last executing test programs:

44m39.374811488s ago: executing program 32 (id=655):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x11, 0xb, &(0x7f0000001140)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x40000000004)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000180)=0x33)

41m42.29083784s ago: executing program 33 (id=1188):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0xc80c0, 0x0, 0x3e, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
socket$vsock_stream(0x28, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000340)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0103000000000000000032"], 0x28}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r5, 0x0, 0x0, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)

20m43.977772441s ago: executing program 34 (id=5865):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000580)='./file0\x00', 0x19560c0, 0x0, 0x0, 0x0, 0x0)
close(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
ioctl$KVM_GET_CPUID2(0xffffffffffffffff, 0xc008ae91, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
pipe2$9p(0x0, 0x0)
open(&(0x7f00000002c0)='./file0/file0\x00', 0x141840, 0x0)
mount$incfs(&(0x7f0000000340)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)
open(&(0x7f0000000200)='./file0/file0\x00', 0x0, 0x2a)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000140)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f00000002c0)={0x5, 0xffffffff, 0x4, 0x3, 0x2, 0x9, 0x7b, 0x0, 0x6})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events.local\x00', 0x26e1, 0x0)
symlink(&(0x7f0000000dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)

19m50.984437077s ago: executing program 35 (id=6109):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
setsockopt$inet_mreqsrc(r0, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)

9m54.924504753s ago: executing program 36 (id=8320):
syz_mount_image$ext4(0x0, &(0x7f0000000580)='./file0\x00', 0x19560c0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fchown(r1, 0x0, 0xee01)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000"], 0x0, 0xfff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0), 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4000, &(0x7f0000000300)={[{@grpid}, {@barrier_val={'barrier', 0x3d, 0x3ff}}, {@stripe={'stripe', 0x3d, 0x7}}, {@grpid}, {@data_ordered}, {@stripe={'stripe', 0x3d, 0xf62}}, {@max_batch_time={'max_batch_time', 0x3d, 0x200000}}, {@dax_always}]}, 0xd, 0x5f6, &(0x7f0000000c00)="$eJzs3c9rHFUcAPDvbH40aapJi6j1YBdEWtAmTdpKEQ/tVUqoP/DixdiktXbbhiaiqUJTqBdBvIgInjxYwT9Ci732pCB48OJJCkWlR8GV2cyk2exufmyTbOx8PrDNzHsz8950882befvebACFVU7/KUXsjYjpJGIwmV/M644ss7yw3b2/PzqdvpKoVl/7M4kkS8u3T7KfA9nOfRHx049J7OlqLHdm7sr5iUpl6nK2PjJ7YXpkZu7KwXMXJs5OnZ26OPbC2LGjR44eGz3U1nldbZJ28vq77w9+Mv7mN1/9k4x++9t4Esfj5WzDpecREb+U2iq1XjnKtf+TpDFr4NgGHH876Mp+T5a+xUl3ByvEuuTvX09EPBGD0RX337zB+PiVjlYO2FTVJKIKFFQi/qGg8uuA/N5+2X1wbMR9MLA93T2x0AHQGP/dC32D0VfrG9h5L4ml3TpJRLTXM1dvV0TcvjV+/cyt8evR2A8HbKL5axHxZLP4T2rxPxR9MVSL/1Jd/KfXBaeyn2n6q22Wv7yruDH+D7d5ZGA1C/Hft2L8R4v4f2tJ/L/dZvnl+4vv9NfFf3+7pwQAAAAAAACFdfNERDzf7PP/0uL4n2gy/mcgIo5vQPnlZeuNn/+X7mxAMUATd09EvNR0/G8pH/071JUtPVIbD9CTnDlXmToUEY9GxIHo2ZGuj65QxsFP93zZKq+cjf/LX2n5t7OxgFk97nTvqN9ncmJ24kHPG4i4ey3iqabjf5PF9j9p0v6nfw+m11jGnmdvnGqVt3r8A5ul+nXE/qbt//2nViQrP59jpHY9MJJfFTR6+sPPvm9Vfrvx7xET8ODS9n/nyvE/lCx9Xs/M+ss4PNddbZXX7vV/b/J67ZEzvVnaBxOzs5dHI3qTk11pal362PrrDA+jPB7yeEnj/8AzK/f/Nbv+74+I+WXHTv6qn1Oce/zfgd9b1cf1P3ROGv+T62r/178wdmPoh1blr639P1Jr6w9kKfr/YMEXeZj21qc3RuFiQNdlbXV9AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBhUIqIXZGUhheXS6Xh4YiBiHgsdpYql2Zmnztz6b2Lk2le7fv/S/k3/Q4urCf59/8PLVkfW7Z+OCJ2R8TnXf219eHTlyqTnT55AAAAAAAAAAAAAAAAAAAA2CYGWsz/T/3R1enaAZuuu9MVADqmSfz/3Il6AFtP+w/FJf6huMQ/FJf4h+IS/1Bc4h+KS/xDcYl/AAAAAAB4qOzed/PXJCLmX+yvvVK9WV5PR2sGbLZSpysAdIxH/EBxGfoDxeUeH0hWye9rudNqe65k+vQD7AwAAAAAAAAAAAAAhbN/r/n/UFTm/0Nxmf8PxZXP/9/X4XoAW889PhCrzORvOv9/1b0AAAAAAAAAAAAAgI00M3fl/ESlMnV5Ixd2xBo3/m4zSm934Y3tUY2tXKhWq1fT34LtUp//+UI+FH6LS++OtW2cz/Vb25E79zcJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACo918AAAD//x99I+M=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000150000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
r5 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)={@cgroup=r5, 0xffffffffffffffff, 0xb, 0x0, 0x4000}, 0x10)
r6 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x802, 0x0)
write$UHID_CREATE2(r6, &(0x7f0000000500)=ANY=[@ANYBLOB="0b00000073797a300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
writev(r6, &(0x7f00000002c0)=[{&(0x7f0000000040)='\b\x00\x00\x00', 0x4}], 0x1)

9m30.84468556s ago: executing program 37 (id=8435):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0x4, 0xa, 0x40}, 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0xa)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)

9m5.131884713s ago: executing program 4 (id=8505):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r0, 0x0, 0xb, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x1a, &(0x7f0000000240)={0x1, 'veth0_to_team\x00'}, 0x18)
syz_emit_ethernet(0xc4, &(0x7f0000000140)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xb6, 0x0, 0x0, 0xfe, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x1, 0x0, 0x3, 0x24, 0x0, {0x25, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x7, @local, @rand_addr=0x64010102, {[@cipso={0x86, 0x77, 0xffffffffffffffff, [{0x0, 0xc, "e256b28c59881681fb52"}, {0x0, 0x9, "020007651442eb"}, {0x0, 0xe, "7434954373561de584b703c8"}, {0x0, 0x9, "e706d30bd224f8"}, {0x2, 0x7, "cfa11cab1a"}, {0x0, 0x10, "8475be675de6a70a05a0dc91e5c6"}, {0x0, 0xa, "6580a5e97612fe86"}, {0x0, 0x12, "73bc23f9ffffffa30900a301c8460000"}, {0x0, 0x12, "c8f46976e79ea788f03d9d3205927e3d"}]}, @cipso={0x86, 0x6, 0x20}]}}, "662ea00000b8"}}}}}, 0x0)

9m5.081218924s ago: executing program 4 (id=8506):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/14], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r1}, 0x18)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4f0c3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000240)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x4000000000000c5, 0x400)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d0000008500000008000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000680)='./file1\x00', 0x1018ed8, &(0x7f00000005c0)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nodiscard}, {@nodelalloc}, {@usrquota}, {@nolazytime}, {@noblock_validity}, {@block_validity}, {@orlov}]}, 0x6, 0x647, &(0x7f0000002740)="$eJzs3c9rHG0dAPDvzCZpfvmmr4j4BsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHSQq2FpqABwUFEa9FevEf8C69exNBvXkWqkjFgpauzOxsu9nsZrdNdjfJfD6w2WeeeTbP893ZZ+eZnX12AiituexPGvFJxJsbScRM07rpqK+cK8q9/Nfjm9ktiVrtu/9MIinyGuWT4n6qWBiPiD9GxKcru+vdePjo9lK1Vvck4uzmnftnNx4+OrN2Z+nWyq2Vu4vnvnb+wsLXF88vNjX0w00V91eufufzv/jJD7+6+qfqmSQuxvXRHy9HSxwHZS7m4k0RYnP+SERcyBJtnpej5hiEUGqV4vU4GhGfjZmo5Et1M7H286E2DuirWiWitrekWwHgqNK9oawa44DGsX1vx8HX+zwqGZwXl+oHQLvjHyk+chjPj40mXyZNR0b1zzZOHkD9WR2vH48/ff149mns+Bzi1dutM3IA9XSytR0Rn2sXf5K37WQeaRZ/uuNYP4mIhYgYK9r3rX20IWlK9+NzmL30GH8li795O6QRcbG4z/Ivf2D9rR9rDTp+AMrp+aViR76VLTX2f83nKxr7/3z886SRO73/UzK5Ye//Oo//Gvv78Xzck7aMw7Ixy7X2/3K0NeNvP7vyq07118d/s08bt6z+xlhwEF5sR8y2xP/TLNhi/JPFn7QZ/2ZFblzsrY5v//kfVzqtG3b8tWcRp9oe/7wblWapPc5Pnl1dq64s1P+2reP3f/jBbzvV3z7+E32ItL1s+092iL9p+6etj8uek/vt/+V2a8bvrj2706n+6a7bP/37WFI/3hwrcn60vbm5vhgxllwtihT5S5ub6+d2/v/LUzuX62Ve1fL7xXr8p7/Uvv/veP23RDXReMvswf3v3X7Zad2HvP6b3pzf1HpsQydZ/Ce6b/9d/T/L+2WPdfzn+w++0Gld+/iTfcUEAAAAAAAAZZXm52CTdP5tOk3n5+vzZT8Tk2n13sbml1fvPbi7HHE6/z7kaBppkn9lZKa+nKyuVVcWi+/DNpbPtSx/JSI+johfVyby5fmb96rLww4eAAAAAAAAAAAAAAAAAAAADompYv5/4zrV/67U5/8DJdH9AnO7rv8AHBP9vMAkcLjl/X+vXfxHg2sLMFj2/1Be+j+Ul/4P5aX/Q3np/1Be+j+Ul/4P5aX/AwAAAMCx9PEXn/81iYitb0zkt8xYsc6kXzjeRt+rdKVv7QAGT4+G8np76t9gH0qnp/H/f4sfB+x/c4AhSNpl5oOD2t6d/3nbR76zvf+2AQAAAAAAAAAAAAB1pz7pPP///eYGA0eNaX9QXvuY/++nA+CI89P/UF6O8YEus/hjvNOKbvP/AQAAAAAAAAAAAIADM53fknS+mAs8HWk6Px/xqYg4GaPJ6lp1ZSEiPoqIv1RGT2TLi8NuNAAAAAAAAAAAAAAAAAAAABwzGw8f3V6qVlfWmxP/25VzvBONq6B2L1zrocyeiW/Gez4qksE/LRMRMfSN0rfESFNOErGVbflD0bD1jTgczcgTQ35jAgAAAAAAAAAAAAAAAACAEmqae9ze7G8G3CIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGLx31//vklierD+gp8I7E8OOEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4mv4fAAD//+uzO4c=")

9m2.08249042s ago: executing program 4 (id=8518):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x400}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f00000005c0)=ANY=[@ANYBLOB="b400000000000000dd0a00000000000073013100000000009500000000000000c1698676b1a2e0df4e3e32708f27e2bb620da7ce028ccd2ffefc66a6d994b49e6f48d6772a0739db5f0dfe61b898165b009932ffe8349790e0f4739d78ee2006c125b5b137efd8626b75313faea2079f6d91be2e7ee09a720ee91e3b1c9e1f8304bac035435ddbf00ba5bd230f22e6ee436fa7af45c9e9dbd9cdf97d0f"], &(0x7f0000003ff6)='GPL\x00', 0x1, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb=0x1, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0xb5, 0x10, &(0x7f0000000000), 0x7, 0x0, 0xffffffffffffffff, 0xffffff45}, 0x48)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff})
ioctl$int_in(r3, 0x5452, &(0x7f0000000080)=0x8000000ffffffff)
syz_open_dev$tty20(0xc, 0x4, 0x0)
socket(0x1, 0x803, 0x0)
r4 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r4, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
setsockopt$inet_msfilter(r4, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e0000001ac1414aa0000000002000000ac"], 0x18)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r5, &(0x7f00000001c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10)
socket$netlink(0x10, 0x3, 0x9)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1001a, &(0x7f0000000300)={[{@quota}, {@nolazytime}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@block_validity}, {@jqfmt_vfsv1}], [{@seclabel}, {@audit}, {@smackfshat={'smackfshat', 0x3d, '+&{\xd7'}}, {@obj_user={'obj_user', 0x3d, 'ext2\x00'}}, {@fowner_eq}, {@hash}, {@smackfsdef={'smackfsdef', 0x3d, ']'}}, {@euid_lt}, {@fowner_gt}, {@smackfsroot={'smackfsroot', 0x3d, 'block_validity'}}]}, 0x1, 0x436, &(0x7f0000000e80)="$eJzs28tPXNUfAPDvvQP0QfuDX62P0qpoNRIfUGjVLtxoNHFjYqKLukSgDTItpmBiG6JojFvTxL1xaeLCtSvdGHVl4tY/wDRpDJtWV2PuzL3ADMNjcGCq8/kktz3nnjOc8+WeM3PuPUwAXWs4+yeJOBIRv0XEQC1bX2G49t+dlaWpP1eWppKoVN74I6nWu72yNFVULV7Xn2dG0oj0kyRONml34dr1uclyeeZqnh9bvPzu2MK168/MXp68NHNp5srE+fPnzo4//9zEs22JM+vT7aEP5k+dePWtG69NXbjx9k9fJ0X8DXG0yfBWhY9XKm1urrOOrksnPR3sCC0pRUR2uXqr838gSrF28QbilY872jlgT1UqlUr/5sXLFeA/LIlO9wDojOKDPrv/LY59WnrcFW69WLsByuK+kx+1kp5I8zq9Dfe37TQcEReW//oiO2JvnkMAANT5Llv/PN1s/ZfGfevq/S/fGxqMiP9HxLGIuCcijkfEvRHVuvdHxAMttt+4SbJx/ZPe3FVgO5St/17I97bq13/F6i8GS3nuaDX+3uTibHnmTHqwWjgSvQey/PgWbXz/8q+fbVa2fv2XHVn7xVow78fNngP1r5meXJzcfcT1bn0UMdTTLP5kdScgiYgTETG0yzZmn/zq1GZl28e/hTbsM1W+jHiidv2XoyH+QrL1/uTYwSjPnBmrjoqmbfz8y6evb9b+P4q/DbLrf7jp+F+NfzBZv1+70NrPP7BN+W7Hf1/yZjXdl597f3Jx8ep4RN9c/aConp/YmC/qZ/GPnG4+/4/F2m/iZERkg/jBiHgoIh7O+/5IRDwaEae3iPHHlx57Z/fx760s/umWrv9aoi8azzRPlOZ++Lau0cFW4s+u/7lqaiQ/s5P3v530q/XRDAAAAP9OaUQciST9ZjWdpqOjtb+XPx6H0/L8wuJTF+ffuzJd+47AYPSmxZOugXXPQ8fz2/oiP9GQP5s/N/68dKiaH52aL093Onjocv35/B9tmP+Z30ud7h2w53xfC7qX+Q/dy/yH7mX+Q/dqMv8PdaIfwP5r9vn/YQf6Aey/hvlv2w+6iPt/6F7mP3Qv8x+60sKh2P5L8hISGxKR3hXdkNijRKffmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANrj7wAAAP//AKHlGQ==")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)

9m1.127457674s ago: executing program 4 (id=8520):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000002c0)='./file0\x00', 0x120440a, &(0x7f0000000240), 0x2, 0x24d, &(0x7f0000000300)="$eJzs3T9oJFUcB/DvzO4ac7fIqY0g/gER0UA4O8HmbBQO5DhEBBVORGyUixAT7LJWNhZaq6SyCWJntJQ0wUYRrKKmiI2gwcJgocXK7iQSNytqNtk5Mp8PTGYm89783rDzfbvN7AZorAtJLiVpJZlL0klSHG5wb7Vc2N9dnd28lvT7T/1SDNtV+5WDfueT9JI8kmSjLPJKO1lef27nt60nHnh7qXP/h+vPzk71Ivft7mw/uffBlbc+ufzw8lff/HSlyKV0/3ZdJ68Y8792kdx2GsVuEEW77hHwX1x94+NvB7m/Pcl9w/x3UqZ68d5ZvGmjk4fe/6e+7/789Z3THCtw8vr9zuA9sNcHGqdM0k1Rzieptstyfr76DP9d61z56sLi63MvLyxdf6numQo4Kd1k+/HPZj49P5L/H1tV/oGza5D/p6+ufT/Y3muNHOzP1DMo4HTdVa0G+Z97YeXBjMs/cKbJPzSX/ENzyT80l/xDc8k/NJf8wxnWOdjojT0s/9Bc8g/NJf/QXIfzDwA0S3+m7ieQgbrUPf8AAAAAAAAAAAAAAAAAAABHrc5uXjtYplXzi/eS3ceStMfVbw1/jzi5efj33K/FoNlfiqrbRJ6/Z8ITTOijmp++vuWHeut/eXe99VeuJ703k1xst4/ef8X+/Xd8t/7L8c6LExb4n4qR/UefmW79UX+s1Vv/8lby+WD+uThu/ilzx3A9fv7pHv6K5WN67fcJTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDU/BkAAP//d4lu0g==")
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c00000002000000000000000100000d000000000000000003000000000000000000000105000000200000000000000000000003000000000100000002"], 0x0, 0x56}, 0x28)
mkdir(&(0x7f0000000040)='./file0\x00', 0x1c8)
open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0700000004000000080000000100000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000990d128e896860c8d56b0458f9b499d255bf4f8c7fa67f9ac53d8f6094cfedd0ec079d451797219b9dd3db7a56e49e74b7f70d1360cb7fe46fe1b81bef2564e1784e298ec7ac", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r4}, 0x10)
r5 = add_key(&(0x7f00000001c0)='user\x00', &(0x7f0000000080)={'syz', 0x3}, &(0x7f00000000c0)='9', 0x1, 0xffffffffffffffff)
keyctl$chown(0x4, r5, 0xee00, 0xffffffffffffffff)
keyctl$chown(0x4, r5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r7}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b402000000000000611165000000000085000000000000009500000000000000"], &(0x7f0000000380)='GPL\x00', 0x5, 0xff92, &(0x7f00000003c0)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000100), 0x36c, 0x10, &(0x7f0000000000), 0x26}, 0x48)
syz_mount_image$fuse(0x0, &(0x7f0000000080)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@nfs_export_on}], [], 0x2c})
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r8, &(0x7f00000020c0)={0x2020}, 0x2020)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x58, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x2}, @IFLA_XFRM_LINK={0x8, 0x1, 0x4}]}}}, @IFLA_IFNAME={0x14, 0x3, 'xfrm0\x00'}]}, 0x58}}, 0x4048010)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000300)=ANY=[@ANYBLOB="280000004300010028bd7000fddbdf252e2d242b3a000000"], 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x40000d0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'ipvlan0\x00'})

9m1.034023606s ago: executing program 4 (id=8521):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
getsockopt$sock_int(0xffffffffffffffff, 0x1, 0x1b, 0x0, &(0x7f0000000440))
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={0xffffffffffffffff, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f00000003c0)={0x24, &(0x7f0000000040)={0x20, 0x22, 0x19, {0x19, 0x31, "a72ba5bdc7d2e70f5ae25d379a83a4463dc4d6374ecc73"}}, 0x0, 0x0, 0x0}, &(0x7f0000000780)={0x2c, &(0x7f0000000400)={0x40, 0xe, 0xf, "1ff3a44e51a45e6d3c2ec92963ded2"}, 0x0, 0x0, 0x0, &(0x7f0000000740)={0x20, 0x3, 0x1}})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
r3 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xb, 0x7, 0xc9d7, 0x3d, 0x1}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x11, 0x4, 0x4, 0xa4, 0x4}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r4}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)

9m0.604980992s ago: executing program 4 (id=8527):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_WOWLAN(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x30}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockname$packet(r3, &(0x7f00000002c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="380000001000050700bbc0000000010007000000", @ANYRES32=r4, @ANYBLOB="00000000000000001800120008000100736974000c0002000800020006"], 0x38}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newlink={0x38, 0x10, 0x401, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r5}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8, 0x1, r4}]}}}]}, 0x38}}, 0x0) (fail_nth: 3)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x40, 0x40, 0x9, [@func={0x5, 0x0, 0x0, 0xc, 0x2}, @type_tag={0x4, 0x0, 0x0, 0x12, 0x3}, @var={0x7, 0x0, 0x0, 0xe, 0x3, 0x2}, @const={0x7, 0x0, 0x0, 0xa, 0x5}, @func={0x10, 0x0, 0x0, 0xc, 0x4}]}, {0x0, [0x5f, 0x61, 0x2e, 0x30, 0x30, 0x5f, 0x0]}}, &(0x7f0000000280)=""/72, 0x61, 0x48, 0x1, 0x3}, 0x28)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000580)={0xffffffffffffffff, 0x20, &(0x7f0000000540)={&(0x7f00000003c0)=""/102, 0x66, <r7=>0x0, &(0x7f00000004c0)=""/70, 0x46}}, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r8)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)={0x38, r9, 0xc4fc9e906872338b, 0x70bd2d, 0x0, {{0x15}, {@void, @void}}, [@NL80211_ATTR_TID_CONFIG={0x24, 0x11d, 0x0, 0x1, [{0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x1c, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x18, 0x3, 0x0, 0x0, [@NL80211_TXRATE_LEGACY={0x9, 0x1, [0x5, 0x30, 0x1b, 0x3, 0x16]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}]}]}]}]}, 0x38}}, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0500000004000000032000000c"], 0x50)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r11}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x15, 0x35, &(0x7f0000000680)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @map_fd={0x18, 0x9, 0x1, 0x0, r0}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}}, @cb_func={0x18, 0xa, 0x4, 0x0, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @cb_func={0x18, 0x1, 0x4, 0x0, 0xfffffffffffffffa}, @initr0={0x18, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x96ae}, @exit], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='syzkaller\x00', 0x5, 0x16, &(0x7f0000000080)=""/22, 0x41000, 0x2, '\x00', r4, @fallback=0x1e, r6, 0x8, &(0x7f0000000380)={0x6, 0x2}, 0x8, 0x10, 0x0, 0x0, r7, r11, 0x0, &(0x7f00000005c0)=[r0, r0], 0x0, 0x10, 0xa087}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x7e, &(0x7f0000000300)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x0, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, 0x2, @broadcast, @rand_addr, {[@timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@dev={0xac, 0x14, 0x14, 0x1e}, 0xffffffff}, {@remote}, {@loopback}]}, @lsrr={0x83, 0x23, 0x33, [@multicast2, @empty, @remote, @local, @loopback, @empty, @empty, @multicast1]}]}}}}}}}, 0x0)

9m0.604450332s ago: executing program 38 (id=8527):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_WOWLAN(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x30}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockname$packet(r3, &(0x7f00000002c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="380000001000050700bbc0000000010007000000", @ANYRES32=r4, @ANYBLOB="00000000000000001800120008000100736974000c0002000800020006"], 0x38}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newlink={0x38, 0x10, 0x401, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r5}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8, 0x1, r4}]}}}]}, 0x38}}, 0x0) (fail_nth: 3)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x40, 0x40, 0x9, [@func={0x5, 0x0, 0x0, 0xc, 0x2}, @type_tag={0x4, 0x0, 0x0, 0x12, 0x3}, @var={0x7, 0x0, 0x0, 0xe, 0x3, 0x2}, @const={0x7, 0x0, 0x0, 0xa, 0x5}, @func={0x10, 0x0, 0x0, 0xc, 0x4}]}, {0x0, [0x5f, 0x61, 0x2e, 0x30, 0x30, 0x5f, 0x0]}}, &(0x7f0000000280)=""/72, 0x61, 0x48, 0x1, 0x3}, 0x28)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000580)={0xffffffffffffffff, 0x20, &(0x7f0000000540)={&(0x7f00000003c0)=""/102, 0x66, <r7=>0x0, &(0x7f00000004c0)=""/70, 0x46}}, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r8)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)={0x38, r9, 0xc4fc9e906872338b, 0x70bd2d, 0x0, {{0x15}, {@void, @void}}, [@NL80211_ATTR_TID_CONFIG={0x24, 0x11d, 0x0, 0x1, [{0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x1c, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x18, 0x3, 0x0, 0x0, [@NL80211_TXRATE_LEGACY={0x9, 0x1, [0x5, 0x30, 0x1b, 0x3, 0x16]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}]}]}]}]}, 0x38}}, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0500000004000000032000000c"], 0x50)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r11}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x15, 0x35, &(0x7f0000000680)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @map_fd={0x18, 0x9, 0x1, 0x0, r0}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}}, @cb_func={0x18, 0xa, 0x4, 0x0, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @cb_func={0x18, 0x1, 0x4, 0x0, 0xfffffffffffffffa}, @initr0={0x18, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x96ae}, @exit], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='syzkaller\x00', 0x5, 0x16, &(0x7f0000000080)=""/22, 0x41000, 0x2, '\x00', r4, @fallback=0x1e, r6, 0x8, &(0x7f0000000380)={0x6, 0x2}, 0x8, 0x10, 0x0, 0x0, r7, r11, 0x0, &(0x7f00000005c0)=[r0, r0], 0x0, 0x10, 0xa087}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x7e, &(0x7f0000000300)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x0, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, 0x2, @broadcast, @rand_addr, {[@timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@dev={0xac, 0x14, 0x14, 0x1e}, 0xffffffff}, {@remote}, {@loopback}]}, @lsrr={0x83, 0x23, 0x33, [@multicast2, @empty, @remote, @local, @loopback, @empty, @empty, @multicast1]}]}}}}}}}, 0x0)

8m52.559235155s ago: executing program 8 (id=8573):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1b, 0x2000000000000019, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000040)={0x5, 0x0, 0x2}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c00000022000102000000000000000002"], 0x1c}}, 0x0)
io_uring_setup(0x5a39, &(0x7f00000003c0)={0x0, 0x8c2d, 0x0, 0x1, 0x3d})
recvfrom$unix(r3, 0x0, 0x0, 0x10020, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000980)={'wg2\x00', <r6=>0x0})
sendto$packet(r5, &(0x7f0000000180)="0b031407e0ff640f0200475400f6a13bb1000e00080008004803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r6}, 0x14)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r7}, 0x10)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0500000003f01f00660000007f00000001"], 0x48)
syz_emit_ethernet(0x36, &(0x7f0000002bc0)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "4868a3", 0x0, 0x33, 0x0, @rand_addr=' \x01\x00', @local}}}}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r9}, 0x10)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x7, r8}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f0000000580)={r8, &(0x7f0000001600), &(0x7f0000000840)=""/227}, 0x20)
geteuid()
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
socketpair$unix(0x1, 0x2, 0x0, 0x0)
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)

8m52.524847576s ago: executing program 8 (id=8574):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x1a, &(0x7f0000000240)={0x1, 'veth0_to_team\x00'}, 0x18)
syz_emit_ethernet(0x0, 0x0, 0x0)

8m52.473292006s ago: executing program 8 (id=8575):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
socket$nl_generic(0x11, 0x3, 0x10)
r0 = socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @random="a538ae464632", @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x11, 0x0, 0x0, @multicast1}}}}}, 0x0)
sendmsg(r0, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x36}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)

8m52.472644246s ago: executing program 8 (id=8576):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000002c0)='./file0\x00', 0x120440a, &(0x7f0000000240), 0x2, 0x24d, &(0x7f0000000300)="$eJzs3T9oJFUcB/DvzO4ac7fIqY0g/gER0UA4O8HmbBQO5DhEBBVORGyUixAT7LJWNhZaq6SyCWJntJQ0wUYRrKKmiI2gwcJgocXK7iQSNytqNtk5Mp8PTGYm89783rDzfbvN7AZorAtJLiVpJZlL0klSHG5wb7Vc2N9dnd28lvT7T/1SDNtV+5WDfueT9JI8kmSjLPJKO1lef27nt60nHnh7qXP/h+vPzk71Ivft7mw/uffBlbc+ufzw8lff/HSlyKV0/3ZdJ68Y8792kdx2GsVuEEW77hHwX1x94+NvB7m/Pcl9w/x3UqZ68d5ZvGmjk4fe/6e+7/789Z3THCtw8vr9zuA9sNcHGqdM0k1Rzieptstyfr76DP9d61z56sLi63MvLyxdf6numQo4Kd1k+/HPZj49P5L/H1tV/oGza5D/p6+ufT/Y3muNHOzP1DMo4HTdVa0G+Z97YeXBjMs/cKbJPzSX/ENzyT80l/xDc8k/NJf8wxnWOdjojT0s/9Bc8g/NJf/QXIfzDwA0S3+m7ieQgbrUPf8AAAAAAAAAAAAAAAAAAABHrc5uXjtYplXzi/eS3ceStMfVbw1/jzi5efj33K/FoNlfiqrbRJ6/Z8ITTOijmp++vuWHeut/eXe99VeuJ703k1xst4/ef8X+/Xd8t/7L8c6LExb4n4qR/UefmW79UX+s1Vv/8lby+WD+uThu/ilzx3A9fv7pHv6K5WN67fcJTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDU/BkAAP//d4lu0g==")
mkdir(&(0x7f0000000040)='./file0\x00', 0x1c8)
open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000080)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@nfs_export_on}], [], 0x2c})

8m52.459205377s ago: executing program 8 (id=8577):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x1000}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x80}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000800)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x40040)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r7)
ioctl$SIOCSIFHWADDR(r7, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="630000004ec6"})

8m52.178662511s ago: executing program 8 (id=8578):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x8)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$NFQNL_MSG_VERDICT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="94457b140000000383010200"/23], 0x14}, 0x1, 0x0, 0x0, 0x4010}, 0x8000)
setsockopt$inet_opts(r1, 0x0, 0xd, &(0x7f0000000580)="1f", 0x1)
setsockopt$inet_opts(r1, 0x0, 0xc, &(0x7f00000000c0)='7', 0x1)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
getsockopt$inet_opts(r1, 0x0, 0x9, &(0x7f0000000200)=""/49, &(0x7f0000000080)=0x31)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@usrquota}, {@data_err_ignore}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@oldalloc}, {@grpquota}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r2 = socket$netlink(0x10, 0x3, 0xf)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r2, 0x10e, 0x8, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r3, &(0x7f00000000c0)="fe194b", 0x3, 0x401)
r4 = openat(0xffffffffffffff9c, &(0x7f0000004900)='./file1\x00', 0x4042, 0xf8)
writev(r4, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x64000}], 0x1)
write$P9_RVERSION(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r5 = dup(r0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x7fffffff, 0x4)
write$FUSE_BMAP(r5, &(0x7f0000000140)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r5, &(0x7f0000000300)=ANY=[@ANYBLOB="b0000000000000008d15c937040795e9ec68ba339b8fd15e58983b3da942"], 0xb0)
read$FUSE(r5, &(0x7f0000000bc0)={0x2020, 0x0, <r7=>0x0, 0x0, 0x0, <r8=>0x0}, 0x2020)
write$FUSE_GETXATTR(r5, &(0x7f00000000c0)={0x18, 0x0, r7, {0x6}}, 0x18)
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r10 = syz_open_procfs(r8, &(0x7f00000000c0)='fd/3\x00')
io_setup(0x6, &(0x7f0000001380)=<r11=>0x0)
io_submit(r11, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x1000000, 0x0, 0x0, 0x5, 0x8001, r10, 0x0}])
ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f0000000700)={0x44, 0x0, &(0x7f0000000680)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x0, &(0x7f00000005c0)={@flat=@weak_binder={0x77622a85, 0x14, 0x2}, @fd, @fd={0x66642a85, 0x0, r9}}, 0x0}}], 0x0, 0x0, 0x0})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x40000, &(0x7f0000000200)=ANY=[@ANYRES32, @ANYRESHEX=r9, @ANYRES32=r5, @ANYRESOCT=r5])
lstat(&(0x7f0000000180)='./file0\x00', 0x0)

