbV5ZW/f/51773D+uJX+8sH83KU+v74afrx0ZtHbx2/3Pqx6GjR0XKlrqZuVx7VzW3b0nzRKRmqX9iW6VhaLDtWzeuv1P3DSrXaVLOcX0pUa5bj6KnruiWrqfWK1mtNNX8wi2U1DEOXEjI9Tla6TfWmebn25qaZGfKgO0Pm4c4dXtlbq/X+eP51z/fk2vd3TgAA4KEKrf9PRFKB+j/it9Fg/e9rSatT/3/5zbefDVD/H8yF1v+da4nr6v9uf8Gu9NX/Zrmp1P8DiV98K9eeGb7+x4SoLYi09wJX9L9/t7faDaj/AQAAAAAAAAAAAAAAAAAAAACYBCeum3RdN9lpo+LFnZ95/4GR3utxnyfuR3D9vbWOdVad9Z8SgQf34iL2H41cI+e1Xn+mIEWxxZJVScrz7ufB58Ubn2bXI6raUE3JP/aun7/byM2cz1+TpKTC89fUcz5/VhLB/LQk5Y3w/HRo/px88H4g35Ck/LcjFbEl3/1cn+X/tqb6yefZvvwFyYc8MQcAAAAAwCQy9LXQ63fDuKzfyx/k/sBq6PV5TN6OjXfuAAAAAABMC6f5S8m0bat2bfCXn3Ht4Cf+wIF/822DWX8WrnvZGIndZKZnQWSorFsGvW8dXDm4tyfzzQ/h357ZHfm8JjWI9a1F4tLByzP+qgx8iHl/V+bOOy/cvjEf779zOqqZXjznkf4bAgAAADACZ0X/uM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDpdeXGYLN3s8HYuOcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBSvAgAA///SHxpf")

634.110988ms ago: executing program 4 (id=1261):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000840)=ANY=[@ANYBLOB], 0x15)
r0 = dup(0xffffffffffffffff)
write$FUSE_BMAP(r0, &(0x7f0000000000)={0x18, 0x0, 0x0, {0x43c8}}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@bloom_filter={0x1e, 0x1, 0x8, 0xffffffff, 0xa48, r0, 0x6b3, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1, 0x3, 0xf}, 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, 0x0, 0x0, 0x2, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(0xffffffffffffffff, 0x4004f50d, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, &(0x7f0000000300)=ANY=[@ANYRESHEX, @ANYBLOB=',rootmode=00000000', @ANYRESDEC=0x0, @ANYBLOB=',gro', @ANYRESDEC=0x0], 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x9801}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gre={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8}, @IFLA_GRE_REMOTE={0x8, 0x7, @initdev={0xac, 0x1e, 0x0, 0x0}}]}}}]}, 0x40}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

166.585427ms ago: executing program 0 (id=1262):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2000000, &(0x7f0000000240), 0x21, 0x4a6, &(0x7f0000000a40)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
r2 = inotify_init1(0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@bloom_filter={0x1e, 0x0, 0x101}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x40f00, 0x2}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000001}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x90)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000a00)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x4}, {0x0, [0x61, 0x5f, 0x61, 0x0]}}, 0x0, 0x1c, 0x0, 0x400, 0xffffffff}, 0x2c)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
mknodat$loop(0xffffffffffffffff, 0x0, 0x0, 0x0)
inotify_add_watch(r2, &(0x7f0000000040)='./bus\x00', 0x940005ba)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x70600}], 0x1, 0x62000, 0x0, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0xc80e, &(0x7f00000000c0)=ANY=[], 0x1, 0x2fa, &(0x7f0000000f00)="$eJzs3M9LK1cUwPGTGDVGNFmUQluKh3bTbgZN94VQFEoDLdaU/oDCaCZtyDQJmZCSUmq66rb/RoNLd0Jr/wA33XX1No+3cfPgbQTfe/NIZvIc46gxamLI9wNyT3LvceZyo5wZMvf46z9/KhUco2DWJRpXiYq0xBWRThQUkYjXzHmv417Tkg8Xn/3/ropIJptd31TdyGx9lFbV5ZW/f/51773D+uJX+8sH83KU+v74afrx0ZtHbx2/3Pqx6GjR0XKlrqZuVx7VzW3b0nzRKRmqX9iW6VhaLDtWzeuv1P3DSrXaVLOcX0pUa5bj6KnruiWrqfWK1mtNNX8wi2U1DEOXEjI9Tla6TfWmebn25qaZGfKgO0Pm4c4dXtlbq/X+eP51z/fk2vd3TgAA4KEKrf9PRFKB+j/it9Fg/e9rSatT/3/5zbefDVD/H8yF1v+da4nr6v9uf8Gu9NX/Zrmp1P8DiV98K9eeGb7+x4SoLYi09wJX9L9/t7faDaj/AQAAAAAAAAAAAAAAAAAAAACYBCeum3RdN9lpo+LFnZ95/4GR3utxnyfuR3D9vbWOdVad9Z8SgQf34iL2H41cI+e1Xn+mIEWxxZJVScrz7ufB58Ubn2bXI6raUE3JP/aun7/byM2cz1+TpKTC89fUcz5/VhLB/LQk5Y3w/HRo/px88H4g35Ck/LcjFbEl3/1cn+X/tqb6yefZvvwFyYc8MQcAAAAAwCQy9LXQ63fDuKzfyx/k/sBq6PV5TN6OjXfuAAAAAABMC6f5S8m0bat2bfCXn3Ht4Cf+wIF/822DWX8WrnvZGIndZKZnQWSorFsGvW8dXDm4tyfzzQ/h357ZHfm8JjWI9a1F4tLByzP+qgx8iHl/V+bOOy/cvjEf779zOqqZXjznkf4bAgAAADACZ0X/uM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDpdeXGYLN3s8HYuOcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBSvAgAA///SHxpf")

0s ago: executing program 3 (id=1264):
r0 = bpf$MAP_CREATE(0x2000000000000013, &(0x7f0000000140), 0x48)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000100)={&(0x7f0000000000)="ce182781eae172c18801613537541de7940b4d0ff7b5c503", &(0x7f0000000040)=""/100, &(0x7f00000001c0)="cafa0e1cf50cccb077ecb9dc07f6f81e0e79de6d2d3bc2017fa5ad362ab447d3f3ec974ab4d0eea1673c4d8eaf86e8606efa405f9cf280086c36aa62f6e4529d4dd2f2e854959bc1007cdd975720cbc81bcd862fc203eb7149382140a6bb43343b0573b5d46c0c40549245394dc2e7664e6d753b339a51db918cf413acf671020e7f0540da317c6906d0467e5987db1c190c3bf0b3e9e93c85828bed874fc0050e8b77f3461360c1e272e916c1f711830460efc4d3f6e020ed989d10f581e2845748156bbbd23e1465", &(0x7f00000000c0)="b9", 0x9, r0}, 0x38)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000005c0), 0x4)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
mkdir(&(0x7f00000020c0)='./file0\x00', 0x8f)
open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00'}, 0x10)
r4 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
ioctl$TCFLSH(r4, 0x540b, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x12, r4, 0x0)
r5 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ftruncate(r5, 0x8)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet(r6, &(0x7f00000019c0)=[{{&(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, &(0x7f00000008c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x2c}}}}], 0x20}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001fc0)="4efa60eef5c6c848991d3c3f70e1b7031ba0b99e62655bef88b7b13f14ae6a3ab0f8dbe4aec0c3a752ae172885c09372541a913a9febc83fe623813d0e7a82f445", 0x41}], 0x1}}], 0x2, 0x48040)

kernel console output (not intermixed with test programs):

.198559][ T4924] ext4 filesystem being mounted at /63/file0 supports timestamps until 2038 (0x7fffffff)
[  357.237649][  T614] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  357.249119][  T614] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  357.259458][  T614] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  357.335939][  T614] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  357.348700][ T4896] device veth0_vlan entered promiscuous mode
[  357.349326][ T4906] fuse: Bad value for 'fd'
[  357.363336][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  357.373655][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  357.405089][ T4896] device veth1_macvtap entered promiscuous mode
[  357.439583][ T1488] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  357.447955][ T1488] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  357.451226][ T4938] overlayfs: './file1' not a directory
[  357.457517][ T1488] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  357.471949][   T42] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  357.492317][ T4339] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  357.502619][ T4339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  357.533352][  T690] microsoft 0003:045E:07DA.0033: No inputs registered, leaving
[  357.552205][  T690] microsoft 0003:045E:07DA.0033: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  357.563954][  T690] microsoft 0003:045E:07DA.0033: no inputs found
[  357.570294][  T690] microsoft 0003:045E:07DA.0033: could not initialize ff, continuing anyway
[  357.642721][  T943] device bridge_slave_1 left promiscuous mode
[  357.649552][  T943] bridge0: port 2(bridge_slave_1) entered disabled state
[  357.658426][  T943] device bridge_slave_0 left promiscuous mode
[  357.664821][  T943] bridge0: port 1(bridge_slave_0) entered disabled state
[  357.673956][  T943] device veth1_macvtap left promiscuous mode
[  357.739208][ T4943] loop3: detected capacity change from 0 to 16
[  357.747746][  T943] device veth0_vlan left promiscuous mode
[  357.784725][ T4943] erofs: (device loop3): mounted with root inode @ nid 36.
[  357.862119][   T42] usb 1-1: config index 0 descriptor too short (expected 45, got 36)
[  357.969736][   T42] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  357.970842][  T690] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  357.989036][   T42] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  358.015755][   T42] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  358.028307][   T42] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  358.044559][  T291] usb 5-1: USB disconnect, device number 32
[  358.056572][   T42] usb 1-1: config 0 descriptor??
[  358.422208][  T690] usb 3-1: config index 0 descriptor too short (expected 45, got 36)
[  358.433450][  T690] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  358.444569][  T690] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  358.454412][  T690] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  358.467495][ T4950] loop3: detected capacity change from 0 to 512
[  358.473901][  T690] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  358.485174][ T4950] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  358.486748][  T690] usb 3-1: config 0 descriptor??
[  358.498318][ T4950] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038 (0x7fffffff)
[  358.533031][ T4955] loop4: detected capacity change from 0 to 128
[  358.572653][   T42] plantronics 0003:047F:FFFF.0034: unknown main item tag 0xd
[  358.580803][   T42] plantronics 0003:047F:FFFF.0034: unknown main item tag 0x0
[  358.589023][   T42] plantronics 0003:047F:FFFF.0034: unknown main item tag 0x0
[  358.597464][   T42] plantronics 0003:047F:FFFF.0034: No inputs registered, leaving
[  358.607265][   T42] plantronics 0003:047F:FFFF.0034: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  358.631232][ T4955] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  358.644553][ T4955] ext4 filesystem being mounted at /10/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  358.704517][ T4958] overlayfs: './file1' not a directory
[  359.239972][  T291] usb 1-1: USB disconnect, device number 36
[  359.519927][   T30] audit: type=1400 audit(1723311487.568:315): avc:  denied  { bind } for  pid=4977 comm="syz.4.1036" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  359.557396][   T30] audit: type=1400 audit(1723311487.588:316): avc:  denied  { node_bind } for  pid=4977 comm="syz.4.1036" saddr=172.20.20.170 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  359.598688][ T4967] kvm: emulating exchange as write
[  359.783123][ T4339] usb 4-1: new full-speed USB device number 34 using dummy_hcd
[  359.784964][ T4983] FAULT_INJECTION: forcing a failure.
[  359.784964][ T4983] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  359.806250][ T4983] CPU: 1 PID: 4983 Comm: syz.2.1038 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0
[  359.812093][  T690] usb 3-1: string descriptor 0 read error: -71
[  359.816870][ T4983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  359.816891][ T4983] Call Trace:
[  359.816899][ T4983]  <TASK>
[  359.816907][ T4983]  dump_stack_lvl+0x151/0x1b7
[  359.816938][ T4983]  ? io_uring_drop_tctx_refs+0x190/0x190
[  359.816958][ T4983]  ? __alloc_pages+0x27e/0x8f0
[  359.816980][ T4983]  dump_stack+0x15/0x17
[  359.816998][ T4983]  should_fail+0x3c6/0x510
[  359.817017][ T4983]  should_fail_usercopy+0x1a/0x20
[  359.828101][  T690] usb 3-1: USB disconnect, device number 30
[  359.833625][ T4983]  copy_page_from_iter+0x2eb/0x640
[  359.833663][ T4983]  tun_get_user+0x76e/0x3aa0
[  359.833684][ T4983]  ? kasan_set_track+0x4b/0x70
[  359.833702][ T4983]  ? kasan_set_free_info+0x23/0x40
[  359.833724][ T4983]  ? tun_do_read+0x1ef0/0x1ef0
[  359.907127][ T4983]  ? kstrtouint_from_user+0x20a/0x2a0
[  359.912352][ T4983]  ? kstrtol_from_user+0x310/0x310
[  359.918507][ T4983]  ? avc_policy_seqno+0x1b/0x70
[  359.923811][ T4983]  ? selinux_file_permission+0x2c4/0x570
[  359.929707][ T4983]  tun_chr_write_iter+0x1e1/0x2e0
[  359.934816][ T4983]  vfs_write+0xd5d/0x1110
[  359.939239][ T4983]  ? kmem_cache_free+0x116/0x2e0
[  359.944453][ T4983]  ? file_end_write+0x1c0/0x1c0
[  359.953992][ T4983]  ? __fdget_pos+0x209/0x3a0
[  359.960074][ T4983]  ? ksys_write+0x77/0x2c0
[  359.965563][ T4983]  ksys_write+0x199/0x2c0
[  359.970338][ T4983]  ? __ia32_sys_read+0x90/0x90
[  359.977188][ T4983]  ? debug_smp_processor_id+0x17/0x20
[  359.984532][ T4983]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  359.995199][ T4983]  __x64_sys_write+0x7b/0x90
[  360.000472][ T4983]  do_syscall_64+0x3d/0xb0
[  360.004977][ T4983]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  360.012217][ T4983] RIP: 0033:0x7feb7944b4df
[  360.017114][ T4983] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8d 02 00 48
[  360.040058][ T4983] RSP: 002b:00007feb780cc000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  360.050664][ T4983] RAX: ffffffffffffffda RBX: 00007feb795daf80 RCX: 00007feb7944b4df
[  360.060359][ T4983] RDX: 000000000000003e RSI: 0000000020000500 RDI: 00000000000000c8
[  360.070675][ T4983] RBP: 00007feb780cc090 R08: 0000000000000000 R09: 0000000000000000
[  360.082123][ T4983] R10: 000000000000003e R11: 0000000000000293 R12: 0000000000000001
[  360.092019][ T4983] R13: 0000000000000000 R14: 00007feb795daf80 R15: 00007ffd5761fdd8
[  360.102252][ T4983]  </TASK>
[  360.106168][   T42] usb 5-1: new full-speed USB device number 33 using dummy_hcd
[  360.125396][ T4986] loop2: detected capacity change from 0 to 512
[  360.224304][ T4986] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  360.236957][ T4986] ext4 filesystem being mounted at /32/file0 supports timestamps until 2038 (0x7fffffff)
[  360.317803][ T4339] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  360.330361][ T4339] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  360.344314][ T4339] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[  360.431985][ T4993] overlayfs: './file1' not a directory
[  360.472121][   T42] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  360.494502][   T42] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  360.518413][   T42] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[  360.542113][ T4339] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  360.555180][ T4339] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  360.566602][ T4339] usb 4-1: Product: syz
[  360.572801][ T4339] usb 4-1: Manufacturer: syz
[  360.577626][ T4992] loop0: detected capacity change from 0 to 40427
[  360.587982][ T4339] usb 4-1: SerialNumber: syz
[  360.622474][ T4992] F2FS-fs (loop0): Found nat_bits in checkpoint
[  360.692066][   T42] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  360.701585][ T4992] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  360.701671][   T42] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  360.721554][   T42] usb 5-1: Product: syz
[  360.726897][   T42] usb 5-1: Manufacturer: syz
[  360.733178][   T42] usb 5-1: SerialNumber: syz
[  361.282073][ T4339] usb 4-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[  361.291579][ T4339] usb 4-1: found format II with max.bitrate = 0, frame size=2
[  361.299720][ T4339] usb 4-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  361.324890][ T4339] usb 4-1: USB disconnect, device number 34
[  361.349308][  T336] udevd[336]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  361.380967][ T5004] loop2: detected capacity change from 0 to 256
[  361.503845][ T5004] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1042'.
[  361.604824][ T5009] loop0: detected capacity change from 0 to 256
[  361.852211][   T42] usb 5-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[  361.862761][   T42] usb 5-1: found format II with max.bitrate = 0, frame size=2
[  361.871414][   T42] usb 5-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  361.896014][   T42] usb 5-1: USB disconnect, device number 33
[  361.909568][  T528] udevd[528]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  361.930864][  T690] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  362.485154][  T690] usb 3-1: Using ep0 maxpacket: 16
[  362.541742][ T5019] loop0: detected capacity change from 0 to 512
[  362.604399][ T5019] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  362.618309][ T5019] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038 (0x7fffffff)
[  362.661989][  T690] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  362.686125][  T690] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  362.703165][  T690] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  362.726055][  T690] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  362.736967][  T690] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  362.746614][ T5024] ªªªªªª: renamed from vlan0
[  362.757985][  T690] usb 3-1: config 0 descriptor??
[  362.820759][ T5028] overlayfs: './file1' not a directory
[  363.291603][ T5026] loop3: detected capacity change from 0 to 40427
[  363.385476][ T5026] F2FS-fs (loop3): Fix alignment : internally, start(4096) end(16896) block(12288)
[  363.391970][  T774] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  363.401220][ T5026] F2FS-fs (loop3): Unrecognized mount option "actIveUlogs=6" or missing value
[  363.449563][  T690] microsoft 0003:045E:07DA.0035: No inputs registered, leaving
[  363.462322][  T690] microsoft 0003:045E:07DA.0035: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  363.481454][  T690] microsoft 0003:045E:07DA.0035: no inputs found
[  363.491323][  T690] microsoft 0003:045E:07DA.0035: could not initialize ff, continuing anyway
[  363.491366][ T5032] loop0: detected capacity change from 0 to 512
[  363.574206][ T5032] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  363.587396][ T5032] ext4 filesystem being mounted at /13/file0 supports timestamps until 2038 (0x7fffffff)
[  363.676472][  T690] usb 3-1: USB disconnect, device number 31
[  363.707417][ T5026] loop3: detected capacity change from 0 to 40427
[  363.872047][  T774] usb 5-1: config index 0 descriptor too short (expected 45, got 36)
[  363.920888][ T5026] F2FS-fs (loop3): Invalid SB checksum offset: 0
[  363.930085][  T774] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  363.957007][ T5026] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  363.964733][  T774] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  363.969452][ T5026] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  363.978784][  T774] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  364.004431][  T774] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  364.011048][ T5026] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[  364.017946][  T774] usb 5-1: config 0 descriptor??
[  364.020631][ T5026] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  364.477759][   T30] audit: type=1326 audit(1723311492.528:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5044 comm="syz.2.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb7944c9f9 code=0x7ffc0000
[  364.509494][ T4896] attempt to access beyond end of device
[  364.509494][ T4896] loop3: rw=2049, want=45120, limit=40427
[  364.555977][   T30] audit: type=1326 audit(1723311492.528:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5044 comm="syz.2.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7feb7944c9f9 code=0x7ffc0000
[  364.586238][   T30] audit: type=1326 audit(1723311492.528:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5044 comm="syz.2.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb7944c9f9 code=0x7ffc0000
[  364.632491][   T30] audit: type=1326 audit(1723311492.528:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5044 comm="syz.2.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7feb7944c9f9 code=0x7ffc0000
[  364.670566][  T943] Bluetooth: hci0: Frame reassembly failed (-84)
[  364.680387][   T30] audit: type=1326 audit(1723311492.638:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5044 comm="syz.2.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb7944c9f9 code=0x7ffc0000
[  364.706823][   T30] audit: type=1326 audit(1723311492.638:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5044 comm="syz.2.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb7944c9f9 code=0x7ffc0000
[  364.740255][   T30] audit: type=1400 audit(1723311492.718:323): avc:  denied  { setopt } for  pid=5047 comm="syz.0.1050" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  364.765594][   T30] audit: type=1326 audit(1723311492.718:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5044 comm="syz.2.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7feb7944c9f9 code=0x7ffc0000
[  364.791464][   T30] audit: type=1400 audit(1723311492.788:325): avc:  denied  { create } for  pid=5044 comm="syz.2.1051" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  364.813550][   T30] audit: type=1400 audit(1723311492.788:326): avc:  denied  { setopt } for  pid=5044 comm="syz.2.1051" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  365.011987][  T537] usb 4-1: new full-speed USB device number 35 using dummy_hcd
[  365.231195][ T5058] ªªªªªª: renamed from vlan0
[  365.238706][ T5058] FAULT_INJECTION: forcing a failure.
[  365.238706][ T5058] name failslab, interval 1, probability 0, space 0, times 0
[  365.252527][  T774] usb 5-1: string descriptor 0 read error: -71
[  365.257141][ T5058] CPU: 0 PID: 5058 Comm: syz.4.1054 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0
[  365.268383][  T774] usb 5-1: USB disconnect, device number 34
[  365.273595][ T5058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  365.273618][ T5058] Call Trace:
[  365.273625][ T5058]  <TASK>
[  365.273634][ T5058]  dump_stack_lvl+0x151/0x1b7
[  365.273664][ T5058]  ? io_uring_drop_tctx_refs+0x190/0x190
[  365.273683][ T5058]  ? 0xffffffffa0026254
[  365.273697][ T5058]  ? stack_trace_save+0x1c0/0x1c0
[  365.273720][ T5058]  dump_stack+0x15/0x17
[  365.273738][ T5058]  should_fail+0x3c6/0x510
[  365.273770][ T5058]  __should_failslab+0xa4/0xe0
[  365.344003][ T5058]  should_failslab+0x9/0x20
[  365.349933][ T5058]  slab_pre_alloc_hook+0x37/0xd0
[  365.355150][ T5058]  ? device_rename+0xb1/0x190
[  365.360701][ T5058]  __kmalloc_track_caller+0x6c/0x260
[  365.367236][ T5058]  ? device_rename+0xb1/0x190
[  365.373721][ T5058]  kstrdup+0x34/0x70
[  365.380236][ T5058]  device_rename+0xb1/0x190
[  365.386236][ T5058]  dev_change_name+0x344/0x9c0
[  365.392162][ T5058]  ? avc_denied+0x1b0/0x1b0
[  365.398478][ T5058]  ? dev_alloc_name+0x130/0x130
[  365.403482][ T5058]  dev_ifsioc+0x24c/0x10c0
[  365.408653][ T5058]  ? dev_ioctl+0xe70/0xe70
[  365.415412][ T5058]  ? mutex_lock+0xb6/0x1e0
[  365.420562][ T5058]  ? wait_for_completion_killable_timeout+0x10/0x10
[  365.428621][ T5058]  ? security_capable+0x87/0xb0
[  365.434145][ T5058]  dev_ioctl+0x35c/0xe70
[  365.440062][ T5058]  sock_do_ioctl+0x34f/0x5a0
[  365.445262][ T5058]  ? sock_show_fdinfo+0xa0/0xa0
[  365.450528][ T5058]  ? selinux_file_ioctl+0x3cc/0x540
[  365.457648][ T5058]  sock_ioctl+0x455/0x740
[  365.464425][ T5058]  ? sock_poll+0x400/0x400
[  365.471335][ T5058]  ? __fget_files+0x31e/0x380
[  365.477525][ T5058]  ? security_file_ioctl+0x84/0xb0
[  365.485815][ T5058]  ? sock_poll+0x400/0x400
[  365.492899][ T5058]  __se_sys_ioctl+0x114/0x190
[  365.499882][ T5058]  __x64_sys_ioctl+0x7b/0x90
[  365.507150][ T5058]  do_syscall_64+0x3d/0xb0
[  365.514890][ T5058]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  365.521771][ T5058] RIP: 0033:0x7f6be29b49f9
[  365.526932][ T5058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  365.555888][ T5058] RSP: 002b:00007f6be1634038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  365.567156][ T5058] RAX: ffffffffffffffda RBX: 00007f6be2b42f80 RCX: 00007f6be29b49f9
[  365.578865][ T5058] RDX: 0000000020000000 RSI: 0000000000008923 RDI: 0000000000000006
[  365.591134][ T5058] RBP: 00007f6be1634090 R08: 0000000000000000 R09: 0000000000000000
[  365.601447][ T5058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  365.611581][ T5058] R13: 0000000000000000 R14: 00007f6be2b42f80 R15: 00007ffc737b40c8
[  365.620418][ T5058]  </TASK>
[  365.649092][ T5062] loop4: detected capacity change from 0 to 512
[  365.694619][ T5062] EXT4-fs (loop4): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000004,inode_readahead_blks=0x0000000000000800,quota,,errors=continue. Quota mode: writeback.
[  365.721196][ T5062] ext4 filesystem being mounted at /17/bus supports timestamps until 2038 (0x7fffffff)
[  365.772089][  T537] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  365.784471][  T537] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  365.799134][  T537] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[  365.850551][ T5072] incfs: Can't find or create .index dir in ./file0
[  365.864368][ T5072] incfs: mount failed -14
[  365.937883][ T5075] loop4: detected capacity change from 0 to 512
[  365.986445][ T5075] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  365.998709][ T5075] EXT4-fs (loop4): orphan cleanup on readonly fs
[  366.006572][ T5075] EXT4-fs warning (device loop4): ext4_enable_quotas:6410: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  366.012145][  T537] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  366.023805][ T5075] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  366.034043][  T537] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  366.042552][ T5075] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1058: bg 0: block 40: padding at end of block bitmap is not set
[  366.053070][  T537] usb 4-1: Product: syz
[  366.070890][ T5075] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6176: Corrupt filesystem
[  366.075561][  T537] usb 4-1: Manufacturer: syz
[  366.085622][ T5075] EXT4-fs (loop4): 1 truncate cleaned up
[  366.090761][  T537] usb 4-1: SerialNumber: syz
[  366.101124][ T5075] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  366.127280][ T5075] EXT4-fs error (device loop4): ext4_xattr_block_get:546: inode #16: comm syz.4.1058: corrupted xattr block 31
[  366.142553][ T5075] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=16
[  366.472367][  T537] usb 4-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[  366.485444][  T537] usb 4-1: found format II with max.bitrate = 0, frame size=2
[  366.498412][  T537] usb 4-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  366.537333][  T537] usb 4-1: USB disconnect, device number 35
[  366.568601][ T5079] FAULT_INJECTION: forcing a failure.
[  366.568601][ T5079] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  366.594017][ T5079] CPU: 0 PID: 5079 Comm: syz.2.1059 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0
[  366.606072][ T5079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  366.620743][ T5079] Call Trace:
[  366.627071][ T5079]  <TASK>
[  366.630533][ T5079]  dump_stack_lvl+0x151/0x1b7
[  366.636845][ T5079]  ? io_uring_drop_tctx_refs+0x190/0x190
[  366.645732][ T5079]  ? stack_trace_snprint+0xf0/0xf0
[  366.651047][ T5079]  dump_stack+0x15/0x17
[  366.655975][ T5079]  should_fail+0x3c6/0x510
[  366.661272][ T5079]  should_fail_alloc_page+0x5a/0x80
[  366.668010][ T5079]  prepare_alloc_pages+0x15c/0x700
[  366.675403][ T5079]  ? stack_map_pop_elem+0x229/0x390
[  366.682334][ T5079]  ? __alloc_pages_bulk+0xe40/0xe40
[  366.690032][ T5079]  __alloc_pages+0x18c/0x8f0
[  366.696769][ T5079]  ? prep_new_page+0x110/0x110
[  366.704357][ T5079]  ? bpf_trace_run3+0x123/0x250
[  366.712318][ T5079]  ? check_stack_object+0x114/0x130
[  366.721375][ T5079]  ? avc_policy_seqno+0x1b/0x70
[  366.730053][ T5079]  __get_free_pages+0x10/0x30
[  366.735795][ T5079]  environ_read+0xbb/0x3d0
[  366.741366][ T5079]  ? fsnotify_perm+0x470/0x5d0
[  366.746938][ T5079]  ? security_file_permission+0x86/0xb0
[  366.754426][ T5079]  do_iter_read+0x51d/0x7b0
[  366.760238][ T5079]  do_preadv+0x20e/0x350
[  366.766005][ T5079]  ? vfs_writev+0x560/0x560
[  366.772208][ T5079]  ? ksys_write+0x260/0x2c0
[  366.777014][ T5079]  ? debug_smp_processor_id+0x17/0x20
[  366.782929][ T5079]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  366.790197][ T5079]  __x64_sys_preadv+0x9e/0xb0
[  366.794861][ T5079]  do_syscall_64+0x3d/0xb0
[  366.800203][ T5079]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  366.807793][ T5079] RIP: 0033:0x7feb7944c9f9
[  366.813351][ T5079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  366.834850][ T5079] RSP: 002b:00007feb780cc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  366.843534][ T5079] RAX: ffffffffffffffda RBX: 00007feb795daf80 RCX: 00007feb7944c9f9
[  366.852410][ T5079] RDX: 0000000000000001 RSI: 0000000020001400 RDI: 0000000000000006
[  366.863459][ T5079] RBP: 00007feb780cc090 R08: 0000000000000000 R09: 0000000000000000
[  366.872052][ T5079] R10: 0000000000c002a0 R11: 0000000000000246 R12: 0000000000000001
[  366.881341][ T5079] R13: 0000000000000000 R14: 00007feb795daf80 R15: 00007ffd5761fdd8
[  366.889983][ T5079]  </TASK>
[  366.894172][  T774] Bluetooth: hci0: command 0x1003 tx timeout
[  366.900983][  T490] Bluetooth: hci0: sending frame failed (-49)
[  366.924361][ T5082] loop2: detected capacity change from 0 to 256
[  366.969573][ T5082] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1061'.