8m52.157665021s ago: executing program 39 (id=8578):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x8)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$NFQNL_MSG_VERDICT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="94457b140000000383010200"/23], 0x14}, 0x1, 0x0, 0x0, 0x4010}, 0x8000)
setsockopt$inet_opts(r1, 0x0, 0xd, &(0x7f0000000580)="1f", 0x1)
setsockopt$inet_opts(r1, 0x0, 0xc, &(0x7f00000000c0)='7', 0x1)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
getsockopt$inet_opts(r1, 0x0, 0x9, &(0x7f0000000200)=""/49, &(0x7f0000000080)=0x31)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@usrquota}, {@data_err_ignore}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@oldalloc}, {@grpquota}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r2 = socket$netlink(0x10, 0x3, 0xf)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r2, 0x10e, 0x8, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r3, &(0x7f00000000c0)="fe194b", 0x3, 0x401)
r4 = openat(0xffffffffffffff9c, &(0x7f0000004900)='./file1\x00', 0x4042, 0xf8)
writev(r4, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x64000}], 0x1)
write$P9_RVERSION(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r5 = dup(r0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x7fffffff, 0x4)
write$FUSE_BMAP(r5, &(0x7f0000000140)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r5, &(0x7f0000000300)=ANY=[@ANYBLOB="b0000000000000008d15c937040795e9ec68ba339b8fd15e58983b3da942"], 0xb0)
read$FUSE(r5, &(0x7f0000000bc0)={0x2020, 0x0, <r7=>0x0, 0x0, 0x0, <r8=>0x0}, 0x2020)
write$FUSE_GETXATTR(r5, &(0x7f00000000c0)={0x18, 0x0, r7, {0x6}}, 0x18)
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r10 = syz_open_procfs(r8, &(0x7f00000000c0)='fd/3\x00')
io_setup(0x6, &(0x7f0000001380)=<r11=>0x0)
io_submit(r11, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x1000000, 0x0, 0x0, 0x5, 0x8001, r10, 0x0}])
ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f0000000700)={0x44, 0x0, &(0x7f0000000680)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x0, &(0x7f00000005c0)={@flat=@weak_binder={0x77622a85, 0x14, 0x2}, @fd, @fd={0x66642a85, 0x0, r9}}, 0x0}}], 0x0, 0x0, 0x0})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x40000, &(0x7f0000000200)=ANY=[@ANYRES32, @ANYRESHEX=r9, @ANYRES32=r5, @ANYRESOCT=r5])
lstat(&(0x7f0000000180)='./file0\x00', 0x0)

8m34.079851707s ago: executing program 3 (id=8670):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
io_setup(0x6, &(0x7f0000000140)=<r1=>0x0)
io_submit(r1, 0x2, &(0x7f00000000c0)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0xfffd, r0, 0x0}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
shutdown(r0, 0x0)

8m33.002197803s ago: executing program 3 (id=8676):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110800", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0b00000000040000010001000001000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0100"/28], 0x50)
open(&(0x7f0000000000)='./file0\x00', 0xc080, 0x74)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
epoll_pwait(0xffffffffffffffff, &(0x7f0000000040)=[{}], 0x1, 0xfffffff5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000280)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000300)=0x14)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x101142, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000fd8000/0x18000)=nil, &(0x7f0000005700)=[@text32={0x20, 0x0}], 0x54, 0xc, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f00000009c0)={0x4, 0x0, [{0x487, 0x0, 0xffffffffffffff01}, {0x981, 0x0, 0x8001}, {0x20a, 0x0, 0x10}, {0x21d, 0x0, 0x100}]})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0x5, 0xf, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x20000006, 0x20000000, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0x7, 0x3c1b, 0x1, 0x24, 0xd, 0x1, 0x0, 0xffffffff, 0xe661, 0x4, 0x7, 0x3, 0x8, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x8071, 0x7, 0x6, 0xffffffff, 0x7, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0x0, 0x5, 0x4, 0x8, 0x3ff, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432e2, 0xc8, 0x6, 0xe, 0x2bf, 0x1, 0x9, 0xfffffffc, 0x4, 0x10001, 0x0, 0x5, 0x2f, 0xe, 0x6, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0x1000d, 0x4e0, 0x2, 0x4, 0xb, 0x4, 0x9, 0x4, 0xd, 0xffff8001, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x3, 0xbc45, 0x48c93690, 0x42, 0x3], [0x5, 0x408, 0x4, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0xc4, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x83, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x5, 0x6, 0xac8, 0xbf, 0x4002, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x3, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x9, 0x7fff, 0xffff, 0xa620, 0x1, 0x78b, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0x1, 0xfff7f000, 0x5, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf44, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff343e, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=ANY=[@ANYBLOB="980200001000010400000000000000000000ffff", @ANYRES32=0x0, @ANYBLOB="000004000000000024001280090001007866726d000000001400028008000200020000000800020001000000140003007866726d30"], 0x298}}, 0x0)

8m32.163700137s ago: executing program 3 (id=8678):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/14], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r1}, 0x18)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4f0c3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000240)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x4000000000000c5, 0x400)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d0000008500000008000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000), 0x0, 0xce4}, 0x38)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000680)='./file1\x00', 0x1018ed8, &(0x7f00000005c0)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nodiscard}, {@nodelalloc}, {@usrquota}, {@nolazytime}, {@noblock_validity}, {@block_validity}, {@orlov}]}, 0x6, 0x647, &(0x7f0000002740)="$eJzs3c9rHG0dAPDvzCZpfvmmr4j4BsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHSQq2FpqABwUFEa9FevEf8C69exNBvXkWqkjFgpauzOxsu9nsZrdNdjfJfD6w2WeeeTbP893ZZ+eZnX12AiituexPGvFJxJsbScRM07rpqK+cK8q9/Nfjm9ktiVrtu/9MIinyGuWT4n6qWBiPiD9GxKcru+vdePjo9lK1Vvck4uzmnftnNx4+OrN2Z+nWyq2Vu4vnvnb+wsLXF88vNjX0w00V91eufufzv/jJD7+6+qfqmSQuxvXRHy9HSxwHZS7m4k0RYnP+SERcyBJtnpej5hiEUGqV4vU4GhGfjZmo5Et1M7H286E2DuirWiWitrekWwHgqNK9oawa44DGsX1vx8HX+zwqGZwXl+oHQLvjHyk+chjPj40mXyZNR0b1zzZOHkD9WR2vH48/ff149mns+Bzi1dutM3IA9XSytR0Rn2sXf5K37WQeaRZ/uuNYP4mIhYgYK9r3rX20IWlK9+NzmL30GH8li795O6QRcbG4z/Ivf2D9rR9rDTp+AMrp+aViR76VLTX2f83nKxr7/3z886SRO73/UzK5Ye//Oo//Gvv78Xzck7aMw7Ixy7X2/3K0NeNvP7vyq07118d/s08bt6z+xlhwEF5sR8y2xP/TLNhi/JPFn7QZ/2ZFblzsrY5v//kfVzqtG3b8tWcRp9oe/7wblWapPc5Pnl1dq64s1P+2reP3f/jBbzvV3z7+E32ItL1s+092iL9p+6etj8uek/vt/+V2a8bvrj2706n+6a7bP/37WFI/3hwrcn60vbm5vhgxllwtihT5S5ub6+d2/v/LUzuX62Ve1fL7xXr8p7/Uvv/veP23RDXReMvswf3v3X7Zad2HvP6b3pzf1HpsQydZ/Ce6b/9d/T/L+2WPdfzn+w++0Gld+/iTfcUEAAAAAAAAZZXm52CTdP5tOk3n5+vzZT8Tk2n13sbml1fvPbi7HHE6/z7kaBppkn9lZKa+nKyuVVcWi+/DNpbPtSx/JSI+johfVyby5fmb96rLww4eAAAAAAAAAAAAAAAAAAAADompYv5/4zrV/67U5/8DJdH9AnO7rv8AHBP9vMAkcLjl/X+vXfxHg2sLMFj2/1Be+j+Ul/4P5aX/Q3np/1Be+j+Ul/4P5aX/AwAAAMCx9PEXn/81iYitb0zkt8xYsc6kXzjeRt+rdKVv7QAGT4+G8np76t9gH0qnp/H/f4sfB+x/c4AhSNpl5oOD2t6d/3nbR76zvf+2AQAAAAAAAAAAAAB1pz7pPP///eYGA0eNaX9QXvuY/++nA+CI89P/UF6O8YEus/hjvNOKbvP/AQAAAAAAAAAAAIADM53fknS+mAs8HWk6Px/xqYg4GaPJ6lp1ZSEiPoqIv1RGT2TLi8NuNAAAAAAAAAAAAAAAAAAAABwzGw8f3V6qVlfWmxP/25VzvBONq6B2L1zrocyeiW/Gez4qksE/LRMRMfSN0rfESFNOErGVbflD0bD1jTgczcgTQ35jAgAAAAAAAAAAAAAAAACAEmqae9ze7G8G3CIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGLx31//vklierD+gp8I7E8OOEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4mv4fAAD//+uzO4c=")

8m28.855320877s ago: executing program 3 (id=8684):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000002c0)='./file0\x00', 0x120440a, &(0x7f0000000240), 0x2, 0x24d, &(0x7f0000000300)="$eJzs3T9oJFUcB/DvzO4ac7fIqY0g/gER0UA4O8HmbBQO5DhEBBVORGyUixAT7LJWNhZaq6SyCWJntJQ0wUYRrKKmiI2gwcJgocXK7iQSNytqNtk5Mp8PTGYm89783rDzfbvN7AZorAtJLiVpJZlL0klSHG5wb7Vc2N9dnd28lvT7T/1SDNtV+5WDfueT9JI8kmSjLPJKO1lef27nt60nHnh7qXP/h+vPzk71Ivft7mw/uffBlbc+ufzw8lff/HSlyKV0/3ZdJ68Y8792kdx2GsVuEEW77hHwX1x94+NvB7m/Pcl9w/x3UqZ68d5ZvGmjk4fe/6e+7/789Z3THCtw8vr9zuA9sNcHGqdM0k1Rzieptstyfr76DP9d61z56sLi63MvLyxdf6numQo4Kd1k+/HPZj49P5L/H1tV/oGza5D/p6+ufT/Y3muNHOzP1DMo4HTdVa0G+Z97YeXBjMs/cKbJPzSX/ENzyT80l/xDc8k/NJf8wxnWOdjojT0s/9Bc8g/NJf/QXIfzDwA0S3+m7ieQgbrUPf8AAAAAAAAAAAAAAAAAAABHrc5uXjtYplXzi/eS3ceStMfVbw1/jzi5efj33K/FoNlfiqrbRJ6/Z8ITTOijmp++vuWHeut/eXe99VeuJ703k1xst4/ef8X+/Xd8t/7L8c6LExb4n4qR/UefmW79UX+s1Vv/8lby+WD+uThu/ilzx3A9fv7pHv6K5WN67fcJTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDU/BkAAP//d4lu0g==")
mkdir(&(0x7f0000000040)='./file0\x00', 0x1c8)
syz_mount_image$fuse(0x0, &(0x7f0000000080)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@nfs_export_on}], [], 0x2c})

8m27.859508872s ago: executing program 3 (id=8690):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
io_setup(0x6, &(0x7f0000000140)=<r1=>0x0)
io_submit(r1, 0x2, &(0x7f00000000c0)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0xfffd, r0, 0x0}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
shutdown(r0, 0x0)

8m24.989990846s ago: executing program 3 (id=8699):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
clock_adjtime(0x2, &(0x7f0000000b40)={0x5, 0x9, 0x1, 0x5, 0x9, 0x9, 0x1, 0x2, 0x8000, 0x35, 0x2, 0x8000000000000001, 0x7e, 0x7, 0x2, 0x4000006, 0xd9, 0x1fd, 0x4, 0x7, 0x5, 0xb6, 0x1, 0x4, 0xffffffffffffffff, 0x5})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r4, 0xc004743e, 0x110e22fff6)

8m24.959848526s ago: executing program 40 (id=8699):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
clock_adjtime(0x2, &(0x7f0000000b40)={0x5, 0x9, 0x1, 0x5, 0x9, 0x9, 0x1, 0x2, 0x8000, 0x35, 0x2, 0x8000000000000001, 0x7e, 0x7, 0x2, 0x4000006, 0xd9, 0x1fd, 0x4, 0x7, 0x5, 0xb6, 0x1, 0x4, 0xffffffffffffffff, 0x5})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r4, 0xc004743e, 0x110e22fff6)

7m24.293263862s ago: executing program 1 (id=8937):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900), 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
fsmount(0xffffffffffffffff, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@noload}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x562, &(0x7f0000000440)="$eJzs3d9rW+UbAPDnpO1+f7/rYAwVkcIuHMyla+uPCV7MS9HhQG+8miE9K6PpMpp0rHXgduFuvJEheOFAvNd7L4f/gH/FQIdDRvHGm8hJT7quSdasy9rMfD5w2vfNe5L3PDnnefOenIQEMLQmsj+FiJcj4psk4nBEJHnbaOSNE2vrrT68Xs6WJBqNT/5KsvX2R0S59Vit+x3MKy9FxK9fRZwstPdbW16ZL1Uq6WJe3xsLVyZryyunLi2U5tK59PL0zMyZt2am333n7b7E2fhy7f/Hdz848/Xx1e9+vn/kdhJn41DensXVh25ubKxMxET+nIzF2U0rTvWhs0GS7PYGsC0jeZ6PRTYGHI6RPOuB/77sZbEBDKlE/sOQas0DWuf2fToPfmE8eH/tBKg9/tG190ZiX/Pc6MBq8tiZUXa+O96H/rM+fvnjzu1sif69DwGwpRs3I+L06Gj7+Jfk49/2ne5hnc19GP9g59zN5j9vdJr/FNbnP9Fh/nOwQ+5ux9b5X7jfh266yuZ/73Wc/65ftBofyWv/a875xpKLlyppNrb9PyJOxNjerP6k6zlnVu81urVtnP9lS9Z/ay6Yb8f90b2P32e2VC89S8wbPbgZ8UrH+W+yvv+TDvs/ez7O99jHsfTOa93ato7/+Wr8GPF6x/3/6IpWVpqsd70+Odk8HiZbR0W7v28d+61b/7sdf7b/Dzw5/vFk4/Xa2tP38cO+f9K8uG9z22PxR+/H/57k02Z5T37btVK9vjgVsSf5qP326Uf3bdVb62fxnzj+5PGv0/G/PyI+7zH+W0d/erVb2yDs/9mn2v9PX7j34Rffd+u/t/HvzWbpRH5LL+Nfrxv4LM8dAAAAAAAADJpCRByKpFBcLxcKxeLa5zuOxoFCpVqrn7xYXbo8G83vyo7HWKF1pfvwhs9DTOWfh23VpzfVZyLiSER8O7K/WS+Wq5XZ3Q4eAAAAAAAAAAAAAAAAAAAABsTBLt//z/w+0rb6Z3/u/CYCz5Of/IbhtWX+9+OXnoCB5PUfhpf8h+El/2F4yX8YXvIfhpf8h+El/2F4yX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoq/PnzmVLY/Xh9XJWn726vDRfvXpqNq3NFxeWysVydfFKca5anaukxXJ1YavHq1SrV6amY+naZD2t1SdryysXFqpLl+sXLi2U5tIL6diORAUAAAAAAAAAAAAAAAAAAAAvltryynypUkkXFRS2VRgdjM1Q6HNht0cmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjk3wAAAP//cHo1gQ==")
r1 = open(&(0x7f0000000340)='./file1\x00', 0x185102, 0x38)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1000002, 0x28011, r1, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
sync_file_range(r1, 0x6, 0x10000000000000, 0x2)

7m23.488629135s ago: executing program 1 (id=8944):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x1000}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x80}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000800)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x40040)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r7)
socket$nl_sock_diag(0x10, 0x3, 0x4)
ioctl$SIOCSIFHWADDR(r7, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="630000004ec6"})

7m23.15511852s ago: executing program 1 (id=8946):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
getsockopt$sock_int(0xffffffffffffffff, 0x1, 0x1b, 0x0, &(0x7f0000000440))
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={0xffffffffffffffff, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f00000003c0)={0x24, &(0x7f0000000040)={0x20, 0x22, 0x19, {0x19, 0x31, "a72ba5bdc7d2e70f5ae25d379a83a4463dc4d6374ecc73"}}, 0x0, 0x0, 0x0}, &(0x7f0000000780)={0x2c, &(0x7f0000000400)={0x40, 0xe, 0xf, "1ff3a44e51a45e6d3c2ec92963ded2"}, 0x0, 0x0, &(0x7f00000004c0)=ANY=[], &(0x7f0000000740)={0x20, 0x3, 0x1}})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
r3 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xb, 0x7, 0xc9d7, 0x3d, 0x1}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x11, 0x4, 0x4, 0xa4, 0x4}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r4}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)

7m21.503979445s ago: executing program 1 (id=8955):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001800000032000000020000000000000000000004ffffffff0000000000000802000000000000"], 0x0, 0x32}, 0x28)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x8)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x2, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
r2 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000080)='syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r2, &(0x7f0000000180)='cpuacct.stat\x00', 0x0, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x2000001, 0x0, &(0x7f00000000c0)=""/72, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000840))
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000200)='./bus\x00', 0x1000000, &(0x7f00000005c0)=ANY=[], 0x1, 0x126f, &(0x7f0000001600)="$eJzs3U1rY1UcB+B/2vQtY5uq4+gMiAfdKEKcduHKTZEZEAtKtQMqCHdsqqFpU5pQiIhTV64EP4aoS3eC+AW6ceNaEES6cTkL8UqbjDNp0o522lSG59ncwznnd8+5veXCDedw9175cn1ttVlZzVoxUihEcXMsirdTpBiJ0ejYiRdu/PzL02+98+7rC4uL15ZSur7w9tzLKaWZZ35475Nvn/2xdeHGdzPfT8Tu7Pt7f8z/untp9/LeX99ErZlqzbTRaKUs3Ww0WtnNejWt1JprlZTerFezZjVNdse4275ab2xutlO2sTJd2tyqNpsp22intWo7tQqptdVO2YdZbSNVKpU0XQoexPLXt/M8j8jzsRiPPM/zqSjFhXgkpmMmyjEbj8Zj8XhcjCfiUjwZT8Xlg17nPW8AAAAAAAAAAAAAAAAAAAB4uNxn/3+hf///xHlPGQAAAAAAAAAAAAAAAAAAAB46h/f/FyN8/x8AAAAAAAAAAAAAAAAAAACG7D7f/z+0//9F+/8BAAAAAAAAAAAAAAAAAADgLEx2DkspTUasf769vL3cOXbqF1ajFvWoxtUox59xsPu/o1O+/tritavpwGy8tH6rm7+1vTzam58bK8dsYWB+rpNPvfmJKN2bn49yXBw8/vzA/GQ8/9x+/rNOvhLl+OmDaEQ9ViIK3as/yH86l9KrbyxO9eav7Pc70ugZ3xYAAAA4TZX0j/73951up4Htnabu+3nq9iwc8/vAoffzYlwpntdVc0ez/fFaVq9Xt05YGD/6POO9NVPdniceqxARWU98pvTb0v4pTzr5UyuMDnXQseP7PMA9jeL/4I95CoXfv7qnZjKGO/pI9x89q+8/P/9dKnby/EwnNj6oaeK41NHPjMIZP5MYnrs3/bxnAgAAAAAAAAAAwH8xcPXfVET0rQf8qK/mzvLw3nj/mY8e/YshXCEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//+E38bU")
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuset.effective_mems\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000380)={'#! ', '', [{0x20, '{}:'}, {0x20, 'vfat\x00'}]}, 0xe)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
r8 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r9 = syz_clone3(&(0x7f0000000740)={0x101820000, &(0x7f00000003c0), &(0x7f0000000400), &(0x7f0000000640), {0x38}, &(0x7f0000000680)=""/71, 0x47, &(0x7f0000002880)=""/4096, &(0x7f0000000700)=[r8, r8, r8, r8], 0x4, {r2}}, 0x58)
ptrace(0x10, r9)
waitid(0x2, 0x0, 0x0, 0x4, 0x0)

7m21.101305641s ago: executing program 1 (id=8957):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getsockopt$IP_SET_OP_GET_FNAME(0xffffffffffffffff, 0x1, 0x53, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_SUBMITURB(r3, 0x802c550a, &(0x7f0000000280)=@urb_type_interrupt={0x1, {0xd}, 0x80000001, 0x1, 0x0, 0x0, 0x10000, 0x8, 0x0, 0xfffffff9, 0x1000, 0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
r6 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r6, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@local, @in, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {0x800, 0x2, 0x6}}, {{@in=@multicast1, 0x0, 0x2b}, 0xa, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3}}, 0xe8)
sendmsg$NL80211_CMD_START_AP(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x1c, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x40)
timer_create(0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x13)

7m20.698302007s ago: executing program 1 (id=8963):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x92)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000780)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file1'}}], [{@seclabel}, {@fowner_eq}, {@subj_role={'subj_role', 0x3d, 'kmem_cache_free\x00'}}, {@func={'func', 0x3d, 'KEXEC_KERNEL_CHECK'}}, {@appraise_type}, {@obj_user={'obj_user', 0x3d, 'J\x9e\xd8W\xb8\xa9Iu\xa1kC2h\xf9m\xfd\xa9.a\xb6\xab\xc1\x8b\fSk|>\x80\xf3\xa6vV\xd0\xf1\xf7D\x7f\xce\xcc\xeb\xc3p\x87\x1b>\b\xaa\xe6\xeej\xb4{)\n~\x14\xf5iM\xdd\xf68u}\x96\t\x81E2Qn3\xd7?\xcd\x9a\xc3\xc6\x11K\xf9\x1e\x8c\xfc\xdbe\xe6\x8a\x99\x80Gg\xd8C\x94\xbe}\xeb_V\xd2\xeb\x81\x1b\x10\x8e@\xa8\xa4\xd8\x0ev\xb4\xeeb\x016\x859\n\x94\xa3\x19\xb6y\x84c\x8d\x03'}}, {@fsname}]})

7m20.463396351s ago: executing program 41 (id=8963):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x92)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000780)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file1'}}], [{@seclabel}, {@fowner_eq}, {@subj_role={'subj_role', 0x3d, 'kmem_cache_free\x00'}}, {@func={'func', 0x3d, 'KEXEC_KERNEL_CHECK'}}, {@appraise_type}, {@obj_user={'obj_user', 0x3d, 'J\x9e\xd8W\xb8\xa9Iu\xa1kC2h\xf9m\xfd\xa9.a\xb6\xab\xc1\x8b\fSk|>\x80\xf3\xa6vV\xd0\xf1\xf7D\x7f\xce\xcc\xeb\xc3p\x87\x1b>\b\xaa\xe6\xeej\xb4{)\n~\x14\xf5iM\xdd\xf68u}\x96\t\x81E2Qn3\xd7?\xcd\x9a\xc3\xc6\x11K\xf9\x1e\x8c\xfc\xdbe\xe6\x8a\x99\x80Gg\xd8C\x94\xbe}\xeb_V\xd2\xeb\x81\x1b\x10\x8e@\xa8\xa4\xd8\x0ev\xb4\xeeb\x016\x859\n\x94\xa3\x19\xb6y\x84c\x8d\x03'}}, {@fsname}]})

5m58.033491509s ago: executing program 2 (id=9403):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
r1 = syz_open_dev$usbmon(&(0x7f0000000180), 0x2, 0x101200)
ioctl$MON_IOCQ_URB_LEN(r1, 0x9201)
r2 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
fcntl$lock(r2, 0x5, &(0x7f00000001c0)={0x1, 0x2, 0x5, 0x73})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000cc0)=@updpolicy={0xc4, 0x19, 0x1, 0x0, 0x25dfdbff, {{@in6=@loopback, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x16}, {0x0, 0x0, 0x7, 0x0, 0x0, 0x2, 0xffffffffffffffff, 0x1}, {0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1}, [@mark={0xc, 0x15, {0x35075a, 0x8}}]}, 0xc4}}, 0x2)
sendmsg$NLBL_MGMT_C_REMOVE(0xffffffffffffffff, &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x50}, 0x4081)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f00000002c0)={[0x8aba, 0x4, 0x1004, 0x804, 0x5, 0xc, 0x120000, 0xff, 0xffffffffffffffff, 0x9, 0xffff, 0x4, 0x0, 0x105, 0x400000000000006, 0x5], 0x8000000, 0x141200})
ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4400ae8f, &(0x7f0000000100)=@x86={0x40, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x8, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x80, '\x00', 0x0, 0x5})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x4)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xb, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x18}]}, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_xfrm(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001040)=@newsa={0x138, 0x10, 0x713, 0x14, 0x0, {{@in=@broadcast, @in=@multicast2}, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x0, 0x32}, @in=@dev={0xac, 0x14, 0x14, 0x40}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, {0x2}, {0x1}, 0x0, 0x0, 0xa, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}, 0x1, 0xe}, 0x0)

5m57.697671625s ago: executing program 2 (id=9405):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x18)
getsockopt$sock_int(0xffffffffffffffff, 0x1, 0x1b, 0x0, &(0x7f0000000440))
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={0xffffffffffffffff, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f00000003c0)={0x24, &(0x7f0000000040)={0x20, 0x22, 0x19, {0x19, 0x31, "a72ba5bdc7d2e70f5ae25d379a83a4463dc4d6374ecc73"}}, 0x0, 0x0, 0x0}, &(0x7f0000000780)={0x2c, &(0x7f0000000400)={0x40, 0xe, 0xf, "1ff3a44e51a45e6d3c2ec92963ded2"}, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="2001b40000001d1708eba4b887cb30f8811c5e5af75ed0863dc6bf068bfe9f58ff5dfefd8c59266efc8ed1f4eed167ca60788780d524b6d1b04dab8611cb96529bf0cf991711e57d20"], &(0x7f0000000740)={0x20, 0x3, 0x1}})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
r4 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000980)=ANY=[@ANYBLOB="ac0000000001010400000000000000000a0000003c0001802c000180140003000000000000000000000000000000000014000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8000000000000000000000000000000c000280050001000000000008000740000000001800068014000400ff0100000000000000000000000000010214781cf645c0a4bf4c9bc289"], 0xac}}, 0x0)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$LOOP_CTL_GET_FREE(r6, 0x4c82)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xb, 0x7, 0xc9d7, 0x3d, 0x1}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x11, 0x4, 0x4, 0xa4, 0x4}, 0x48)

5m56.169737278s ago: executing program 2 (id=9410):
r0 = socket$unix(0x1, 0x5, 0x0)
listen(r0, 0x0)