[  366.985863][ T5084] loop4: detected capacity change from 0 to 512
[  367.035607][ T5084] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  367.052434][ T5084] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038 (0x7fffffff)
[  367.129650][ T5090] loop3: detected capacity change from 0 to 512
[  367.320572][ T5090] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  367.339318][   T42] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  367.350881][ T5090] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038 (0x7fffffff)
[  367.635589][ T5096] overlayfs: './file1' not a directory
[  367.660673][   T42] usb 3-1: Using ep0 maxpacket: 16
[  367.972594][   T42] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  368.009754][   T42] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  368.021553][   T42] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  368.037604][   T42] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  368.049612][   T42] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  368.060587][   T42] usb 3-1: config 0 descriptor??
[  368.222104][  T774] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  368.342367][  T690] usb 4-1: new full-speed USB device number 36 using dummy_hcd
[  368.479524][ T5105] bridge0: port 1(bridge_slave_0) entered blocking state
[  368.489807][ T5105] bridge0: port 1(bridge_slave_0) entered disabled state
[  368.502523][ T5105] device bridge_slave_0 entered promiscuous mode
[  368.516173][ T5105] bridge0: port 2(bridge_slave_1) entered blocking state
[  368.527338][ T5105] bridge0: port 2(bridge_slave_1) entered disabled state
[  368.538840][ T5105] device bridge_slave_1 entered promiscuous mode
[  368.552676][   T42] microsoft 0003:045E:07DA.0036: No inputs registered, leaving
[  368.566762][   T42] microsoft 0003:045E:07DA.0036: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  368.581636][   T42] microsoft 0003:045E:07DA.0036: no inputs found
[  368.592323][   T42] microsoft 0003:045E:07DA.0036: could not initialize ff, continuing anyway
[  368.612029][  T774] usb 5-1: config index 0 descriptor too short (expected 45, got 36)
[  368.621352][  T774] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  368.633589][  T774] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  368.647158][  T774] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  368.659047][  T774] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  368.673082][  T774] usb 5-1: config 0 descriptor??
[  368.698885][ T5105] bridge0: port 2(bridge_slave_1) entered blocking state
[  368.707542][ T5105] bridge0: port 2(bridge_slave_1) entered forwarding state
[  368.716927][ T5105] bridge0: port 1(bridge_slave_0) entered blocking state
[  368.726635][ T5105] bridge0: port 1(bridge_slave_0) entered forwarding state
[  368.742070][  T690] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  368.758983][  T690] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  368.772668][  T690] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[  368.788836][   T42] bridge0: port 1(bridge_slave_0) entered disabled state
[  368.789049][  T310] usb 3-1: USB disconnect, device number 32
[  368.805696][   T42] bridge0: port 2(bridge_slave_1) entered disabled state
[  368.814367][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  368.823829][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  368.844105][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  368.855147][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[  368.864320][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[  368.874423][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  368.885628][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[  368.894458][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[  368.902562][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  368.915868][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  368.937632][ T5105] device veth0_vlan entered promiscuous mode
[  368.946040][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  368.955454][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  368.962291][  T690] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  368.964473][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  368.987608][  T690] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  368.987908][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  368.997591][  T690] usb 4-1: Product: syz
[  369.006724][  T614] Bluetooth: hci0: command 0x1001 tx timeout
[  369.018187][  T490] Bluetooth: hci0: sending frame failed (-49)
[  369.018896][ T5105] device veth1_macvtap entered promiscuous mode
[  369.033559][  T690] usb 4-1: Manufacturer: syz
[  369.039596][  T690] usb 4-1: SerialNumber: syz
[  369.052430][ T4339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  369.063284][ T4339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  369.074023][ T4339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  369.270907][ T5113] loop1: detected capacity change from 0 to 16
[  369.420797][ T5115] loop2: detected capacity change from 0 to 1024
[  369.483196][ T5113] erofs: (device loop1): mounted with root inode @ nid 36.
[  369.504500][ T5115] EXT4-fs (loop2): Invalid want_extra_isize 4096
[  369.516682][ T5112] attempt to access beyond end of device
[  369.516682][ T5112] loop1: rw=0, want=14552337264, limit=16
[  369.592650][  T690] usb 4-1: 2:1 : no UAC_FORMAT_TYPE desc
[  369.619935][  T690] usb 4-1: USB disconnect, device number 36
[  369.872121][  T774] usb 5-1: string descriptor 0 read error: -71
[  370.060056][  T774] usb 5-1: USB disconnect, device number 35
[  370.634792][ T5127] loop3: detected capacity change from 0 to 16
[  370.665237][ T5127] erofs: (device loop3): mounted with root inode @ nid 36.
[  370.676701][ T5125] attempt to access beyond end of device
[  370.676701][ T5125] loop3: rw=0, want=14552337264, limit=16
[  370.703568][   T30] kauditd_printk_skb: 9 callbacks suppressed
[  370.703591][   T30] audit: type=1400 audit(1723311498.758:336): avc:  denied  { mounton } for  pid=5129 comm="syz.2.1071" path="/proc/137/task" dev="proc" ino=28845 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  370.704999][ T5130] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  370.912304][  T774] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  371.005054][ T5138] loop3: detected capacity change from 0 to 512
[  371.044666][ T5138] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  371.060618][ T5138] ext4 filesystem being mounted at /11/file0 supports timestamps until 2038 (0x7fffffff)
[  371.082062][  T291] Bluetooth: hci0: command 0x1009 tx timeout
[  371.216534][ T5144] loop1: detected capacity change from 0 to 256
[  371.243674][ T5146] overlayfs: './file1' not a directory
[  371.714678][   T42] usb 3-1: new full-speed USB device number 33 using dummy_hcd
[  372.403552][  T774] usb 5-1: config index 0 descriptor too short (expected 45, got 36)
[  372.417186][  T774] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  372.432201][  T774] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  372.451107][  T774] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  372.461957][  T774] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  372.478361][  T774] usb 5-1: config 0 descriptor??
[  372.529618][ T5152] loop1: detected capacity change from 0 to 512
[  372.550553][ T5154] loop3: detected capacity change from 0 to 256
[  372.615046][ T5152] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  372.635162][ T5152] ext4 filesystem being mounted at /4/file0 supports timestamps until 2038 (0x7fffffff)
[  372.651626][ T5154] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1077'.
[  372.792067][   T42] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  372.804148][   T42] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  372.820049][   T42] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[  372.835953][ T5159] overlayfs: './file1' not a directory
[  372.976878][  T774] plantronics 0003:047F:FFFF.0037: unknown main item tag 0xd
[  372.982132][ T4339] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  373.008215][  T774] plantronics 0003:047F:FFFF.0037: No inputs registered, leaving
[  373.022030][   T42] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  373.033173][   T42] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  373.043921][  T774] plantronics 0003:047F:FFFF.0037: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  373.057533][   T42] usb 3-1: Product: syz
[  373.071731][   T42] usb 3-1: Manufacturer: syz
[  373.082589][   T42] usb 3-1: SerialNumber: syz
[  373.232152][ T4339] usb 4-1: Using ep0 maxpacket: 16
[  373.352134][ T4339] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  373.439859][ T4339] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  373.451567][ T4339] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  373.467575][ T4339] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  373.477840][ T4339] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  373.507759][ T4339] usb 4-1: config 0 descriptor??
[  373.543911][   T42] usb 3-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[  373.558356][   T42] usb 3-1: found format II with max.bitrate = 0, frame size=2
[  373.570245][   T42] usb 3-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  373.608537][   T42] usb 3-1: USB disconnect, device number 33
[  373.844114][   T42] usb 5-1: USB disconnect, device number 36
[  373.863568][ T5164] loop4: detected capacity change from 0 to 128
[  373.965429][ T5164] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  373.979071][ T5164] ext4 filesystem being mounted at /24/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  374.015191][  T310] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  374.039654][ T5170] loop2: detected capacity change from 0 to 256
[  374.051675][ T4339] microsoft 0003:045E:07DA.0038: No inputs registered, leaving
[  374.183959][ T4339] microsoft 0003:045E:07DA.0038: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  374.197398][ T4339] microsoft 0003:045E:07DA.0038: no inputs found
[  374.204496][ T4339] microsoft 0003:045E:07DA.0038: could not initialize ff, continuing anyway
[  374.357615][   T42] usb 4-1: USB disconnect, device number 37
[  374.662161][  T310] usb 2-1: config index 0 descriptor too short (expected 45, got 36)
[  374.673389][  T310] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  374.685978][  T310] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  374.695350][  T310] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  374.760830][  T310] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  374.782612][  T310] usb 2-1: config 0 descriptor??
[  374.808455][ T5177] loop4: detected capacity change from 0 to 1024
[  374.816957][ T5177] EXT4-fs (loop4): Invalid want_extra_isize 4096
[  374.913295][ T5185] loop3: detected capacity change from 0 to 512
[  374.926153][ T5180] bridge0: port 1(bridge_slave_0) entered blocking state
[  374.934282][ T5180] bridge0: port 1(bridge_slave_0) entered disabled state
[  374.945444][ T5180] device bridge_slave_0 entered promiscuous mode
[  375.252161][ T5187] loop2: detected capacity change from 0 to 16
[  375.375359][ T5187] erofs: (device loop2): mounted with root inode @ nid 36.
[  375.414209][ T5181] attempt to access beyond end of device
[  375.414209][ T5181] loop2: rw=0, want=14552337264, limit=16
[  375.531994][ T5180] bridge0: port 2(bridge_slave_1) entered blocking state
[  375.584974][ T5185] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  375.611098][ T5180] bridge0: port 2(bridge_slave_1) entered disabled state
[  375.620095][ T5185] ext4 filesystem being mounted at /13/file0 supports timestamps until 2038 (0x7fffffff)
[  375.620733][ T5180] device bridge_slave_1 entered promiscuous mode
[  375.823181][ T5198] loop2: detected capacity change from 0 to 512
[  375.857849][ T5180] bridge0: port 2(bridge_slave_1) entered blocking state
[  375.865659][ T5180] bridge0: port 2(bridge_slave_1) entered forwarding state
[  375.873863][ T5180] bridge0: port 1(bridge_slave_0) entered blocking state
[  375.881632][ T5180] bridge0: port 1(bridge_slave_0) entered forwarding state
[  375.906224][ T5201] overlayfs: './file1' not a directory
[  375.949107][ T5202] loop4: detected capacity change from 0 to 16
[  376.044806][ T5202] erofs: (device loop4): mounted with root inode @ nid 36.
[  376.222813][ T5198] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  376.242551][ T4339] bridge0: port 1(bridge_slave_0) entered disabled state
[  376.263021][ T4339] bridge0: port 2(bridge_slave_1) entered disabled state
[  376.277489][ T5198] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038 (0x7fffffff)
[  376.305291][  T774] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  376.319046][  T774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  376.340600][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  376.352000][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  376.362194][  T291] bridge0: port 1(bridge_slave_0) entered blocking state
[  376.370466][  T291] bridge0: port 1(bridge_slave_0) entered forwarding state
[  376.379471][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  376.389863][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  376.401389][  T291] bridge0: port 2(bridge_slave_1) entered blocking state
[  376.409932][  T291] bridge0: port 2(bridge_slave_1) entered forwarding state
[  376.434870][  T774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  376.447557][  T774] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  376.467930][  T774] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  376.477352][  T774] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  376.505644][ T1488] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  376.553571][ T1488] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  376.568043][ T5206] overlayfs: './file1' not a directory
[  376.591494][ T5180] device veth0_vlan entered promiscuous mode
[  376.622928][ T5180] device veth1_macvtap entered promiscuous mode
[  376.756668][ T4339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  376.784524][ T4339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  376.797478][ T5213] loop3: detected capacity change from 0 to 512
[  376.808233][ T4339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  376.843107][ T4339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  376.853403][ T4339] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  376.861958][ T5213] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  376.862782][ T4339] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  376.884026][ T5213] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038 (0x7fffffff)
[  376.918956][ T4339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  376.935564][ T4339] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  376.948170][ T4339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  376.958651][  T690] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  376.968635][  T690] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  376.999475][ T5223] FAULT_INJECTION: forcing a failure.
[  376.999475][ T5223] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  377.016604][ T5223] CPU: 0 PID: 5223 Comm: syz.0.1090 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0
[  377.026578][ T5223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  377.036874][ T5223] Call Trace:
[  377.040355][ T5223]  <TASK>
[  377.043324][ T5223]  dump_stack_lvl+0x151/0x1b7
[  377.048146][ T5223]  ? io_uring_drop_tctx_refs+0x190/0x190
[  377.054147][ T5223]  ? __alloc_pages+0x27e/0x8f0
[  377.059550][ T5223]  dump_stack+0x15/0x17
[  377.064693][ T5223]  should_fail+0x3c6/0x510
[  377.069887][ T5223]  should_fail_usercopy+0x1a/0x20
[  377.075077][ T5223]  copy_page_from_iter+0x2eb/0x640
[  377.080538][ T5223]  tun_get_user+0x76e/0x3aa0
[  377.085132][ T5223]  ? kasan_set_track+0x4b/0x70
[  377.089908][ T5223]  ? kasan_set_free_info+0x23/0x40
[  377.095119][ T5223]  ? tun_do_read+0x1ef0/0x1ef0
[  377.099985][ T5223]  ? kstrtouint_from_user+0x20a/0x2a0
[  377.105733][ T5223]  ? kstrtol_from_user+0x310/0x310
[  377.113426][ T5223]  ? avc_policy_seqno+0x1b/0x70
[  377.118508][ T5223]  ? selinux_file_permission+0x2c4/0x570
[  377.124417][ T5223]  tun_chr_write_iter+0x1e1/0x2e0
[  377.129578][ T5223]  vfs_write+0xd5d/0x1110
[  377.134946][ T5223]  ? kmem_cache_free+0x2c3/0x2e0
[  377.140140][ T5223]  ? file_end_write+0x1c0/0x1c0
[  377.145956][ T5223]  ? __fdget_pos+0x209/0x3a0
[  377.150796][ T5223]  ? ksys_write+0x77/0x2c0
[  377.155787][ T5223]  ksys_write+0x199/0x2c0
[  377.160439][ T5223]  ? __ia32_sys_read+0x90/0x90
[  377.165599][ T5223]  ? debug_smp_processor_id+0x17/0x20
[  377.173036][ T5223]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  377.179504][ T5223]  __x64_sys_write+0x7b/0x90
[  377.184339][ T5223]  do_syscall_64+0x3d/0xb0
[  377.188949][ T5223]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  377.194843][ T5223] RIP: 0033:0x7f520bebe4df
[  377.199097][ T5223] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8d 02 00 48
[  377.221280][ T5223] RSP: 002b:00007f520ab3f000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  377.229872][ T5223] RAX: ffffffffffffffda RBX: 00007f520c04df80 RCX: 00007f520bebe4df
[  377.240786][ T5223] RDX: 0000000000000036 RSI: 0000000020000180 RDI: 00000000000000c8
[  377.250748][ T5223] RBP: 00007f520ab3f090 R08: 0000000000000000 R09: 0000000000000000
[  377.259257][ T5223] R10: 0000000000000036 R11: 0000000000000293 R12: 0000000000000001
[  377.268375][ T5223] R13: 0000000000000000 R14: 00007f520c04df80 R15: 00007ffd6dd7c788
[  377.277330][ T5223]  </TASK>
[  377.336202][ T5224] overlayfs: './file1' not a directory
[  377.545270][ T1176] device bridge_slave_1 left promiscuous mode
[  377.634289][ T5226] loop0: detected capacity change from 0 to 512
[  377.650959][ T1176] bridge0: port 2(bridge_slave_1) entered disabled state
[  377.666548][ T1176] device bridge_slave_0 left promiscuous mode
[  377.673136][ T1176] bridge0: port 1(bridge_slave_0) entered disabled state
[  377.673205][  T310] usb 2-1: string descriptor 0 read error: -71
[  377.688082][  T310] usb 2-1: USB disconnect, device number 33
[  377.688107][ T1176] device veth1_macvtap left promiscuous mode
[  377.700434][ T1176] device veth0_vlan left promiscuous mode
[  377.719154][ T5231] loop3: detected capacity change from 0 to 256
[  377.736930][ T5226] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  377.750148][ T5226] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038 (0x7fffffff)
[  377.762189][ T4339] usb 5-1: new full-speed USB device number 37 using dummy_hcd
[  377.895495][ T5238] loop2: detected capacity change from 0 to 1024
[  377.944549][ T5231] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1093'.
[  377.962093][ T5239] overlayfs: './file1' not a directory
[  377.993878][ T5238] EXT4-fs (loop2): Invalid want_extra_isize 4096
[  378.062104][  T310] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  378.226753][ T1488] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  379.343705][ T4339] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  379.357891][ T4339] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  379.372755][ T4339] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[  379.446647][ T5246] loop2: detected capacity change from 0 to 16
[  379.504489][ T5246] erofs: (device loop2): mounted with root inode @ nid 36.
[  379.521950][ T5246] attempt to access beyond end of device
[  379.521950][ T5246] loop2: rw=0, want=14552337264, limit=16
[  379.672023][  T310] usb 2-1: Using ep0 maxpacket: 32
[  379.742059][ T1488] usb 4-1: Using ep0 maxpacket: 16
[  379.757858][ T5253] loop4: detected capacity change from 0 to 512
[  379.802209][  T310] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  379.817715][ T4339] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  379.829679][ T4339] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  379.841172][  T310] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  379.857909][ T4339] usb 5-1: Product: syz
[  379.863831][  T310] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  379.868513][ T5253] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  379.877208][ T1488] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  379.890975][ T5253] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038 (0x7fffffff)
[  379.903381][ T4339] usb 5-1: can't set config #1, error -71
[  379.923341][  T310] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  379.945260][  T310] usb 2-1: New USB device found, idVendor=03fc, idProduct=05d8, bcdDevice= 0.00
[  379.956184][ T4339] usb 5-1: USB disconnect, device number 37
[  379.962380][ T1488] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  379.977308][  T310] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  379.987303][ T1488] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  380.007247][ T1488] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  380.019156][  T310] usb 2-1: config 0 descriptor??
[  380.027252][ T1488] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  380.037703][ T1488] usb 4-1: config 0 descriptor??
[  380.134252][ T5257] overlayfs: './file1' not a directory
[  380.218084][ T5259] loop2: detected capacity change from 0 to 1024
[  380.273745][ T5259] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsv1,bsddf,barrier=0x0000000000000000,norecovery,debug_want_extra_isize=0x0000000000000080,barrier=0x0000000000000000,nodelalloc,acl,errors=remount-ro,. Quota mode: none.
[  380.304346][   T30] audit: type=1400 audit(1723311508.358:337): avc:  denied  { setattr } for  pid=5258 comm="syz.2.1099" name="file0" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  380.535350][ T5267] loop0: detected capacity change from 0 to 512
[  380.559411][ T5267] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  380.575992][  T310] hid-generic 0003:03FC:05D8.0039: unknown main item tag 0x0
[  380.577591][ T5267] ext4 filesystem being mounted at /5/file0 supports timestamps until 2038 (0x7fffffff)
[  380.592336][  T310] hid-generic 0003:03FC:05D8.0039: unknown main item tag 0x0
[  380.623354][ T1488] microsoft 0003:045E:07DA.003A: No inputs registered, leaving
[  380.640166][  T310] hid-generic 0003:03FC:05D8.0039: unknown main item tag 0x0
[  380.647758][ T1488] microsoft 0003:045E:07DA.003A: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  380.666997][ T1488] microsoft 0003:045E:07DA.003A: no inputs found
[  380.674814][  T310] hid-generic 0003:03FC:05D8.0039: unknown main item tag 0x0
[  380.683803][ T1488] microsoft 0003:045E:07DA.003A: could not initialize ff, continuing anyway
[  380.693389][  T310] hid-generic 0003:03FC:05D8.0039: unknown main item tag 0x0
[  380.701489][  T310] hid-generic 0003:03FC:05D8.0039: unknown main item tag 0x0
[  380.713001][  T310] hid-generic 0003:03FC:05D8.0039: unknown main item tag 0x0
[  380.724519][  T310] hid-generic 0003:03FC:05D8.0039: hidraw1: USB HID v0.00 Device [HID 03fc:05d8] on usb-dummy_hcd.1-1/input0
[  380.782539][  T291] usb 2-1: USB disconnect, device number 34
[  380.842833][ T5273] overlayfs: './file1' not a directory
[  380.941920][  T614] usb 4-1: USB disconnect, device number 38
[  381.131941][  T310] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  381.256452][ T5276] loop2: detected capacity change from 0 to 128
[  381.333941][ T5276] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  381.346461][ T5276] ext4 filesystem being mounted at /49/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  381.352650][ T5279] loop1: detected capacity change from 0 to 128
[  381.459598][ T5282] loop3: detected capacity change from 0 to 512
[  381.474744][ T5279] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  381.488182][ T5279] ext4 filesystem being mounted at /7/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  381.695777][ T5282] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  381.708505][ T5282] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038 (0x7fffffff)
[  381.721501][  T310] usb 5-1: config index 0 descriptor too short (expected 45, got 36)
[  381.731840][  T310] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  382.674518][  T310] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  382.708890][  T310] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  382.718907][  T310] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  382.732645][  T310] usb 5-1: config 0 descriptor??
[  382.767575][ T5294] loop2: detected capacity change from 0 to 512
[  382.944489][ T5298] loop0: detected capacity change from 0 to 16
[  383.574190][ T5299] overlayfs: './file1' not a directory
[  383.622989][ T5298] erofs: (device loop0): mounted with root inode @ nid 36.
[  383.677504][ T5292] attempt to access beyond end of device
[  383.677504][ T5292] loop0: rw=0, want=14552337264, limit=16
[  383.887152][ T5294] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  383.899706][ T5294] ext4 filesystem being mounted at /50/file0 supports timestamps until 2038 (0x7fffffff)
[  383.979318][  T614] usb 2-1: new full-speed USB device number 35 using dummy_hcd
[  384.094763][ T5312] overlayfs: './file1' not a directory
[  384.183851][ T5313] loop0: detected capacity change from 0 to 16
[  384.858536][ T5313] erofs: (device loop0): mounted with root inode @ nid 36.
[  384.873184][ T5310] attempt to access beyond end of device
[  384.873184][ T5310] loop0: rw=0, want=14552337264, limit=16
[  384.887696][  T310] usb 5-1: string descriptor 0 read error: -71
[  384.896961][  T310] usb 5-1: USB disconnect, device number 38
[  384.951358][ T5320] loop2: detected capacity change from 0 to 512
[  384.961951][ T5305] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  385.034209][ T5320] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  385.052581][ T5324] loop0: detected capacity change from 0 to 512
[  385.060315][ T5320] ext4 filesystem being mounted at /51/file0 supports timestamps until 2038 (0x7fffffff)
[  385.084629][ T5324] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  385.097059][ T5324] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038 (0x7fffffff)
[  385.202065][  T614] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  385.212970][  T614] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  385.225558][  T614] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[  385.297981][ T5329] overlayfs: './file1' not a directory
[  385.532371][  T614] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  385.573266][  T614] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  385.603469][  T614] usb 2-1: Product: syz
[  385.608316][  T614] usb 2-1: Manufacturer: syz
[  385.615101][  T614] usb 2-1: SerialNumber: syz
[  385.652016][ T5305] usb 4-1: config index 0 descriptor too short (expected 45, got 36)
[  385.660940][ T5305] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  385.684244][ T5305] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  385.700805][ T5305] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  385.720347][ T5333] loop4: detected capacity change from 0 to 2048
[  385.727924][ T5305] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  385.738238][ T5305] usb 4-1: config 0 descriptor??
[  385.790683][ T5335] loop2: detected capacity change from 0 to 256
[  385.825254][ T5333] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  385.870175][ T5342] loop1: detected capacity change from 0 to 128
[  385.911039][ T5335] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1115'.
[  385.941146][ T5342] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  385.956243][ T5342] ext4 filesystem being mounted at /10/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  385.995894][  T614] usb 2-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[  386.009642][  T614] usb 2-1: found format II with max.bitrate = 0, frame size=2
[  386.018218][  T614] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  386.109958][  T614] usb 2-1: USB disconnect, device number 35
[  386.312994][ T5305] plantronics 0003:047F:FFFF.003B: unknown main item tag 0xd
[  386.321490][ T5305] plantronics 0003:047F:FFFF.003B: No inputs registered, leaving
[  386.432120][ T1535] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  386.463092][ T1176] Bluetooth: hci0: Frame reassembly failed (-84)
[  386.478383][ T1176] Bluetooth: hci0: Frame reassembly failed (-84)
[  386.512263][ T5301] usb 5-1: new full-speed USB device number 39 using dummy_hcd
[  386.598075][ T5305] plantronics 0003:047F:FFFF.003B: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  386.711912][ T1535] usb 3-1: Using ep0 maxpacket: 16
[  386.832104][ T1535] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  386.844963][ T1535] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  386.857153][ T1535] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  386.870593][ T1535] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  386.880940][ T1535] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  386.890584][ T1535] usb 3-1: config 0 descriptor??
[  386.912509][ T5301] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  386.922634][ T5301] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  386.935177][ T5301] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[  387.126258][ T5364] loop1: detected capacity change from 0 to 256
[  387.342116][ T5301] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  387.355119][ T5301] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  387.366996][ T1535] microsoft 0003:045E:07DA.003C: No inputs registered, leaving
[  387.376607][ T5301] usb 5-1: Product: syz
[  387.381490][ T5301] usb 5-1: Manufacturer: syz
[  387.387310][ T1535] microsoft 0003:045E:07DA.003C: hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  387.399715][ T5301] usb 5-1: SerialNumber: syz
[  387.406337][ T1535] microsoft 0003:045E:07DA.003C: no inputs found
[  387.414787][ T1535] microsoft 0003:045E:07DA.003C: could not initialize ff, continuing anyway
[  387.568950][ T1535] usb 3-1: USB disconnect, device number 34
[  387.754111][  T614] usb 4-1: USB disconnect, device number 39
[  387.772041][ T5301] usb 5-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[  387.788474][ T5301] usb 5-1: found format II with max.bitrate = 0, frame size=2
[  387.804332][ T5368] loop3: detected capacity change from 0 to 512
[  387.811587][ T5301] usb 5-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  387.834665][ T5368] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  387.836136][ T5301] usb 5-1: USB disconnect, device number 39
[  387.856086][ T5368] ext4 filesystem being mounted at /19/file0 supports timestamps until 2038 (0x7fffffff)
[  388.079158][ T5376] loop1: detected capacity change from 0 to 16
[  388.563509][ T5377] overlayfs: './file1' not a directory
[  388.580661][  T614] Bluetooth: hci0: command 0x1003 tx timeout
[  388.591180][  T490] Bluetooth: hci0: sending frame failed (-49)
[  388.655598][ T5376] erofs: (device loop1): mounted with root inode @ nid 36.
[  388.669171][ T5374] attempt to access beyond end of device
[  388.669171][ T5374] loop1: rw=0, want=14552337264, limit=16
[  388.896842][ T5386] loop1: detected capacity change from 0 to 512
[  389.092099][ T5301] usb 5-1: new full-speed USB device number 40 using dummy_hcd
[  389.141643][ T5386] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  389.155180][ T5386] ext4 filesystem being mounted at /13/file0 supports timestamps until 2038 (0x7fffffff)
[  389.321413][ T5394] overlayfs: './file1' not a directory
[  389.492114][ T5301] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  389.502761][ T5301] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  389.516712][ T5301] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[  389.580445][ T5396] FAULT_INJECTION: forcing a failure.