5m55.42658758s ago: executing program 2 (id=9414):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000280)={[{@nogrpid}, {@jqfmt_vfsv0}, {@jqfmt_vfsold}, {@debug}, {@nombcache}, {@quota}, {@nolazytime}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = pidfd_getfd(0xffffffffffffffff, r0, 0x0)
ioctl$F2FS_IOC_SEC_TRIM_FILE(r1, 0x4018f514, &(0x7f0000000100)={0xce0b, 0x49d, 0x2})
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001000)={&(0x7f0000000e00)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x8}, {0x0, [0x2e, 0x18, 0x0, 0x2e, 0x5f, 0x2e]}}, &(0x7f0000000f80)=""/108, 0x20, 0x6c, 0x1, 0x6, 0x10000}, 0x28)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001040)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fstat(r3, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0})
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r7, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0)
syz_fuse_handle_req(r7, &(0x7f0000008100)="58785f58471eb4b5b3ff3946acaad41068511507291e72541d949ffc8a54ff637ccef1fe8511899ea7f3c82cbc6539763a34f6760c1608c911801ca672e62708ba4fc023749076ff6a0daba0caa57000acbd9ecf5e97201f7f14e715bc8c089c3d65e92fd65dedb76d61715067ccf6dfec2b56a48f2b274b564d90c3d868f2bdc07b7e636ad78904bca826fa69b7783e7be2b8e7c997b99225467747875695f6d500cb82b479fe9486bb94e06f796f89906bbfccc964830f86986760ade90c3f7a9dde3172a5124c1889075ad30b5ee2a5f257a6ac790a8e89b247ccbc8d241b7b95f8fc649deffc1bc37d51a8c3dfae38ac968eb48695de38df941f9632ef9ad6779e41ccea8a3ff1cac4fa4b47a152a8f9a1bb0094f41580bbf60fa11cfaf2c535a12c866e9414ee9b58226fbdb0d221e1bdc50e3fa300351364f6350030383856f1f809aee19f337f3d3435ae6754916be1eec24643cec1bd1007ffa38418735988cc901603895f66bd6450d54f99e1246ded898499d2a447f899c00368ce1dd4a4f4cf9cdf7d4f8b38dcb98a598ac490f1086ec712b0cb94610abfdb25b0f6947b46e1dd628897ab68445568578049fa6140250a5d821d70f102fadc2fa273a6e486f250712ec847de3b02a121e19775311e8629045f3404bdfa3207aecdac43c3571b86a9423bd716aa67cb688f9ee4f2b14ea42c89f2766c78fd4ec41ab34eebb4256e885bd7e3abe4348772993bb630aa3397084bbc66cdad664d6a9d33767cc375a44dbc0b08931053a6780a796fd31e1d7c512599f9e010883a52c07ec0938ce1acb3fe3baac6af9fb7e9d7942662e41bd3626d240d5ed34ebcbcc0ccf1c3280c76fbf6cdfb04bdb2d3b4ec6a8961b1eb036b211eff6247b95039cc67d222f2ff122340c56d74b4fffa79a202144bb10ad766f1fd6b32abc3e09213da84b36698e5c67dbd76342baf2fdbd26e9563dadd01fce19d7ec025d05d0494e53229379d13c1cae48ec058cff0bc1ccdc94a74b11a9bc87c580bb6a3f45fe15d15d89bf6102dc1085bfe27b2ab462aaf642b8ceed519cf88b31e9e00fdc23e8f6967a72b4c38b2458656dbf26dd75586731bb519a97d0ff43f4358cd40c7ed371ae8a24f46e320d4c4c0a1b8c42f10908a1c283d8032d76f52d4509d78c2f3a0716c37bc0c786ce9174a88d468e88a6d154e4712778aecded0ca5de28e52c04e33672ecea5135438e908aa1bf00e65ba6dacc4bd018b7bb1c30aa5d9acc679220cb5e7207f1759bd7722d10469225aae24973031a21358532a63aab42f33b1f8f40d545fec7799703ba067592b34247fbc7375acdcb3883ace7d34cf33484f2cf662f3f0e18b5c475ae311fb20f6e6b85320b2bc37e56512dc27815b37bfd9f172be1a119197eb53b535c440fd7f24724e1d466309c0f8556965bd02d75c3dbe2baa0c6a515db07af1f77306577d0b38f0aa8cb188cf5523368951b8210f4bfc6afa0d058ad84656d27a46faef225e6268396ecb54a5182591bff3a86792db5454e238afe7c26eae85fd3c1c060760d89223bbdbe8966ae2558f47d799839cd959c974b69ad262cf8ab4fee554288e767ede9bc5d7f0cfba05966ef7858e41db363122680abe978345d45e4b52b73fe9f52ad26371a5b0539d88aa0c572aa01a41b079dde5a14e031ad903629d06c8d85ad82828c25a9ba7ce0fef2316eb011643e47feca7d280833f8b3008841fb2d88ea84df65b03aa5baaa29d6234ed5db8db461fc5df77aad38690277cd5dac1ed3c23c9f2778295578561f9a4d31159a826b4b62b2a867e6e8a9514edddaacad22106880e6633fb2f3b17c8d10bec633d6128489f7253b3e3e38e5942743ddd1547dfab27a152549f61891e3a5ad17f733b042f7ef915ad7423b9719fee9142407fe1d10ec8b64a21cd24fd39de4496ca3f394f07149bdbf1393181b5afee090ff40ee31d34a9c6a113e3823fac425fa85e212de1a9f7c4937ba64f3327961fccf85e6fa29be12de9589671d60d4658b1562ce7dedcde8ec79d265c13f5e197b66989c3f067d2801fcd78bb92b45e55fb4089a7cd3b179284af782ae0327ba56fc307a281772384448ee465dccefe41be8d75c8cd0eb5c0217d7ca706848f9b82500b77c2d838cbd536304556af87d3b6fb9183b5dc9cf2d0f7ecbb24d9f790151b9c6092dfb2c14decbe6448362cd7c13515f66a99c37b56134d12e8c7f1a5b75e14e47f84d8658f0b65ea91014e2e4fd361f03dbf8ca509d426ca1bba7e43ce918268393ff16b17d9e1bb49fb2b4f6eeb8b4b226c79303b19412a55b7ea7c8774ccebd8d66abe117a8be9a3c4faea730902136df57aff991b59dd71610ba4c8e1cded8287c21c56526f4fb6c502ea73ae310d56640990b3e695b278de6e1eebd51108cf7547c0e457e5fdf59691baf080dd3f5dc3c9a10bd4cc5e10ba42d4d3d9dc4f7ebe0bd2981a1d6fb06f7457dca1e56fac3f0fa7ca19ec2fb7940ee837e960d93a73bf085eaa2888fe3025aadd33cae85d63273be6ae3a92e35d78602d8e23b9460f04b7c0e0e710d10fdb0dd3fa9b880865603500d81dc7e968e8046569830b526e441f25f8b0af47d524aa80fd7dd9c3f72facec2032e2c06bc33c6b739c5368bf54e32b6acdca9d2d14276a8348ae92bfbd60f6aceecf98f3c6fe70747499b25667a96c52e21236421b27deafbc6b5e2b8a4ea2a0d3cd5ee1a10f3153b529b5c04a1961223a943842e17ee0cd114ce6983536400fc40f3d4708436954803fd60caf2b5ed7e4ce90bc75385e2424191c6a5038fa15d99aade49fa1affe63fb73078a6bb4ee560b0b521aeb33f507bdf876829f4d3f695197468e41503a10870a8e6df800608ac33dfdecc03f64d03fb6180287a684063c7edfc8db1366f6bb502fe446085f6acc4741b273a0b736f0f55da28967390bc7434db54ad0da9d1d002ceaa5c3e53efa95e7aaa792db32501a072e669da29fb734d771a6fa8c753fb2fcc204e31d668992473e7937fcf751bc79b125db1725f2a495bd2a4207e4db8d44810a4db5113705c5cb8733866ade3375d1bdbcb965cbd927e7d285f2933bf037911959088b64cfac0ff1e39244f2e9416653ed87ec564eb686af1062354a8bd7034c1022cb0d0b6996762ef4a0a3ab4f3deb459f023a867a38fcad2a10fcf0872862b386ff7c5ea7ce13abb112d1f0ed0723870eccc76d16f7e3cc00e28945bb93d9f2bd8e2017993102f0824867ec141f20df951202a2ab1cd796516ca0b4fdd9e6de8b82fcd30f9ab85cf0a5547e1ad1ef1ad5be7a878a16864d7c06b4ae002f3ba485a9bb36b8a591ecb64a4a5c0fd3b4beb015f58ea4cfe190f3b46cc4d9108d10c52a9de859814edac575d2a3d937a9b31db049e70aa76c085ab63d61c1317205c228f7027fa39125de8fec40ed7982e36a7cfa9fedca30f0b692bd4c7794f6b56d69ada1fed168cf03cc57321fe37e3a8cea4bd093e87b657fe5acb13d2591bebb52898362ddf0335810c70a4838faf8fff16301d16707eaa38e52f913f8aa3e27b2387ca1a217ac69966e287ad5cb0286535d5d00b7006661dbc7923a066945c1a2040a4e95d7b0de4dc8217bf1d4e9b6cccc671fdd9a5770c21e749b407df8c463a3bf17e47bfcba6a890a0435d3fbb7252fe072b149b7bfeb185b088686dd70e0c9cda275497b553aff2b319f7d7b0ed64002c5f9f6ccfc3d55d8c908d314487452f37a650f4561326a84c660b6111702a87db03595b5d080c60288203f091de9f78b997e47233f4bab9b044a98ab118a6c45b7ca746cc2fb90182a923d67216412e24a955c0c2307acc47bdd319955249d8412a5ccf444437f53f524c69ba0167c920f0c1f775cd1a225636200a9e4adf61f418d20f717339d0c8c5386af0936f628cc589a8d5581c1c8cad0b564a3f38b606473280a3fa586a5ba932fd38eeb23096df29a92ab54c409f88ef4f03217f0bb90fea539e629d8a025c802f6b5c3d735fe950c8ff7136e6db287851dfbffea1ef81491a50cb75a103367e85afa3484d6af865dfbca91dc05632b0d94aa384ee0c585424a5ddf80babe0b913b0a2eedda34c7ea7814642a69f8eae868274b16fe0f52fb60b201e6685dad3f419413d5b8186992855a25ffe0d4773a14c7977181a120cbc42af4f9acca3fee1d54ccc125ea49b62ab60c58a0ecdf50ee7c16f3b6b12b254fc08fcc85d409eef7c3f30cf705617f926a17e6588a9fd7e34be9fd863a7b157a2d9a336356d568c2d2dbaf76c2d2b2ff8703748b860e36f02b04d6e4f2fd49511f12ce395dc18622cd51948a32cc432cd797d8a68838cebbbdd9bcb6f2e85719785706012e894cb043bb9a53998131fd4aae3321d81fc001e718c4a99c0580af1d4a0c81665cc5adcf337c8bc00fc0fb3c7be0d5e5ff6a6fae5891858eafedbed69223170ccc71ce36ae439d769c3520972601fbab93f54808d6950cb7cf1e5a3b32d8c6a975e3adccca0b2ee28a4eb5ca3b0ceb9d31a8f767c3f4486a62215171738007675a55abf5916513f7eb9b21ff291f2b4b48bbfcf394cf861fe016b3680be422a8bff49963ce096d1bc17186822b1392e68b1a05fa6c70bd2d9a164f12301a6e78caa8f4cd43749704829f54c5d93637aeef80794d3f206741363e74fa181c9f1dc47557553de620794f096c59ccd74a178f5adb466ad5a62fffc1886f56ebceca4ed46ed2396bcbc31160b4eb1b7d69642e33315e3adbdbe1b9794931e7babf745ecfca37dd4190013793d530df12d6521bc069a05a94e0ffe91900a0c2209a6914d2f85bd161ff77284198129a9b1ba600bda3e52769d39c1bd61c4a70c627c3ad89aa0bdf0c93a2c35e166da9a08b4d2f92deacb6e9034274305b6d254c4052868ba32bec9aa3cec75debe24e78e43374efffe444722a983935f9007fe3de37dd83c52be16e034d09592a179275dd0c91281be579cd19c0162123886893713f25cdae19cf258926bf2070741111eee6b3df708c3fc416b7d046c948bf8500779c0cd5460e640bb1f860f58052b8087e6eb2f16e48f4984c9f9fc9fb2652ac5305861ece5362db08ae912ba055af766da1322057d0bfa647d98b8d4f1e7ed43ecdf1050c0eb19dae93b8014da57241cdab4ffacf0ec1348d4a89b3e8ff187098d83d8eba34e5c7ad4215f1977968a9d337d08fd1188754e7cf41baf0189ccaa5f3b1005f807b0255ce1920ca7d919e4684af70c3d089a99922727c607a2b06e713dd61122842a913036f6cd64dfb313fbdf639fcbd712852bb85337d056685b0a54225ae27e1e8c7ce5acd1f017b8f712c268b9cc0ee26d26c63955df0591f52ef3ef5e6f0a8b0a40fccec5f945431a2e81c35720d178feb481092e4f51978493c5fd502f252bc0152f145f268ead14932990069169483ecc7abc901657460c8730715c078b61059bd2621f50fb838376e0b808a3f118f761efea45bbac4274016960063cc67c428e72e516685552dc3bf473e442d76f2d3ed07b319694490054302a538b52e3b8496b7e37fbf4a2ffff2b484f98fdb14c66ecb8447834733f8a7a5a3c83de34b6647842dd56d8201f9d9240f3b3a5b5cbccf174a08853d06fd164fe74e04608ae12df8a35b73517d22a87c7ebca60942932d03102ff7e8644611b5520b5ebce950945498ce19210c866e48284d18fb7e049deaa43ee5283e3dfad7316ba85490e93182d13efe7ba64ee5ceeaabcff3eb24d46a3a129dd5a6b82e8c48210cb1e6564833f3e15dda4dec383b4319741cebf6374cf2c5d64722afccf7c4e2d81ae28d45f2c35b764281f1f08fec8f8e9277277ae1ae8a8981f85e041d2450afc9374e978f73b66da9aadb2087223f28e21e946eb07710ec86cdcad0948d4ca93827ea34e28806d172c3feb83471ed2d4d7ada2360b209d16b9d35861082d85b6be3c3589a6bdaf6f9b5d52ac8fd7388e32b24f1d5d34b5442c1ceebde311decd709f075d064f07bc60ab14c101ef51039eed56ae1e0a374e3e956603737b3a16db684a81e9b8998a0bb9b17a0876a92b2a3b9924f44b16ae4c7ff376ea8a8c91b504c1dbeb522cf846fc3ec6b9a01f452eeb35cade34c6a0463b92c46e013ee7906ee934141870ddd1464ae688805933504a2dc7cb1f947e28bf22f5eea6afb5de3b950056bf44065b84fd5589385d0feec4ef1db4fb4b595957130e575dc383e3686f4674143debb23e17b398f32683fb4805f297369d0e5f2e63af6891491e4e37186b4a3dffbbdcfff63d1fea4e12d24ef96fde3ed7a323a3605cdf5eaa43da738004556c2c20aa30c40079bc2e9ebe102c1fcf5259f1e3acc6b2a2bc9da4d0b1252433c58a1810581152a235e93deabf7f728eace350bcc4db4f249d4234bbd858c4e61a0eda4e3db0ae530c78eb63425502d651fd0cb986341ba69c44ede18eb3ebf25b2336cdda02447a9e20426d8206368c63b5fd6828612d3b99f627e331bab0009579de8270c36aa03861c300d34f2a3703870712325190073e6c17d8699f6744acb1b5468f93b57ab0366796181a4f543511d7ea2b32606c33cda61e81ed1c2194d305be47a3f1a9145d023620af12e79ec188573526ec35b9ce44e95fdb3530bd0431dd12a227d0ffe317cda1bbd787979261d6c9cf728b3d6bec3ba6ae15a595a30fc242bc5f25d837c1c642219afcfe043bb68a82965574b8b2139789235b262cf4af95a538e6954acf8e27ac3c95328df6e4bd615a376cd96bbc9e0d9802fbb40f80a848225e076219e26e0e63f57330b8bda69ec8dbd8b3272798cbfbb085b1885a1c22b3e2df2a879020ac1110b7af4f53ac97f556596ba0e164df0c85842026a87cf9631c9c9d851549efd8ca37e3b863e88436d5da5f4d3b5b5528e2d08d92b0d3ac6a06a0699653718e93a25b5afe254a068e300751eb6c67e3f5a1813d58d428f1ec108b88ec81444ccb50e8452941510c11f2e80bfd712f64b32b686c92ce922baf6c8eed1e9f0717a654d53b3ce1001880de80b5b15362b20286db9dfdf6c41f48aae84d5ab12ac45310f0eefc56e54113bcf95c1b2a259895af2ae9c679de4e2b898bf8a40a199a2059f8248c1303351dca3fb38906a682f66a94ee6ae6eafa7144758fabbaa60debd6eaaee7b2f1051781084b3c9d626263d011a3daf971b708750a77614753b89b5e1a77a52510ced5708083fb48c554dfd6aacfcf97650f3a3b3f97566050e76da968d4eceb83bc1e005ed1596d6e0ec5e2c90231e62496d7435ec5b28f805e3b7aefdd3718e4ff53065b8e4b15175d80eec59218d8278e711c6049bf6d62ae7069578e957135463d7616b37c1e4bf44d60dac6c7aa04cbbc4a64bb0cc0b059abb6b26f8ed5203232ddd8a6c5882e6e6c53068a71bc84c5834104e85bc96db2163798a3881929248b8c788e5bdc9e46e5f7f3f6ad43fad6fa381a0b924bd938702470b330fb90ba73d557c0d203d55edaed6e3a01aeb53b061dad57713ab27e1a9e0d06b534a65d85beb061bb5258bbb38179ea612a6f402affb8ca018ebf0d6f61d44d5a657c080c7d2dbc9b08c07713b17b0f173ada59b57abb401212f4f1fa026491b48d08cf46a704ab43e46de8ea596d68658523b61a156278b3b77bd1f4491381bfd874ed72b00675fd5b4b7c0ec13c6837434ba8e22230d32e7bb1287e488e14f5c5602cd4ca88012b244c7f23f4897e27027aa862ca139bc8b5fe14be7554832ab02e4ba19699a1e66825d94c7c44451062819a38d3376f0a3716b210c7adf4bfbbc303058aa2e054b3bd53539764f177b11b05451705550f90196997de3d1d480e500cd9d234078cb1a09c63d8911381d327402702c2765fe92b8ba3a0189b2b11b7460996c36eaae3ecb4f4e63bfafd7953ff086dfc0b12e616bbdca4707631467b830d244bd3f4371744bc8a4baac728a397818875d1b6a4a2f0d10be607122a6fe813f52e4456b8a5eb6c9ee0cf889f777a03cc26a055f9f259cfc4f8552b568a4b371260af062619dfb215ecfe7b318f8d627d2777bd5103d6ca2948d19d5812112962b63c2bf3d090ff19185dbc5ad49a580451de717c0baa288cd96669babe88a8b1ab6d0936c4c407878786695f46f59ef06c5c2166b661542c598b6e0551d490946182841184a7a0e669c6ccd73a342f65c4525dc7522dccab15fa72bd07588b5bca71635b9466ca72a504c74cca1c573e8d40d83d1b5c5326481ff8a2055a2e0fb997fe8e4787deaa2a8a57afe74a971e7f1f280895f2fc9d99c41416adef7b70ec47e7a12d0ca3c0ab1dba3c2d65bb172fde1fcd7f97692d3d8c9657e3277ce95947d59bf37dde3f35f7a5d76575f5c14caf7f0926c0896995a5f42efd0d38c42de202bea5b5db39bf697f9a96b54aefec723db523893186634763e7399bfa8029c2708dc817984528601c77a1d78bd4b2c85f10f5ca9363badcdab51a1b315cafa5c2ef64f60395f53efb9d60d89e1b2a5f147508c90d2b09476eee3cb9b5957669a77cd2c522909480dea9be3406d1779ffe4539f2e03efb5f8c2d040f0ea776ff869a36862246294d0ced556a129ef78327617052dc1ef5cfb4e5986ba2f0e063b90e1657d8977b58827a3c4e3d556eb3cf0540685f7c9eda461aa2ecc539fec3d2d56be99a518f11752f2be2f670c5fbe8010ac4eae0ede31c1a48f747ff2eac9fc069d3700a40bf5fcda80a3a4f5fa920f117a72de6da51195d2d7f0cc92ff7835bce2ba6b564832f582df56b24cf30c8297a826a4bbfe0afeb1da3e986b3d0a95509e0037d212a70178ecb246061e067238ea9238e4c4a9a7c6fc5dcba290970f50c52598423336c523f2de7580d059fb53934cb0beb208585e897fafeba30853e54badefa197478fe6b9f26ed0d33babb53acee7b7221d8e0cad7a6bd0d9383ced6391bf88ca7aa50c75c136075e87b92445f02fbbc92f7cb65fe2bbe0bf0c9fc2577da63a56f1efbeb276c1f4d01da6f6f7a842212d96dd45edcd2aee7f2c553ace15eb9336bb1804ec252998c5c8b25033894b05c01ce7c77b73ec0e239478c67d5378fe5a53fe6269025d54006e9bb1cbd09b81a39615517c609f3d74e377888f641587121f0f097b48d8be85800295ebab9407978a9cd379966577cb6e1f5261e4305696a2cdd50d8cb1964d3ae18ec730d40f9c782533efba47db8378c6aa15ce85985e211fff2659729599802a7b585cbef3a2762595f67e2054a0fb4457b146e7a656abb2c4b2387d760f7e5b8b7864132317d5ba29a662f50af8dc182d2fbe216db8e997ac856bc59855ca48999699cd6c5576cc47bf8a8c30638c7e08847e5083aa82068940409461d1065c2b53292d3ab145d5bb590bcd278e48ebd34920b18a2e1731c1855ae5a3ed637ff568d205a08cf98c58f5d79c99912e6c1ab257ece0d68ef13d69a56364419aac7df43f43d5faa9ad851c9810648f9050012e55475109ca3ada3452b78a7964377e0d862e022c73ca3ed6cee8c5fbb2d7c12f91c4851fea7c5b02e0a3c5364b7fcca110f20f8858465c498d7e9c6049417fc5c7d4e0059852a6d794af426e938a401cf43b2ba9f4f3f6f0f2eb710ecf3c0c36c4b3072597f805eca9cb14602292ec7d5601e6b1555c8d024aa4bb81a4cff98cb03725cb184ea7dbed6814106a1402bf68a2e51660af930a500d5530651a0dbf2fdc01a31a99be25350b5c8a5fe01155343d028c03e09009ef2c386a24eba8d842cac581402c8faec7dca1623afe25a230d8d4a8bd23df3cf12abedc2a50e387285acf1b3105011a2bdefb204a53b20be213b50f5244511f25852271e05c03fb9a799ac7ea675ffbde8de181368748a9707674e7e70f28a75e4036b6cf9e0693f91a65be4478b6630067ad8dae030a4b7b9784a206b2f7cfeeefc65aae11fc20190f4d6387bab05fa6e17f0bfbfb0c4f604878771aeace0676d12325e61b19a5317c4d4bb9fe6f3fc8b171f1116528b7cbcc4a91c26a729b512196828075f4d0aeac98887e2a6a19b4e1f1f66233962961c0d49df14c3e6123c9ec8dd7152ad045000107365fd5ed7ce6a6d65ae0736a7e227f77c9b0903d4589ac58ceb691583cdb93ae3fc792c886663cb7c5b0640deb66e29b3c69d2f1a3d1d47d7b672ee3c49e90bd406aa84a0189808924c4e67c5495b045e779c58ca65b42889f52d7315c66be3716dc8592b4875629cd0cb02c29d42bdf9ca5c16bc9051c2a6c09d0695bfba58c19a995838c022e9936c407d8999aa65e4a9d6d8eff99f8dcfac9b561375b6d1293441b9d32533161062c053c63ef09f6100cd748700a710f5bfc2a6297b15242b1f41e21bd004b885d6429a0d334a8c115f7d53d278dad24c9d295b97c50eb340d1e6d523f1757e2014c1605c3bd35f0cfdb74f79850423a37e2f95dfe41c56df09724d21065377f1818311f0c70aaf6fb2d4fc8d9eef576136617371d85481770ce9c390859eacfebba34e75a238ce80bcccadd6c42e8e186be3c15451131fbe9e345c05ab8e23f917d269686a9b5f06dd474f95757b9e5a3328416595539cbdfa69efa9702e5a268b1a70c6e5ff2c118a6e574bfecf17b1576e4f20fee566b0b2b5388476a68562991ac01412fa463b0f9e586ad4bde59e91a4b303268b5d8644cb7996cfbba422facd59875ed6ac057e563412255c412be0928a0b6fdb6f35d7008b5d5528ca796a4a69bd90b993a52da9c7d62f4b71a2763f822bb39f3ed39cc5ad5a4d51b5c27d31d105000f3f1e705ed5c42067106f3fe6d30151021bcab7f3a1ad9175b3d3644325aa676b9e057bf9d9aa3348b1d9b31bd639c59bb63f46a6c18794ae006db3b1ee20368160a82e26aee5a9fdc6b44df8be294f3ac0a1275e57ebf5e384b141ce89dd51aaf2248274468894645ba54bc4e6b9788b1eb5043c1f0dffe2e13c6179d0238d8cd037b6fe3e484445ab458fa09e4e8010d3288aa6e6cdbfba4b62c7984d058da8993d5de1df75a1ce8e3bd5875709fd2ede4cd5843e7102ed4031ed096a0c6e3ae9d522ad95ef4af83599507dd32fe3325819cdd7718c9797e921e6e365175e1dd53991edcd2baf27df8b1670d01967e97b3e3e75d297f908deedf2e3b91bd61973e8aa75a5a6f9db11525dd35556bbd13873602a320af74677832f93bd01f1e0631c882c8ab254a26b73a60a6c90cf9b96bd576e05b9befbce882c5d29198451bd15acaa894a5276ea9d870f49a33ee9d2429ef35a905b281deb75be54fa0c9e47be5876d7dce01986f2d0e7ae6df9b87a0ba6cfa55cec0c65dd386db5adc427eac18a00c9aded475417add4ebb8880ef3dd218a9ec3e6e13456f8de1630774e918fe5288dbaec3dd2a74698ec9e28ad573761b9e78af3d5c7a61e3eefc1a54c25bb841529b3fc9137836a2e7eff5ffae8e44f0257160da51ec0b3d144b92f1f43d2782513705baf5930903602d40cb4de87feca7243d2248a78a5d684e303ae147acc96e0b755eea77092b5f6efa723afc8a4240c75529dfe1c2fb75aa42d67e6b6c9a44c575738725815a9af1ced5", 0x2000, &(0x7f0000000340)={&(0x7f0000000180)={0x50, 0x0, 0x0, {0x7, 0x28, 0x10000000, 0x1, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
read$FUSE(r7, &(0x7f0000004080)={0x2020, 0x0, 0x0, <r8=>0x0, <r9=>0x0}, 0x2020)
syz_fuse_handle_req(r7, &(0x7f0000002080)="6d797d42fb74562ec642068eb410c60f8cdc42cf09864b1dd1d244ec3ecfb9103306a02bd120cd2c684eee7cd734914ad7ec2bdd4402eeab7a2972f1672f126c4b5f6c5ff748548170bdf1020c2c3d09186940feb185436981cd578c3a2bdc19c16209468100cc1d67247885420cbc0ea004f07283bc4a5cf8499ad5ef4df93b2fa2eb26895ed9260cc61afbc766adadf7809b3a8f76d9f835acae2dac8abc42896374a6a82a8894552441bd0202daa10048b49d3bc74bba1e5258ab8ac5169facb96d9f68705a7709f6d9a66a9988c13d13a2b8b34d9f234e1c5fae79e4cb76ff3102184ed9032d2402087dcb3eff6bfac7bc4d2fdc9ea25f5289d52ed75ffcd83a2781eb4a23fdd078d1e53495305e3ed5bb4e060e89d6eb2b13586f7f5df32e34390d70f074b4f92c4624312698d86578f3d951021db151806fc314c98d819604d8d9572efc7dd71c0d1a9176ffbd48361908e927e03caa4c1ccc805fe755e616d983442660299e9dd34e5612eff964a45d613a832a0ef8e4410fcdb0313712795b369c08f907c91a4f20e5c18ff903e0ee410d77bc076f49debfd6e411104cace38e0318023527d1c54cec66790638c9ee70c29de0406b3483ca1663245edcda56dc9612e93f40f19cbde5cabb8816d7b75a266e404a8e5364d43c08cf5cc645b533c4b6fe349819c5374fac7a923a7a803ab138c873aee3718921043a60a0ce84df8b991dfa525f0955acbc866182f2409d032981ad824f037ef068501f955898c4500049f0b30014832e3b668f5873305ebd1e094f244caa90610be83a5f674decf451a82d9edca6664da89cad8dc212943828570fb365b41993f89c6d36c579157c4055a77eb1dad1dc466e743129e5e3098f4432fbe289111e102223ff04d02e8108b0925ce76118445efa09233e579f398ab373303c0bb64ff82ddb597040e58a61f82cc5614beaec13ed297a8daa9514468283037e5d0077c9803b69421070718fba4865e4b9c6d7d272c562cc4dd998e16fe288dac68b0bdf05eb2a02fd40b900944d10a94f2b3be9b6c6dc628044aa9eaf34e0474771c10bef03f6af2029643acc1e97efa0748cfca63aa9546bbfa6d7533c4dab0b931ac35b331aef91a80d5ea08ba35cf66e1779298d3338114c12f024970d12af8d67f9b165c15a8b7e37c14c2d512dca76cf6077e2011bb47cc993f3088027b2d53daca574e8b443fddf5c252788854be8aec357db43f2147f23061641d2910a4a503a3a9ca86b3656d37d443e5e4207bb38b6e8879bf3de21309eb90113ccaa75e1d1e0900efc17aecd35078b8f3d579d2d4fb576127278290d6a9ea379e22dcc4ad369d3405311efbc74702020d6cdb31267c2e4dfc6a34bf39c9db32da7f387760909843fbd02e9e291e838fcd8faac4c9ad909cc19440bb775070496ef69250f4cf90372c0f1835dacd4d605a69334d73b1228cce41fe3c6457a37531bbab6d8b15a8214ff3002d29016932de969f05ed64b720ad249b8164ea82fde08303277e7d5f0d3e86bd6021024bdb1d24afe3ae28cece041943db60034fa11c3b6ec7b09c117b086fa4016e68e46678a7c5e91c40d2866295247276109a8778b043b51ffe3ec33dbb665806cf6ca41e7143885b6ca920fd8caf475ddcc698a09d368c721f048efe9e0d372d9cc58deba32f81e7e7f6d53209050d72545bbf04356ea95c9bcec3b8b87f56963111c5454b30a12b8479afc26361a7e00a66c03aae8ebc3348ac2e9b0f52453a32efa9b8ec038e671122dc2965d3b7395051974088f4aa47a76327a0dffce6db0a2cd65e2da5539fd7673911d5605cadf30d85563a60afd58767b6adc549173818de01b0de192894a76bc4e62d8c9e341729e6ef37574cf63c27674081202b8ab9cb9d92d346b1c2dadb253532c1674b2440504f8430c0a2ae5829b016af877831ecce9b13743e821436a6c1c46a1176922dbf2721d9722edf72817f8d15fa5c7ecad046df91bb57b8d16244527c855a40403ddf1757c31361c8bec9b5701b5c10a1e96547fa2c93e03f264a366a96666e24d7f908f6fa4c3f26722961e70adfc4ccd413c2c05adeda400de500babfb80a4e4ae5e9e04444c55f006337c0a98c33f04ae0a6620a1acbc26b5c7d125c30ca542c64604a109c6022029da452a717b219456cca6bc9959f088a5f2360c390b531baf92ae2429a2d0b6c7a20c137a3a0050ae2216b871c03c56410d28472d1035bb870f94589b93ceb57a504bba5acb7a6f77699fc10ea96d8e8fb913ca78c0af33a8435344b71531207344d78ac349894aab972c1b471d52b266bbe4313ef2ba71e7a4680ff442a358699c1e18322dfd50c55b637b6e6d5f02fa61b0e8ae4ef7cbb6359f70028a6b60fe901b2ad97a62b5d527efaf5ebe23fccd80d80e02eabb1be14d40faac8a56b4785fe47c8ff4ac4ad7fcef2134b1ec599074dd45d2b7a5c45845787e0490d9d7db95b58b18f14ae6ccc39623ba0fdf64c8d027f1e7652cc90e82732d4292f4ab0f959a44ff906484fcf83e222088345541ba2b1c50b63711d8adb63c8556452c142de8a06f4b28a86f629cc1dc713dcddcfebc8b1420a603fb970ddaedfc82250637327beb5c0ad04947477bc9aec0914cd78cbf5060e4ef7806b3443c85dbe79b8e87807b1a8d141583998c412d89c23dca4aa16af321dead51a12a73be98bd8ebb4d58b3ccd2d67ec936f2596afff2ba4166015aa4cc6c433acf33df30e3d40a0d6468944a07d1f9eba1bb9eb03dbfb42ba790dc1e7f66ad1834fad94440bffe3879509120b6a5cd1890281bf0f4c2d1be00fbe6b2d09ebdf594110f2bda035262d4830dbe64aa3152612df991a6fe1d035e0b301cf527d74140c85ad79acc001fd2ddb3f283c21e8d253c6c4685584f753e01aae2dee4158c68e2e612f056eb602ad8199d84784e05b363292956247d1fd8e4201330d6060d66e10e316143015908554e5325550d61b8af87a92237edd75cf687919ed0164de95042cbcfe96b9102fe3b71f43bbb1fc24d9d2d0d81dad29ac18cce353ca7c4a7c32e12e451654addc5dc6a44d001c40913eaaf14dacab7037a68e9875ae51321d1852820794206fcc1cdd51443d5e3fcd1dc4dbf728d1ed8dc29437db0154c2f59d1d0d0b0048cb56ad965682afeda337b172cf6a77be36ab8424b919e493628846bbf485d5fefd73228e40295fa2070027f6f2ed565024b82d1058a1be0d0c364b765f2a58f382e378692d1ca4fc7f09f867ed4684dd82dd4c76e0e640f5f87d1c6c2fafdb733f1cef6572cb5e104ae9c94d26c81cbc9a5fd8fbe61ddbdc683b7f4030132b932abf0d66afafc9a9d3121f0ed962a14294bf0ba7b1d33d7808efa427b5531cd881b5c87ec159bc9557009d9762010a497ad52b57283cde9715b48a3e35a22aec3730a0cb476a59f438684346ce0c14f22d5f1e5826d3f670e9ef60f6dd51a11fd32eed673b9d0a12d8eeb8046b96c51cfc54c21b2c48c4a89273963b8345b01159f53f6b6589333afd871875b930d7a4e2e1f5dfb44157ca004a739b0e98562c83b1d8414220f677f2882ef6ab1039fc5f132d7f55046d0c9545033624338e2ca6bdfcdd9d78306818c6214f524a7d036c80b5506f97fe383c1cae3c73dd2a0c628bff47d13dc7d9f88a3c1bb84ccbcb82fd881c6f5e9aa7516bec86fd6bee49f4db3bbf468922f1ef37c499b011e36173edc0ccb92d13dda668cf88bb99649e606fee23d3d3bc1fcbdfb40c7d4a4a60b89c63e65d02a283137561ccacd0c71cf70c6f039ebd1d29cd58571fa07d74187a7931d3d8b7db3062594b696b0e11a587724440bd77aa01fbe26a031a4c3f16ef3ba7f7544d01e8b7dd0b74f3025fe54cd01be16ee80ab0cd7c56671390f2e9bd62b212cf3ff58da7207846bacf85858130a89a2cb45da85b3ee574e8bb43c6642a3060b6f07228951aeab0fe4f4099b86bf07ec39262acca7319df3d5d057baa794234b89eccf36da5d32e4a5283386a0a271be30f75917ffd9f6d96eb8b50a7f6a0b861c5d12a624f3630a18e3bc94eb58bc835cef0a1b77952df6443cc12f221fb8460f4862f382abe13b409056644ec46fde96e1992e79ec0acdf3066f77bbcd6cf1a24d9b49ce84bd3bc58cd898da801d6b1ab12fd7cecc29894b98d616ccff855116a8985653ca88722dc00aed777dfe1839251be42716824dc0c40b6548319f613faffb2f1900a1f563724b0dcb7aa694110d268e945747d860d4bcaba7837342e3d7f207547ba8c093e8d2a1a5e3e098d19343de5fa773642cfb1a2e49f98df7e13254787cc35b2d689db16e551917c0db1034b175d1f4647c35c4cfe8a871cc7983b052050be9d24ed6e6f70d9d4b7cdebc9ba7a761b8c5f2207761a6fe9db5d4ac975dbe398ae05ed180f028037f2d9684dd3b28135e150db8a8adc6c34d0cca2cb95e6babf8702f26062d0ff0f88fc915caee5597a006e211c61f6fa4ca685e79655af85cb3489f94cd9836af4b80cd20ed23ed8f3f4107814407715b471354c5274595963b00482f3723ca88f4eee346c78bd29d65899163d848c9844991e976ff817120a13ce40aab11632b6fdd9d00acb82a5ac7769a0a7ed5d30ae077bf393f5de5b12114e4d1a32c7297bc5e14b673c78cc675b097d56f7a35c3206b1584996972153e2446465492528e0565718252139e1cf500f05a0ca529d58f5b91fa9bb2822c21248a7a8a92d0a7be5f4d249087176c7c23e27d72bd232fca3f7b36970daf2ccd64be4a798a6c30a068fbae324b4c158715949b37c3942f0eee35b90d2fe9d322420917532f6dceaf8633f4f9618f099ece4186e1adc1323b827c984ba54c887b462e169867c2e063fb60b7906434ef362200559e4d02413667dde0c6111750995824c316305f2ddfa3035ee09fdbc28c7f3c095f5a4382ce033746394a37b4d8a61ae8c7270d3863df7382a4786d7bed9543538166dfd01d122a384a7a3de7958c0272a35856f175fa29ee100d2a0f3a6dacbbe8702cf7e8d307ac0cc7921539a371a1c2e7f834db5a903069c07ff562fee851ac9cc3f2f045146db26b13401258733c67d820d06aa068b789300ac90481f84725311544e9a2363f2ce502c02c100bb41e18a103c79bd2bf14f6b52290fa60d978c284f927829b5027ae0ea842efb3450a8ddcabf0eaff6a6a8300de389e78cee73bd8de9a2809e346ff6c79dceca4277eee4b0dae1a3e1740f306044d6e67a5783e665f9637a8f8154f9ebecf95f48146c750826fccebbb1bef247666a710cd71dcf3ac3aa9d0bcbd4c4ad432bba642366e4a3b12981901358ee1d7babbb7e10737cbd8a1c159d8dd9dd521c48d2911ebb8162b51ea32185c37097c299c0e477914b49d04cabf5033a5a3660f829ce4dfb2f821e6cb19ce37df64f79eca0649ea8c6b41c6c5d08fb1dae021314609946310c833d08d46c026ddc5dbb7ac62f1123be2004729daa8156ee12bdde9529c7498c8d1a3fd59aa07b9ab7870c4e57b2f54dcc26edd206b28870cf346d741b46bcb508a5f9805ed63c6cb03a9334abfea33626b0681e59b1cecb02202c3190260b8e2963ee84d9a6b5e6be99cbf6a17e4a11e154c2a50d625ef1fd4690cb8e030e46e07c891e6db43626525d464302c44dbf65f71a485f9ea05c347b870bf63fddeaaa2336d9eca1d4c56e8a2734287f0f8a185bd8e3165a681175d1ee9d24f48c9182fd40179ea3d128c0b43c4e2c85eeefa4c932fcaf9297488a3d44e602477d94193410728a0ef0f6730e64b8cfb3e2235c6241d1252196f943d9eb9b2ce70f8c5cf21394875081f56ceb6749a8bfa43e0e545fbc6903b63c55b67ba1e064a682d58fb7117eab5407d1c998aa53a0ca190b0a4aaaa657299cee41be166a7622789b81cff0e892ba87c6ff22f29ed512ebe40cf7306b7597607de5c1c6fb2980a03cc0c6f396ecc27b6b5a3fb0a3f3375fccc397527797f6d1e98f9a873882f85a4e5b11eea65cddb12b0cec9e531a3b5de958963e20d8a520aa71588aa3ab92186e64a710ef07debe3fce6313ea69fd5bd45ca3d50e5c98ac632d5479bc0763b05509ffca67158ad8665cb858e4a8eae29ae667cfa8e39dbd15ca03846298faf7169187feae6e84deaee4ae51cd2016a867b3d11c4e6ec3ae39aeb8c8ec36a885e475f3e1e47e1fa464ef9569aba053cd066907a112612de411a5be0868543116f32d0781323c744dfeef87601981afe063122bac14b9059a68d9f356e85ec04c2767cbe79e245d7916daf222b5134ce684f7dec8fc0630cc9aeb5fbc38dfd19628ece15342c941e52be8abf0d82ed7b0b4bf5e6184edcae53949ef5987fd7fc479fc9921f2f332ae68f5dde23a3dd0b4713c3d18913edd9ce59870f7d50fdf33f3d2e8e5045d35555b4db5f48946e1b8d8d682f0c2bdd2d0de6bfff349e5e826cfb2d18d7bb43347362f13f5e80619451527bf0d3cc617881ef718466bf2efcb5f1404c573df09e00a5c0d1648b04860ee20d9e79d4ebac94a35e0a4919b1ab0db9e9dbdce1324223850e2e137ebb0c0e1cd690a3c5c9f8576538cba5e3831e6ba56809644e389ee984df3ea8e4743d5d03619b713c984fe8b43c589b78715b9147384b5bb15af8898cd82b31aca722cbe7938f119251d9142f2661f09b49f99d8988c66198dfb9db7f225086bed1deffa78995a56f905a7ab978a9c557ea1ad306bc0cd1cd8e5acaec1e4430a42068adec4a73f891c8010f0271c38685ca66c36313d15ab5bb6948c089b1fccf7fbb340eb03446a9bcda34b2d14a11e09f71e799fda19dd85293e2b0e2ca3e68145b4ea5705592562962cc6c0b65c88d06067903716656a0a7742850b956b609740c913f54225ae18ffb46162d6a0c1dac8b6c59541c8ef6bfcfa87ad59cb0e8ef6ef1d7f739c0a56cf975f9cca9ee89bac15cae197d02fc72505d23ebc6153491adccd22262979d2909fb8abd25683894e5a776824b81598a833e339a582b9ce3f8d7ce59fc3147eb3e92751867ee9c3506692b25b2d7f38d97280e85c01bf6d71a602d039aec747620d33660a9d5c9cf4010d01f9cb86db4704872307942df56f04cf6c17e57612635e769218cc91da9e2de29aac4563d695a6ebe249c14ba5332b54150a291bec28417febc4c3efae9e14a0323e561dbc80e98bf71deccff5babbcdc8015ef7a86a52781a67a4915645cfb18379084c58110f1294b2e08a6994d1a3dd4fb79437a75cdb05f36a7b3fdb449c0cea5682d37e5b0217676ff7a383a19d48860476b23ccb66779093b0f6b5b6a1ff0cef503dadf5b67382b2a501d0c13d89eec496374f43fcfa751864330479e0d1f7aa0883c2aafbb5c21b06cbea3c8b515fb1f6d061e269c3de372dc48f0b1c0a935de648a0fc4a1a32ce6aaa8432240bbc977a0ece5fd60d92ba49f1443bfc83668e8251260a5b275098e4a072d44726b91d850bd9c2485cacbf2b33be73785421c2fb259b0c1c0955339713f75ca72b9bc56a7167d8a942015385eb4f1bc3e07b23a71779d043a4f420b0fd9e889d398c955f13542c811683636b71a2fb178e951e37ed5519146c5d61e697d1148458c2f224dc6911363edd1b4d30c5cb12d0e2fb035adc33656615c05266f32c2faf5144e24086c97816c87569feb1fd41775263999ff057d9832b872506aba01db7482251f65a74c66cc01b83056970f843ef58df0d89c44f9265d5bfb50c287f330795b30848341dd26683e5df82bfc1cd1a3f2df3dae99fc38edcc614b39c8a8fa6ada4b5dff08914a92b6a16b05f13bbdbdc5e9f14a08e827ee5f364ce115e12bce05122f0dea62d8dd41222fafa3c6bdecea63d3fbd0bfdef667d6ac12b6918273631bf0ec25da2783f06f77a9a0ef2490afe43f3e8b0f553c0c1078141ec0d8f426b1924bd464e4240cda50e9b8a97050360a617eb4f88baa158da8672572f641b20ab3bcbab3d38ff3c84c5c3bf309e26c8ba735503700028c0806c29e02d0a0ed73b9c5c2f2a39f57ee08b935e6e056f01733a12b08603987b14aa7fc542c65a0c03e278723127bced6ac65d2386cf847a73057d19795d5a7517e71d5e480b7380866a64da32fcd1158af9a82559898a7931535a4b75326e2769711ff857d180f16acf316130574fd37bdb658b877f06db42ab96641bc75e3d4ad7fdd9028072139dd3019b03aad32907debef345bcc57423ddfc94683884a00c5f864b8c2dd5af081fa970da251d3afc65dd360c661d8ee2ab58dc9060e2d98b39ae95bb89c319cc93c9e653bf9db205338dc5528c11a391137fe496d726f1407945b243a49a1f3a786047fc47d5e5074e0ec678f26f30cba747d50070c00323d16cff4b06089830931ca704d386140f9c201a5b50a116410be001135aeaf30d7918ccdaf35482659fbb2933e97f1a2e0fc20e6a610e37511d06d4cf931e54ce8f5ab5f688e460e3943bbbe6949a8b4ae309ee31330ece6cb9dfcae0035f3808b7295776ae7bdafffadb6113faac5cd966c2875abb7b20f1b298b48cb78c467f1be92cd3a9d0fd35b7720334274a53a6cbd041b85b6f8f9d622293f0e95a8835204de1faeb7fcdcc57fbdf0afc2e6422bc114355cb5bc979f1bf6d0fb6eb31ee98e06cdcaa1ac36ed3246d85cbdaf999da5d6a7187e8622e6d224c5549a2f2802691a08242ed44a47fc9ad627af949ec3ab5b191025ac75ee7746e2762b530a622a716edbf341e4f9e04fa5d3f77c78dcde06f3845f45c8c1954120ac5949da541882d99adbbca4b0e422e4364289ff1a903bfd1ee63faaa40ef43d3e54249909066e1727591a9632cc8440dcedf931a823e9b542d51aee43897bbbc1f652ae774c326e8400a3a6ab8d90a04e5724fb39c05875ce5afff0502bb6164bc65c107593c155da4b77f136a34c9ec39a4e70cdc4f7fec68245402b2c0fb508eac623ab41a184d3bebe5e9f24c6590c1fee571ed55a76b8554b12116a36101691397d532b46924e6ccb688ab52ffc44f8a670d542477ebd3756d6ef5373024d3f915c187a35feaf39b76453ff835f73862bad13f19e76d47c70122911431e5f71b05a9728631df66b162e708584e83349db1a68368a37cfb4e16c9987a956b3018f2f12c639bf90b5fb0f0560fa7c19887a9d12316dab9bb515cddbae2e9056a556919476b47546c0dae631a88eb8bb9da49879f56efd3d1b65d50bb01c8b4ddc20374877189915cc5824200dfac8f422364b7178f2e7799665b464ac9ec54ffd87fc8dc68e08ab178059ec02bff4ae3c683d0c96796765bdc188c1a4ef46cfa9e6376678245f8d0c907e83e6eb78ffb19e75534925b5b5bfa489fb9cd2c68f00a079c9b34dc45e76044bbfc87c75bbdc5ed0ea7ca0f249007be79116fefa74085f982f670f821ccd0bb14e1086b677f379fd1a1c96bbb4a7338e867d3f91f41b0a7eb2f1104c2ed1593691e601f2e045b3db1cac5dc0d3b302b54967558057e767c4a96f0355d97beace9fe05f0513629b2dd4e86e523d16d7e2e129264e1749b07c062d3a92d96fff5cc976855540eb441a3cef8fc59bf236c85e778b04e30fa807c3ea634af17f005fb55b55f082ca54fc154e6b9df95b951ab9612da7223efc8b63f4528dc3353a15988790d507d9fda18dc8c4adefebc12567e040fd49d2d571437bada1c08054f45545e5cb33c8db8e5b4f2d6735a7fad407fea2ac6e516016c186b7a9b5586650178b3c201eb4fcda3a22291c1f5d66557675dfc73b17edd463abd17a3ec0f1b28adeb4c294c3792c5d2665d504610d37de5dc68fa03e16243ebca169797205d2b24cd64cb1e37328530d68c9a279e36aa0c7f718831ac30607633eab2c9e1b8d6b78649a78fd573d07f0edc18d2f52da2213e2ad44a4bfb3a80ae71d8cf57a2ae2658999d542f7c46da5a30f0f4a82296d0c95e4c6f046db42a00d8631b120a64ee260bf4dbf29103d4e2233fed2ec9ae65fb109f212f967c34e0efb52f56a9a7ab4de472f9cdb0fbcd19fed42d80216c4c717e77a5e6a9118423e0a6dc9d2f3cef598fb9bed6b4e66b279ebbc265560a471d132a854ff230673e843338dcb1ae202c797cfa59dd18eb46e313f1b0dcafdb6518c1da6b08aa1c92bd433a0b65358356a8d03a454f96add1237380049b2567a24836b7bfbdfa58186f2e295e0911dcad6c5413fb36a6e637156291efc016e8513664d515d3ddba1d2c63fa6c5a3331c3cb2f5e2eaad83a75588aca785ada46973d8a2d89686a416720a8f98e1a1eaa8c95aa0bea1dad03ec69bc4bf8300a821f67db4e0c1aab57ef1d1e06880130f6ffe76297acc62879f60e03933666a0da462b7a6b584d28041a3fbafe9a08b7a4664c46b8d40ce4f31a14b122ad74cc4a003f591e019e23cf764795d4235cc8d491c58d3be78a781a708d9fda492306a5afa7c0a43f52f39cafc6a6abc850bbbfa6254fdfd5115727210e19ec8a8857c10a9e9d5cb3001c6e04132667a30a6528e8b59661b483e5365761ac0f5c61e339833b35fd8159875177ed2b78df49ef83b45584c4609562ed2e8bb9add69e88fc0774517a15575f0250d26ae8f6f138daba5311b492c986005bef123a6fc3c1912e378cae2b64e58542293489d5a0f8b582b089c1b05f3ad0aec776b9dcfc0feb1386a98b7e2e09671a73f0eca92364d7f6da861280815b71e48934bc3d321da07878290ec81d3c5c64b8d7f55c1d2e2713edbb5fef28bc36d02302b01c4c29e5df4a9692b41e8d9364e2e408c55b9b14d3ad93889a48787df0673c3df6ba3d9222ee348199aba478e2d398b1e4ae012ca19473b3454327e5bfefb3c56576b6a6c035466f7641464806e63d7086223395a58d886b0dbedd365ce840a6990f56d697605b7d0ac60809270e4e392e89413cc94cea1cb277c4aee023bf90ded9910c96eeead4c6a10ca17151c4966f84bea565746eab573e4295e564d41bc5a6cc9df38c3d7cbd4cd618bd9f292daf95472839fe71c1edc202b6b8b5b939250b089b0dc978397fbaa7533fcce0c4b2eed8ad47779aa4b21504307c7d15e0bcb01bb60e5bafabe66e4b689e4873a1067063e17ba7d647a9a047b1b4ef7350402653b564ae1b34b8597a2357891c90ca2af6b68b794680a0511279fd213eec48dfddba7cbeeb9f9335a0679b1e6db44f27b12d898575d157c2159a86f676df18858857582bffdc006d4732257ade5dde2d1b2cf316fe2a7c5b44505cc808eae5427c43d50e9b99f9317e437df2bc640351e3e8ac249c42f782d07886b6d8875c253ee0e489f1196fa604747586df87e18a893721e6cecfe61dd82daf9b3e4f1eb745c93402c121bb639c56b91bdc77262acfa55389ede1f092733d8a69ae759f82ceda537ffbf32b65138aa3e43e8883048eccf0929de8dee297c5eee97ac7633beae01198e1b00c11276502e7660cd1f59ac619200042656c6e9757b082d374c80182290845f1bc8f2589eaf96948f148ebe675ee7fdb83e32a18eade32f99cca160a4d3504c4bea9c82cfdfe1dd80fbda7c484f2c17c20eea", 0x2000, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x9, 0xfffffffffffffffe, 0x0, 0xf8f, 0x7, 0x0, 0x81, 0x0, 0x4009, 0x7, r8, r9, 0x2000000, 0xe}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x1, &(0x7f0000000440)={[{@gid={'gid', 0x3d, r6}}, {@mode={'mode', 0x3d, 0x8}}, {@mode={'mode', 0x3d, 0x6}}, {@gid={'gid', 0x3d, r9}}], [{@smackfsroot={'smackfsroot', 0x3d, 'nogrpid'}}, {@obj_user={'obj_user', 0x3d, '\x00'}}, {@fsuuid={'fsuuid', 0x3d, {[0x64, 0x64, 0x36, 0x62, 0x38, 0x37, 0x39, 0x31], 0x2d, [0x33, 0x66, 0x63, 0x62], 0x2d, [0x65, 0x66, 0x32, 0x30], 0x2d, [0x63, 0x63, 0x65, 0x61], 0x2d, [0xe, 0x39, 0x34, 0x63, 0x33, 0x62, 0x64, 0x61]}}}, {@smackfsdef={'smackfsdef', 0x3d, '{'}}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
syz_open_dev$tty1(0xc, 0x4, 0x1)