[  389.580445][ T5396] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  389.596267][ T5396] CPU: 0 PID: 5396 Comm: syz.2.1128 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0
[  389.608114][ T5396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  389.620936][ T5396] Call Trace:
[  389.625094][ T5396]  <TASK>
[  389.629603][ T5396]  dump_stack_lvl+0x151/0x1b7
[  389.635534][ T5396]  ? io_uring_drop_tctx_refs+0x190/0x190
[  389.642534][ T5396]  ? __alloc_pages+0x27e/0x8f0
[  389.647706][ T5396]  dump_stack+0x15/0x17
[  389.652696][ T5396]  should_fail+0x3c6/0x510
[  389.659515][ T5396]  should_fail_usercopy+0x1a/0x20
[  389.664964][ T5396]  copy_page_from_iter+0x2eb/0x640
[  389.670917][ T5396]  tun_get_user+0x76e/0x3aa0
[  389.676948][ T5396]  ? kasan_set_track+0x4b/0x70
[  389.681718][ T5396]  ? kasan_set_free_info+0x23/0x40
[  389.687080][ T5396]  ? tun_do_read+0x1ef0/0x1ef0
[  389.692382][ T5396]  ? kstrtouint_from_user+0x20a/0x2a0
[  389.698084][ T5396]  ? kstrtol_from_user+0x310/0x310
[  389.703118][ T5396]  ? avc_policy_seqno+0x1b/0x70
[  389.708397][ T5396]  ? selinux_file_permission+0x2c4/0x570
[  389.716346][ T5396]  tun_chr_write_iter+0x1e1/0x2e0
[  389.722887][ T5396]  vfs_write+0xd5d/0x1110
[  389.727955][ T5396]  ? kmem_cache_free+0x2c3/0x2e0
[  389.733068][ T5396]  ? file_end_write+0x1c0/0x1c0
[  389.738762][ T5396]  ? __fdget_pos+0x209/0x3a0
[  389.743745][ T5396]  ? ksys_write+0x77/0x2c0
[  389.748197][ T5396]  ksys_write+0x199/0x2c0
[  389.752578][ T5396]  ? __ia32_sys_read+0x90/0x90
[  389.757465][ T5396]  ? debug_smp_processor_id+0x17/0x20
[  389.762821][ T5396]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  389.768931][ T5396]  __x64_sys_write+0x7b/0x90
[  389.773599][ T5396]  do_syscall_64+0x3d/0xb0
[  389.778290][ T5396]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  389.784703][ T5396] RIP: 0033:0x7feb7944b4df
[  389.789440][ T5396] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8d 02 00 48
[  389.810608][ T5396] RSP: 002b:00007feb780cc000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  389.820170][ T5396] RAX: ffffffffffffffda RBX: 00007feb795daf80 RCX: 00007feb7944b4df
[  389.828721][ T5396] RDX: 0000000000000036 RSI: 0000000020001800 RDI: 00000000000000c8
[  389.837308][ T5396] RBP: 00007feb780cc090 R08: 0000000000000000 R09: 0000000000000000
[  389.845382][ T5396] R10: 0000000000000036 R11: 0000000000000293 R12: 0000000000000001
[  389.853423][ T5396] R13: 0000000000000000 R14: 00007feb795daf80 R15: 00007ffd5761fdd8
[  389.863659][ T5396]  </TASK>
[  389.907245][ T5401] loop2: detected capacity change from 0 to 2048
[  389.912008][ T5301] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  389.932899][ T5301] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  389.990639][ T5401] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  390.000122][ T5301] usb 5-1: Product: syz
[  390.006825][ T5301] usb 5-1: Manufacturer: syz
[  390.011819][ T5301] usb 5-1: SerialNumber: syz
[  390.662139][   T26] Bluetooth: hci0: command 0x1001 tx timeout
[  390.670032][  T490] Bluetooth: hci0: sending frame failed (-49)
[  390.722058][ T5301] usb 5-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[  390.734004][ T5301] usb 5-1: found format II with max.bitrate = 0, frame size=2
[  390.766479][ T5301] usb 5-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  390.809626][ T5301] usb 5-1: USB disconnect, device number 40
[  390.916073][    T6] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  391.059904][ T5421] loop2: detected capacity change from 0 to 256
[  391.482201][    T6] usb 2-1: config index 0 descriptor too short (expected 45, got 36)
[  391.491389][    T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  391.507468][    T6] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  391.523711][    T6] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  391.536567][    T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  391.548595][    T6] usb 2-1: config 0 descriptor??
[  391.652011][ T5301] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  392.333668][ T5433] loop3: detected capacity change from 0 to 16
[  392.363200][ T5434] loop2: detected capacity change from 0 to 16
[  392.416495][ T5433] erofs: (device loop3): mounted with root inode @ nid 36.
[  392.460526][ T5431] attempt to access beyond end of device
[  392.460526][ T5431] loop3: rw=0, want=14552337264, limit=16
[  392.503288][ T5434] erofs: (device loop2): mounted with root inode @ nid 36.
[  392.520721][ T5434] attempt to access beyond end of device
[  392.520721][ T5434] loop2: rw=0, want=14552337264, limit=16
[  392.584398][    T6] plantronics 0003:047F:FFFF.003D: unknown main item tag 0xd
[  392.597492][    T6] plantronics 0003:047F:FFFF.003D: No inputs registered, leaving
[  392.617247][    T6] plantronics 0003:047F:FFFF.003D: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  392.652080][ T5301] usb 5-1: config index 0 descriptor too short (expected 45, got 36)
[  392.682565][ T5301] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  392.694403][ T5301] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  392.714194][ T5438] loop3: detected capacity change from 0 to 128
[  392.719065][ T5301] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  392.731712][ T5301] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  392.744596][ T1535] Bluetooth: hci0: command 0x1009 tx timeout
[  392.753163][ T5301] usb 5-1: config 0 descriptor??
[  392.759686][ T5438] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  392.772224][ T5438] ext4 filesystem being mounted at /26/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  393.022012][ T1535] usb 3-1: new full-speed USB device number 35 using dummy_hcd
[  393.120322][    T6] usb 2-1: USB disconnect, device number 36
[  393.137517][ T5447] loop1: detected capacity change from 0 to 512
[  393.214601][ T5447] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  393.227897][ T5447] ext4 filesystem being mounted at /15/file0 supports timestamps until 2038 (0x7fffffff)
[  393.253229][ T5301] plantronics 0003:047F:FFFF.003E: unknown main item tag 0xd
[  393.265341][ T5301] plantronics 0003:047F:FFFF.003E: No inputs registered, leaving
[  393.283588][ T5301] plantronics 0003:047F:FFFF.003E: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  393.382043][ T1535] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  393.392170][ T1535] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  393.404275][ T1535] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[  393.423465][ T5451] overlayfs: './file1' not a directory
[  393.572035][ T1535] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  393.583335][ T1535] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  393.593522][ T1535] usb 3-1: Product: syz
[  393.598852][ T1535] usb 3-1: Manufacturer: syz
[  393.604631][ T1535] usb 3-1: SerialNumber: syz
[  393.796836][ T5454] loop3: detected capacity change from 0 to 2048
[  393.883675][ T5454] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  393.992429][ T1535] usb 3-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[  394.004430][ T1535] usb 3-1: found format II with max.bitrate = 0, frame size=2
[  394.013351][ T1535] usb 3-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  394.123209][ T5301] usb 5-1: USB disconnect, device number 41
[  394.228729][ T1535] usb 3-1: USB disconnect, device number 35
[  395.344407][ T5301] usb 5-1: new full-speed USB device number 42 using dummy_hcd
[  395.440519][ T5479] loop3: detected capacity change from 0 to 128
[  396.129981][ T5483] loop1: detected capacity change from 0 to 16
[  396.175057][ T5483] erofs: (device loop1): mounted with root inode @ nid 36.
[  396.199530][ T5483] attempt to access beyond end of device
[  396.199530][ T5483] loop1: rw=0, want=14552337264, limit=16
[  396.420844][ T5479] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  396.442164][ T5479] ext4 filesystem being mounted at /30/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  396.844781][ T5492] loop2: detected capacity change from 0 to 16
[  397.620174][ T5496] loop1: detected capacity change from 0 to 256
[  397.672802][ T5492] erofs: (device loop2): mounted with root inode @ nid 36.
[  397.790961][ T5301] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  398.016504][ T5301] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  398.029935][ T5301] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[  398.087045][ T5504] loop4: detected capacity change from 0 to 128
[  398.089306][ T5505] loop3: detected capacity change from 0 to 512
[  398.101964][ T5301] usb 5-1: string descriptor 0 read error: -71
[  398.109250][ T5301] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  398.119870][ T5301] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  398.210841][ T5506] bridge0: port 1(bridge_slave_0) entered blocking state
[  398.227804][ T5506] bridge0: port 1(bridge_slave_0) entered disabled state
[  398.232293][ T5504] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  398.248311][ T5506] device bridge_slave_0 entered promiscuous mode
[  398.253146][ T5301] usb 5-1: can't set config #1, error -71
[  398.261263][ T5506] bridge0: port 2(bridge_slave_1) entered blocking state
[  398.268739][ T5505] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  398.277013][ T5506] bridge0: port 2(bridge_slave_1) entered disabled state
[  398.291638][ T5301] usb 5-1: USB disconnect, device number 42
[  398.306342][ T5504] ext4 filesystem being mounted at /36/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  398.352848][ T5516] loop1: detected capacity change from 0 to 16
[  398.367216][ T5505] ext4 filesystem being mounted at /31/file0 supports timestamps until 2038 (0x7fffffff)
[  398.385066][ T5506] device bridge_slave_1 entered promiscuous mode
[  398.406728][ T5516] erofs: (device loop1): mounted with root inode @ nid 36.
[  398.609672][ T5499] usb 3-1: new full-speed USB device number 36 using dummy_hcd
[  398.645152][ T5506] bridge0: port 2(bridge_slave_1) entered blocking state
[  398.653075][ T5506] bridge0: port 2(bridge_slave_1) entered forwarding state
[  398.661237][ T5506] bridge0: port 1(bridge_slave_0) entered blocking state
[  398.668990][ T5506] bridge0: port 1(bridge_slave_0) entered forwarding state
[  398.727952][ T5518] overlayfs: './file1' not a directory
[  400.082609][ T5506] device veth0_vlan entered promiscuous mode
[  400.098395][ T5506] device veth1_macvtap entered promiscuous mode
[  400.137278][  T690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  400.148220][  T690] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  400.158461][  T690] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  400.195335][  T690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  400.282635][  T690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  400.293165][  T690] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  400.303392][  T690] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  400.313272][  T690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  400.323008][ T5499] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  400.332988][  T690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  400.343788][ T5499] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  400.389853][  T690] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  400.414559][ T5532] loop0: detected capacity change from 0 to 256
[  400.454837][ T5499] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[  400.571826][  T690] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  400.612162][  T690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  400.772104][  T690] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  400.864242][ T5539] loop1: detected capacity change from 0 to 16
[  401.682626][ T5539] erofs: (device loop1): mounted with root inode @ nid 36.
[  401.696566][ T5538] attempt to access beyond end of device
[  401.696566][ T5538] loop1: rw=0, want=14552337264, limit=16
[  401.751978][ T5499] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  401.763365][ T5499] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  401.772413][ T5499] usb 3-1: Product: syz
[  401.776846][ T5499] usb 3-1: Manufacturer: syz
[  401.830174][ T5499] usb 3-1: can't set config #1, error -71
[  401.844792][ T5499] usb 3-1: USB disconnect, device number 36
[  402.362597][ T5550] loop2: detected capacity change from 0 to 16
[  402.381209][   T45] device bridge_slave_1 left promiscuous mode
[  402.391073][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  402.464750][ T5550] erofs: (device loop2): mounted with root inode @ nid 36.
[  402.521998][ T5552] loop0: detected capacity change from 0 to 16
[  402.554850][ T5552] erofs: (device loop0): mounted with root inode @ nid 36.
[  402.582836][ T5552] attempt to access beyond end of device
[  402.582836][ T5552] loop0: rw=0, want=14552337264, limit=16
[  402.681694][   T45] device bridge_slave_0 left promiscuous mode
[  402.797145][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  402.806119][   T45] device veth1_macvtap left promiscuous mode
[  402.813101][   T45] device veth0_vlan left promiscuous mode
[  402.912849][  T310] usb 4-1: new full-speed USB device number 40 using dummy_hcd
[  402.961395][ T5557] loop1: detected capacity change from 0 to 256
[  402.992123][  T690] usb 5-1: config index 0 descriptor too short (expected 45, got 36)
[  403.123892][  T690] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  403.138738][  T690] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  403.220370][  T690] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  403.221131][ T5559] loop4: detected capacity change from 0 to 2048
[  403.231590][  T690] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  403.251644][  T690] usb 5-1: config 0 descriptor??
[  403.262766][ T5561] loop2: detected capacity change from 0 to 128
[  403.269767][ T5563] loop0: detected capacity change from 0 to 512
[  403.280461][  T690] usb 5-1: can't set config #0, error -71
[  403.289440][  T690] usb 5-1: USB disconnect, device number 43
[  403.304890][ T5559] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  403.324497][ T5563] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  403.345498][ T5563] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038 (0x7fffffff)
[  403.403670][ T5561] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  403.476345][ T5561] ext4 filesystem being mounted at /64/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  403.490317][  T310] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  404.810503][  T310] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  404.824095][  T310] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[  404.903442][  T310] usb 4-1: string descriptor 0 read error: -71
[  404.953257][ T5582] loop1: detected capacity change from 0 to 128
[  404.973210][  T310] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  404.991189][  T310] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  405.026921][  T310] usb 4-1: can't set config #1, error -71
[  405.035395][ T5582] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  405.505873][  T319] Bluetooth: hci0: Frame reassembly failed (-84)
[  405.518346][ T5582] ext4 filesystem being mounted at /24/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  405.652055][  T320] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  405.713317][  T310] usb 4-1: USB disconnect, device number 40
[  405.735240][ T5589] loop2: detected capacity change from 0 to 512
[  405.746574][ T5589] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  405.806551][ T5589] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #15: comm syz.2.1174: iget: bad i_size value: -67835469387268086
[  405.824294][ T5589] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.1174: couldn't read orphan inode 15 (err -117)
[  405.840640][ T5589] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  405.855716][ T5589] ext2 filesystem being mounted at /65/file0 supports timestamps until 2038 (0x7fffffff)
[  406.052043][   T26] usb 1-1: new full-speed USB device number 37 using dummy_hcd
[  406.191831][  T320] usb 5-1: config index 0 descriptor too short (expected 45, got 36)
[  406.201284][  T320] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  406.278365][  T320] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  406.289465][  T320] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  406.300417][  T320] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  406.312052][  T320] usb 5-1: config 0 descriptor??