5m54.490712014s ago: executing program 2 (id=9418):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000380)={0x1f, 0x4, 0x3}, 0x6)
io_setup(0x40, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000008850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r0 = socket(0x1e, 0x4, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x89fe, &(0x7f0000000300)={'veth0_to_bridge\x00', @multicast})
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0x5}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xb, 0x8, 0x2, 0x4, 0x5}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
gettid()
ioctl$F2FS_IOC_MOVE_RANGE(r2, 0xc020f509, 0x0)
finit_module(0xffffffffffffffff, &(0x7f0000000200)='sched_switch\x00', 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r4, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
recvmmsg$unix(r0, &(0x7f00000043c0)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000002c0)=""/240, 0xf0}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0400000004000000040000000000010008080000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000ff"], 0x48)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0)
sendmsg$AUDIT_GET(r6, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x10, 0x3e8, 0x8, 0x70bd2b, 0x25dfdbff, "", ["", "", "", "", "", "", "", ""]}, 0x10}}, 0x8000)

5m53.741355105s ago: executing program 2 (id=9419):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket(0x8, 0x800, 0x5)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000004700)={'team0\x00', <r5=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f00000003c0)={0x64, r4, 0x405, 0x70bd27, 0x25dfdbfe, {}, [{{0x8, 0x1, r5}, {0x48, 0x2, 0x0, 0x1, [{0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}]}}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000401}, 0x10044084)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000040)={&(0x7f0000000300)={0x1cc, r4, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [{{0x8, 0x1, r1}, {0xb0, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r1}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x67f}}}]}}, {{0x8, 0x1, r1}, {0xf8, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8, 0x6, r1}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}]}}]}, 0x1cc}, 0x1, 0x0, 0x0, 0x4008000}, 0x804)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="980000001c00070c2bbd70000000000007000000", @ANYRES32=r1, @ANYBLOB="8000000a0a000200aaaaaaaaaabb00001400010000000000000000000000ffffe00000020a0001000180c20000000000080007000800000038000e80"], 0x98}, 0x1, 0x0, 0x0, 0xc0041}, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000240)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
futex(&(0x7f0000000580), 0x189, 0x0, &(0x7f0000000600), 0x0, 0x2)
sendmsg$tipc(r8, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r10 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fstatfs(r10, &(0x7f0000000700)=""/147)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r9, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r11}, 0x18)
close(r8)
close(r7)

5m53.723821435s ago: executing program 42 (id=9419):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket(0x8, 0x800, 0x5)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000004700)={'team0\x00', <r5=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f00000003c0)={0x64, r4, 0x405, 0x70bd27, 0x25dfdbfe, {}, [{{0x8, 0x1, r5}, {0x48, 0x2, 0x0, 0x1, [{0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}]}}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000401}, 0x10044084)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000040)={&(0x7f0000000300)={0x1cc, r4, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [{{0x8, 0x1, r1}, {0xb0, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r1}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x67f}}}]}}, {{0x8, 0x1, r1}, {0xf8, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8, 0x6, r1}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}]}}]}, 0x1cc}, 0x1, 0x0, 0x0, 0x4008000}, 0x804)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="980000001c00070c2bbd70000000000007000000", @ANYRES32=r1, @ANYBLOB="8000000a0a000200aaaaaaaaaabb00001400010000000000000000000000ffffe00000020a0001000180c20000000000080007000800000038000e80"], 0x98}, 0x1, 0x0, 0x0, 0xc0041}, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000240)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
futex(&(0x7f0000000580), 0x189, 0x0, &(0x7f0000000600), 0x0, 0x2)
sendmsg$tipc(r8, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r10 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fstatfs(r10, &(0x7f0000000700)=""/147)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r9, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r11}, 0x18)
close(r8)
close(r7)

5.140644282s ago: executing program 0 (id=11413):
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
syz_usb_connect(0x4, 0x24, &(0x7f0000000b40)={{0x12, 0x1, 0x0, 0x30, 0x10, 0x6f, 0x40, 0xbb4, 0xa6c, 0x7201, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xa0, 0x20, 0x0, 0xe1, 0x8c, 0xee}}]}}]}}, 0x0)
ioctl$EVIOCRMFF(r3, 0xc0085508, &(0x7f00000000c0)=0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001080)=0xffffffffffffffff, 0x4)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000011c0)={r1, 0x58, &(0x7f0000001140)}, 0x10)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000080)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r4, @ANYBLOB="05"], 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'lo\x00', <r7=>0x0})
r8 = io_uring_setup(0x3454, &(0x7f0000000080)={0x0, 0xffffeffe, 0x18, 0x2})
io_uring_register$IORING_REGISTER_BUFFERS(r8, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r9}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x6, 0x2, 0x0, 0x2, 0xffffffff}, [@TCA_NETEM_RATE64={0xc, 0x8, 0xc1160cbda5ab1ab}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x20000000)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000001200)=@bloom_filter={0x1e, 0xc94, 0xfffffffd, 0x9, 0x20000, r0, 0x8746, '\x00', r7, r4, 0x5, 0x2, 0x0, 0xf}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000b98cad95850000000300000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r11=>0xffffffffffffffff})
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_attach_bpf(r11, 0x1, 0x32, &(0x7f00000000c0)=r12, 0x4)

5.138224302s ago: executing program 7 (id=11414):
syz_btf_id_by_name$bpf_lsm(0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x800, &(0x7f0000000780)=ANY=[@ANYBLOB="696f636861727365743d61736369692c6e6f6e756d7461696c3d302c756e695f786c6174653d302c756e695f786c6174653d302c636f6465706167653d3836322c73686f72746e616d653d6d697865642c696f636861727365743d63703737352c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c726f6469722c757466383d312c756e695f786c6174653d312c00b571a3e3bf2ce9bf5c6406ff0da9714d33dcb456c741d7aa"], 0x41, 0x282, &(0x7f00000004c0)="$eJzs3bFqW1cYB/BPtlzJhiINBdNS6C1dOgnbxbtMcaFU0NKioZ1qYpsEyzHEYEgG25vJOySvkIxZAxlC1rxACAQnkCXO5CGgoFxZkRxJsZxIMuT3W/xxz/nrnnN8uBcPPvr/+82N1a3t9aOjw8jnM5EtRzmOM1GMiZiM1H50lel+GQC46I7r9XhVT417LADAaHj/A8CXp9/7P7PfuvbX6EcGAAzLJ/39PzGUIQEAQ/bPv//9sVSpLP+dJPmIzYOd6k41/Zm2L63HlajFWsxFId5E1FvS+rffK8tzScPzYuQ39ybS/N5OdbIzPx+FKHbPzyepqDZyJ/mpmGnmn8zEWixEIb7pnl/omv8qfv6p7f6lKMTjS7EVtViNRjbN5yJidz5Jfv2z0liApkY+964fAAAAAAAAAAAAAAAAAAAAAAAMQylpKXaen5Oe31Mq9WpP8+3nA033Ox+ovnfqfJ5sfJcd79wBAAAAAAAAAAAAAAAAAADgoti+fmNjpVZbu9avuProzoPDXBr4aOf+RaZ538FSB337TJ+eRT4iFiOib+rrH5/d6taUi9yZ1udkJudejalTI0yaH3j/h/Mv78iKh4eXv/1le3axranSvjci25662Zhqx+f02EjZs23IwYuXhYieffIDb8j24u5JUX79QZ9ca5NMj/sXN3u7vHJv9+mLs6b6PDTqk5/7MQQAAAAAAAAAAAAAAAAAAHT8f3vvPoujHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjMH77/8ftMhFx5V8z877454jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8DQAA//8mbYtA")
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00')
r5 = socket(0x2, 0x3, 0xff)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=ANY=[], 0xfc}}, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fd/3\x00')

4.303452125s ago: executing program 5 (id=11416):
r0 = getpid()
ptrace$ARCH_GET_CPUID(0x1e, r0, 0x0, 0x1011)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
getpid()
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0, r5}, 0x18)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x80, &(0x7f0000000240), 0x1, 0x50d, &(0x7f0000000980)="$eJzs3WFrI2kdAPD/TJJed7dncypynnh3eCfdQzdpr95dEbk7QfTVgXq+79U2LaVpU5p03ZZFu/gBBBEVfOUr3wh+AEH2I4iwoO9FRRHd1Ze6I0mmum2TNrttmrX9/WCa58kzM///MzSTmczDTACX1ssR8W5EFCLitYiYzN9P82m+Xdnrzvfg/u3F9pRElr3/tySS/L39dbXrxYi41l0kxiPi61+J+GZyNG5zZ3dtoV6vbeX1amt9s9rc2b2xur6wUlupbczOzrw599bcG3PTWe5U/SxHxNtf+tMPv/ezL7/9q89+6/fzf7n+7XZaX/hY8ok8vcVTBeiju+5SZ1vsa2+jrWEEG4FC3p9SYdSZAAAwiPYx/ocj4lOd4//JKHSO5gAAAICLJHtnIv6VRGQAAADAhZVGxEQkaSUfCzARaVqpdMfwfjSupvVGs/WZ5cb2xlK7LaIcpXR5tV6bzscKl6OUtOsz+Rjb/frrh+qzEfFcRPxg8kqnXlls1JdG/eMHAAAAXBLXXjp4/v/PybRTBgAAAC6Yct8KAAAAcFE45QcAAICL786oEwAAAACG6avvvdeesv3neC/d3Nlea9y8sVRrrlXWtxcri42tzcpKo7HSuWff+knrqzcam5+Lje1b1Vat2ao2d3bn1xvbG6351QOPwAYAAADO0XMv3f1dEhF7n7/SmSK/DyDAAX8cdQLAWSqMOgFgZIrtPx+MOgtgFEonzlE8lzyA0UlOaO87eOfXZ58LAAAwHFMfP3r9fyxvO/m3AeD/mbE+AHD5uLoHl1cpCk7z4ZL7UPflmX7tj3/9//CRRZY9UWIAAMCZmehMSVrJrwVORJpWKhHPdh4LWEqWV+u16fz84LeTpWfa9ZnOksmJY4YBAAAAAAAAAAAAAAAAAAAAAAAAgK4sSyIDAAAALrSI9M9J527+EVOTr04c/HXg0FO/fvL+j24ttFpbMxFjyd8n22+NRUTrx/n7r2ceCQAAAABPge55ev46M+psAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALhoHty/vbg/HWgYH27cv34xIsq94hfz0ONRioir/0ii+MhySUQUziD+3p2IeL5X/CQeZllWzrPoFf/KkOOXO5umd/w0Iq6dQXy4zO629z/v9vr8pfFy57X356+YT6fVf/+X/nf/V+iz/3l2wBgv3PtFtW/8OxEvFHvvf/bjJ934SRyK/8qA8T/4xu5uv7bspxFTPb9/kgOxqq31zWpzZ/fG6vrCSm2ltjE7O/Pm3Ftzb8xNV5dX67X8b88Y3//kLx8e1/+rfeKXD/b/yPZ/dcD+//verfsf6RZLveJff6X39+/zfeKn+Xffp/Nyu31qv7zXLT/qxZ//5sXj+r/Up//jJ/T/+oD9f+1r3/3DgLMCAOegubO7tlCv17aOKYwPMM85F955OtIYUuEp3ODDLmTf6f4/nm49p1z8SCE7zeLFOIM0xh7jc3q2hVHulQAAgGH430F/u5Ylo84HAAAAAAAAAAAAAAAAAAAALqMnvEPYeEQMPPPhmHuj6SoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLH+EwAA//+uy9et")

4.263895816s ago: executing program 7 (id=11417):
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB], 0x0}, 0x94)
fsmount(0xffffffffffffffff, 0x1, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000000c0)={0xffff, <r2=>0x0}, 0x8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x10, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r3}, 0x10)
r4 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfDno=', @ANYRESHEX=r0, @ANYRESHEX=r4, @ANYRES8=r3])
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@noload}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x562, &(0x7f0000000440)="$eJzs3d9rW+UbAPDnpO1+f7/rYAwVkcIuHMyla+uPCV7MS9HhQG+8miE9K6PpMpp0rHXgduFuvJEheOFAvNd7L4f/gH/FQIdDRvHGm8hJT7quSdasy9rMfD5w2vfNe5L3PDnnefOenIQEMLQmsj+FiJcj4psk4nBEJHnbaOSNE2vrrT68Xs6WJBqNT/5KsvX2R0S59Vit+x3MKy9FxK9fRZwstPdbW16ZL1Uq6WJe3xsLVyZryyunLi2U5tK59PL0zMyZt2am333n7b7E2fhy7f/Hdz848/Xx1e9+vn/kdhJn41DensXVh25ubKxMxET+nIzF2U0rTvWhs0GS7PYGsC0jeZ6PRTYGHI6RPOuB/77sZbEBDKlE/sOQas0DWuf2fToPfmE8eH/tBKg9/tG190ZiX/Pc6MBq8tiZUXa+O96H/rM+fvnjzu1sif69DwGwpRs3I+L06Gj7+Jfk49/2ne5hnc19GP9g59zN5j9vdJr/FNbnP9Fh/nOwQ+5ux9b5X7jfh266yuZ/73Wc/65ftBofyWv/a875xpKLlyppNrb9PyJOxNjerP6k6zlnVu81urVtnP9lS9Z/ay6Yb8f90b2P32e2VC89S8wbPbgZ8UrH+W+yvv+TDvs/ez7O99jHsfTOa93ato7/+Wr8GPF6x/3/6IpWVpqsd70+Odk8HiZbR0W7v28d+61b/7sdf7b/Dzw5/vFk4/Xa2tP38cO+f9K8uG9z22PxR+/H/57k02Z5T37btVK9vjgVsSf5qP326Uf3bdVb62fxnzj+5PGv0/G/PyI+7zH+W0d/erVb2yDs/9mn2v9PX7j34Rffd+u/t/HvzWbpRH5LL+Nfrxv4LM8dAAAAAAAADJpCRByKpFBcLxcKxeLa5zuOxoFCpVqrn7xYXbo8G83vyo7HWKF1pfvwhs9DTOWfh23VpzfVZyLiSER8O7K/WS+Wq5XZ3Q4eAAAAAAAAAAAAAAAAAAAABsTBLt//z/w+0rb6Z3/u/CYCz5Of/IbhtWX+9+OXnoCB5PUfhpf8h+El/2F4yX8YXvIfhpf8h+El/2F4yX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoq/PnzmVLY/Xh9XJWn726vDRfvXpqNq3NFxeWysVydfFKca5anaukxXJ1YavHq1SrV6amY+naZD2t1SdryysXFqpLl+sXLi2U5tIL6diORAUAAAAAAAAAAAAAAAAAAAAvltryynypUkkXFRS2VRgdjM1Q6HNht0cmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjk3wAAAP//cHo1gQ==")
r5 = open(&(0x7f0000000340)='./file1\x00', 0x185102, 0x38)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0f0000000471879c3e53225d000000040000001200000038dc289abff213a0f0452500000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1000002, 0x28011, r5, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)

4.100634378s ago: executing program 9 (id=11418):
syz_btf_id_by_name$bpf_lsm(0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x800, &(0x7f0000000780)=ANY=[@ANYBLOB="696f636861727365743d61736369692c6e6f6e756d7461696c3d302c756e695f786c6174653d302c756e695f786c6174653d302c636f6465706167653d3836322c73686f72746e616d653d6d697865642c696f636861727365743d63703737352c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c726f6469722c757466383d312c756e695f786c6174653d312c00b571a3e3bf2ce9bf5c6406ff0da9714d33dcb456c741d7aa"], 0x41, 0x282, &(0x7f00000004c0)="$eJzs3bFqW1cYB/BPtlzJhiINBdNS6C1dOgnbxbtMcaFU0NKioZ1qYpsEyzHEYEgG25vJOySvkIxZAxlC1rxACAQnkCXO5CGgoFxZkRxJsZxIMuT3W/xxz/nrnnN8uBcPPvr/+82N1a3t9aOjw8jnM5EtRzmOM1GMiZiM1H50lel+GQC46I7r9XhVT417LADAaHj/A8CXp9/7P7PfuvbX6EcGAAzLJ/39PzGUIQEAQ/bPv//9sVSpLP+dJPmIzYOd6k41/Zm2L63HlajFWsxFId5E1FvS+rffK8tzScPzYuQ39ybS/N5OdbIzPx+FKHbPzyepqDZyJ/mpmGnmn8zEWixEIb7pnl/omv8qfv6p7f6lKMTjS7EVtViNRjbN5yJidz5Jfv2z0liApkY+964fAAAAAAAAAAAAAAAAAAAAAAAMQylpKXaen5Oe31Mq9WpP8+3nA033Ox+ovnfqfJ5sfJcd79wBAAAAAAAAAAAAAAAAAADgoti+fmNjpVZbu9avuProzoPDXBr4aOf+RaZ538FSB337TJ+eRT4iFiOib+rrH5/d6taUi9yZ1udkJudejalTI0yaH3j/h/Mv78iKh4eXv/1le3axranSvjci25662Zhqx+f02EjZs23IwYuXhYieffIDb8j24u5JUX79QZ9ca5NMj/sXN3u7vHJv9+mLs6b6PDTqk5/7MQQAAAAAAAAAAAAAAAAAAHT8f3vvPoujHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjMH77/8ftMhFx5V8z877454jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8DQAA//8mbYtA")
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[], 0x50)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fd/3\x00')

3.923081281s ago: executing program 7 (id=11422):
r0 = open(0x0, 0x48141, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1)
r1 = open(&(0x7f0000000200)='./bus\x00', 0x1612c2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/locks\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x200)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r3, 0xffffffffffffffff, 0x0)

3.815875962s ago: executing program 7 (id=11424):
r0 = epoll_create1(0x0)
socket(0xa, 0x2400000001, 0x0)
syz_open_dev$usbmon(&(0x7f0000000340), 0x2, 0x80180)
syz_open_dev$usbmon(&(0x7f0000000080), 0xb4, 0x145703)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000400db00000000000000000018110000", @ANYRESHEX=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
mkdir(&(0x7f0000000000)='./file0\x00', 0x12)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x800)
write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc90}, [@printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r8}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="44000000102101002dbdecc1f1b2abc29f1909bb4d3659037a957000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="1843010000000000140003007866726d30000000000000000000000010001a800c000a800500080002000000"], 0x44}, 0x1, 0x0, 0x0, 0x4000884}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="7c00000000010104000000000000000002000000240001801400018008000100e0000001080002000a0101000c000280050001000000000024000280140001800800010000000000080002007f0000010c00028005000100000000000800074000000000180006"], 0x7c}}, 0x0)
r9 = dup(r3)
write$FUSE_BMAP(r9, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r9, &(0x7f0000000600)=ANY=[@ANYBLOB="b0"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r9])

3.440513078s ago: executing program 5 (id=11425):
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
syz_usb_connect(0x4, 0x24, &(0x7f0000000b40)={{0x12, 0x1, 0x0, 0x30, 0x10, 0x6f, 0x40, 0xbb4, 0xa6c, 0x7201, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xa0, 0x20, 0x0, 0xe1, 0x8c, 0xee}}]}}]}}, 0x0)
ioctl$EVIOCRMFF(r3, 0xc0085508, &(0x7f00000000c0)=0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001080)=0xffffffffffffffff, 0x4)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000011c0)={r1, 0x58, &(0x7f0000001140)}, 0x10)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000080)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r4, @ANYBLOB="05"], 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'lo\x00', <r7=>0x0})
r8 = io_uring_setup(0x3454, &(0x7f0000000080)={0x0, 0xffffeffe, 0x18, 0x2})
io_uring_register$IORING_REGISTER_BUFFERS(r8, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r9}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x6, 0x2, 0x0, 0x2, 0xffffffff}, [@TCA_NETEM_RATE64={0xc, 0x8, 0xc1160cbda5ab1ab}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x20000000)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000001200)=@bloom_filter={0x1e, 0xc94, 0xfffffffd, 0x9, 0x20000, r0, 0x8746, '\x00', r7, r4, 0x5, 0x2, 0x0, 0xf}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000b98cad95850000000300000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r11=>0xffffffffffffffff})
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_attach_bpf(r11, 0x1, 0x32, &(0x7f00000000c0)=r12, 0x4)

3.152562232s ago: executing program 9 (id=11426):
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2000003, 0x13, r0, 0x1e67e000)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001180)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000fef7ff7a0af0fff80000ff79a4f0ff00000000b7060000efffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00ba23008500000098000000b70000000000000095000000000000006f88300eaa171100756695acf0af839ec5300a584fe44c80de0b061417e9ade22cecede5d5be6ab3d7828ee094518a5800000082c81ddfe3960a29ea15fa7e26f0f3e51416b698f6da6fe8af496d22585ffab3af24974fae00d824313ffef788c6983945dd3663f79f67e78a48b23b38c5f86e96111199f0f0af9f42099a0f54041889b971cf394bd43473a5ac2acab9768cbc52ff7f000000000000711727c4a32a6b7ecdae05d2b3fed4572eb0d88976d2adda68000010000000c47b18cf93996a43e2e080f57fadf535d8b3078ebe16b10160fad64474a7b558f7a56f41022feec18e013abd8fda2b96779e534d0675fbcc13ba9f9eb96319fd5b49521d5cb2ced401d7b6fce658f203a9c2da91116d986730da1be85b0000829512099df32814820fbf7be91cd13b77f4e4e599f8bbca388247856073472312a9ff4273b9cd08000000000000616e888cda842c661577818c2069cb41a73b4b7fc28882cad315db3fffc5183deca7a32838ec0ad70d4f55382c1879b71ec504d2f3e3883428ee350123a5cad346f6d517f6fcea5b6bc4fcffffffffffff03f419a6e45fd98e77da4a8202ebbdafe6b2e38c9d7e506f5da2958cf7f0d9b31ca3275e64e29d39d158cebe43308cf8760588001172e19685e9a334aec76530861b772a1da96f0a227514bd0bc26df2b50a45e4eceae1ddfe88d58879d1cb253e0471714fa124211203000000000000001f502b6c760655ffb20ae13a1a94f7ae229fbf5da7cae4f994ee82fc98c864c3e352ad16f98208cf1469dd6c1212582a3687f7dbdf708929643f3f0f4e947c40742452685ec044fc71eaca9abc92145677e14054331801b1412b39049ed782742f9a1b6aca9123b243c1a68c047f2db79701b62c8cc0d2f608c7f62d107ebc68df9f8d296721c9d465dad604bc0dc500000000000000000000000000000000000000000568a4997dd54fa83aacd2d209f66de2e26dc2fd862a0b8ee149c148197176745fc8ff1dd5bd6611daa882298a37b041b34668d4662ea8fbe2e787dfc4c8bef2124f0439b2d18ec83361da5cc732f365b0a528db31b90bc1405b6d5301c34319ccae29b1d6034b665c79baeeeac5e71d24e2e3b6ffc5bc2dcb600e645c0048b45e286a49e888d21abfc817085d9c00e08525207e33505226fdda16e6da6dd31f7a1736029b87e8d6a05bcb356298d7dccd7de2af0885bd4939ff96ab74da3871b077e4058c8752ba4994eafed8b239d781638fa339fa0f7dd135af3f80e40f4b885770cf27d205a45d4702f97b8b7c57b180c50b2b370dfb35dc895e8f05d6e71829f36150b2cde314693f3e0dc35f8cdd76bdde2018366c3201307c370433762676f72e68c962430a0000000000000000000000000000e737dc2e1a3fdebbb510c663d24f72b954965201f775b3739c14dd4832647c028be09f2809fd396fa26532a30a37737e95f0f41dd024b7bf8a6bf807c9fd9b8c7a39717729339dc3054117cb95693bdd61edcc2860b66545e194a961bdc5457d76ae1a87050e12ead896f3337d5a000000000000000000400000602bfd2f1ace65f2e74dc99cb73a37f40362b7904e8a0ea8d2d9805c924f9985d22972031a1223afa1288af3f48c93fcdb11963d0b748287448f722dc180e87637b662b11effabf45beda2e3a7e1adf8f94b619fa152b33440f2358a745848caf7000eb305c936d26964a2a85e133d01368b8d228d02f96064de261cf02c9632a0eb4ab259e8f4dd63d8b6d2d6b2a0c29fbab7d04d73a381c21f1c344655b64e12f216fbc646cc6bd60ca773d187f2fd317f6cb2309d1a13526a44b7d9b2bf93947dc3ac3340a7a114051d33d152310574f0d784910dc1a8f5bbf3610c544437626236458f285196161496389b02ba46a72da0149b4ddfdd4ef7862a07395752a37cb0244e94e1310e0c0a148a9a48b149bf2f345f3f89813c9eb05160f63f0b363deee5cb77ea6e951857e1942e5c56d72d724af7aa24a8aadb512f3302972c53b0eb7a693e0b0c775b21aed72995cfe9e9347a07d43ce3db9f22d461e86416ffff6f2e4e36306630052a2b03ee36ec52af0d684fabd5f38adffaa6c5a7a8100d1aefaf8576b363690b76e2eb96b07ab790cf63cfc334b7469b5b5b397c622f7c3ee064f9272443bcb928b6f7a2450cd33550a42843b0b5ac9e37134c81bd56b72e1030b05a5b3ac47b5af22a9dff0700004adacc71db2b15b4ffd98e30224763382ade45d164be76b2e9a674448f3ee2cd29707468df87ea6e8e6333b5fcb1b8b43a7c005ea800000000000000000000010000000000387592adc78ccfe479549e6f4efc14c4a5cfe845e6157d6fe70b278147edf0e25065ec6b17f8022493d105c9c31121e7957aeec5f7f2af0446d128778c8bf15b87a0eec6f4c75966b5f0e06744bda63134223416102aea1254d57c390e1f84ec7d5c3a758ce59c9e2c4ce1f28b6783661e272bf1cb5c8ac177aa9c6ccbead9a96b22394afb840247e5d69473b836f070dc0bf9302e33b03d4e07395c82e33667726b51ff24b0bbea730702835159e3517ffb3da0d01833589fec3bdab629b21e5d9e87c3c58d962ff5e75c81f583c64b7d5a643674801e18b06ca98b49d9e28d004c7ebccf076c64ef71421f672b0948b18ab5af448ca9446e71ba6dd4bd15a12553066de7cb767a121d56d9d26ce27fdbe6721191f2ed1cc3f9c5e3d5cba447c4793165b3cbf51c7d0cf9edf823641e1bc7db7803b60dc8b21e49a33a73ac00337067dfd3ecaf4e6dceee1048f300000000000000000000000000000000000000000000007958a50896df65337581398793d0a9abe75251908c07d2957ca70ad7ac31aae536294d6a944cd35f46cb554d8aecae5a72cb24596d896ff9ad83473567b6cb9d032c395a1459399cea31ebafc1e77649b55af527ca0f1ac972ee72a78391473c1b9e0000000000000000004076eac7e605f8de6f0ce5702af52c5d78bac0097d92f078a3a98229ebf281c3c876d2614109b69967871fea621fb2a29a77a1516b51d9b1c3c5ef1436f50fad4a1cd92a211fec61d37c8b410a20fbdeb642228d6cfeb8cda8eea3a7f343fcaa0459b9d916abb668d4799534307084ee7d854dd0850000000000000000000000002f40c3e24f9c0a56edf543425058c35febda26a43bdab770212186b84421d8b841cf9181d47c08cb392e414c1efba9978a976a9e65ae443644dbdb32a50cdc717a34d1aa9ced37820a6d1cd0920a9a07e36a85e967bfa7f2caf1c9b52c06f4d178fbb91a169e9533e401819e57cab814761819b0fc517239a6777dbb92a7462538dbd8a4b84b160a598c75bafa5a9b388a44303dbebc83ac2ad2da3ae80c851bc2fdb8d444597fdac4538aa33bb9204ffe534b15a1878be30157d0815d38fc2effeb7b87d6bd15e21c7b7c7d1ad7b3fd69b4bd06716a203e82f4c0413719eae0967fc70f03570375c2d0986b0200897e505afb6f3f8eb5384e3300000000000000000000000000006b78992d5c13cc1e4da0c915f6008be5cbc0ba1eea48d5967c5e5106411dda3578c91d93ecf4a5efdf306f6b5378db3b22f5aae576342ff9a2eda7080027be316100af0ec6f0e9f227e239fe2d8c78555aaaa969581860f846df35757281a6d3f2e6de960c30f98987ba99d1edfb39dece89262a2e71cb50b7104f611b8db7639e6a5b485135bead15cfada2b5ffa490d60f6b8211f6ada947d06fac138f829b24f2c9d60f3d6672ef8e86ddcdf4dba4f20f370c58f49c9d0100b519f8bc685f176c3f305ced21df0c8acace252a"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x304, 0x10, &(0x7f0000000000), 0xfffffea2}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x0, 0xe, 0x0, &(0x7f0000000040)="63eced8ec6dc3f0adf33c9f7b986", 0x0, 0xe5e7, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
ioctl$USBDEVFS_RESET(0xffffffffffffffff, 0x5514)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
open_tree(0xffffffffffffff9c, 0x0, 0x81000)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r6}, 0x18)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), r5)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000200)={0x1c, r7, 0x105, 0x70bd29, 0x27dfdbfd}, 0x1c}, 0x1, 0x0, 0x0, 0x20001044}, 0x0)

2.722864749s ago: executing program 0 (id=11427):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xe, 0x4, 0x4, 0x9}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r1}, 0x10)
r2 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x21, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x1c9482, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00'}, 0x18)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r7, r8, 0x0, 0x20000023896)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r3}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000040)={'macsec0\x00', @random="06517dc2e6ea"})

2.188377407s ago: executing program 9 (id=11429):
io_setup(0xacf, &(0x7f0000000180))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000cc0), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000000)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
syz_emit_ethernet(0x22, &(0x7f0000000180)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaabb080045dd00140067000001"], 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r6)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
write$cgroup_subtree(r5, &(0x7f0000000180)=ANY=[], 0x36)
bpf$TOKEN_CREATE(0x24, &(0x7f00000000c0)={0x0, r3}, 0x8)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000780)={[{@bsdgroups}, {@nodiscard}, {@oldalloc}, {@grpjquota}, {@nobarrier}, {@noquota}, {@abort}, {@nodiscard}, {@nodiscard}]}, 0x64, 0x50d, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZj06Y3ueqDXvB69V5Ji3Y3aWwbfKgVRJ8Kan2vMdmEkE02ZDdtE4qm+AEEERV80hdfBD+AIAVffBShoM+KiiLa6oMP2rns7iRN091k226zafb3g8mcc2Zm/+dsmNk5M4eZAAbWOxFxLSIep2l6PiLGsvJcNsV2a2qs9+jh3bnGlESa3vhnEklWtvNZSTY/k212KiK+9uWIbybPxq1tbi3PVirl9Sxfqq+slWqbWxeWVmYXy4vl1enpqcszV2YuzUz2pJ1nI+LqF//6g+/+7EtXf/WZ23+6+fdz32pUazRbvrcdzyl/0MJW0wvN72LvBusvGOw4yjdbmBlpt8bQMyX3XnGdAABor3GO/8GI+GREnI+xGDr4dBYAAAB4DaWfH43/JRFpe8MdygEAAIDXSK45BjbJFbOxAKORyxWLrTG8H47TuUq1Vv/0QnVjdb41VnY8CrmFpUp5MhsrPB6FpJGfaqaf5C/uy09HxJsR8f2xkWa+OFetzPf74gcAAAAMiDP7+v//GWv1/wEAAIATZrzfFQAAAABeOf1/AAAAOPn0/wEAAOBE+8r1640p3Xn/9fytzY3l6q0L8+XacnFlY644V11fKy5Wq4vNZ/atHPZ5lWp17bOxunGnVC/X6qXa5tbNlerGav3m0lOvwAYAAACO0Jsfv/+HJCK2PzfSnBqGu9u0y9WA4yq/m0qyeZvd+o9vtOZ/OaJKAUdiqN8VAPom3+8KAH1T6HcFgL5LDlnecfDOb7P5J3pbHwAAoPcmPtr5/n/uwC23D14MHHt2Yhhc7v/D4Gre/+92JK+TBThRCs4AYOC99P3/Q6Xpc1UIAADoudHmlOSK2eW90cjlisWIs83XAhSShaVKeTIi3oiI348VPtDITzW3TA7tMwAAAAAAAAAAAAAAAAAAAAAAAAAALWmaRAoAAACcaBG5vyW/bj3Lf2LsvdH91weGk/+ORfaK0Ns/vvHDO7P1+vpUo/xfu+X1H2XlF/txBQMAAAAGwnO9wH+nn77TjwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAXnr08O7cznSUcf/xhYgYbxc/H6ea81NRiIjT/04iv2e7JCKGehB/pPHnI+3iJ41q7YZsF3+kB/G37x0YP8azb2F//OGIONOD+DDI7jeOP9fa7X+5eKc5b7//5SOeyr+ozse/2D3+DXU4/pztMsZbD35R6hj/XsRb+fbHn534SYf473YZ/xtf39rqtCz9ScRE29+f5KlYpfrKWqm2uXVhaWV2sbxYXp2enro8c2Xm0sxkaWGpUs7+to3xvY/98vFB7T/dIf74Ie1/r8v2///BnYcfaiUL7eKfe7dN/N/8NFvj2fi57LfvU1m6sXxiJ73dSu/19s9/9/ZB7Z/v0P7D/v/numz/+a9+589drgoAHIHa5tbybKVSXj+xiUYv/RhUQ+IYJr7d0w9M0zRt7FMv8TlJHIevpZno95EJAADotScn/f2uCQAAAAAAAAAAAAAAAAAAAAyuo3ic2P6Y27uppBeP0AYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6In3AwAA///d8Nla")

2.173572708s ago: executing program 7 (id=11430):
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000c89d49970fd8fbba77cc7bd81c41cbcae0a811b2dbc9d1b868fdc06df53a0a3f21", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYRES32, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
mount$9p_fd(0x0, 0x0, &(0x7f0000000240), 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={0x0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4c00000010004b0422000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c00028008000400000000000800157fff000000050016"], 0x4c}, 0x1, 0x0, 0x0, 0x200400a0}, 0x0)

1.34999242s ago: executing program 0 (id=11431):
rt_sigtimedwait(&(0x7f0000000240)={[0xffffffffffffffff]}, 0x0, 0x0, 0x8)

428.805983ms ago: executing program 7 (id=11433):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0xfffffffffffffde8, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f00000000c0)={0x18}, 0x18)
write$FUSE_INIT(r2, &(0x7f0000000100)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280), 0x8010, &(0x7f0000000700)=ANY=[@ANYRES16=0x0, @ANYBLOB="b372629a1343957e10d4a063283feaee6554bb0b735c010b706a4d8a935e0d8810ffc01a953aa9389d97f5aabd232bbc5d4a4398465d93d7fefdcedcd8af925fe8f08ac18284f806ed3a18f4fa4d47466f78be75d6033690c0503d542515ec1e0367c92ae224ecff233bcb0e3f9abd6a0467573e4893e3dbd67d9bdf555e54683cba9a32a88fc67537a25c337d0d039d3ca2e86faba74baecd34ee86ad435d1684b8f55864c99022ce4f8eca7435d99aa945ea9d95fce72f9921440b33fbc42137fcf46413c1410e529b6b288f", @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',cache=fscache'])
utime(&(0x7f0000000200)='./file0\x00', 0x0)
r3 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r3, &(0x7f0000000440)={'#! ', './file0'}, 0xb)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="840100001900010000000000000000001d0109005000128049002100c9a7befe6f6d645a1a11b81b2c4b10fb4f5fdaf9331c7510e19feecb90ee6bb49fdb1a75df432aa833928ab6b9ff8f5e9ed32d3b477d35b296674f1fe35663c0d236fde56f0000002001068004"], 0x184}, 0x1, 0x0, 0x0, 0x5}, 0x0)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r5, &(0x7f0000004940)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000004900)=""/48, 0x30}, 0xb}], 0x1, 0x2, 0x0)
setsockopt$inet_int(r5, 0x0, 0x17, &(0x7f0000000180)=0x6, 0x4)
setsockopt$inet_int(r5, 0x0, 0x19, &(0x7f0000000140)=0x400030, 0x4)
r6 = syz_clone(0x48411, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r6, 0x0, 0x0)
wait4(r6, 0x0, 0x1000000, 0x0)
bind$inet(r5, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x2e, &(0x7f00000002c0)=ANY=[@ANYBLOB="ffff220000000180c22df9bd560000000800450000e66f2dd80d51dfc2e887e66c0610b96966472000000000001190780000"], 0x0)

400.839054ms ago: executing program 6 (id=11434):
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000c89d49970fd8fbba77cc7bd81c41cbcae0a811b2dbc9d1b868fdc06df53a0a3f21", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYRES32, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
mount$9p_fd(0x0, 0x0, &(0x7f0000000240), 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={0x0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4c00000010004b0422000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c00028008000400000000000800157fff000000050016"], 0x4c}, 0x1, 0x0, 0x0, 0x200400a0}, 0x0)

297.487716ms ago: executing program 0 (id=11435):
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000c89d49970fd8fbba77cc7bd81c41cbcae0a811b2dbc9d1b868fdc06df53a0a3f21", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYRES32, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
mount$9p_fd(0x0, 0x0, &(0x7f0000000240), 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={0x0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4c00000010004b0422000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c00028008000400000000000800157fff000000050016"], 0x4c}, 0x1, 0x0, 0x0, 0x200400a0}, 0x0)

280.886646ms ago: executing program 9 (id=11436):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000200), 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.swap.current\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000880)={'#! ', './bus'}, 0x9)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4000003, 0x13, r0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0x8004587d, &(0x7f0000000080)={0x0, r1})
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='\a\x00\x00\x00'], 0x50)
ioctl(r0, 0x1, &(0x7f0000000080))

228.896957ms ago: executing program 6 (id=11437):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @counter={{0xc}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0xb0}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)

202.977757ms ago: executing program 0 (id=11438):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)={0x40, r1, 0x7, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_OURS={0x14, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x9}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x40}}, 0x0)

188.538937ms ago: executing program 6 (id=11439):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000011c0)=@newtaction={0xe98, 0x30, 0x25, 0x0, 0x0, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x30, 0x5, 0x0, 0x1, [{0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}, {0x4}]}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x0)

187.391217ms ago: executing program 5 (id=11440):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'sit0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@ipv6_newnexthop={0x3c, 0x68, 0x1, 0x0, 0x0, {0x2}, [@NHA_ENCAP={0xc, 0x8, 0x0, 0x1, @LWTUNNEL_IP6_TC={0x5}}, @NHA_GROUP_TYPE={0x6}, @NHA_OIF={0x8, 0x5, r1}, @NHA_ENCAP_TYPE={0x6, 0x7, 0x2}]}, 0x3c}}, 0x0)

141.444118ms ago: executing program 6 (id=11441):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
write$cgroup_pid(r0, &(0x7f0000000000), 0x2a979d)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000200)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x100}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)

141.294288ms ago: executing program 0 (id=11442):
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/cgroup\x00')
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbee1, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket(0x14, 0x2, 0x4)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00'})

141.211288ms ago: executing program 5 (id=11443):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='io.stat\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000380)=ANY=[@ANYRESHEX, @ANYRES16=r0, @ANYBLOB="019d16aaefe2b541e50c8066623adae692426ea6ae27", @ANYRESOCT], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x4)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000040)=0x10, 0x4)

133.377758ms ago: executing program 5 (id=11444):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
getpid()
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
bind$bt_hci(r0, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)

119.281738ms ago: executing program 6 (id=11445):
pipe(&(0x7f00000045c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000440)=[{&(0x7f00000000c0)="3b256c7a40ff8cf30d776a89d5cfc3ce7467bd24", 0x14}], 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet(0x2, 0x3, 0x7f)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
epoll_create1(0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
setsockopt$inet_int(r2, 0x0, 0x3, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10)
splice(r0, 0x0, r2, 0x0, 0x8000, 0x0)

72.931739ms ago: executing program 5 (id=11446):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
read(r0, &(0x7f00000000c0)=""/108, 0x6c)

72.787789ms ago: executing program 6 (id=11447):
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/cgroup\x00')
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbee1, 0x8031, 0xffffffffffffffff, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
r0 = socket(0x14, 0x2, 0x4)
setsockopt$inet6_int(r0, 0x29, 0xc9, 0x0, 0x0)

72.613029ms ago: executing program 9 (id=11448):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, 0x0, 0x4004816)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x4, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=@getchain={0x24, 0x66, 0xfcd66a900070b359, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x6}, {}, {0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x0)

0s ago: executing program 9 (id=11449):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000007c0)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xe}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x6, 0x9, 0x1, 0x80000001}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x0)

kernel console output (not intermixed with test programs):