[  406.440121][   T30] audit: type=1326 audit(1723311534.488:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5588 comm="syz.2.1174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb7944c9f9 code=0x7ffc0000
[  406.468073][   T30] audit: type=1326 audit(1723311534.488:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5588 comm="syz.2.1174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb7944c9f9 code=0x7ffc0000
[  406.823149][  T319] Bluetooth: hci1: Frame reassembly failed (-84)
[  406.831448][   T30] audit: type=1326 audit(1723311534.488:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5588 comm="syz.2.1174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feb7944c9f9 code=0x7ffc0000
[  406.835823][  T319] Bluetooth: hci1: Frame reassembly failed (-84)
[  406.860009][   T30] audit: type=1326 audit(1723311534.488:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5588 comm="syz.2.1174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb7944c9f9 code=0x7ffc0000
[  406.894852][   T30] audit: type=1326 audit(1723311534.488:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5588 comm="syz.2.1174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb7944c9f9 code=0x7ffc0000
[  406.925006][   T30] audit: type=1326 audit(1723311534.488:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5588 comm="syz.2.1174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feb7944c9f9 code=0x7ffc0000
[  406.954138][   T30] audit: type=1326 audit(1723311534.488:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5588 comm="syz.2.1174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb7944c9f9 code=0x7ffc0000
[  406.985544][   T30] audit: type=1326 audit(1723311534.488:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5588 comm="syz.2.1174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb7944c9f9 code=0x7ffc0000
[  407.020442][   T30] audit: type=1326 audit(1723311534.488:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5588 comm="syz.2.1174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7feb7944c9f9 code=0x7ffc0000
[  407.053127][   T30] audit: type=1326 audit(1723311534.488:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5588 comm="syz.2.1174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb7944c9f9 code=0x7ffc0000
[  407.102138][   T26] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  407.115459][   T26] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  407.128891][   T26] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[  407.302370][   T26] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  407.315083][   T26] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  407.326188][   T26] usb 1-1: Product: syz
[  407.333254][   T26] usb 1-1: Manufacturer: syz
[  407.338324][   T26] usb 1-1: SerialNumber: syz
[  407.362083][  T363] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  407.542244][ T5301] Bluetooth: hci0: command 0x1003 tx timeout
[  407.550193][  T493] Bluetooth: hci0: sending frame failed (-49)
[  407.682099][  T320] usb 5-1: string descriptor 0 read error: -71
[  407.689924][  T320] usb 5-1: USB disconnect, device number 44
[  407.702153][   T26] usb 1-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[  407.713273][   T26] usb 1-1: found format II with max.bitrate = 0, frame size=2
[  407.723395][   T26] usb 1-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  407.732199][  T363] usb 3-1: config index 0 descriptor too short (expected 45, got 36)
[  407.745523][  T363] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  407.747617][   T26] usb 1-1: USB disconnect, device number 37
[  407.765881][  T363] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  407.776096][  T363] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  407.788516][  T363] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  407.802963][  T363] usb 3-1: config 0 descriptor??
[  408.041991][  T320] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[  408.103304][ T5609] loop0: detected capacity change from 0 to 512
[  408.245306][ T5609] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  408.264213][ T5609] ext4 filesystem being mounted at /4/file0 supports timestamps until 2038 (0x7fffffff)
[  408.442183][  T320] usb 5-1: config index 0 descriptor too short (expected 45, got 36)
[  408.461104][ T5616] overlayfs: './file1' not a directory
[  408.532076][  T320] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  408.548529][  T320] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  408.589753][  T320] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  408.635209][  T320] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  408.647135][  T320] usb 5-1: config 0 descriptor??
[  408.902029][  T333] Bluetooth: hci1: command 0x1003 tx timeout
[  408.912493][  T493] Bluetooth: hci1: sending frame failed (-49)
[  409.089062][ T5621] loop0: detected capacity change from 0 to 128
[  409.133346][  T320] plantronics 0003:047F:FFFF.003F: unknown main item tag 0xd
[  409.146283][  T320] plantronics 0003:047F:FFFF.003F: No inputs registered, leaving
[  409.157535][  T320] plantronics 0003:047F:FFFF.003F: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  409.184923][ T5621] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  409.202383][ T5621] ext4 filesystem being mounted at /6/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  409.621981][ T1535] Bluetooth: hci0: command 0x1001 tx timeout
[  409.630216][  T493] Bluetooth: hci0: sending frame failed (-49)
[  409.962750][   T26] usb 5-1: USB disconnect, device number 45
[  410.322170][  T363] usb 3-1: string descriptor 0 read error: -71
[  410.344851][  T363] usb 3-1: USB disconnect, device number 37
[  410.391248][   T26] usb 5-1: new full-speed USB device number 46 using dummy_hcd
[  410.782055][   T26] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  410.793011][   T26] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  410.804477][   T26] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[  410.860132][ T5638] loop0: detected capacity change from 0 to 512
[  410.954626][ T5638] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  410.967304][ T5638] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038 (0x7fffffff)
[  410.972105][   T26] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  410.993449][   T26] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  411.005224][   T26] usb 5-1: Product: syz
[  411.013257][   T26] usb 5-1: Manufacturer: syz
[  411.018860][   T26] usb 5-1: SerialNumber: syz
[  411.024964][  T363] Bluetooth: hci1: command 0x1001 tx timeout
[  411.032135][  T493] Bluetooth: hci1: sending frame failed (-49)
[  411.163912][ T5642] overlayfs: './file1' not a directory
[  411.273778][ T5645] loop2: detected capacity change from 0 to 2048
[  411.354171][ T5645] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  411.901774][ T5653] loop0: detected capacity change from 0 to 256
[  411.930471][   T26] usb 5-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[  411.947882][   T26] usb 5-1: found format II with max.bitrate = 0, frame size=2
[  412.497452][   T26] usb 5-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  412.506193][  T320] Bluetooth: hci0: command 0x1009 tx timeout
[  412.531267][   T26] usb 5-1: USB disconnect, device number 46
[  412.777604][ T5662] loop0: detected capacity change from 0 to 256
[  413.031981][  T320] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  413.062100][ T5301] Bluetooth: hci1: command 0x1009 tx timeout
[  413.162030][   T26] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  413.442023][  T320] usb 3-1: config index 0 descriptor too short (expected 45, got 36)
[  413.451105][  T320] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  413.464968][  T320] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  413.476610][  T320] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  413.490512][  T320] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  413.506714][  T320] usb 3-1: config 0 descriptor??
[  413.561976][   T26] usb 5-1: config index 0 descriptor too short (expected 45, got 36)
[  413.573697][   T26] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  413.588638][   T26] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  413.606278][   T26] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  413.617388][   T26] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  413.629781][   T26] usb 5-1: config 0 descriptor??
[  414.102962][   T26] plantronics 0003:047F:FFFF.0040: unknown main item tag 0xd
[  414.112848][   T26] plantronics 0003:047F:FFFF.0040: No inputs registered, leaving
[  414.123988][   T26] plantronics 0003:047F:FFFF.0040: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  414.543217][ T5675] loop2: detected capacity change from 0 to 128
[  414.588688][  T320] usb 3-1: string descriptor 0 read error: -71
[  414.596611][  T320] usb 3-1: USB disconnect, device number 38
[  414.612243][ T5675] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  414.624289][ T5675] ext4 filesystem being mounted at /70/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  415.172370][  T333] usb 5-1: USB disconnect, device number 47
[  415.299541][ T5685] bridge0: port 1(bridge_slave_0) entered blocking state
[  415.309030][ T5685] bridge0: port 1(bridge_slave_0) entered disabled state
[  415.318810][ T5685] device bridge_slave_0 entered promiscuous mode
[  415.328140][ T5685] bridge0: port 2(bridge_slave_1) entered blocking state
[  415.337664][ T5685] bridge0: port 2(bridge_slave_1) entered disabled state
[  415.347753][ T5685] device bridge_slave_1 entered promiscuous mode
[  415.447184][ T5691] loop0: detected capacity change from 0 to 1024
[  415.522713][ T5691] EXT4-fs (loop0): Invalid want_extra_isize 4096
[  415.540817][ T5685] bridge0: port 2(bridge_slave_1) entered blocking state
[  415.551393][ T5685] bridge0: port 2(bridge_slave_1) entered forwarding state
[  415.559240][ T5685] bridge0: port 1(bridge_slave_0) entered blocking state
[  415.567337][ T5685] bridge0: port 1(bridge_slave_0) entered forwarding state
[  415.593891][ T1488] bridge0: port 1(bridge_slave_0) entered disabled state
[  415.603700][ T1488] bridge0: port 2(bridge_slave_1) entered disabled state
[  415.618427][ T1488] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  415.626637][ T1488] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  415.653569][ T1488] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  415.667013][ T1488] bridge0: port 1(bridge_slave_0) entered blocking state
[  415.674913][ T1488] bridge0: port 1(bridge_slave_0) entered forwarding state
[  415.718317][ T5696] loop2: detected capacity change from 0 to 256
[  415.989665][  T308] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  416.006015][  T308] bridge0: port 2(bridge_slave_1) entered blocking state
[  416.013900][  T308] bridge0: port 2(bridge_slave_1) entered forwarding state
[  416.067858][ T5499] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  416.076611][ T5499] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  417.402157][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  417.422933][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  417.488152][ T5714] loop2: detected capacity change from 0 to 16
[  417.593698][ T5715] loop4: detected capacity change from 0 to 256
[  417.686493][ T5714] erofs: (device loop2): mounted with root inode @ nid 36.
[  417.715679][ T5714] attempt to access beyond end of device
[  417.715679][ T5714] loop2: rw=0, want=14552337264, limit=16
[  418.577911][ T5720] loop0: detected capacity change from 0 to 2048
[  418.630286][ T5685] device veth0_vlan entered promiscuous mode
[  418.638769][ T5499] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  418.648666][ T5499] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  418.662478][ T5499] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  418.670963][ T5499] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  418.682663][ T5720] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  418.697917][ T5711] bridge0: port 1(bridge_slave_0) entered blocking state
[  418.713685][ T5711] bridge0: port 1(bridge_slave_0) entered disabled state
[  418.727583][ T5711] device bridge_slave_0 entered promiscuous mode
[  418.747880][ T5711] bridge0: port 2(bridge_slave_1) entered blocking state
[  418.757875][ T5711] bridge0: port 2(bridge_slave_1) entered disabled state
[  418.767305][ T5711] device bridge_slave_1 entered promiscuous mode
[  418.780139][ T5499] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  418.789903][ T5499] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  418.807681][ T5685] device veth1_macvtap entered promiscuous mode
[  419.143327][   T45] Bluetooth: hci0: Frame reassembly failed (-84)
[  419.182065][ T1535] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  419.235230][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  419.247018][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  419.265137][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  419.303636][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  419.320751][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  419.491023][ T5711] bridge0: port 2(bridge_slave_1) entered blocking state
[  419.501403][ T5711] bridge0: port 2(bridge_slave_1) entered forwarding state
[  419.511445][ T5711] bridge0: port 1(bridge_slave_0) entered blocking state
[  419.520313][ T5711] bridge0: port 1(bridge_slave_0) entered forwarding state
[  419.590296][ T5740] loop0: detected capacity change from 0 to 16
[  419.715508][ T5741] loop3: detected capacity change from 0 to 256
[  419.797663][ T5740] erofs: (device loop0): mounted with root inode @ nid 36.
[  419.894423][ T5740] attempt to access beyond end of device
[  419.894423][ T5740] loop0: rw=0, want=14552337264, limit=16
[  420.408848][ T1535] usb 3-1: config index 0 descriptor too short (expected 45, got 36)
[  420.903906][ T1535] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  420.920855][ T1535] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  420.938999][ T1535] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  420.949654][ T1535] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.976883][ T1176] device bridge_slave_1 left promiscuous mode
[  420.980401][ T1535] usb 3-1: config 0 descriptor??
[  420.985267][ T1176] bridge0: port 2(bridge_slave_1) entered disabled state
[  420.999685][ T1176] device bridge_slave_0 left promiscuous mode
[  421.008231][ T1176] bridge0: port 1(bridge_slave_0) entered disabled state
[  421.019931][ T1176] device veth1_macvtap left promiscuous mode
[  421.044067][ T5745] loop0: detected capacity change from 0 to 512
[  421.067505][ T5745] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  421.081606][ T5745] ext4 filesystem being mounted at /18/file0 supports timestamps until 2038 (0x7fffffff)
[  421.141915][  T291] Bluetooth: hci0: command 0x1003 tx timeout
[  421.151418][   T47] Bluetooth: hci0: sending frame failed (-49)
[  421.247629][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  421.257686][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  421.278799][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  421.294975][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  421.300396][ T5752] overlayfs: './file1' not a directory
[  421.307530][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  421.389791][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  421.428215][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  421.440744][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  421.459464][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  421.476656][ T1535] plantronics 0003:047F:FFFF.0041: unknown main item tag 0xd
[  421.536910][ T1535] plantronics 0003:047F:FFFF.0041: No inputs registered, leaving
[  421.663492][ T1535] plantronics 0003:047F:FFFF.0041: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  421.727879][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  421.738671][  T690] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  421.748213][  T690] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  421.759008][ T5711] device veth0_vlan entered promiscuous mode
[  421.775875][  T690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  421.785154][  T690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  421.796714][ T5711] device veth1_macvtap entered promiscuous mode
[  421.812834][  T690] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  421.823399][  T690] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  421.833121][  T690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  421.869405][ T1488] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  421.907773][ T1488] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  422.176199][ T5761] loop3: detected capacity change from 0 to 1024
[  422.202251][ T1488] usb 2-1: new full-speed USB device number 37 using dummy_hcd
[  422.245967][ T5763] loop0: detected capacity change from 0 to 256
[  422.424353][   T20] usb 3-1: USB disconnect, device number 39
[  422.481197][ T5761] EXT4-fs (loop3): Invalid want_extra_isize 4096
[  422.759574][ T5767] loop2: detected capacity change from 0 to 16
[  423.635623][ T5767] erofs: (device loop2): mounted with root inode @ nid 36.