604][ T2349] usb 7-1: config 0 descriptor??
[ 2818.169952][T32449] usb 10-1: 0:2 : does not exist
[ 2818.175252][T32449] usb 10-1: unit 5: unexpected type 0x0b
[ 2818.192517][T32449] usb 10-1: USB disconnect, device number 19
[ 2818.384074][ T5151] loop7: detected capacity change from 0 to 512
[ 2818.501485][ T5151] EXT4-fs error (device loop7): ext4_do_update_inode:5234: inode #3: comm syz.7.10833: corrupted inode contents
[ 2818.513548][ T5151] EXT4-fs error (device loop7): ext4_dirty_inode:6070: inode #3: comm syz.7.10833: mark_inode_dirty error
[ 2818.525415][ T5151] EXT4-fs error (device loop7): ext4_do_update_inode:5234: inode #3: comm syz.7.10833: corrupted inode contents
[ 2818.537465][ T5151] EXT4-fs error (device loop7): __ext4_ext_dirty:183: inode #3: comm syz.7.10833: mark_inode_dirty error
[ 2818.549097][ T5151] Quota error (device loop7): write_blk: dquota write failed
[ 2818.556577][ T5151] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[ 2818.566525][ T5151] EXT4-fs error (device loop7): ext4_acquire_dquot:6195: comm syz.7.10833: Failed to acquire dquot type 0
[ 2818.578892][ T5151] EXT4-fs (loop7): 1 orphan inode deleted
[ 2818.584793][ T5151] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2818.630108][ T2349] kovaplus 0003:1E7D:2D50.0252: unbalanced delimiter at end of report description
[ 2818.639465][ T2349] kovaplus 0003:1E7D:2D50.0252: parse failed
[ 2818.645447][ T2349] kovaplus: probe of 0003:1E7D:2D50.0252 failed with error -22
[ 2818.815747][ T5158] loop9: detected capacity change from 0 to 16
[ 2818.849432][  T303] usb 7-1: USB disconnect, device number 49
[ 2818.930634][ T5158] erofs: (device loop9): mounted with root inode @ nid 36.
[ 2818.962797][ T5158] netlink: 25 bytes leftover after parsing attributes in process `syz.9.10834'.
[ 2818.972208][ T5158] device gretap0 entered promiscuous mode
[ 2819.966230][ T5173] device gretap0 left promiscuous mode
[ 2820.571773][ T5180] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1025 sclass=netlink_route_socket pid=5180 comm=syz.0.10843
[ 2820.585423][ T5180] netlink: 28 bytes leftover after parsing attributes in process `syz.0.10843'.
[ 2821.361044][ T5211] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1025 sclass=netlink_route_socket pid=5211 comm=syz.0.10855
[ 2822.567696][ T5232] loop5: detected capacity change from 0 to 256
[ 2822.768129][ T5234] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1025 sclass=netlink_route_socket pid=5234 comm=syz.9.10866
[ 2822.781722][ T5234] netlink: 28 bytes leftover after parsing attributes in process `syz.9.10866'.
[ 2824.036053][ T5262] loop6: detected capacity change from 0 to 1024
[ 2824.087201][ T5268] loop9: detected capacity change from 0 to 512
[ 2824.102697][ T5262] EXT4-fs (loop6): Ignoring removed nobh option
[ 2824.119148][ T5262] EXT4-fs (loop6): Ignoring removed bh option
[ 2824.127661][ T5262] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 2824.148533][ T5268] EXT4-fs (loop9): Ignoring removed mblk_io_submit option
[ 2824.175848][ T5268] EXT4-fs (loop9): Ignoring removed bh option
[ 2824.186675][ T5268] EXT4-fs (loop9): Test dummy encryption mode enabled
[ 2824.196408][ T5268] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 2824.357493][ T5276] loop5: detected capacity change from 0 to 512
[ 2824.374673][ T5262] EXT4-fs error (device loop6): ext4_orphan_get:1427: comm syz.6.10873: bad orphan inode 32767
[ 2824.375938][ T5268] EXT4-fs (loop9): 1 truncate cleaned up
[ 2824.386179][ T5262] EXT4-fs (loop6): mounted filesystem without journal. Opts: delalloc,data_err=abort,noload,dioread_lock,data_err=ignore,resgid=0x0000000000000000,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 2824.390962][ T5268] EXT4-fs (loop9): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000002,mblk_io_submit,bh,auto_da_alloc,barrier,test_dummy_encryption,nogrpid,,errors=continue. Quota mode: none.
[ 2824.426723][ T5276] EXT4-fs (loop5): Ignoring removed oldalloc option
[ 2824.471329][ T5276] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 2824.478232][ T5276] Quota error (device loop5): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 2824.487839][ T5276] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[ 2824.497884][ T5276] EXT4-fs error (device loop5): ext4_acquire_dquot:6195: comm syz.5.10877: Failed to acquire dquot type 1
[ 2824.520354][ T5276] EXT4-fs (loop5): 1 truncate cleaned up
[ 2824.526174][ T5276] EXT4-fs (loop5): mounted filesystem without journal. Opts: bsdgroups,nodiscard,oldalloc,grpjquota=,nobarrier,noquota,abort,nodiscard,nodiscard,,errors=continue. Quota mode: writeback.
[ 2824.560636][ T5286] 9pnet: Insufficient options for proto=fd
[ 2824.594065][ T5288] loop7: detected capacity change from 0 to 128
[ 2824.712456][ T5288] x_tables: duplicate underflow at hook 4
[ 2824.720503][ T5288] overlayfs: './file1' not a directory
[ 2824.999393][  T506] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[ 2825.112216][ T5302] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1025 sclass=netlink_route_socket pid=5302 comm=syz.6.10885
[ 2825.136669][ T5302] netlink: 28 bytes leftover after parsing attributes in process `syz.6.10885'.
[ 2825.152876][ T5306] 9pnet: Insufficient options for proto=fd
[ 2825.679926][  T506] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2825.689810][  T506] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 2825.702886][  T506] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[ 2825.712180][  T506] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2825.724908][  T506] usb 8-1: config 0 descriptor??
[ 2825.732606][ T5319] incfs: Backing dir is not set, filesystem can't be mounted.
[ 2825.740157][ T5319] incfs: mount failed -2
[ 2826.157239][ T5338] loop6: detected capacity change from 0 to 256
[ 2826.350345][  T506] kovaplus 0003:1E7D:2D50.0253: unbalanced delimiter at end of report description
[ 2826.359760][  T506] kovaplus 0003:1E7D:2D50.0253: parse failed
[ 2826.365759][  T506] kovaplus: probe of 0003:1E7D:2D50.0253 failed with error -22
[ 2826.890493][  T506] usb 8-1: USB disconnect, device number 17
[ 2827.103206][ T5356] incfs: Backing dir is not set, filesystem can't be mounted.
[ 2827.110936][ T5356] incfs: mount failed -2
[ 2827.296188][ T5360] loop9: detected capacity change from 0 to 1024
[ 2827.320656][ T5360] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 2827.340802][ T5360] EXT4-fs (loop9): shut down requested (0)
[ 2827.379865][ T5358] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1025 sclass=netlink_route_socket pid=5358 comm=syz.6.10906
[ 2827.445634][ T5373] netlink: 12 bytes leftover after parsing attributes in process `syz.7.10911'.
[ 2827.446285][ T5372] loop5: detected capacity change from 0 to 1024
[ 2827.465669][ T5373] device gretap0 left promiscuous mode
[ 2827.472802][ T5373] IPv6: ADDRCONF(NETDEV_CHANGE): syz_tun: link becomes ready
[ 2827.491261][ T5373] device veth1_macvtap entered promiscuous mode
[ 2827.497723][ T5373] device macsec0 left promiscuous mode
[ 2827.504645][ T5372] EXT4-fs (loop5): Ignoring removed nobh option
[ 2827.518589][ T5372] EXT4-fs (loop5): Ignoring removed bh option
[ 2827.520312][ T5373] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready
[ 2827.531897][ T5372] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 2827.532235][ T5373] IPv6: ADDRCONF(NETDEV_CHANGE): gre3: link becomes ready
[ 2827.580178][ T5372] EXT4-fs error (device loop5): ext4_orphan_get:1427: comm syz.5.10912: bad orphan inode 32767
[ 2827.590968][ T5372] EXT4-fs (loop5): mounted filesystem without journal. Opts: delalloc,data_err=abort,noload,dioread_lock,data_err=ignore,resgid=0x0000000000000000,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 2827.786301][ T5375] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1025 sclass=netlink_route_socket pid=5375 comm=syz.9.10913
[ 2827.800864][ T5375] netlink: 28 bytes leftover after parsing attributes in process `syz.9.10913'.
[ 2827.806109][ T5389] loop7: detected capacity change from 0 to 512
[ 2827.890260][ T5389] EXT4-fs (loop7): Ignoring removed mblk_io_submit option
[ 2827.905165][ T5389] EXT4-fs (loop7): Ignoring removed bh option
[ 2827.913612][ T5389] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 2827.924707][ T5389] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 2827.941839][ T5389] EXT4-fs (loop7): 1 truncate cleaned up
[ 2827.948007][ T5389] EXT4-fs (loop7): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000002,mblk_io_submit,bh,auto_da_alloc,barrier,test_dummy_encryption,nogrpid,,errors=continue. Quota mode: none.
[ 2828.211348][T29609] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2828.231670][ T5406] loop7: detected capacity change from 0 to 1024
[ 2828.270791][ T5406] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 2828.464909][ T5418] loop9: detected capacity change from 0 to 1024
[ 2828.551886][ T5418] EXT4-fs (loop9): Ignoring removed nobh option
[ 2828.558234][ T5418] EXT4-fs (loop9): Ignoring removed bh option
[ 2828.564443][ T5418] EXT4-fs (loop9): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 2828.583773][ T5418] EXT4-fs error (device loop9): ext4_orphan_get:1427: comm syz.9.10928: bad orphan inode 32767
[ 2828.594418][ T5418] EXT4-fs (loop9): mounted filesystem without journal. Opts: delalloc,data_err=abort,noload,dioread_lock,data_err=ignore,resgid=0x0000000000000000,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 2829.096967][ T5425] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1025 sclass=netlink_route_socket pid=5425 comm=syz.5.10930
[ 2829.514958][ T5451] loop7: detected capacity change from 0 to 512
[ 2829.545390][ T5451] EXT4-fs error (device loop7): ext4_do_update_inode:5234: inode #3: comm syz.7.10938: corrupted inode contents
[ 2829.557518][ T5451] EXT4-fs error (device loop7): ext4_dirty_inode:6070: inode #3: comm syz.7.10938: mark_inode_dirty error
[ 2829.570120][ T5451] EXT4-fs error (device loop7): ext4_do_update_inode:5234: inode #3: comm syz.7.10938: corrupted inode contents
[ 2829.582179][ T5451] EXT4-fs error (device loop7): __ext4_ext_dirty:183: inode #3: comm syz.7.10938: mark_inode_dirty error
[ 2829.593969][ T5451] Quota error (device loop7): write_blk: dquota write failed
[ 2829.601801][ T5451] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[ 2829.612045][ T5451] EXT4-fs error (device loop7): ext4_acquire_dquot:6195: comm syz.7.10938: Failed to acquire dquot type 0
[ 2829.624639][ T5451] EXT4-fs (loop7): 1 orphan inode deleted
[ 2829.630412][ T5451] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2829.720004][ T5461] loop9: detected capacity change from 0 to 1024
[ 2829.732658][ T5461] EXT4-fs (loop9): Ignoring removed nobh option
[ 2829.738993][ T5461] EXT4-fs (loop9): Ignoring removed bh option
[ 2829.745215][ T5461] EXT4-fs (loop9): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 2829.761535][ T5461] EXT4-fs error (device loop9): ext4_orphan_get:1427: comm syz.9.10943: bad orphan inode 32767
[ 2829.772495][ T5461] EXT4-fs (loop9): mounted filesystem without journal. Opts: delalloc,data_err=abort,noload,dioread_lock,data_err=ignore,resgid=0x0000000000000000,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 2829.899317][ T5467] loop5: detected capacity change from 0 to 16
[ 2829.946913][ T5467] erofs: (device loop5): mounted with root inode @ nid 36.
[ 2829.992133][ T5467] netlink: 25 bytes leftover after parsing attributes in process `syz.5.10942'.
[ 2830.249797][ T5478] loop6: detected capacity change from 0 to 512
[ 2830.320998][ T5478] EXT4-fs error (device loop6): ext4_do_update_inode:5234: inode #3: comm syz.6.10947: corrupted inode contents
[ 2830.368586][ T5478] EXT4-fs error (device loop6): ext4_dirty_inode:6070: inode #3: comm syz.6.10947: mark_inode_dirty error
[ 2830.387043][ T5478] EXT4-fs error (device loop6): ext4_do_update_inode:5234: inode #3: comm syz.6.10947: corrupted inode contents
[ 2830.407148][ T5478] EXT4-fs error (device loop6): __ext4_ext_dirty:183: inode #3: comm syz.6.10947: mark_inode_dirty error
[ 2830.419714][ T5478] Quota error (device loop6): write_blk: dquota write failed
[ 2830.439904][ T5478] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[ 2830.457992][ T5478] EXT4-fs error (device loop6): ext4_acquire_dquot:6195: comm syz.6.10947: Failed to acquire dquot type 0
[ 2830.475871][ T5478] EXT4-fs (loop6): 1 orphan inode deleted
[ 2830.488287][ T5478] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2831.260454][ T5515] loop9: detected capacity change from 0 to 16
[ 2831.303537][ T5515] erofs: (device loop9): mounted with root inode @ nid 36.
[ 2831.324003][ T5515] netlink: 25 bytes leftover after parsing attributes in process `syz.9.10957'.
[ 2831.333224][ T5515] device gretap0 entered promiscuous mode
[ 2831.796359][ T5517] netlink: 28 bytes leftover after parsing attributes in process `syz.0.10960'.
[ 2831.875585][ T5525] loop6: detected capacity change from 0 to 128
[ 2831.886420][ T5525] x_tables: duplicate underflow at hook 4
[ 2832.326121][ T5542] loop7: detected capacity change from 0 to 256
[ 2832.519665][  T909] usb 7-1: new high-speed USB device number 50 using dummy_hcd
[ 2832.660184][ T5548] device veth1_macvtap left promiscuous mode
[ 2832.666209][ T5548] device macsec0 entered promiscuous mode
[ 2832.828879][ T5550] loop5: detected capacity change from 0 to 1024
[ 2832.868758][ T5550] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 2832.898084][ T5550] EXT4-fs (loop5): shut down requested (0)
[ 2833.049558][  T909] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2833.090327][ T5564] loop5: detected capacity change from 0 to 512
[ 2833.101910][  T909] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2833.122130][ T5564] EXT4-fs (loop5): Ignoring removed oldalloc option
[ 2833.189736][ T5564] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 2833.197883][ T5564] Quota error (device loop5): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 2833.207578][ T5564] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[ 2833.216993][ T5564] EXT4-fs error (device loop5): ext4_acquire_dquot:6195: comm syz.5.10974: Failed to acquire dquot type 1
[ 2833.231433][ T5564] EXT4-fs (loop5): 1 truncate cleaned up
[ 2833.238738][ T5564] EXT4-fs (loop5): mounted filesystem without journal. Opts: bsdgroups,nodiscard,oldalloc,grpjquota=,nobarrier,noquota,abort,nodiscard,nodiscard,,errors=continue. Quota mode: writeback.
[ 2833.429656][  T909] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2833.522403][  T909] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2833.589654][  T909] usb 7-1: SerialNumber: syz
[ 2834.049995][  T909] usb 7-1: 0:2 : does not exist
[ 2834.055090][  T909] usb 7-1: unit 5: unexpected type 0x09
[ 2834.079408][  T909] usb 7-1: USB disconnect, device number 50
[ 2834.457857][ T5580] device veth1_macvtap left promiscuous mode
[ 2834.463895][ T5580] device macsec0 entered promiscuous mode
[ 2834.953339][ T5588] loop7: detected capacity change from 0 to 1024
[ 2834.966912][ T5590] loop6: detected capacity change from 0 to 128
[ 2835.019769][ T5588] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 2835.044218][ T5590] x_tables: duplicate underflow at hook 4
[ 2835.051206][ T5590] overlayfs: './file1' not a directory
[ 2835.051432][ T5588] EXT4-fs (loop7): shut down requested (0)
[ 2835.160069][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 2835.329333][  T909] usb 7-1: new high-speed USB device number 51 using dummy_hcd
[ 2835.359352][  T303] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[ 2835.682098][ T5603] FAULT_INJECTION: forcing a failure.
[ 2835.682098][ T5603] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2835.695296][ T5603] CPU: 1 PID: 5603 Comm: syz.5.10988 Tainted: G        W         5.15.185-syzkaller-00032-g0d918fa8e88d #0
[ 2835.706664][ T5603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2835.716699][ T5603] Call Trace:
[ 2835.719956][ T5603]  <TASK>
[ 2835.722871][ T5603]  __dump_stack+0x21/0x30
[ 2835.727176][ T5603]  dump_stack_lvl+0xee/0x150
[ 2835.731738][ T5603]  ? show_regs_print_info+0x20/0x20
[ 2835.736909][ T5603]  dump_stack+0x15/0x20
[ 2835.741049][ T5603]  should_fail+0x3c1/0x510
[ 2835.745448][ T5603]  should_fail_usercopy+0x1a/0x20
[ 2835.750444][ T5603]  strncpy_from_user+0x24/0x2e0
[ 2835.755268][ T5603]  ? kmem_cache_alloc+0xf7/0x260
[ 2835.760180][ T5603]  getname_flags+0xf4/0x500
[ 2835.764657][ T5603]  user_path_at_empty+0x30/0x1c0
[ 2835.769564][ T5603]  vfs_statx+0xfb/0xa60
[ 2835.773693][ T5603]  ? __kasan_check_write+0x14/0x20
[ 2835.778778][ T5603]  ? proc_fail_nth_write+0x17a/0x1f0
[ 2835.784043][ T5603]  ? proc_fail_nth_read+0x210/0x210
[ 2835.789214][ T5603]  ? vfs_fstatat+0x40/0x40
[ 2835.793606][ T5603]  __se_sys_newfstatat+0xc6/0x340
[ 2835.798603][ T5603]  ? __x64_sys_newfstatat+0xb0/0xb0
[ 2835.803774][ T5603]  ? file_end_write+0x1b0/0x1b0
[ 2835.808595][ T5603]  ? __kasan_check_write+0x14/0x20
[ 2835.813679][ T5603]  ? mutex_unlock+0x89/0x220
[ 2835.818362][ T5603]  ? __mutex_lock_slowpath+0x10/0x10
[ 2835.823639][ T5603]  ? __ia32_sys_read+0x90/0x90
[ 2835.828389][ T5603]  __x64_sys_newfstatat+0x9b/0xb0
[ 2835.833396][ T5603]  x64_sys_call+0x2c1/0x9a0
[ 2835.837878][ T5603]  do_syscall_64+0x4c/0xa0
[ 2835.842263][ T5603]  ? clear_bhb_loop+0x50/0xa0
[ 2835.846912][ T5603]  ? clear_bhb_loop+0x50/0xa0
[ 2835.851558][ T5603]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2835.857426][ T5603] RIP: 0033:0x7feae862e929
[ 2835.861811][ T5603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2835.881390][ T5603] RSP: 002b:00007feae6c97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000106
[ 2835.889778][ T5603] RAX: ffffffffffffffda RBX: 00007feae8855fa0 RCX: 00007feae862e929
[ 2835.897722][ T5603] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: ffffffffffffff9c
[ 2835.905674][ T5603] RBP: 00007feae6c97090 R08: 0000000000000000 R09: 0000000000000000
[ 2835.913618][ T5603] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000001
[ 2835.921562][ T5603] R13: 0000000000000000 R14: 00007feae8855fa0 R15: 00007ffe5032c6d8
[ 2835.929512][ T5603]  </TASK>
[ 2835.939403][  T909] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2835.949148][  T909] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 2835.949377][  T303] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2835.965052][  T909] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[ 2835.972987][  T303] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2835.982497][  T909] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2836.005168][  T909] usb 7-1: config 0 descriptor??
[ 2836.010394][ T5607] loop5: detected capacity change from 0 to 256
[ 2836.090490][  T303] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2836.104308][  T303] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2836.112579][  T303] usb 1-1: SerialNumber: syz
[ 2836.228281][ T5614] netlink: 'syz.9.10993': attribute type 15 has an invalid length.
[ 2836.250279][ T5614] netem: incorrect ge model size
[ 2836.424335][  T303] usb 1-1: 0:2 : does not exist
[ 2836.430042][  T303] usb 1-1: unit 5: unexpected type 0x09
[ 2836.570123][  T303] usb 1-1: USB disconnect, device number 48
[ 2836.709371][  T909] usbhid 7-1:0.0: can't add hid device: -71
[ 2836.715504][  T909] usbhid: probe of 7-1:0.0 failed with error -71
[ 2836.724729][  T909] usb 7-1: USB disconnect, device number 51
[ 2837.009803][T29184] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[ 2837.235302][ T5635] loop9: detected capacity change from 0 to 256
[ 2837.299332][T29184] usb 8-1: Using ep0 maxpacket: 8
[ 2837.419336][T29184] usb 8-1: config 0 has an invalid interface number: 31 but max is 0
[ 2837.427495][T29184] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2837.437643][T29184] usb 8-1: config 0 has no interface number 0
[ 2837.459313][  T909] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[ 2837.609445][T29184] usb 8-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[ 2837.618580][T29184] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2837.626683][T29184] usb 8-1: Product: syz
[ 2837.630937][T29184] usb 8-1: Manufacturer: syz
[ 2837.635529][T29184] usb 8-1: SerialNumber: syz
[ 2837.641332][T29184] usb 8-1: config 0 descriptor??
[ 2837.680038][T29184] usb 8-1: Found UVC 0.04 device syz (046d:08c3)
[ 2837.686480][T29184] usb 8-1: No valid video chain found.
[ 2838.137737][  T909] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2838.147904][  T909] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2838.159238][T29184] usb 8-1: USB disconnect, device number 18
[ 2838.239402][  T909] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2838.248610][  T909] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2838.256861][  T909] usb 1-1: SerialNumber: syz
[ 2838.344342][ T5651] netlink: 8 bytes leftover after parsing attributes in process `syz.6.11004'.
[ 2838.570139][  T909] usb 1-1: 0:2 : does not exist
[ 2838.575213][  T909] usb 1-1: unit 5: unexpected type 0x09
[ 2838.601167][  T909] usb 1-1: USB disconnect, device number 49
[ 2839.019022][T16856] udevd[16856]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 2839.244904][ T5666] netlink: 'syz.6.11011': attribute type 27 has an invalid length.
[ 2839.261759][ T5666] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2839.268991][ T5666] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2839.303357][ T5666] device macsec0 left promiscuous mode
[ 2839.346253][ T5671] loop6: detected capacity change from 0 to 1024
[ 2839.400060][ T5671] EXT4-fs (loop6): Ignoring removed nobh option
[ 2839.406487][ T5671] EXT4-fs (loop6): Ignoring removed bh option
[ 2839.412664][ T5671] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 2839.437339][ T5671] EXT4-fs error (device loop6): ext4_orphan_get:1427: comm syz.6.11012: bad orphan inode 32767
[ 2839.448151][ T5671] EXT4-fs (loop6): mounted filesystem without journal. Opts: delalloc,data_err=abort,noload,dioread_lock,data_err=ignore,resgid=0x0000000000000000,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 2839.509389][T15874] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[ 2839.909397][T15874] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2839.917963][   T30] audit: type=1400 audit(2839.897:9507): avc:  denied  { getopt } for  pid=5679 comm="syz.9.11015" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 2839.922884][T15874] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2839.942636][ T5687] loop6: detected capacity change from 0 to 256
[ 2839.951031][ T5677] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1025 sclass=netlink_route_socket pid=5677 comm=syz.5.11013
[ 2840.019530][T15874] usb 8-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2840.033561][T15874] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2840.049350][T15874] usb 8-1: SerialNumber: syz
[ 2840.111676][ T5695] x_tables: duplicate underflow at hook 4
[ 2840.118165][ T5695] overlayfs: './file1' not a directory
[ 2840.360135][T15874] usb 8-1: 0:2 : does not exist
[ 2840.365112][T15874] usb 8-1: unit 5: unexpected type 0x09
[ 2840.373151][T15874] usb 8-1: USB disconnect, device number 19
[ 2840.399354][T29184] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[ 2840.595668][T16856] udevd[16856]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 2841.139733][T29184] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2841.186607][T29184] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 2841.210649][T29184] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[ 2841.220113][T29184] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2841.265475][T29184] usb 1-1: config 0 descriptor??
[ 2841.982618][ T5719] loop9: detected capacity change from 0 to 256
[ 2842.460692][T29184] kovaplus 0003:1E7D:2D50.0254: unbalanced delimiter at end of report description
[ 2842.483129][T29184] kovaplus 0003:1E7D:2D50.0254: parse failed
[ 2842.487907][ T5719] FAT-fs (loop9): Directory bread(block 64) failed
[ 2842.489894][T29184] kovaplus: probe of 0003:1E7D:2D50.0254 failed with error -22
[ 2842.495909][ T5719] FAT-fs (loop9): Directory bread(block 65) failed
[ 2842.509823][ T5719] FAT-fs (loop9): Directory bread(block 66) failed
[ 2842.524251][ T5719] FAT-fs (loop9): Directory bread(block 67) failed
[ 2842.531276][ T5719] FAT-fs (loop9): Directory bread(block 68) failed
[ 2842.537791][ T5719] FAT-fs (loop9): Directory bread(block 69) failed
[ 2842.544393][ T5719] FAT-fs (loop9): Directory bread(block 70) failed
[ 2842.551060][ T5719] FAT-fs (loop9): Directory bread(block 71) failed
[ 2842.557619][ T5719] FAT-fs (loop9): Directory bread(block 72) failed
[ 2842.564134][ T5719] FAT-fs (loop9): Directory bread(block 73) failed
[ 2842.595812][ T5727] FAULT_INJECTION: forcing a failure.
[ 2842.595812][ T5727] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2842.609303][ T5727] CPU: 0 PID: 5727 Comm: syz.7.11029 Tainted: G        W         5.15.185-syzkaller-00032-g0d918fa8e88d #0
[ 2842.620678][ T5727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2842.630730][ T5727] Call Trace:
[ 2842.633992][ T5727]  <TASK>
[ 2842.636897][ T5727]  __dump_stack+0x21/0x30
[ 2842.641204][ T5727]  dump_stack_lvl+0xee/0x150
[ 2842.645763][ T5727]  ? show_regs_print_info+0x20/0x20
[ 2842.650934][ T5727]  dump_stack+0x15/0x20
[ 2842.655063][ T5727]  should_fail+0x3c1/0x510
[ 2842.659451][ T5727]  should_fail_usercopy+0x1a/0x20
[ 2842.664452][ T5727]  _copy_to_user+0x20/0x90
[ 2842.668883][ T5727]  simple_read_from_buffer+0xe9/0x160
[ 2842.674268][ T5727]  proc_fail_nth_read+0x19a/0x210
[ 2842.679300][ T5727]  ? proc_fault_inject_write+0x2f0/0x2f0
[ 2842.684936][ T5727]  ? security_file_permission+0x83/0xa0
[ 2842.690482][ T5727]  ? proc_fault_inject_write+0x2f0/0x2f0
[ 2842.696113][ T5727]  vfs_read+0x282/0xbe0
[ 2842.700271][ T5727]  ? kernel_read+0x1f0/0x1f0
[ 2842.704855][ T5727]  ? selinux_socket_getsockopt+0x208/0x2e0
[ 2842.710658][ T5727]  ? __kasan_check_write+0x14/0x20
[ 2842.715768][ T5727]  ? mutex_lock+0x95/0x1a0
[ 2842.720182][ T5727]  ? wait_for_completion_killable_timeout+0x10/0x10
[ 2842.726769][ T5727]  ? __fget_files+0x2c4/0x320
[ 2842.731448][ T5727]  ? __fdget_pos+0x2d2/0x380
[ 2842.736031][ T5727]  ? ksys_read+0x71/0x240
[ 2842.740351][ T5727]  ksys_read+0x140/0x240
[ 2842.744592][ T5727]  ? vfs_write+0xf70/0xf70
[ 2842.749003][ T5727]  ? __sys_getsockopt+0x295/0x410
[ 2842.754023][ T5727]  ? debug_smp_processor_id+0x17/0x20
[ 2842.759390][ T5727]  __x64_sys_read+0x7b/0x90
[ 2842.763897][ T5727]  x64_sys_call+0x96d/0x9a0
[ 2842.768393][ T5727]  do_syscall_64+0x4c/0xa0
[ 2842.772800][ T5727]  ? clear_bhb_loop+0x50/0xa0
[ 2842.777468][ T5727]  ? clear_bhb_loop+0x50/0xa0
[ 2842.782141][ T5727]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2842.788026][ T5727] RIP: 0033:0x7f9e4cb6f33c
[ 2842.792436][ T5727] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 2842.812038][ T5727] RSP: 002b:00007f9e4b1b8030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2842.820461][ T5727] RAX: ffffffffffffffda RBX: 00007f9e4cd98080 RCX: 00007f9e4cb6f33c
[ 2842.828425][ T5727] RDX: 000000000000000f RSI: 00007f9e4b1b80a0 RDI: 000000000000000a
[ 2842.836389][ T5727] RBP: 00007f9e4b1b8090 R08: 0000000000000000 R09: 0000000000000000
[ 2842.844353][ T5727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2842.852318][ T5727] R13: 0000000000000000 R14: 00007f9e4cd98080 R15: 00007fff7c1ef508
[ 2842.860299][ T5727]  </TASK>
[ 2842.890435][T29184] usb 1-1: USB disconnect, device number 50
[ 2842.925881][   T30] audit: type=1326 audit(2842.907:9508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5731 comm="syz.7.11031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e4cb70929 code=0x7ffc0000
[ 2842.929437][T32449] usb 6-1: new high-speed USB device number 51 using dummy_hcd
[ 2842.987073][   T30] audit: type=1326 audit(2842.947:9509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5731 comm="syz.7.11031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f9e4cb70929 code=0x7ffc0000
[ 2843.018288][   T30] audit: type=1326 audit(2842.947:9510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5731 comm="syz.7.11031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e4cb70929 code=0x7ffc0000
[ 2843.041762][   T30] audit: type=1326 audit(2842.947:9511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5731 comm="syz.7.11031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9e4cb70929 code=0x7ffc0000
[ 2843.087808][   T30] audit: type=1326 audit(2842.947:9512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5731 comm="syz.7.11031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e4cb70929 code=0x7ffc0000
[ 2843.112039][   T30] audit: type=1326 audit(2842.947:9513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5731 comm="syz.7.11031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f9e4cb70929 code=0x7ffc0000
[ 2843.136186][   T30] audit: type=1326 audit(2842.947:9514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5731 comm="syz.7.11031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e4cb70929 code=0x7ffc0000
[ 2843.162365][   T30] audit: type=1326 audit(2842.947:9515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5731 comm="syz.7.11031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9e4cb6f290 code=0x7ffc0000
[ 2843.186337][   T30] audit: type=1326 audit(2842.947:9516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5731 comm="syz.7.11031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9e4cb6f290 code=0x7ffc0000
[ 2843.349624][ T5750] FAULT_INJECTION: forcing a failure.
[ 2843.349624][ T5750] name failslab, interval 1, probability 0, space 0, times 0
[ 2843.362341][ T5750] CPU: 1 PID: 5750 Comm: syz.7.11034 Tainted: G        W         5.15.185-syzkaller-00032-g0d918fa8e88d #0
[ 2843.373724][ T5750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2843.383783][ T5750] Call Trace:
[ 2843.387081][ T5750]  <TASK>
[ 2843.390009][ T5750]  __dump_stack+0x21/0x30
[ 2843.394336][ T5750]  dump_stack_lvl+0xee/0x150
[ 2843.398921][ T5750]  ? show_regs_print_info+0x20/0x20
[ 2843.404117][ T5750]  ? ip_setsockopt+0x1dd7/0x3520
[ 2843.409051][ T5750]  ? sock_common_setsockopt+0xa0/0xb0
[ 2843.414422][ T5750]  ? __sys_setsockopt+0x2f0/0x460
[ 2843.419416][T32449] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2843.419450][ T5750]  ? __x64_sys_setsockopt+0xbf/0xd0
[ 2843.434662][ T5750]  ? do_syscall_64+0x4c/0xa0
[ 2843.434713][T32449] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2843.439249][ T5750]  dump_stack+0x15/0x20
[ 2843.439268][ T5750]  should_fail+0x3c1/0x510
[ 2843.439284][ T5750]  __should_failslab+0xa4/0xe0
[ 2843.461367][ T5750]  should_failslab+0x9/0x20
[ 2843.465867][ T5750]  slab_pre_alloc_hook+0x3b/0xe0
[ 2843.470802][ T5750]  __kmalloc+0x6d/0x2c0
[ 2843.474971][ T5750]  ? sock_kmalloc+0x99/0xf0
[ 2843.479473][ T5750]  sock_kmalloc+0x99/0xf0
[ 2843.483798][ T5750]  ip_mc_source+0x6cb/0xf60
[ 2843.488296][ T5750]  ? ip_mc_find_dev+0x320/0x320
[ 2843.493139][ T5750]  ? __ip_mc_join_group+0x333/0x410
[ 2843.498339][ T5750]  ip_setsockopt+0x253c/0x3520
[ 2843.503102][ T5750]  ? ipv4_pktinfo_prepare+0x580/0x580
[ 2843.508476][ T5750]  ? 0xffffffffa00147b4
[ 2843.512624][ T5750]  ? is_bpf_text_address+0x177/0x190
[ 2843.517908][ T5750]  ? __kernel_text_address+0xa0/0x100
[ 2843.523272][ T5750]  ? unwind_get_return_address+0x4d/0x90
[ 2843.528905][ T5750]  ? stack_trace_save+0xe0/0xe0
[ 2843.533750][ T5750]  ? arch_stack_walk+0xee/0x140
[ 2843.538599][ T5750]  ? stack_trace_save+0x98/0xe0
[ 2843.543448][ T5750]  ? __stack_depot_save+0x34/0x480
[ 2843.548554][ T5750]  ? memcpy+0x56/0x70
[ 2843.552530][ T5750]  ? avc_has_perm_noaudit+0x2f4/0x460
[ 2843.557892][ T5750]  ? __x64_sys_openat+0x136/0x160
[ 2843.562907][ T5750]  ? x64_sys_call+0x219/0x9a0
[ 2843.567579][ T5750]  ? avc_denied+0x1b0/0x1b0
[ 2843.572086][ T5750]  ? kstrtouint_from_user+0x1a0/0x200
[ 2843.577458][ T5750]  ? avc_has_perm+0x158/0x240
[ 2843.582133][ T5750]  ? dev_map_lookup_elem+0x67/0x100
[ 2843.587332][ T5750]  ? avc_has_perm_noaudit+0x460/0x460
[ 2843.592694][ T5750]  ? proc_fail_nth_write+0x17a/0x1f0
[ 2843.597974][ T5750]  tcp_setsockopt+0x1f8/0x1d30
[ 2843.602733][ T5750]  ? tcp_set_window_clamp+0x1b0/0x1b0
[ 2843.608097][ T5750]  ? vfs_write+0xc17/0xf70
[ 2843.612507][ T5750]  ? __fget_files+0x2c4/0x320
[ 2843.617183][ T5750]  sock_common_setsockopt+0xa0/0xb0
[ 2843.622378][ T5750]  ? sock_common_recvmsg+0x1b0/0x1b0
[ 2843.624526][T32449] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2843.627659][ T5750]  __sys_setsockopt+0x2f0/0x460
[ 2843.641484][ T5750]  ? __kasan_check_write+0x14/0x20
[ 2843.646597][ T5750]  ? __ia32_sys_recv+0xb0/0xb0
[ 2843.651358][ T5750]  ? ksys_write+0x1eb/0x240
[ 2843.655847][ T5750]  ? __ia32_sys_read+0x90/0x90
[ 2843.660597][ T5750]  __x64_sys_setsockopt+0xbf/0xd0
[ 2843.665611][ T5750]  x64_sys_call+0x982/0x9a0
[ 2843.670098][ T5750]  do_syscall_64+0x4c/0xa0
[ 2843.674493][ T5750]  ? clear_bhb_loop+0x50/0xa0
[ 2843.679148][ T5750]  ? clear_bhb_loop+0x50/0xa0
[ 2843.683811][ T5750]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2843.689682][ T5750] RIP: 0033:0x7f9e4cb70929
[ 2843.694079][ T5750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2843.713664][ T5750] RSP: 002b:00007f9e4b197038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 2843.722082][ T5750] RAX: ffffffffffffffda RBX: 00007f9e4cd98160 RCX: 00007f9e4cb70929
[ 2843.730035][ T5750] RDX: 0000000000000027 RSI: 0000000000000000 RDI: 000000000000000a
[ 2843.737987][ T5750] RBP: 00007f9e4b197090 R08: 000000000000000c R09: 0000000000000000
[ 2843.745935][ T5750] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000001
[ 2843.753885][ T5750] R13: 0000000000000000 R14: 00007f9e4cd98160 R15: 00007fff7c1ef508
[ 2843.761841][ T5750]  </TASK>
[ 2844.021503][T32449] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2844.029549][T32449] usb 6-1: SerialNumber: syz
[ 2844.059394][ T1001] usb 7-1: new high-speed USB device number 52 using dummy_hcd