[  423.671135][  T320] Bluetooth: hci0: command 0x1001 tx timeout
[  423.677717][   T47] Bluetooth: hci0: sending frame failed (-49)
[  423.688267][ T5772] loop0: detected capacity change from 0 to 128
[  423.703195][ T5772] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  423.715004][ T5772] ext4 filesystem being mounted at /20/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  423.794063][ T1176] device bridge_slave_1 left promiscuous mode
[  423.801171][ T1176] bridge0: port 2(bridge_slave_1) entered disabled state
[  423.811483][ T1176] device bridge_slave_0 left promiscuous mode
[  423.820245][ T1176] bridge0: port 1(bridge_slave_0) entered disabled state
[  423.833172][ T1176] device veth1_macvtap left promiscuous mode
[  423.839662][ T1176] device veth0_vlan left promiscuous mode
[  423.852349][ T1488] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  423.863584][ T1488] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  423.875961][ T5777] loop2: detected capacity change from 0 to 512
[  423.877659][ T1488] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[  424.106560][ T5777] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  424.166671][ T5777] ext4 filesystem being mounted at /75/file0 supports timestamps until 2038 (0x7fffffff)
[  424.197226][  T333] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  424.332022][ T1488] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  424.347050][ T1488] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  424.362609][ T1488] usb 2-1: Product: syz
[  424.367962][ T1488] usb 2-1: Manufacturer: syz
[  424.376277][ T1488] usb 2-1: SerialNumber: syz
[  424.389467][ T5783] overlayfs: './file1' not a directory
[  424.618399][ T5786] loop0: detected capacity change from 0 to 2048
[  424.656970][ T5786] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  424.662677][  T333] usb 4-1: config index 0 descriptor too short (expected 45, got 36)
[  424.686309][  T333] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  424.699231][  T333] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  424.713737][  T333] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  424.724151][  T333] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  424.738331][  T333] usb 4-1: config 0 descriptor??
[  425.202042][ T1488] usb 2-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[  425.212616][ T1488] usb 2-1: found format II with max.bitrate = 0, frame size=2
[  425.224387][ T1488] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  425.244971][ T1488] usb 2-1: USB disconnect, device number 37
[  425.260258][  T528] udevd[528]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  425.363272][  T333] plantronics 0003:047F:FFFF.0042: unknown main item tag 0xd
[  425.378667][  T333] plantronics 0003:047F:FFFF.0042: No inputs registered, leaving
[  425.412790][  T333] plantronics 0003:047F:FFFF.0042: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  425.579031][ T5799] loop1: detected capacity change from 0 to 16
[  425.614718][ T5799] erofs: (device loop1): mounted with root inode @ nid 36.
[  425.644041][ T5799] attempt to access beyond end of device
[  425.644041][ T5799] loop1: rw=0, want=14552337264, limit=16
[  425.712043][   T26] Bluetooth: hci0: command 0x1009 tx timeout
[  425.867911][ T5804] loop2: detected capacity change from 0 to 256
[  426.014521][ T5806] loop0: detected capacity change from 0 to 16
[  426.053153][ T5806] erofs: (device loop0): mounted with root inode @ nid 36.
[  426.081873][ T5806] attempt to access beyond end of device
[  426.081873][ T5806] loop0: rw=0, want=14552337264, limit=16
[  426.148486][ T5804] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1220'.
[  426.740904][ T5815] loop0: detected capacity change from 0 to 512
[  426.792125][    T6] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  426.814480][ T5815] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  426.826252][ T5815] ext4 filesystem being mounted at /23/file0 supports timestamps until 2038 (0x7fffffff)
[  426.987909][ T5821] overlayfs: './file1' not a directory
[  427.032065][    T6] usb 3-1: Using ep0 maxpacket: 16
[  427.194235][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  427.207607][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  427.212553][ T5823] loop1: detected capacity change from 0 to 1024
[  427.233332][    T6] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  427.250756][    T6] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  427.254644][ T5823] EXT4-fs (loop1): Invalid want_extra_isize 4096
[  427.270200][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  427.284338][    T6] usb 3-1: config 0 descriptor??
[  427.384464][   T20] usb 4-1: USB disconnect, device number 41
[  427.644861][ T5825] loop3: detected capacity change from 0 to 1024
[  428.018442][ T5825] EXT4-fs (loop3): Invalid want_extra_isize 4096
[  428.028216][    T6] microsoft 0003:045E:07DA.0043: No inputs registered, leaving
[  428.040027][    T6] microsoft 0003:045E:07DA.0043: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  428.052288][    T6] microsoft 0003:045E:07DA.0043: no inputs found
[  428.061037][    T6] microsoft 0003:045E:07DA.0043: could not initialize ff, continuing anyway
[  428.108849][ T5831] loop1: detected capacity change from 0 to 128
[  428.214405][ T5831] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  428.226861][ T5831] ext4 filesystem being mounted at /4/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  428.234459][    T6] usb 3-1: USB disconnect, device number 40
[  429.039343][ T5838] loop0: detected capacity change from 0 to 16
[  429.126333][ T5838] erofs: (device loop0): mounted with root inode @ nid 36.
[  429.144617][ T5838] attempt to access beyond end of device
[  429.144617][ T5838] loop0: rw=0, want=14552337264, limit=16
[  429.381064][ T5843] loop3: detected capacity change from 0 to 512
[  429.431537][ T5843] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  429.444218][ T5843] ext4 filesystem being mounted at /5/file0 supports timestamps until 2038 (0x7fffffff)
[  429.803940][ T5301] usb 1-1: new full-speed USB device number 38 using dummy_hcd
[  429.876517][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state
[  429.884290][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state
[  429.892757][ T5846] device bridge_slave_0 entered promiscuous mode
[  429.900635][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state
[  429.910462][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state
[  429.942726][ T5846] device bridge_slave_1 entered promiscuous mode
[  430.047841][ T5858] overlayfs: './file1' not a directory
[  430.347220][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state
[  430.355522][ T5846] bridge0: port 2(bridge_slave_1) entered forwarding state
[  430.363283][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state
[  430.370431][ T5846] bridge0: port 1(bridge_slave_0) entered forwarding state
[  430.428170][  T291] bridge0: port 1(bridge_slave_0) entered disabled state
[  430.437774][  T291] bridge0: port 2(bridge_slave_1) entered disabled state
[  430.446725][ T5301] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  430.475125][ T5301] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  430.489143][ T5301] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[  430.521536][ T5864] loop3: detected capacity change from 0 to 2048
[  430.565324][   T10] device bridge_slave_1 left promiscuous mode
[  430.572612][  T690] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  430.581469][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  430.592294][ T5864] EXT4-fs (loop3): mounted filesystem without journal. Opts: commit=0x0000000000000005,,errors=continue. Quota mode: none.
[  430.608586][   T10] device bridge_slave_0 left promiscuous mode
[  430.640750][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  430.702024][ T5301] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  430.712042][   T10] device veth1_macvtap left promiscuous mode
[  430.713225][ T5301] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  430.742262][ T5301] usb 1-1: Product: syz
[  430.752821][ T5301] usb 1-1: Manufacturer: syz
[  430.757604][ T5301] usb 1-1: SerialNumber: syz
[  430.871946][ T1535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  430.880455][ T1535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  430.889263][ T1535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  430.898408][ T1535] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  430.908974][ T1535] bridge0: port 1(bridge_slave_0) entered blocking state
[  430.916854][ T1535] bridge0: port 1(bridge_slave_0) entered forwarding state
[  430.924989][ T1535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  430.935866][ T1535] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  430.947541][ T1535] bridge0: port 2(bridge_slave_1) entered blocking state
[  430.954791][ T1535] bridge0: port 2(bridge_slave_1) entered forwarding state
[  431.009753][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  431.023617][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  431.079242][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  431.089261][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  431.114020][  T690] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  431.124756][ T1535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  431.126633][  T690] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  431.136295][ T1535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  431.146098][  T690] usb 2-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  431.155182][ T5301] usb 1-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[  431.164041][  T690] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  431.179177][ T5846] device veth0_vlan entered promiscuous mode
[  431.182729][  T690] usb 2-1: config 0 descriptor??
[  431.191140][ T5301] usb 1-1: found format II with max.bitrate = 0, frame size=2
[  431.202610][ T5846] device veth1_macvtap entered promiscuous mode
[  431.205048][ T5301] usb 1-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  431.223703][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  431.234455][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  431.250505][ T5301] usb 1-1: USB disconnect, device number 38
[  431.266086][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  431.278943][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  431.289170][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  431.299482][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  431.309684][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  431.319213][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  431.329443][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  431.338820][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  431.346823][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  431.560562][ T5877] loop4: detected capacity change from 0 to 256
[  431.734612][   T30] kauditd_printk_skb: 15 callbacks suppressed
[  431.734645][   T30] audit: type=1400 audit(1723311559.788:363): avc:  denied  { read } for  pid=5861 comm="syz.1.1231" name="usbmon0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  431.780766][   T30] audit: type=1400 audit(1723311559.818:364): avc:  denied  { open } for  pid=5861 comm="syz.1.1231" path="/dev/usbmon0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  431.797113][ T5882] loop3: detected capacity change from 0 to 512
[  431.824332][ T5862] UDC core: couldn't find an available UDC or it's busy: -16
[  431.827261][   T30] audit: type=1400 audit(1723311559.818:365): avc:  denied  { ioctl } for  pid=5861 comm="syz.1.1231" path="/dev/usbmon0" dev="devtmpfs" ino=135 ioctlcmd=0x9206 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  431.831764][ T5862] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  431.880167][ T5883] FAULT_INJECTION: forcing a failure.
[  431.880167][ T5883] name failslab, interval 1, probability 0, space 0, times 0
[  431.894993][ T5883] CPU: 1 PID: 5883 Comm: syz.0.1236 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0
[  431.902314][ T5882] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  431.906920][ T5883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  431.906945][ T5883] Call Trace:
[  431.906953][ T5883]  <TASK>
[  431.906963][ T5883]  dump_stack_lvl+0x151/0x1b7
[  431.906999][ T5883]  ? io_uring_drop_tctx_refs+0x190/0x190
[  431.921440][ T5882] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038 (0x7fffffff)
[  431.931347][ T5883]  dump_stack+0x15/0x17
[  431.931391][ T5883]  should_fail+0x3c6/0x510
[  431.931410][ T5883]  __should_failslab+0xa4/0xe0
[  431.931431][ T5883]  should_failslab+0x9/0x20
[  431.931452][ T5883]  slab_pre_alloc_hook+0x37/0xd0
[  431.931471][ T5883]  kmem_cache_alloc_trace+0x48/0x210
[  431.931490][ T5883]  ? bpf_tracing_prog_attach+0x342/0xff0
[  431.931510][ T5883]  bpf_tracing_prog_attach+0x342/0xff0
[  431.931531][ T5883]  ? bpf_insn_prepare_dump+0x950/0x950
[  432.015236][ T5883]  ? __fget_files+0x31e/0x380
[  432.020195][ T5883]  ? __kasan_check_write+0x14/0x20
[  432.025945][ T5883]  ? fput_many+0x160/0x1b0
[  432.030648][ T5883]  bpf_raw_tracepoint_open+0x5bf/0x950
[  432.036715][ T5883]  ? bpf_obj_get_info_by_fd+0x3ce0/0x3ce0
[  432.043231][ T5883]  ? compat_start_thread+0x20/0x20
[  432.048678][ T5883]  ? sched_clock+0x9/0x10
[  432.053588][ T5883]  ? sched_clock_cpu+0x18/0x3b0
[  432.058661][ T5883]  ? selinux_bpf+0xd2/0x100
[  432.067504][ T5883]  ? security_bpf+0x82/0xb0
[  432.073628][ T5883]  __sys_bpf+0x489/0x760
[  432.080105][ T5883]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  432.088062][ T5883]  ? __kasan_check_read+0x11/0x20
[  432.094094][ T5883]  __x64_sys_bpf+0x7c/0x90
[  432.099677][ T5883]  do_syscall_64+0x3d/0xb0
[  432.105226][ T5883]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  432.111249][ T5883]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  432.118900][ T5883] RIP: 0033:0x7fe3d7e509f9
[  432.123521][ T5883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  432.145650][ T5883] RSP: 002b:00007fe3d6ad0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  432.154978][ T5883] RAX: ffffffffffffffda RBX: 00007fe3d7fdef80 RCX: 00007fe3d7e509f9
[  432.163627][ T5883] RDX: 0000000000000010 RSI: 0000000020000000 RDI: 0000000000000011
[  432.171532][ T5883] RBP: 00007fe3d6ad0090 R08: 0000000000000000 R09: 0000000000000000
[  432.180283][ T5883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  432.189197][ T5883] R13: 0000000000000000 R14: 00007fe3d7fdef80 R15: 00007ffdbf863788
[  432.197614][ T5883]  </TASK>
[  432.367813][ T5892] overlayfs: './file1' not a directory
[  432.825929][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  432.878174][ T5898] loop4: detected capacity change from 0 to 128
[  433.017562][ T5902] loop0: detected capacity change from 0 to 16
[  433.054906][ T5902] erofs: (device loop0): mounted with root inode @ nid 36.
[  433.077280][ T5902] attempt to access beyond end of device
[  433.077280][ T5902] loop0: rw=0, want=14552337264, limit=16
[  433.204683][ T5898] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  433.219560][ T5898] ext4 filesystem being mounted at /1/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  433.834396][  T690] usbhid 2-1:0.0: can't add hid device: -71
[  433.841107][  T690] usbhid: probe of 2-1:0.0 failed with error -71
[  433.863766][  T690] usb 2-1: USB disconnect, device number 38
[  434.194440][ T5911] loop1: detected capacity change from 0 to 256
[  434.218195][ T5916] loop0: detected capacity change from 0 to 512
[  434.324196][ T5916] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  434.344274][ T5916] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038 (0x7fffffff)
[  434.422387][ T5920] loop4: detected capacity change from 0 to 16
[  434.702807][ T5920] erofs: (device loop4): mounted with root inode @ nid 36.
[  434.902322][  T291] Bluetooth: hci0: command 0x1003 tx timeout
[  434.909547][   T47] Bluetooth: hci0: sending frame failed (-49)
[  435.413652][ T5930] loop3: detected capacity change from 0 to 16
[  436.120735][ T5930] erofs: (device loop3): mounted with root inode @ nid 36.