[ 2844.659948][T32449] usb 6-1: 0:2 : does not exist
[ 2844.664935][T32449] usb 6-1: unit 5: unexpected type 0x0b
[ 2844.682198][T32449] usb 6-1: USB disconnect, device number 51
[ 2844.689410][ T1001] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2844.699634][ T1001] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2844.719355][T29184] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[ 2844.779400][ T1001] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2844.788505][ T1001] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2844.796711][ T1001] usb 7-1: SerialNumber: syz
[ 2845.089378][T29184] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2845.099613][T29184] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 2845.112582][T29184] usb 1-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53
[ 2845.243785][ T5772] loop7: detected capacity change from 0 to 512
[ 2845.320464][ T5772] EXT4-fs (loop7): Ignoring removed oldalloc option
[ 2845.390696][ T5772] EXT4-fs (loop7): orphan cleanup on readonly fs
[ 2845.398973][ T5772] __quota_error: 39 callbacks suppressed
[ 2845.398997][ T5772] Quota error (device loop7): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 2845.415738][ T5772] Quota error (device loop7): qtree_read_dquot: Can't read quota structure for id 0
[ 2845.425156][ T5772] EXT4-fs error (device loop7): ext4_acquire_dquot:6195: comm syz.7.11042: Failed to acquire dquot type 1
[ 2845.438951][ T5772] EXT4-fs (loop7): 1 truncate cleaned up
[ 2845.445068][ T5772] EXT4-fs (loop7): mounted filesystem without journal. Opts: bsdgroups,nodiscard,oldalloc,grpjquota=,nobarrier,noquota,abort,nodiscard,nodiscard,,errors=continue. Quota mode: writeback.
[ 2846.249101][ T1001] usb 7-1: 0:2 : does not exist
[ 2846.259331][ T1001] usb 7-1: unit 5: unexpected type 0x09
[ 2846.265296][T29184] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2846.282186][ T1001] usb 7-1: USB disconnect, device number 52
[ 2846.289179][T29184] usb 1-1: config 0 descriptor??
[ 2846.448754][ T5790] loop9: detected capacity change from 0 to 512
[ 2846.458514][ T5790] EXT4-fs (loop9): Ignoring removed nobh option
[ 2846.467599][ T5790] EXT4-fs (loop9): mounted filesystem without journal. Opts: usrquota,bsddf,nobh,resuid=0x0000000000000000,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 2846.594567][ T5801] loop7: detected capacity change from 0 to 512
[ 2846.622175][ T5801] EXT4-fs (loop7): Ignoring removed mblk_io_submit option
[ 2846.629426][ T5801] EXT4-fs (loop7): Ignoring removed bh option
[ 2846.635738][ T5801] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 2846.642589][ T5801] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 2846.653948][ T5801] EXT4-fs (loop7): 1 truncate cleaned up
[ 2846.655978][ T5804] loop9: detected capacity change from 0 to 512
[ 2846.659761][ T5801] EXT4-fs (loop7): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000002,mblk_io_submit,bh,auto_da_alloc,barrier,test_dummy_encryption,nogrpid,,errors=continue. Quota mode: none.
[ 2846.702197][ T5804] EXT4-fs error (device loop9): ext4_do_update_inode:5234: inode #3: comm syz.9.11051: corrupted inode contents
[ 2846.714292][ T5804] EXT4-fs error (device loop9): ext4_dirty_inode:6070: inode #3: comm syz.9.11051: mark_inode_dirty error
[ 2846.726065][ T5804] EXT4-fs error (device loop9): ext4_do_update_inode:5234: inode #3: comm syz.9.11051: corrupted inode contents
[ 2846.738118][ T5804] EXT4-fs error (device loop9): __ext4_ext_dirty:183: inode #3: comm syz.9.11051: mark_inode_dirty error
[ 2846.749865][ T5804] Quota error (device loop9): write_blk: dquota write failed
[ 2846.757381][ T5804] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[ 2846.767480][ T5804] EXT4-fs error (device loop9): ext4_acquire_dquot:6195: comm syz.9.11051: Failed to acquire dquot type 0
[ 2846.780083][ T5804] EXT4-fs (loop9): 1 orphan inode deleted
[ 2846.785895][ T5804] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2847.030669][ T5828] loop5: detected capacity change from 0 to 512
[ 2847.070565][ T5828] EXT4-fs (loop5): Ignoring removed nobh option
[ 2847.078608][ T5828] EXT4-fs (loop5): mounted filesystem without journal. Opts: usrquota,bsddf,nobh,resuid=0x0000000000000000,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 2847.253550][ T5836] loop6: detected capacity change from 0 to 128
[ 2847.291403][ T5836] FAT-fs (loop6): Unrecognized mount option "ÿÿÿÿÿÿÿÿ18446744073709551615" or missing value
[ 2847.956653][ T5826] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1025 sclass=netlink_route_socket pid=5826 comm=syz.7.11061
[ 2848.111407][ T5849] loop9: detected capacity change from 0 to 512
[ 2848.179427][T29184] usb 1-1: USB disconnect, device number 51
[ 2848.242068][ T5849] EXT4-fs error (device loop9): ext4_do_update_inode:5234: inode #3: comm syz.9.11066: corrupted inode contents
[ 2848.254479][ T5849] EXT4-fs error (device loop9): ext4_dirty_inode:6070: inode #3: comm syz.9.11066: mark_inode_dirty error
[ 2848.267685][ T5849] EXT4-fs error (device loop9): ext4_do_update_inode:5234: inode #3: comm syz.9.11066: corrupted inode contents
[ 2848.280041][ T5849] EXT4-fs error (device loop9): __ext4_ext_dirty:183: inode #3: comm syz.9.11066: mark_inode_dirty error
[ 2848.291667][ T5849] Quota error (device loop9): write_blk: dquota write failed
[ 2848.299449][ T5849] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[ 2848.309533][ T5849] EXT4-fs error (device loop9): ext4_acquire_dquot:6195: comm syz.9.11066: Failed to acquire dquot type 0
[ 2848.322013][ T5849] EXT4-fs (loop9): 1 orphan inode deleted
[ 2848.328178][ T5849] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2848.512597][T16856] udevd[16856]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 2848.630460][ T5867] loop6: detected capacity change from 0 to 256
[ 2848.891995][ T5870] loop7: detected capacity change from 0 to 512
[ 2848.901754][ T5870] EXT4-fs (loop7): Ignoring removed mblk_io_submit option
[ 2848.908891][ T5870] EXT4-fs (loop7): Ignoring removed bh option
[ 2848.915225][ T5870] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 2848.922381][ T5870] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 2848.934037][ T5870] EXT4-fs (loop7): 1 truncate cleaned up
[ 2848.939917][ T5870] EXT4-fs (loop7): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000002,mblk_io_submit,bh,auto_da_alloc,barrier,test_dummy_encryption,nogrpid,,errors=continue. Quota mode: none.
[ 2849.106135][ T5877] loop5: detected capacity change from 0 to 512
[ 2849.191241][ T5877] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[ 2849.198423][ T5877] EXT4-fs (loop5): Ignoring removed bh option
[ 2849.516565][ T5877] EXT4-fs (loop5): Test dummy encryption mode enabled
[ 2849.543881][ T5877] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 2849.634987][ T5877] EXT4-fs (loop5): 1 truncate cleaned up
[ 2849.641011][ T5877] EXT4-fs (loop5): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000002,mblk_io_submit,bh,auto_da_alloc,barrier,test_dummy_encryption,nogrpid,,errors=continue. Quota mode: none.
[ 2849.660956][ T2831] usb 10-1: new high-speed USB device number 20 using dummy_hcd
[ 2849.781392][ T5887] loop6: detected capacity change from 0 to 512
[ 2849.821670][ T5887] EXT4-fs (loop6): Ignoring removed oldalloc option
[ 2849.918577][ T5887] EXT4-fs (loop6): orphan cleanup on readonly fs
[ 2849.928100][ T5887] Quota error (device loop6): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 2849.937755][ T5887] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0
[ 2849.947203][ T5887] EXT4-fs error (device loop6): ext4_acquire_dquot:6195: comm syz.6.11078: Failed to acquire dquot type 1
[ 2849.961203][ T5887] EXT4-fs (loop6): 1 truncate cleaned up
[ 2849.967980][ T5887] EXT4-fs (loop6): mounted filesystem without journal. Opts: bsdgroups,nodiscard,oldalloc,grpjquota=,nobarrier,noquota,abort,nodiscard,nodiscard,,errors=continue. Quota mode: writeback.
[ 2850.395525][ T2831] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2851.302199][ T5899] loop5: detected capacity change from 0 to 512
[ 2851.353854][ T5899] EXT4-fs error (device loop5): ext4_do_update_inode:5234: inode #3: comm syz.5.11079: corrupted inode contents
[ 2851.366174][ T5899] EXT4-fs error (device loop5): ext4_dirty_inode:6070: inode #3: comm syz.5.11079: mark_inode_dirty error
[ 2851.379030][ T5899] EXT4-fs error (device loop5): ext4_do_update_inode:5234: inode #3: comm syz.5.11079: corrupted inode contents
[ 2851.391741][ T5899] EXT4-fs error (device loop5): __ext4_ext_dirty:183: inode #3: comm syz.5.11079: mark_inode_dirty error
[ 2851.413810][ T5899] Quota error (device loop5): write_blk: dquota write failed
[ 2851.429400][ T5899] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[ 2851.434605][ T2831] usb 10-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 2851.452283][ T2831] usb 10-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53
[ 2851.469390][ T5899] EXT4-fs error (device loop5): ext4_acquire_dquot:6195: comm syz.5.11079: Failed to acquire dquot type 0
[ 2851.480900][ T2831] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2851.490963][ T5899] EXT4-fs (loop5): 1 orphan inode deleted
[ 2851.496700][ T5899] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2851.507851][ T2831] usb 10-1: config 0 descriptor??
[ 2851.539335][  T909] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[ 2851.779304][  T909] usb 1-1: Using ep0 maxpacket: 32
[ 2851.899372][  T909] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2851.910297][  T909] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2851.920050][  T909] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 2851.929092][  T909] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2851.937766][  T909] usb 1-1: config 0 descriptor??
[ 2851.979930][  T909] hub 1-1:0.0: USB hub found
[ 2852.237183][ T5915] syz.5.11086[5915] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2852.237597][ T5915] syz.5.11086[5915] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2852.281186][ T5915] loop5: detected capacity change from 0 to 128
[ 2852.422721][ T5915] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 2853.065027][ T2831] usb 10-1: USB disconnect, device number 20
[ 2853.104987][ T5924] loop7: detected capacity change from 0 to 1024
[ 2853.137542][ T5928] loop5: detected capacity change from 0 to 256
[ 2853.143927][  T909] hub 1-1:0.0: config failed, can't read hub descriptor (err -22)
[ 2853.191438][ T5924] EXT4-fs (loop7): Ignoring removed nobh option
[ 2853.207290][ T5924] EXT4-fs (loop7): Ignoring removed bh option
[ 2853.212912][ T5928] FAT-fs (loop5): Directory bread(block 64) failed
[ 2853.213682][ T5924] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 2853.219938][ T5928] FAT-fs (loop5): Directory bread(block 65) failed
[ 2853.238407][ T5928] FAT-fs (loop5): Directory bread(block 66) failed
[ 2853.240866][ T5924] EXT4-fs error (device loop7): ext4_orphan_get:1427: comm syz.7.11090: bad orphan inode 32767
[ 2853.245120][ T5928] FAT-fs (loop5): Directory bread(block 67) failed
[ 2853.886226][ T5928] FAT-fs (loop5): Directory bread(block 68) failed
[ 2853.895836][ T5924] EXT4-fs (loop7): mounted filesystem without journal. Opts: delalloc,data_err=abort,noload,dioread_lock,data_err=ignore,resgid=0x0000000000000000,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 2853.922914][ T5928] FAT-fs (loop5): Directory bread(block 69) failed
[ 2853.929998][ T5928] FAT-fs (loop5): Directory bread(block 70) failed
[ 2853.936828][ T5928] FAT-fs (loop5): Directory bread(block 71) failed
[ 2854.119614][  T909] hid-generic 0003:046D:C31C.0255: item fetching failed at offset 0/1
[ 2854.128125][  T909] hid-generic: probe of 0003:046D:C31C.0255 failed with error -22
[ 2854.138703][ T5928] FAT-fs (loop5): Directory bread(block 72) failed
[ 2854.147307][ T5928] FAT-fs (loop5): Directory bread(block 73) failed
[ 2854.390519][ T5950] loop7: detected capacity change from 0 to 256
[ 2854.429444][  T909] usb 1-1: USB disconnect, device number 52
[ 2854.552579][ T5952] loop9: detected capacity change from 0 to 512
[ 2854.668302][ T5952] EXT4-fs (loop9): Ignoring removed oldalloc option
[ 2855.457468][ T5952] EXT4-fs (loop9): orphan cleanup on readonly fs
[ 2855.544565][ T5952] Quota error (device loop9): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 2855.554260][ T5952] Quota error (device loop9): qtree_read_dquot: Can't read quota structure for id 0
[ 2855.563707][ T5952] EXT4-fs error (device loop9): ext4_acquire_dquot:6195: comm syz.9.11096: Failed to acquire dquot type 1
[ 2855.576948][ T5952] EXT4-fs (loop9): 1 truncate cleaned up
[ 2855.685609][ T5952] EXT4-fs (loop9): mounted filesystem without journal. Opts: bsdgroups,nodiscard,oldalloc,grpjquota=,nobarrier,noquota,abort,nodiscard,nodiscard,,errors=continue. Quota mode: writeback.
[ 2856.803637][ T2831] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[ 2857.256888][ T5979] loop9: detected capacity change from 0 to 512
[ 2857.291759][ T5979] EXT4-fs (loop9): Ignoring removed oldalloc option
[ 2857.375761][ T5979] EXT4-fs (loop9): orphan cleanup on readonly fs
[ 2857.384234][ T5979] Quota error (device loop9): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 2857.393918][ T5979] Quota error (device loop9): qtree_read_dquot: Can't read quota structure for id 0
[ 2857.403366][ T5979] EXT4-fs error (device loop9): ext4_acquire_dquot:6195: comm syz.9.11104: Failed to acquire dquot type 1
[ 2857.417713][ T5979] EXT4-fs (loop9): 1 truncate cleaned up
[ 2857.423797][ T5979] EXT4-fs (loop9): mounted filesystem without journal. Opts: bsdgroups,nodiscard,oldalloc,grpjquota=,nobarrier,noquota,abort,nodiscard,nodiscard,,errors=continue. Quota mode: writeback.
[ 2858.259454][ T2831] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2858.270221][ T2831] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 2858.283188][ T2831] usb 8-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53
[ 2858.292377][ T2831] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2858.301016][ T2831] usb 8-1: config 0 descriptor??
[ 2858.387376][ T5998] syz.5.11110[5998] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2858.387738][ T5998] syz.5.11110[5998] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2858.425107][ T5998] loop5: detected capacity change from 0 to 128
[ 2858.693259][ T5998] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 2858.979421][   T39] usb 10-1: new high-speed USB device number 21 using dummy_hcd
[ 2859.274460][ T6002] loop5: detected capacity change from 0 to 512
[ 2859.322149][ T6002] EXT4-fs (loop5): Ignoring removed nobh option
[ 2859.330420][ T6002] EXT4-fs (loop5): mounted filesystem without journal. Opts: usrquota,bsddf,nobh,resuid=0x0000000000000000,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 2859.427556][ T6006] loop5: detected capacity change from 0 to 128
[ 2859.436769][ T6006] x_tables: duplicate underflow at hook 4
[ 2859.442664][   T39] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2859.443719][ T6006] overlayfs: './file1' not a directory
[ 2859.453295][   T39] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2859.539380][   T39] usb 10-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2859.548570][   T39] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2859.556726][   T39] usb 10-1: SerialNumber: syz
[ 2859.785832][ T2831] usb 8-1: USB disconnect, device number 20
[ 2859.813726][ T6012] loop7: detected capacity change from 0 to 1024
[ 2859.865754][ T6012] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 2859.901622][ T6012] EXT4-fs (loop7): shut down requested (0)
[ 2859.922532][   T39] usb 10-1: 0:2 : does not exist
[ 2859.927671][   T39] usb 10-1: unit 5: unexpected type 0x09
[ 2859.942348][   T39] usb 10-1: USB disconnect, device number 21
[ 2860.090102][T16856] udevd[16856]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 2860.100637][ T6022] loop5: detected capacity change from 0 to 256
[ 2860.249981][T16679] udevd[16679]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 2860.737694][ T6029] loop9: detected capacity change from 0 to 256
[ 2861.819981][ T6042] device macsec0 entered promiscuous mode
[ 2861.842959][ T6037] loop5: detected capacity change from 0 to 512
[ 2861.871560][ T6037] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[ 2861.894808][ T6037] EXT4-fs (loop5): Ignoring removed bh option
[ 2861.901486][ T6037] EXT4-fs (loop5): Test dummy encryption mode enabled
[ 2861.908468][ T6037] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 2861.927338][ T6037] EXT4-fs (loop5): 1 truncate cleaned up
[ 2861.940448][ T6037] EXT4-fs (loop5): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000002,mblk_io_submit,bh,auto_da_alloc,barrier,test_dummy_encryption,nogrpid,,errors=continue. Quota mode: none.
[ 2863.778970][ T6066] loop5: detected capacity change from 0 to 256
[ 2863.796925][ T6068] loop6: detected capacity change from 0 to 256
[ 2863.801492][ T6066] FAT-fs (loop5): Directory bread(block 64) failed
[ 2863.809748][ T6066] FAT-fs (loop5): Directory bread(block 65) failed
[ 2863.816264][ T6066] FAT-fs (loop5): Directory bread(block 66) failed
[ 2863.823881][ T6066] FAT-fs (loop5): Directory bread(block 67) failed
[ 2863.830476][ T6066] FAT-fs (loop5): Directory bread(block 68) failed
[ 2863.836996][ T6066] FAT-fs (loop5): Directory bread(block 69) failed
[ 2863.843804][ T6066] FAT-fs (loop5): Directory bread(block 70) failed
[ 2863.850415][ T6066] FAT-fs (loop5): Directory bread(block 71) failed
[ 2863.856947][ T6066] FAT-fs (loop5): Directory bread(block 72) failed
[ 2863.863553][ T6066] FAT-fs (loop5): Directory bread(block 73) failed
[ 2863.999340][ T2831] usb 10-1: new high-speed USB device number 22 using dummy_hcd
[ 2864.039319][  T292] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[ 2864.249302][ T2831] usb 10-1: Using ep0 maxpacket: 8
[ 2864.369431][ T2831] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2864.381073][ T2831] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2864.392799][ T2831] usb 10-1: New USB device found, idVendor=046d, idProduct=c343, bcdDevice= 0.00
[ 2864.402642][ T2831] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2864.417269][ T2831] usb 10-1: config 0 descriptor??
[ 2864.419375][  T292] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2864.439324][  T292] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 2864.459322][  T292] usb 8-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53
[ 2864.468360][  T292] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2864.490197][  T292] usb 8-1: config 0 descriptor??
[ 2864.755282][ T6077] loop5: detected capacity change from 0 to 512
[ 2864.815311][ T6077] EXT4-fs error (device loop5): ext4_do_update_inode:5234: inode #3: comm syz.5.11131: corrupted inode contents
[ 2864.827920][ T6077] EXT4-fs error (device loop5): ext4_dirty_inode:6070: inode #3: comm syz.5.11131: mark_inode_dirty error
[ 2864.834038][ T6079] loop6: detected capacity change from 0 to 512
[ 2864.839802][ T6077] EXT4-fs error (device loop5): ext4_do_update_inode:5234: inode #3: comm syz.5.11131: corrupted inode contents
[ 2864.858410][ T6077] EXT4-fs error (device loop5): __ext4_ext_dirty:183: inode #3: comm syz.5.11131: mark_inode_dirty error
[ 2864.864314][ T6079] EXT4-fs (loop6): Ignoring removed nobh option
[ 2864.870215][ T6077] Quota error (device loop5): write_blk: dquota write failed
[ 2864.883676][ T6077] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[ 2864.888608][ T6079] EXT4-fs (loop6): mounted filesystem without journal. Opts: usrquota,bsddf,nobh,resuid=0x0000000000000000,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 2864.894020][ T6077] EXT4-fs error (device loop5): ext4_acquire_dquot:6195: comm syz.5.11131: Failed to acquire dquot type 0
[ 2864.920038][ T2831] logitech-hidpp-device 0003:046D:C343.0256: hidraw0: USB HID v3.0e Device [HID 046d:c343] on usb-dummy_hcd.9-1/input0
[ 2864.926812][ T6077] EXT4-fs (loop5): 1 orphan inode deleted
[ 2864.940051][ T6077] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2865.101548][ T6063] UDC core: couldn't find an available UDC or it's busy: -16
[ 2865.109007][ T6063] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 2865.122785][ T6063] loop9: detected capacity change from 0 to 512
[ 2865.161277][ T6063] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[ 2865.181089][ T6063] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 18 vs 41 free clusters
[ 2865.195361][ T6063] Quota error (device loop9): write_blk: dquota write failed
[ 2865.202776][ T6063] Quota error (device loop9): find_free_dqentry: Can't write quota data block 5
[ 2865.211931][ T6063] Quota error (device loop9): write_blk: dquota write failed
[ 2865.219413][ T6063] Quota error (device loop9): qtree_write_dquot: Error -28 occurred while creating quota
[ 2865.229240][ T6063] EXT4-fs error (device loop9): ext4_acquire_dquot:6195: comm syz.9.11128: Failed to acquire dquot type 1
[ 2865.240777][ T6063] EXT4-fs (loop9): 1 truncate cleaned up
[ 2865.246412][ T6063] EXT4-fs (loop9): mounted filesystem without journal. Opts: usrjquota=,noblock_validity,max_dir_size_kb=0x000000000181fffc,inlinecrypt,journal_ioprio=0x0000000000000007,discard,nobarrier,dioread_nolock,resgid=0x000000000000ee002,errors=continue. Quota mode: writeback.
[ 2865.282415][T15874] usb 10-1: USB disconnect, device number 22
[ 2865.590910][ T6093] loop5: detected capacity change from 0 to 1024
[ 2865.661235][ T6093] EXT4-fs (loop5): Ignoring removed nobh option
[ 2865.667617][ T6093] EXT4-fs (loop5): Ignoring removed bh option
[ 2865.673844][ T6093] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 2865.690585][ T6093] EXT4-fs error (device loop5): ext4_orphan_get:1427: comm syz.5.11135: bad orphan inode 32767
[ 2865.701458][ T6093] EXT4-fs (loop5): mounted filesystem without journal. Opts: delalloc,data_err=abort,noload,dioread_lock,data_err=ignore,resgid=0x0000000000000000,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 2865.833463][  T292] usb 8-1: USB disconnect, device number 21
[ 2866.768099][ T6115] loop9: detected capacity change from 0 to 256
[ 2866.890328][ T6121] loop7: detected capacity change from 0 to 256
[ 2867.022594][ T6123] netlink: 25 bytes leftover after parsing attributes in process `syz.0.11141'.
[ 2867.316647][ T6132] loop5: detected capacity change from 0 to 1024
[ 2867.395086][ T6132] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:476: comm syz.5.11146: Invalid block bitmap block 0 in block_group 0
[ 2867.409364][ T6132] Quota error (device loop5): write_blk: dquota write failed
[ 2867.416817][ T6132] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[ 2867.426864][ T6132] EXT4-fs error (device loop5): ext4_acquire_dquot:6195: comm syz.5.11146: Failed to acquire dquot type 0
[ 2867.438510][ T6132] EXT4-fs error (device loop5): ext4_free_blocks:6223: comm syz.5.11146: Freeing blocks not in datazone - block = 0, count = 4096
[ 2867.452368][ T6132] EXT4-fs error (device loop5): ext4_read_inode_bitmap:140: comm syz.5.11146: Invalid inode bitmap blk 0 in block_group 0
[ 2867.465402][ T6132] EXT4-fs error (device loop5) in ext4_free_inode:362: Corrupt filesystem
[ 2867.474195][ T6132] EXT4-fs (loop5): 1 orphan inode deleted
[ 2867.474206][ T5487] Quota error (device loop5): remove_tree: Getting block too big (0 >= 9)
[ 2867.488489][ T6132] EXT4-fs (loop5): mounted filesystem without journal. Opts: €�; max_batch_time=0x0000000000000006,i_version,,errors=continue. Quota mode: writeback.
[ 2867.488561][ T5487] EXT4-fs error (device loop5): ext4_release_dquot:6231: comm kworker/u4:278: Failed to release dquot type 0
[ 2867.720743][ T6136] loop9: detected capacity change from 0 to 1024
[ 2867.781543][ T6136] EXT4-fs (loop9): Ignoring removed nobh option
[ 2867.801331][ T6136] EXT4-fs (loop9): Ignoring removed bh option
[ 2867.807622][ T6136] EXT4-fs (loop9): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 2867.881010][ T6136] EXT4-fs error (device loop9): ext4_orphan_get:1427: comm syz.9.11147: bad orphan inode 32767
[ 2867.891719][ T6136] EXT4-fs (loop9): mounted filesystem without journal. Opts: delalloc,data_err=abort,noload,dioread_lock,data_err=ignore,resgid=0x0000000000000000,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 2868.298361][ T2831] usb 8-1: new high-speed USB device number 22 using dummy_hcd
[ 2869.279403][ T2831] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2869.353871][ T6170] loop9: detected capacity change from 0 to 256
[ 2869.367466][ T2831] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 2869.404115][ T2831] usb 8-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53
[ 2869.413192][ T2831] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2869.421886][ T2831] usb 8-1: config 0 descriptor??
[ 2869.999429][ T6182] loop9: detected capacity change from 0 to 1024
[ 2870.062913][ T6182] EXT4-fs error (device loop9): ext4_read_block_bitmap_nowait:476: comm syz.9.11160: Invalid block bitmap block 0 in block_group 0
[ 2870.076697][ T6182] Quota error (device loop9): write_blk: dquota write failed
[ 2870.084151][ T6182] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[ 2870.094201][ T6182] EXT4-fs error (device loop9): ext4_acquire_dquot:6195: comm syz.9.11160: Failed to acquire dquot type 0
[ 2870.105788][ T6182] EXT4-fs error (device loop9): ext4_free_blocks:6223: comm syz.9.11160: Freeing blocks not in datazone - block = 0, count = 4096
[ 2870.120000][ T6182] EXT4-fs error (device loop9): ext4_read_inode_bitmap:140: comm syz.9.11160: Invalid inode bitmap blk 0 in block_group 0
[ 2870.132883][ T6182] EXT4-fs error (device loop9) in ext4_free_inode:362: Corrupt filesystem
[ 2870.141506][T28358] Quota error (device loop9): remove_tree: Getting block too big (0 >= 9)
[ 2870.141671][ T6182] EXT4-fs (loop9): 1 orphan inode deleted
[ 2870.150199][T28358] EXT4-fs error (device loop9): ext4_release_dquot:6231: comm kworker/u4:4: Failed to release dquot type 0
[ 2870.156074][ T6182] EXT4-fs (loop9): mounted filesystem without journal. Opts: €�; max_batch_time=0x0000000000000006,i_version,,errors=continue. Quota mode: writeback.
[ 2870.292287][ T6188] loop9: detected capacity change from 0 to 256
[ 2870.699368][  T506] usb 7-1: new high-speed USB device number 53 using dummy_hcd
[ 2871.626758][ T2831] usb 8-1: USB disconnect, device number 22
[ 2871.739386][  T506] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2871.777811][  T506] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2871.798413][ T6209] loop9: detected capacity change from 0 to 512
[ 2872.018377][ T6209] EXT4-fs error (device loop9): ext4_do_update_inode:5234: inode #3: comm syz.9.11165: corrupted inode contents
[ 2872.116806][ T6209] EXT4-fs error (device loop9): ext4_dirty_inode:6070: inode #3: comm syz.9.11165: mark_inode_dirty error
[ 2872.183560][ T6209] EXT4-fs error (device loop9): ext4_do_update_inode:5234: inode #3: comm syz.9.11165: corrupted inode contents
[ 2872.314917][ T6209] EXT4-fs error (device loop9): __ext4_ext_dirty:183: inode #3: comm syz.9.11165: mark_inode_dirty error
[ 2872.442510][ T6209] Quota error (device loop9): write_blk: dquota write failed
[ 2872.451599][ T6209] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[ 2872.988933][ T6209] EXT4-fs error (device loop9): ext4_acquire_dquot:6195: comm syz.9.11165: Failed to acquire dquot type 0
[ 2873.001871][ T6209] EXT4-fs (loop9): 1 orphan inode deleted
[ 2873.007661][ T6209] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2873.069420][  T506] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2873.078551][  T506] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2873.086657][  T506] usb 7-1: SerialNumber: syz
[ 2873.243690][ T6229] loop7: detected capacity change from 0 to 512
[ 2873.331527][ T6229] EXT4-fs (loop7): Ignoring removed oldalloc option
[ 2873.412280][  T506] usb 7-1: 0:2 : does not exist
[ 2873.458417][ T6229] EXT4-fs (loop7): orphan cleanup on readonly fs
[ 2873.467455][ T6229] Quota error (device loop7): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 2873.477127][ T6229] Quota error (device loop7): qtree_read_dquot: Can't read quota structure for id 0
[ 2873.486544][ T6229] EXT4-fs error (device loop7): ext4_acquire_dquot:6195: comm syz.7.11172: Failed to acquire dquot type 1
[ 2873.499941][ T6229] EXT4-fs (loop7): 1 truncate cleaned up
[ 2873.539820][  T506] usb 7-1: unit 5: unexpected type 0x09
[ 2873.561096][ T6229] EXT4-fs (loop7): mounted filesystem without journal. Opts: bsdgroups,nodiscard,oldalloc,grpjquota=,nobarrier,noquota,abort,nodiscard,nodiscard,,errors=continue. Quota mode: writeback.
[ 2873.707941][  T506] usb 7-1: USB disconnect, device number 53
[ 2874.375233][ T6237] loop9: detected capacity change from 0 to 256
[ 2874.456900][T16856] udevd[16856]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 2874.482630][ T6241] x_tables: duplicate underflow at hook 4
[ 2875.033230][ T6241] overlayfs: './file1' not a directory
[ 2875.139394][ T3132] usb 6-1: new high-speed USB device number 52 using dummy_hcd
[ 2875.152313][ T6247] loop7: detected capacity change from 0 to 1024
[ 2875.234502][ T6255] netlink: 'syz.6.11181': attribute type 27 has an invalid length.
[ 2875.235231][ T6247] EXT4-fs error (device loop7): ext4_read_block_bitmap_nowait:476: comm syz.7.11177: Invalid block bitmap block 0 in block_group 0
[ 2875.256274][ T6247] Quota error (device loop7): write_blk: dquota write failed
[ 2875.256462][ T6255] device macsec0 left promiscuous mode
[ 2875.269543][ T6247] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[ 2875.280083][ T6247] EXT4-fs error (device loop7): ext4_acquire_dquot:6195: comm syz.7.11177: Failed to acquire dquot type 0
[ 2875.299544][ T6247] EXT4-fs error (device loop7): ext4_free_blocks:6223: comm syz.7.11177: Freeing blocks not in datazone - block = 0, count = 4096
[ 2875.313943][ T6247] EXT4-fs error (device loop7): ext4_read_inode_bitmap:140: comm syz.7.11177: Invalid inode bitmap blk 0 in block_group 0
[ 2875.326861][ T5487] Quota error (device loop7): remove_tree: Getting block too big (0 >= 9)
[ 2875.335678][ T6247] EXT4-fs error (device loop7) in ext4_free_inode:362: Corrupt filesystem
[ 2875.341200][ T5487] EXT4-fs error (device loop7): ext4_release_dquot:6231: comm kworker/u4:278: Failed to release dquot type 0
[ 2875.349793][ T6247] EXT4-fs (loop7): 1 orphan inode deleted
[ 2875.363062][ T6247] EXT4-fs (loop7): mounted filesystem without journal. Opts: €�; max_batch_time=0x0000000000000006,i_version,,errors=continue. Quota mode: writeback.
[ 2875.369647][ T6257] loop9: detected capacity change from 0 to 256
[ 2875.463475][ T6263] loop7: detected capacity change from 0 to 256
[ 2875.469851][  T292] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[ 2875.669454][ T3132] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2875.682893][ T3132] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 2875.741446][ T3132] usb 6-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53
[ 2875.750869][ T3132] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2875.761062][ T6273] loop6: detected capacity change from 0 to 16
[ 2875.769435][ T3132] usb 6-1: config 0 descriptor??
[ 2875.799942][ T6273] erofs: (device loop6): mounted with root inode @ nid 36.
[ 2875.810476][ T6273] netlink: 25 bytes leftover after parsing attributes in process `syz.6.11186'.
[ 2875.819613][ T6273] device gretap0 entered promiscuous mode
[ 2875.909842][  T292] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2875.920963][  T292] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 2875.933913][  T292] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[ 2875.942998][  T292] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2875.955017][  T292] usb 1-1: config 0 descriptor??
[ 2876.459324][  T292] kovaplus 0003:1E7D:2D50.0257: unbalanced delimiter at end of report description
[ 2876.468640][  T292] kovaplus 0003:1E7D:2D50.0257: parse failed
[ 2876.475000][  T292] kovaplus: probe of 0003:1E7D:2D50.0257 failed with error -22
[ 2876.558328][ T6283] loop7: detected capacity change from 0 to 1024
[ 2876.802945][  T292] usb 1-1: USB disconnect, device number 53
[ 2876.815606][ T6283] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 2877.391093][ T6302] loop6: detected capacity change from 0 to 1024
[ 2877.406533][ T6302] EXT4-fs (loop6): Ignoring removed nobh option
[ 2877.413567][ T6302] EXT4-fs (loop6): Ignoring removed bh option
[ 2877.420314][ T6302] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 2877.450773][ T6302] EXT4-fs error (device loop6): ext4_orphan_get:1427: comm syz.6.11197: bad orphan inode 32767
[ 2877.462149][ T6302] EXT4-fs (loop6): mounted filesystem without journal. Opts: delalloc,data_err=abort,noload,dioread_lock,data_err=ignore,resgid=0x0000000000000000,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 2877.545410][ T6306] fuse: Unknown parameter 'fd0x000000000000000a'
[ 2877.684409][ T3132] usb 6-1: USB disconnect, device number 52
[ 2877.814414][ T6311] loop5: detected capacity change from 0 to 256
[ 2878.866140][T16678] udevd[16678]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 2878.911711][ T6329] FAULT_INJECTION: forcing a failure.
[ 2878.911711][ T6329] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2878.954726][ T6329] CPU: 0 PID: 6329 Comm: syz.7.11206 Tainted: G        W         5.15.185-syzkaller-00032-g0d918fa8e88d #0
[ 2878.966130][ T6329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2878.976182][ T6329] Call Trace:
[ 2878.979455][ T6329]  <TASK>
[ 2878.982383][ T6329]  __dump_stack+0x21/0x30
[ 2878.986712][ T6329]  dump_stack_lvl+0xee/0x150
[ 2878.991302][ T6329]  ? show_regs_print_info+0x20/0x20
[ 2878.996503][ T6329]  dump_stack+0x15/0x20
[ 2879.000656][ T6329]  should_fail+0x3c1/0x510
[ 2879.005085][ T6329]  should_fail_usercopy+0x1a/0x20
[ 2879.010109][ T6329]  strncpy_from_user+0x24/0x2e0
[ 2879.014974][ T6329]  ? kmem_cache_alloc+0xf7/0x260