[  436.151903][ T5929] attempt to access beyond end of device
[  436.151903][ T5929] loop3: rw=0, want=14552337264, limit=16
[  436.243714][ T5935] loop4: detected capacity change from 0 to 512
[  436.301563][ T5937] loop0: detected capacity change from 0 to 2048
[  436.337641][ T5937] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  436.341474][ T5935] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  436.364795][ T5935] ext4 filesystem being mounted at /3/file0 supports timestamps until 2038 (0x7fffffff)
[  436.454276][  T333] usb 2-1: new full-speed USB device number 39 using dummy_hcd
[  436.696976][ T5947] loop3: detected capacity change from 0 to 16
[  437.969581][ T5948] overlayfs: './file1' not a directory
[  438.062848][ T5947] erofs: (device loop3): mounted with root inode @ nid 36.
[  438.093479][ T5946] attempt to access beyond end of device
[  438.093479][ T5946] loop3: rw=0, want=14552337264, limit=16
[  438.239372][ T5301] Bluetooth: hci0: command 0x1001 tx timeout
[  438.248204][   T47] Bluetooth: hci0: sending frame failed (-49)
[  438.502287][  T333] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  438.516958][  T333] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  438.550487][ T5962] loop3: detected capacity change from 0 to 256
[  438.584233][  T333] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 4
[  438.770615][ T5966] loop0: detected capacity change from 0 to 16
[  438.853014][ T5966] erofs: (device loop0): mounted with root inode @ nid 36.
[  438.874218][ T5966] attempt to access beyond end of device
[  438.874218][ T5966] loop0: rw=0, want=14552337264, limit=16
[  438.922058][  T333] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  438.932352][  T333] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  438.941247][  T333] usb 2-1: Product: syz
[  438.945800][  T333] usb 2-1: Manufacturer: syz
[  438.950885][  T333] usb 2-1: SerialNumber: syz
[  439.384447][  T333] usb 2-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[  439.397500][  T333] usb 2-1: found format II with max.bitrate = 0, frame size=2
[  439.408683][  T333] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  439.638306][ T5976] loop3: detected capacity change from 0 to 256
[  439.724313][ T5978] loop0: detected capacity change from 0 to 2048
[  439.744950][  T333] usb 2-1: USB disconnect, device number 39
[  439.770321][  T528] udevd[528]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  439.776707][ T5978] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  440.264107][  T320] Bluetooth: hci0: command 0x1009 tx timeout
[  440.317131][ T5987] loop3: detected capacity change from 0 to 512
[  440.354621][ T5987] EXT4-fs (loop3): Test dummy encryption mode enabled
[  440.363695][ T5987] EXT4-fs error (device loop3): __ext4_iget:4892: inode #11: block 1: comm syz.3.1258: invalid block
[  440.379010][ T5987] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.1258: couldn't read orphan inode 11 (err -117)
[  440.392046][  T333] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  440.396503][ T5987] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none.
[  440.470762][ T5990] loop4: detected capacity change from 0 to 256
[  440.884380][   T30] audit: type=1400 audit(1723311568.938:366): avc:  denied  { rename } for  pid=5986 comm="syz.3.1258" name="file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="overlay" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  440.929967][   T30] audit: type=1400 audit(1723311568.938:367): avc:  denied  { reparent } for  pid=5986 comm="syz.3.1258" name="#f" dev="loop3" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  440.972067][  T333] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  440.983172][  T333] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  441.002908][ T5994] loop3: detected capacity change from 0 to 512
[  441.401364][ T5994] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  441.402038][  T333] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  441.426409][  T333] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  441.435664][  T333] usb 2-1: SerialNumber: syz
[  441.446791][ T5994] ext4 filesystem being mounted at /15/file0 supports timestamps until 2038 (0x7fffffff)
[  441.945336][ T6006] loop0: detected capacity change from 0 to 512
[  441.976854][   T30] audit: type=1400 audit(1723311570.028:368): avc:  denied  { create } for  pid=5969 comm="syz.1.1255" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  442.031218][ T6009] loop3: detected capacity change from 0 to 128
[  442.042844][  T333] usb 2-1: 0:2 : does not exist
[  442.050876][  T333] ================================================================================
[  442.063703][ T6006] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  442.076529][ T6006] ext4 filesystem being mounted at /33/file0 supports timestamps until 2038 (0x7fffffff)
[  442.088069][  T333] UBSAN: shift-out-of-bounds in sound/usb/mixer.c:2021:20
[  442.097637][  T333] shift exponent 42 is too large for 32-bit type 'int'
[  442.105529][  T333] CPU: 0 PID: 333 Comm: kworker/0:4 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0
[  442.116050][  T333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  442.127705][  T333] Workqueue: usb_hub_wq hub_event
[  442.132984][  T333] Call Trace:
[  442.137143][  T333]  <TASK>
[  442.140076][  T333]  dump_stack_lvl+0x151/0x1b7
[  442.145112][  T333]  ? io_uring_drop_tctx_refs+0x190/0x190
[  442.151046][  T333]  dump_stack+0x15/0x17
[  442.155974][  T333]  __ubsan_handle_shift_out_of_bounds+0x3bf/0x420
[  442.162798][  T333]  parse_audio_unit+0x270d/0x3d90
[  442.168369][  T333]  ? usb_audio_probe+0x1412/0x2260
[  442.175165][  T333]  ? usb_probe_interface+0x5b6/0xa90
[  442.181225][  T333]  ? really_probe+0x28d/0x970
[  442.187847][  T333]  ? usb_probe_device+0x144/0x260
[  442.193311][  T333]  ? __device_attach+0x312/0x510
[  442.198390][  T333]  ? bus_probe_device+0xbe/0x1e0
[  442.203521][  T333]  ? usb_new_device+0x1038/0x1c00
[  442.209549][  T333]  ? hub_event+0x2def/0x4770
[  442.215108][  T333]  ? process_one_work+0x6bb/0xc10
[  442.220973][  T333]  ? worker_thread+0xe02/0x12a0
[  442.226511][  T333]  ? kthread+0x421/0x510
[  442.231170][  T333]  ? ret_from_fork+0x1f/0x30
[  442.236200][  T333]  ? mixer_ctl_connector_get+0x1b0/0x1b0
[  442.243034][  T333]  ? snd_usb_find_csint_desc+0x216/0x220
[  442.250360][  T333]  snd_usb_create_mixer+0x122f/0x2dd0
[  442.255833][  T333]  ? dev_vprintk_emit+0x326/0x326
[  442.261743][  T333]  ? snd_usb_mixer_notify_id+0x2d0/0x2d0
[  442.268315][  T333]  ? __dev_printk+0x17d/0x1b0
[  442.273733][  T333]  ? _dev_crit+0x165/0x165
[  442.279278][  T333]  ? usb_ifnum_to_if+0x239/0x280
[  442.285732][  T333]  ? snd_usb_create_stream+0x366/0x530
[  442.292109][  T333]  usb_audio_probe+0x1412/0x2260
[  442.298747][  T333]  ? snd_usb_autosuspend+0x1e0/0x1e0
[  442.304837][  T333]  ? pm_runtime_enable+0x1e5/0x320
[  442.310989][  T333]  ? ktime_get_mono_fast_ns+0x1bf/0x1e0
[  442.317241][  T333]  ? pm_runtime_enable+0x1e5/0x320
[  442.324083][  T333]  usb_probe_interface+0x5b6/0xa90
[  442.330197][  T333]  ? usb_register_driver+0x440/0x440
[  442.336310][  T333]  really_probe+0x28d/0x970
[  442.341859][  T333]  ? __kasan_check_write+0x14/0x20
[  442.347764][  T333]  __driver_probe_device+0x1a0/0x310
[  442.353937][  T333]  driver_probe_device+0x54/0x3d0
[  442.359262][  T333]  ? __device_attach_driver+0x2af/0x470
[  442.365467][  T333]  __device_attach_driver+0x2c5/0x470
[  442.372161][  T333]  ? deferred_probe_work_func+0x240/0x240
[  442.380468][  T333]  bus_for_each_drv+0x183/0x200
[  442.387409][  T333]  ? kfree+0xc8/0x220
[  442.393031][  T333]  ? subsys_find_device_by_id+0x310/0x310
[  442.402765][  T333]  ? __pm_runtime_resume+0x11e/0x170
[  442.408920][  T333]  __device_attach+0x312/0x510
[  442.415742][  T333]  ? kobject_uevent_env+0x33c/0x700
[  442.423146][  T333]  ? device_attach+0x20/0x20
[  442.428663][  T333]  device_initial_probe+0x1a/0x20
[  442.433926][  T333]  bus_probe_device+0xbe/0x1e0
[  442.439005][  T333]  device_add+0xb60/0xf10
[  442.443287][  T333]  usb_set_configuration+0x190f/0x1e80
[  442.449691][  T333]  usb_generic_driver_probe+0x8b/0x150
[  442.455893][  T333]  usb_probe_device+0x144/0x260
[  442.461986][  T333]  ? usb_register_device_driver+0x240/0x240
[  442.470090][  T333]  really_probe+0x28d/0x970
[  442.476203][  T333]  ? __kasan_check_write+0x14/0x20
[  442.482748][  T333]  __driver_probe_device+0x1a0/0x310
[  442.490822][  T333]  driver_probe_device+0x54/0x3d0
[  442.506738][  T333]  ? __device_attach_driver+0x2af/0x470
[  442.513992][  T333]  __device_attach_driver+0x2c5/0x470
[  442.522005][  T333]  ? deferred_probe_work_func+0x240/0x240
[  442.528140][  T333]  bus_for_each_drv+0x183/0x200
[  442.533861][  T333]  ? kasan_quarantine_put+0x34/0x1a0
[  442.540761][  T333]  ? subsys_find_device_by_id+0x310/0x310
[  442.548283][  T333]  ? __pm_runtime_resume+0x11e/0x170
[  442.554941][  T333]  __device_attach+0x312/0x510
[  442.560745][  T333]  ? kobject_uevent_env+0x33c/0x700
[  442.567336][  T333]  ? device_attach+0x20/0x20
[  442.574209][  T333]  ? kobject_uevent_env+0x33c/0x700
[  442.580757][  T333]  device_initial_probe+0x1a/0x20
[  442.586510][  T333]  bus_probe_device+0xbe/0x1e0
[  442.591896][  T333]  device_add+0xb60/0xf10
[  442.596571][  T333]  usb_new_device+0x1038/0x1c00
[  442.601394][  T333]  ? usb_disconnect+0x890/0x890
[  442.606233][  T333]  ? __mutex_lock_slowpath+0x10/0x10
[  442.611960][  T333]  hub_event+0x2def/0x4770
[  442.616781][  T333]  ? led_work+0x590/0x590
[  442.621548][  T333]  ? __kasan_check_write+0x14/0x20
[  442.627484][  T333]  ? mutex_unlock+0xb2/0x260
[  442.632519][  T333]  ? __kasan_check_write+0x14/0x20
[  442.637986][  T333]  ? __kasan_check_read+0x11/0x20
[  442.644272][  T333]  ? read_word_at_a_time+0x12/0x20
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  442.650632][  T333]  ? strscpy+0x9c/0x260
[  442.656824][  T333]  process_one_work+0x6bb/0xc10
[  442.663121][  T333]  worker_thread+0xe02/0x12a0
[  442.668253][  T333]  ? _raw_spin_lock+0x1b0/0x1b0
[  442.673655][  T333]  kthread+0x421/0x510
[  442.678050][  T333]  ? worker_clr_flags+0x180/0x180
[  442.683534][  T333]  ? kthread_blkcg+0xd0/0xd0
[  442.688253][  T333]  ret_from_fork+0x1f/0x30
[  442.693070][  T333]  </TASK>
[  442.742263][  T333] ================================================================================
[  442.806987][ T6019] overlayfs: './file1' not a directory
[  443.060733][ T6009] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  443.090751][  T333] usb 2-1: USB disconnect, device number 40
[  443.102181][ T6009] ext4 filesystem being mounted at /16/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  443.171766][  T528] udevd[528]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  444.264738][ T5951] device bridge_slave_1 left promiscuous mode
[  444.273419][ T5951] bridge0: port 2(bridge_slave_1) entered disabled state
[  444.283060][ T5951] device bridge_slave_0 left promiscuous mode
[  444.293066][ T5951] bridge0: port 1(bridge_slave_0) entered disabled state
[  444.302995][ T5951] device veth1_macvtap left promiscuous mode
[  444.310784][ T5951] device veth0_vlan left promiscuous mode
[  445.603384][ T5951] device bridge_slave_1 left promiscuous mode
[  445.610213][ T5951] bridge0: port 2(bridge_slave_1) entered disabled state
[  445.618946][ T5951] device bridge_slave_0 left promiscuous mode
[  445.626304][ T5951] bridge0: port 1(bridge_slave_0) entered disabled state
[  445.636999][ T5951] device bridge_slave_1 left promiscuous mode
[  445.645032][ T5951] bridge0: port 2(bridge_slave_1) entered disabled state
[  445.654182][ T5951] device bridge_slave_0 left promiscuous mode
[  445.662754][ T5951] bridge0: port 1(bridge_slave_0) entered disabled state
[  445.672342][ T5951] device bridge_slave_1 left promiscuous mode
[  445.678912][ T5951] bridge0: port 2(bridge_slave_1) entered disabled state
[  445.688228][ T5951] device bridge_slave_0 left promiscuous mode
[  445.695000][ T5951] bridge0: port 1(bridge_slave_0) entered disabled state
[  445.703764][ T5951] device bridge_slave_1 left promiscuous mode
[  445.710621][ T5951] bridge0: port 2(bridge_slave_1) entered disabled state
[  445.718491][ T5951] device bridge_slave_0 left promiscuous mode
[  445.725018][ T5951] bridge0: port 1(bridge_slave_0) entered disabled state
[  445.733807][ T5951] device veth1_macvtap left promiscuous mode
[  445.740199][ T5951] device veth0_vlan left promiscuous mode
[  445.747219][ T5951] device veth1_macvtap left promiscuous mode
[  445.753974][ T5951] device veth1_macvtap left promiscuous mode
[  445.760173][ T5951] device veth0_vlan left promiscuous mode
[  445.766380][ T5951] device veth1_macvtap left promiscuous mode
[  445.772677][ T5951] device veth0_vlan left promiscuous mode