[ 2879.019915][ T6329]  getname_flags+0xf4/0x500
[ 2879.024404][ T6329]  ? __kasan_check_write+0x14/0x20
[ 2879.029497][ T6329]  user_path_at_empty+0x30/0x1c0
[ 2879.034420][ T6329]  __se_sys_mount+0x2e3/0x380
[ 2879.039105][ T6329]  ? __x64_sys_mount+0xd0/0xd0
[ 2879.043850][ T6329]  ? __ia32_sys_read+0x90/0x90
[ 2879.048595][ T6329]  __x64_sys_mount+0xbf/0xd0
[ 2879.053176][ T6329]  x64_sys_call+0x6bf/0x9a0
[ 2879.057673][ T6329]  do_syscall_64+0x4c/0xa0
[ 2879.062073][ T6329]  ? clear_bhb_loop+0x50/0xa0
[ 2879.066736][ T6329]  ? clear_bhb_loop+0x50/0xa0
[ 2879.071398][ T6329]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2879.077273][ T6329] RIP: 0033:0x7f9e4cb70929
[ 2879.081669][ T6329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2879.101255][ T6329] RSP: 002b:00007f9e4b1d9038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2879.109649][ T6329] RAX: ffffffffffffffda RBX: 00007f9e4cd97fa0 RCX: 00007f9e4cb70929
[ 2879.117598][ T6329] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000000
[ 2879.125546][ T6329] RBP: 00007f9e4b1d9090 R08: 0000000000000000 R09: 0000000000000000
[ 2879.133496][ T6329] R10: 0000000000000010 R11: 0000000000000246 R12: 0000000000000001
[ 2879.141444][ T6329] R13: 0000000000000000 R14: 00007f9e4cd97fa0 R15: 00007fff7c1ef508
[ 2879.149400][ T6329]  </TASK>
[ 2879.209783][ T6345] netlink: 100 bytes leftover after parsing attributes in process `syz.5.11205'.
[ 2879.280768][ T6321] netlink: 28 bytes leftover after parsing attributes in process `syz.9.11203'.
[ 2879.669310][  T303] usb 8-1: new high-speed USB device number 23 using dummy_hcd
[ 2879.773416][ T6359] loop6: detected capacity change from 0 to 512
[ 2879.831286][ T6359] EXT4-fs (loop6): Ignoring removed oldalloc option
[ 2879.846326][ T6359] EXT4-fs (loop6): orphan cleanup on readonly fs
[ 2879.877514][ T6359] Quota error (device loop6): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 2879.887229][ T6359] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0
[ 2879.896675][ T6359] EXT4-fs error (device loop6): ext4_acquire_dquot:6195: comm syz.6.11214: Failed to acquire dquot type 1
[ 2879.962017][ T6359] EXT4-fs (loop6): 1 truncate cleaned up
[ 2879.967870][ T6359] EXT4-fs (loop6): mounted filesystem without journal. Opts: bsdgroups,nodiscard,oldalloc,grpjquota=,nobarrier,noquota,abort,nodiscard,nodiscard,,errors=continue. Quota mode: writeback.
[ 2881.580918][ T6368] loop5: detected capacity change from 0 to 256
[ 2881.920936][  T303] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2881.932063][  T303] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 2881.945237][  T303] usb 8-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53
[ 2881.954482][  T303] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2882.041872][  T303] usb 8-1: config 0 descriptor??
[ 2882.110716][ T6386] loop5: detected capacity change from 0 to 1024
[ 2882.164391][ T6386] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 2882.177231][ T6382] loop6: detected capacity change from 0 to 512
[ 2882.241428][ T6382] EXT4-fs (loop6): Ignoring removed nobh option
[ 2882.326819][  T303] usb 8-1: USB disconnect, device number 23
[ 2882.341043][ T6396] loop7: detected capacity change from 0 to 256
[ 2882.419802][ T6382] EXT4-fs (loop6): mounted filesystem without journal. Opts: usrquota,bsddf,nobh,resuid=0x0000000000000000,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 2882.655305][ T6408] loop5: detected capacity change from 0 to 512
[ 2882.713150][ T6408] EXT4-fs error (device loop5): ext4_do_update_inode:5234: inode #3: comm syz.5.11228: corrupted inode contents
[ 2882.726526][ T6408] EXT4-fs error (device loop5): ext4_dirty_inode:6070: inode #3: comm syz.5.11228: mark_inode_dirty error
[ 2882.738367][ T6408] EXT4-fs error (device loop5): ext4_do_update_inode:5234: inode #3: comm syz.5.11228: corrupted inode contents
[ 2882.750420][ T6408] EXT4-fs error (device loop5): __ext4_ext_dirty:183: inode #3: comm syz.5.11228: mark_inode_dirty error
[ 2882.762135][ T6408] Quota error (device loop5): write_blk: dquota write failed
[ 2882.769599][ T6408] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[ 2882.779900][ T6408] EXT4-fs error (device loop5): ext4_acquire_dquot:6195: comm syz.5.11228: Failed to acquire dquot type 0
[ 2882.796958][ T6408] EXT4-fs (loop5): 1 orphan inode deleted
[ 2882.802928][ T6408] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2882.883030][ T6412] device macsec0 entered promiscuous mode
[ 2883.046050][ T6414] loop9: detected capacity change from 0 to 4096
[ 2883.083239][ T6414] EXT4-fs (loop9): Test dummy encryption mode enabled
[ 2883.092728][ T6414] EXT4-fs (loop9): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,noauto_da_alloc,dioread_nolock,test_dummy_encryption,nobarrier,nodelalloc,nombcache,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback.
[ 2883.219062][ T6424] FAULT_INJECTION: forcing a failure.
[ 2883.219062][ T6424] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2883.232307][ T6424] CPU: 1 PID: 6424 Comm: syz.0.11233 Tainted: G        W         5.15.185-syzkaller-00032-g0d918fa8e88d #0
[ 2883.243679][ T6424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2883.253755][ T6424] Call Trace:
[ 2883.257031][ T6424]  <TASK>
[ 2883.259953][ T6424]  __dump_stack+0x21/0x30
[ 2883.264279][ T6424]  dump_stack_lvl+0xee/0x150
[ 2883.268866][ T6424]  ? show_regs_print_info+0x20/0x20
[ 2883.274045][ T6424]  ? irqentry_exit+0x37/0x40
[ 2883.278613][ T6424]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 2883.284749][ T6424]  dump_stack+0x15/0x20
[ 2883.288880][ T6424]  should_fail+0x3c1/0x510
[ 2883.293320][ T6424]  should_fail_usercopy+0x1a/0x20
[ 2883.298322][ T6424]  copy_page_from_iter+0x2f6/0x680
[ 2883.303414][ T6424]  tun_get_user+0x813/0x33c0
[ 2883.307984][ T6424]  ? __kasan_init_slab_obj+0x10/0x40
[ 2883.313251][ T6424]  ? tun_do_read+0x1c40/0x1c40
[ 2883.317993][ T6424]  ? kstrtouint_from_user+0x1a0/0x200
[ 2883.323343][ T6424]  ? kstrtol_from_user+0x260/0x260
[ 2883.328440][ T6424]  ? bpf_user_rnd_u32+0x95/0xd0
[ 2883.333274][ T6424]  ? avc_policy_seqno+0x1b/0x70
[ 2883.338113][ T6424]  ? selinux_file_permission+0x2aa/0x510
[ 2883.343742][ T6424]  tun_chr_write_iter+0x1eb/0x2e0
[ 2883.348750][ T6424]  vfs_write+0x802/0xf70
[ 2883.352971][ T6424]  ? file_end_write+0x1b0/0x1b0
[ 2883.357804][ T6424]  ? __fget_files+0x2c4/0x320
[ 2883.362464][ T6424]  ? __fdget_pos+0x1f7/0x380
[ 2883.367033][ T6424]  ? ksys_write+0x71/0x240
[ 2883.371428][ T6424]  ksys_write+0x140/0x240
[ 2883.375740][ T6424]  ? __ia32_sys_read+0x90/0x90
[ 2883.380484][ T6424]  ? debug_smp_processor_id+0x17/0x20
[ 2883.385837][ T6424]  __x64_sys_write+0x7b/0x90
[ 2883.390403][ T6424]  x64_sys_call+0x8ef/0x9a0
[ 2883.394887][ T6424]  do_syscall_64+0x4c/0xa0
[ 2883.399282][ T6424]  ? clear_bhb_loop+0x50/0xa0
[ 2883.403936][ T6424]  ? clear_bhb_loop+0x50/0xa0
[ 2883.408589][ T6424]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2883.414460][ T6424] RIP: 0033:0x7f0fe35963df
[ 2883.418857][ T6424] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 2883.438441][ T6424] RSP: 002b:00007f0fe1c00000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 2883.446834][ T6424] RAX: ffffffffffffffda RBX: 00007f0fe37befa0 RCX: 00007f0fe35963df
[ 2883.454787][ T6424] RDX: 0000000000000086 RSI: 0000200000000640 RDI: 00000000000000c8
[ 2883.462737][ T6424] RBP: 00007f0fe1c00090 R08: 0000000000000000 R09: 0000000000000000
[ 2883.470684][ T6424] R10: 0000000000000086 R11: 0000000000000293 R12: 0000000000000001
[ 2883.478631][ T6424] R13: 0000000000000000 R14: 00007f0fe37befa0 R15: 00007ffdc0198a48
[ 2883.486586][ T6424]  </TASK>
[ 2883.638460][ T6428] loop7: detected capacity change from 0 to 256
[ 2884.586631][   T30] audit: type=1400 audit(2884.567:9556): avc:  denied  { setopt } for  pid=6431 comm="syz.0.11235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 2884.617519][   T30] audit: type=1400 audit(2884.597:9557): avc:  denied  { write } for  pid=6431 comm="syz.0.11235" path="socket:[150813]" dev="sockfs" ino=150813 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 2884.946596][ T6447] loop9: detected capacity change from 0 to 256
[ 2885.193259][T15874] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[ 2885.249809][  T303] usb 6-1: new high-speed USB device number 53 using dummy_hcd
[ 2885.273524][ T6445] loop6: detected capacity change from 0 to 512
[ 2885.376157][ T6445] EXT4-fs (loop6): Ignoring removed nobh option
[ 2885.401648][ T6445] EXT4-fs (loop6): mounted filesystem without journal. Opts: usrquota,bsddf,nobh,resuid=0x0000000000000000,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 2885.596461][ T6457] loop6: detected capacity change from 0 to 256
[ 2885.619395][  T303] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2885.629583][  T303] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 2885.642963][  T303] usb 6-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53
[ 2885.652188][  T303] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2885.660779][  T303] usb 6-1: config 0 descriptor??
[ 2885.749437][T15874] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2885.760735][T15874] usb 1-1: New USB device found, idVendor=046d, idProduct=c50c, bcdDevice= 0.00
[ 2885.770044][T15874] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2885.812137][T15874] usb 1-1: config 0 descriptor??
[ 2885.839083][ T6461] loop7: detected capacity change from 0 to 256
[ 2885.912081][ T6464] netlink: 28 bytes leftover after parsing attributes in process `syz.9.11244'.
[ 2886.309320][T32449] usb 10-1: new high-speed USB device number 23 using dummy_hcd
[ 2886.556605][ T6471] netlink: 28 bytes leftover after parsing attributes in process `syz.6.11247'.
[ 2886.635980][   T30] audit: type=1400 audit(2886.617:9558): avc:  denied  { audit_write } for  pid=6472 comm="syz.6.11248" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 2886.656824][   T30] audit: type=1107 audit(2886.617:9559): pid=6472 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[ 2886.732287][ T6475] loop6: detected capacity change from 0 to 256
[ 2886.739378][T32449] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2886.752019][T32449] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2887.057152][T32449] usb 10-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2887.066405][T32449] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2887.074763][T32449] usb 10-1: SerialNumber: syz
[ 2887.122287][  T303] usb 6-1: USB disconnect, device number 53
[ 2887.179637][T15874] usbhid 1-1:0.0: can't add hid device: -71
[ 2887.185706][T15874] usbhid: probe of 1-1:0.0 failed with error -71
[ 2887.212847][T15874] usb 1-1: USB disconnect, device number 54
[ 2887.286434][ T6488] loop5: detected capacity change from 0 to 512
[ 2887.350212][T32449] usb 10-1: 0:2 : does not exist
[ 2887.355604][T32449] usb 10-1: unit 5: unexpected type 0x0b
[ 2887.380703][ T6488] EXT4-fs error (device loop5): ext4_do_update_inode:5234: inode #3: comm syz.5.11252: corrupted inode contents
[ 2887.399861][T32449] usb 10-1: USB disconnect, device number 23
[ 2887.420001][ T6488] EXT4-fs error (device loop5): ext4_dirty_inode:6070: inode #3: comm syz.5.11252: mark_inode_dirty error
[ 2887.458471][ T6488] EXT4-fs error (device loop5): ext4_do_update_inode:5234: inode #3: comm syz.5.11252: corrupted inode contents
[ 2887.484911][ T6488] EXT4-fs error (device loop5): __ext4_ext_dirty:183: inode #3: comm syz.5.11252: mark_inode_dirty error
[ 2887.521307][ T6488] Quota error (device loop5): write_blk: dquota write failed
[ 2887.542117][ T6488] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[ 2887.578765][ T6488] EXT4-fs error (device loop5): ext4_acquire_dquot:6195: comm syz.5.11252: Failed to acquire dquot type 0
[ 2887.599477][ T6488] EXT4-fs (loop5): 1 orphan inode deleted
[ 2887.605224][ T6488] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2887.725081][ T6497] loop7: detected capacity change from 0 to 512
[ 2887.760560][ T6501] loop6: detected capacity change from 0 to 1024
[ 2887.769618][   T30] audit: type=1400 audit(2887.757:9560): avc:  denied  { mounton } for  pid=6495 comm="syz.7.11254" path="/523/bus" dev="devtmpfs" ino=123 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 2887.774102][ T6497] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 2887.807762][ T6501] EXT4-fs (loop6): Ignoring removed nobh option
[ 2887.815838][ T6501] EXT4-fs (loop6): Ignoring removed bh option
[ 2887.822791][ T6497] EXT4-fs (loop7): failed to initialize system zone (-117)
[ 2887.830187][ T6501] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 2887.834453][ T6497] EXT4-fs (loop7): mount failed
[ 2887.854723][ T6506] loop9: detected capacity change from 0 to 256
[ 2887.860811][ T6501] EXT4-fs error (device loop6): ext4_orphan_get:1427: comm syz.6.11255: bad orphan inode 32767
[ 2887.871938][ T6501] EXT4-fs (loop6): mounted filesystem without journal. Opts: delalloc,data_err=abort,noload,dioread_lock,data_err=ignore,resgid=0x0000000000000000,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 2887.879247][ T6506] FAT-fs (loop9): Directory bread(block 64) failed
[ 2887.906581][ T6506] FAT-fs (loop9): Directory bread(block 65) failed
[ 2887.914297][ T6506] FAT-fs (loop9): Directory bread(block 66) failed
[ 2887.921176][ T6506] FAT-fs (loop9): Directory bread(block 67) failed
[ 2887.927948][ T6506] FAT-fs (loop9): Directory bread(block 68) failed
[ 2887.944813][ T6506] FAT-fs (loop9): Directory bread(block 69) failed
[ 2887.951618][ T6506] FAT-fs (loop9): Directory bread(block 70) failed
[ 2887.959791][   T30] audit: type=1400 audit(2887.947:9561): avc:  denied  { unmount } for  pid=30709 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[ 2887.964013][ T6506] FAT-fs (loop9): Directory bread(block 71) failed
[ 2887.986463][ T6506] FAT-fs (loop9): Directory bread(block 72) failed
[ 2887.993210][ T6506] FAT-fs (loop9): Directory bread(block 73) failed
[ 2888.259553][ T6513] hub 2-0:1.0: USB hub found
[ 2888.264225][ T6513] hub 2-0:1.0: 1 port detected
[ 2888.295012][ T6521] hub 2-0:1.0: USB hub found
[ 2888.299775][ T6521] hub 2-0:1.0: 1 port detected
[ 2888.748798][ T6525] loop9: detected capacity change from 0 to 128
[ 2888.793552][ T6525] x_tables: duplicate underflow at hook 4
[ 2888.800552][ T6525] overlayfs: './file1' not a directory
[ 2889.079396][   T39] usb 10-1: new high-speed USB device number 24 using dummy_hcd
[ 2889.449629][   T39] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2889.459543][   T39] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 2889.472586][   T39] usb 10-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[ 2889.481737][   T39] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2889.490812][   T39] usb 10-1: config 0 descriptor??
[ 2890.216157][   T39] kovaplus 0003:1E7D:2D50.0258: unbalanced delimiter at end of report description
[ 2890.231283][   T39] kovaplus 0003:1E7D:2D50.0258: parse failed
[ 2890.237411][   T39] kovaplus: probe of 0003:1E7D:2D50.0258 failed with error -22
[ 2890.421043][T32449] usb 10-1: USB disconnect, device number 24
[ 2890.862107][ T6548] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 2891.053546][ T6553] loop6: detected capacity change from 0 to 1024
[ 2891.141784][ T6553] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 2891.825138][ T6564] netlink: 28 bytes leftover after parsing attributes in process `syz.6.11275'.
[ 2892.181741][ T6575] loop7: detected capacity change from 0 to 256
[ 2892.209321][  T292] usb 7-1: new high-speed USB device number 54 using dummy_hcd
[ 2892.288259][ T6578] loop5: detected capacity change from 0 to 16
[ 2892.372220][ T6578] erofs: (device loop5): mounted with root inode @ nid 36.
[ 2892.384098][ T6578] netlink: 25 bytes leftover after parsing attributes in process `syz.5.11280'.
[ 2892.579388][  T292] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2892.589654][  T292] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2892.669383][  T292] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2892.678478][  T292] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2892.686499][  T292] usb 7-1: SerialNumber: syz
[ 2892.960634][   T30] audit: type=1326 audit(2892.947:9562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6588 comm="syz.9.11283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e38272929 code=0x7ffc0000
[ 2892.987163][   T30] audit: type=1326 audit(2892.947:9563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6588 comm="syz.9.11283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e38272929 code=0x7ffc0000
[ 2893.037210][   T30] audit: type=1326 audit(2892.947:9564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6588 comm="syz.9.11283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5e38272929 code=0x7ffc0000
[ 2893.061466][   T30] audit: type=1326 audit(2892.947:9565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6588 comm="syz.9.11283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e38272929 code=0x7ffc0000
[ 2893.086859][   T30] audit: type=1326 audit(2892.947:9566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6588 comm="syz.9.11283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e38272929 code=0x7ffc0000
[ 2893.114739][   T30] audit: type=1326 audit(2892.947:9567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6588 comm="syz.9.11283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5e38272929 code=0x7ffc0000
[ 2893.142659][ T6590] loop9: detected capacity change from 0 to 128
[ 2893.148250][   T30] audit: type=1326 audit(2892.947:9568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6588 comm="syz.9.11283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e38272929 code=0x7ffc0000
[ 2893.181120][   T30] audit: type=1326 audit(2892.947:9569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6588 comm="syz.9.11283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e38272929 code=0x7ffc0000
[ 2893.205010][ T6590] EXT4-fs (loop9): Unrecognized mount option "obj_role=-" or missing value
[ 2893.208150][   T30] audit: type=1326 audit(2892.947:9570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6588 comm="syz.9.11283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5e38272929 code=0x7ffc0000
[ 2893.237470][  T292] usb 7-1: 0:2 : does not exist
[ 2893.243451][  T292] usb 7-1: unit 5: unexpected type 0x0b
[ 2893.248292][   T30] audit: type=1326 audit(2892.947:9571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6588 comm="syz.9.11283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e38272929 code=0x7ffc0000
[ 2893.285929][  T292] usb 7-1: USB disconnect, device number 54
[ 2893.819787][T16856] udevd[16856]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 2893.900503][ T6608] netlink: 9 bytes leftover after parsing attributes in process `syz.9.11290'.
[ 2893.912417][ T6607] netlink: 5 bytes leftover after parsing attributes in process `syz.9.11290'.
[ 2893.921760][ T6607] 0ªî{X¹¦: renamed from gretap0
[ 2893.927821][ T6607] device 
30ªî{X¹¦ left promiscuous mode
[ 2893.934634][ T6607] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[ 2894.017612][ T6615] loop9: detected capacity change from 0 to 512
[ 2894.045365][ T6616] loop5: detected capacity change from 0 to 1024
[ 2894.133497][ T6616] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:476: comm syz.5.11291: Invalid block bitmap block 0 in block_group 0
[ 2894.147265][ T6616] EXT4-fs error (device loop5): ext4_acquire_dquot:6195: comm syz.5.11291: Failed to acquire dquot type 0
[ 2894.147455][ T6615] EXT4-fs error (device loop9): ext4_do_update_inode:5234: inode #3: comm syz.9.11292: corrupted inode contents
[ 2894.171905][ T6616] EXT4-fs error (device loop5): ext4_free_blocks:6223: comm syz.5.11291: Freeing blocks not in datazone - block = 0, count = 4096
[ 2894.185654][ T6615] EXT4-fs error (device loop9): ext4_dirty_inode:6070: inode #3: comm syz.9.11292: mark_inode_dirty error
[ 2894.185893][ T6616] EXT4-fs error (device loop5): ext4_read_inode_bitmap:140: comm syz.5.11291: Invalid inode bitmap blk 0 in block_group 0
[ 2894.197171][ T5487] EXT4-fs error (device loop5): ext4_release_dquot:6231: comm kworker/u4:278: Failed to release dquot type 0
[ 2894.197854][ T6615] EXT4-fs error (device loop9): ext4_do_update_inode:5234: inode #3: comm syz.9.11292: corrupted inode contents
[ 2894.234366][ T6616] EXT4-fs error (device loop5) in ext4_free_inode:362: Corrupt filesystem
[ 2894.234424][ T6615] EXT4-fs error (device loop9): __ext4_ext_dirty:183: inode #3: comm syz.9.11292: mark_inode_dirty error
[ 2894.254566][ T6616] EXT4-fs (loop5): 1 orphan inode deleted
[ 2894.254831][ T6615] EXT4-fs error (device loop9): ext4_acquire_dquot:6195: comm syz.9.11292: Failed to acquire dquot type 0
[ 2894.260356][ T6616] EXT4-fs (loop5): mounted filesystem without journal. Opts: €�; max_batch_time=0x0000000000000006,i_version,,errors=continue. Quota mode: writeback.
[ 2894.272856][ T6615] EXT4-fs (loop9): 1 orphan inode deleted
[ 2894.292450][ T6615] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2894.352897][ T6623] loop7: detected capacity change from 0 to 256
[ 2894.416688][ T6631] loop9: detected capacity change from 0 to 1024
[ 2894.437651][ T6631] EXT4-fs (loop9): Ignoring removed nobh option
[ 2894.448925][ T6631] EXT4-fs (loop9): Ignoring removed bh option
[ 2894.459223][ T6631] EXT4-fs (loop9): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 2894.495708][ T6631] EXT4-fs error (device loop9): ext4_orphan_get:1427: comm syz.9.11296: bad orphan inode 32767
[ 2894.519937][ T6631] EXT4-fs (loop9): mounted filesystem without journal. Opts: delalloc,data_err=abort,noload,dioread_lock,data_err=ignore,resgid=0x0000000000000000,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 2894.748939][ T6644] loop9: detected capacity change from 0 to 128
[ 2894.764268][ T6644] x_tables: duplicate underflow at hook 4
[ 2894.978807][ T1001] usb 7-1: new high-speed USB device number 55 using dummy_hcd
[ 2895.250631][ T6650] loop5: detected capacity change from 0 to 256
[ 2895.349318][T32449] usb 10-1: new high-speed USB device number 25 using dummy_hcd
[ 2895.489364][ T1001] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2895.500351][ T1001] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2895.510312][ T1001] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 2895.519394][   T39] usb 8-1: new high-speed USB device number 24 using dummy_hcd
[ 2895.526958][ T1001] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2895.535611][ T1001] usb 7-1: config 0 descriptor??
[ 2895.819823][   T39] usb 8-1: Using ep0 maxpacket: 16
[ 2895.879402][T32449] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2895.889345][T32449] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 2895.902240][T32449] usb 10-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[ 2895.911368][T32449] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2895.920265][T32449] usb 10-1: config 0 descriptor??
[ 2895.949389][   T39] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2895.959621][   T39] usb 8-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 2895.968594][   T39] usb 8-1: config 1 has no interface number 1
[ 2895.974758][   T39] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 2896.049886][ T1001] keytouch 0003:0926:3333.0259: fixing up Keytouch IEC report descriptor
[ 2896.059699][ T1001] input: HID 0926:3333 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:0926:3333.0259/input/input196
[ 2896.165011][   T39] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 2896.176636][   T39] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2896.184677][   T39] usb 8-1: Product: syz
[ 2896.188836][   T39] usb 8-1: Manufacturer: syz
[ 2896.193485][   T39] usb 8-1: SerialNumber: syz
[ 2896.199058][ T1001] keytouch 0003:0926:3333.0259: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.6-1/input0
[ 2896.445203][ T6662] SELinux:  policydb table sizes (8192,0) do not match mine (8,7)
[ 2896.457914][ T6648] UDC core: couldn't find an available UDC or it's busy: -16
[ 2896.465747][ T6662] SELinux: failed to load policy
[ 2896.471989][ T6648] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 2896.511537][T32449] kovaplus 0003:1E7D:2D50.025A: unbalanced delimiter at end of report description
[ 2896.521103][T32449] kovaplus 0003:1E7D:2D50.025A: parse failed
[ 2896.527257][T32449] kovaplus: probe of 0003:1E7D:2D50.025A failed with error -22
[ 2896.607294][   T39] usb 8-1: USB disconnect, device number 24
[ 2896.619466][ T3132] usb 10-1: USB disconnect, device number 25
[ 2896.830675][T16856] udevd[16856]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 2897.112401][ T6672] loop5: detected capacity change from 0 to 1024
[ 2897.334173][ T6672] EXT4-fs (loop5): Ignoring removed nobh option
[ 2897.399407][   T39] usb 7-1: reset high-speed USB device number 55 using dummy_hcd
[ 2897.434814][ T6672] EXT4-fs (loop5): Ignoring removed bh option
[ 2897.440973][ T6672] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 2897.463204][ T6672] EXT4-fs error (device loop5): ext4_orphan_get:1427: comm syz.5.11310: bad orphan inode 32767
[ 2897.473979][ T6672] EXT4-fs (loop5): mounted filesystem without journal. Opts: delalloc,data_err=abort,noload,dioread_lock,data_err=ignore,resgid=0x0000000000000000,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 2897.628401][ T6689] netlink: 25 bytes leftover after parsing attributes in process `syz.0.11313'.
[ 2897.675144][ T6686] loop6: detected capacity change from 0 to 256
[ 2897.810734][ T6692] loop5: detected capacity change from 0 to 128
[ 2898.542263][ T6692] x_tables: duplicate underflow at hook 4
[ 2898.567936][ T6695] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 2898.610142][ T6692] overlayfs: './file1' not a directory
[ 2898.753402][ T6701] loop6: detected capacity change from 0 to 1024
[ 2898.789491][ T6697] loop7: detected capacity change from 0 to 40427
[ 2898.797760][ T6701] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 2898.813450][ T6701] EXT4-fs (loop6): shut down requested (0)
[ 2898.817214][ T6704] loop9: detected capacity change from 0 to 256
[ 2898.842858][ T6697] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[ 2898.850777][ T6697] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[ 2898.863513][ T6697] F2FS-fs (loop7): invalid crc value
[ 2898.874268][ T6697] F2FS-fs (loop7): Found nat_bits in checkpoint
[ 2898.901250][ T1001] usb 6-1: new high-speed USB device number 54 using dummy_hcd
[ 2898.934497][ T6697] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[ 2898.941703][ T6697] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[ 2899.006333][ T3132] usb 7-1: USB disconnect, device number 55
[ 2899.339931][ T1001] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2899.349889][ T1001] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 2899.363064][ T1001] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[ 2899.372548][ T1001] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2899.384592][ T1001] usb 6-1: config 0 descriptor??
[ 2899.481437][ T6720] loop7: detected capacity change from 0 to 256
[ 2899.507840][ T6720] FAT-fs (loop7): Directory bread(block 64) failed
[ 2899.514510][ T6720] FAT-fs (loop7): Directory bread(block 65) failed
[ 2899.521141][ T6720] FAT-fs (loop7): Directory bread(block 66) failed
[ 2899.527732][ T6720] FAT-fs (loop7): Directory bread(block 67) failed
[ 2899.534370][ T6720] FAT-fs (loop7): Directory bread(block 68) failed
[ 2899.541115][ T6720] FAT-fs (loop7): Directory bread(block 69) failed
[ 2899.547655][ T6720] FAT-fs (loop7): Directory bread(block 70) failed
[ 2899.554217][ T6720] FAT-fs (loop7): Directory bread(block 71) failed
[ 2899.560908][ T6720] FAT-fs (loop7): Directory bread(block 72) failed
[ 2899.567422][ T6720] FAT-fs (loop7): Directory bread(block 73) failed
[ 2899.758793][ T6724] loop9: detected capacity change from 0 to 1024
[ 2899.863697][ T6724] EXT4-fs error (device loop9): ext4_read_block_bitmap_nowait:476: comm syz.9.11324: Invalid block bitmap block 0 in block_group 0
[ 2899.877880][ T6724] __quota_error: 45 callbacks suppressed
[ 2899.877895][ T6724] Quota error (device loop9): write_blk: dquota write failed
[ 2899.891084][ T6724] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[ 2899.901034][ T6724] EXT4-fs error (device loop9): ext4_acquire_dquot:6195: comm syz.9.11324: Failed to acquire dquot type 0
[ 2899.912814][ T6724] EXT4-fs error (device loop9): ext4_free_blocks:6223: comm syz.9.11324: Freeing blocks not in datazone - block = 0, count = 4096
[ 2899.930540][ T1001] kovaplus 0003:1E7D:2D50.025B: unbalanced delimiter at end of report description
[ 2899.942025][ T1001] kovaplus 0003:1E7D:2D50.025B: parse failed
[ 2899.948159][ T1001] kovaplus: probe of 0003:1E7D:2D50.025B failed with error -22
[ 2900.025193][ T6724] EXT4-fs error (device loop9): ext4_read_inode_bitmap:140: comm syz.9.11324: Invalid inode bitmap blk 0 in block_group 0
[ 2900.039322][ T6724] EXT4-fs error (device loop9) in ext4_free_inode:362: Corrupt filesystem
[ 2900.048843][ T6724] EXT4-fs (loop9): 1 orphan inode deleted
[ 2900.054749][ T6724] EXT4-fs (loop9): mounted filesystem without journal. Opts: €�; max_batch_time=0x0000000000000006,i_version,,errors=continue. Quota mode: writeback.
[ 2900.136271][ T1001] usb 6-1: USB disconnect, device number 54
[ 2900.144084][ T5326] Quota error (device loop9): remove_tree: Getting block too big (0 >= 9)
[ 2900.153208][ T5326] EXT4-fs error (device loop9): ext4_release_dquot:6231: comm kworker/u4:166: Failed to release dquot type 0
[ 2900.529985][ T6735] loop7: detected capacity change from 0 to 16
[ 2900.594214][ T6735] erofs: (device loop7): mounted with root inode @ nid 36.
[ 2900.615968][T29186] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[ 2900.726391][ T6735] netlink: 25 bytes leftover after parsing attributes in process `syz.7.11327'.
[ 2900.736000][ T6735] device gretap0 entered promiscuous mode
[ 2902.123548][ T6749] netlink: 28 bytes leftover after parsing attributes in process `syz.6.11333'.
[ 2902.151909][ T6741] loop9: detected capacity change from 0 to 40427
[ 2902.219455][T29186] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2902.233536][T29186] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2902.234825][ T6741] F2FS-fs (loop9): fault_injection options not supported
[ 2902.255966][ T6741] F2FS-fs (loop9): invalid crc value
[ 2902.639703][T29186] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2902.773894][T29186] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2902.823787][ T6741] F2FS-fs (loop9): Found nat_bits in checkpoint
[ 2902.840184][T29186] usb 1-1: SerialNumber: syz
[ 2902.846443][ T6759] loop6: detected capacity change from 0 to 256
[ 2902.911035][ T6766] loop7: detected capacity change from 0 to 512
[ 2902.962607][ T6766] EXT4-fs (loop7): Ignoring removed oldalloc option
[ 2903.030852][ T6766] EXT4-fs (loop7): orphan cleanup on readonly fs
[ 2903.039221][ T6766] Quota error (device loop7): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 2903.048979][ T6766] Quota error (device loop7): qtree_read_dquot: Can't read quota structure for id 0
[ 2903.058453][ T6766] EXT4-fs error (device loop7): ext4_acquire_dquot:6195: comm syz.7.11336: Failed to acquire dquot type 1
[ 2903.103864][ T6766] EXT4-fs (loop7): 1 truncate cleaned up
[ 2903.110081][ T6766] EXT4-fs (loop7): mounted filesystem without journal. Opts: bsdgroups,nodiscard,oldalloc,grpjquota=,nobarrier,noquota,abort,nodiscard,nodiscard,,errors=continue. Quota mode: writeback.
[ 2903.839373][T29186] usb 1-1: can't set config #1, error -71
[ 2903.846623][T29186] usb 1-1: USB disconnect, device number 55
[ 2903.875008][ T6779] device wireguard0 entered promiscuous mode
[ 2904.743111][ T6795] loop9: detected capacity change from 0 to 16
[ 2904.801731][ T6795] erofs: (device loop9): mounted with root inode @ nid 36.
[ 2904.830666][ T6795] netlink: 25 bytes leftover after parsing attributes in process `syz.9.11343'.
[ 2904.840240][ T6795] device 
30ªî{X¹¦ entered promiscuous mode
[ 2905.030164][T29186] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[ 2905.056419][ T6798] loop6: detected capacity change from 0 to 1024
[ 2905.114143][ T6798] EXT4-fs (loop6): Ignoring removed nobh option
[ 2905.133707][ T6798] EXT4-fs (loop6): Ignoring removed bh option
[ 2905.153903][ T6798] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 2905.217049][ T6798] EXT4-fs error (device loop6): ext4_orphan_get:1427: comm syz.6.11346: bad orphan inode 32767
[ 2905.228929][ T6802] loop5: detected capacity change from 0 to 256
[ 2905.239532][ T6798] EXT4-fs (loop6): mounted filesystem without journal. Opts: delalloc,data_err=abort,noload,dioread_lock,data_err=ignore,resgid=0x0000000000000000,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 2905.423026][ T6811] loop9: detected capacity change from 0 to 128
[ 2905.479367][T29186] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2905.571929][T29186] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2905.572870][ T6813] netlink: 20 bytes leftover after parsing attributes in process `syz.7.11348'.
[ 2905.660037][T29186] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2905.806506][T29186] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2905.860391][T29186] usb 1-1: SerialNumber: syz
[ 2906.250183][ T6822] loop5: detected capacity change from 0 to 2048
[ 2906.406521][ T6822] EXT4-fs (loop5): Mount option "noacl" will be removed by 3.5
[ 2906.406521][ T6822] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[ 2906.406521][ T6822] 
[ 2906.699395][ T6822] EXT4-fs (loop5): mounted filesystem without journal. Opts: noacl,,errors=continue. Quota mode: none.
[ 2906.751758][ T6822] hub 2-0:1.0: USB hub found
[ 2906.756998][ T6822] hub 2-0:1.0: 1 port detected
[ 2906.784323][   T30] audit: type=1400 audit(2906.757:9612): avc:  denied  { mount } for  pid=6819 comm="syz.5.11351" name="/" dev="ramfs" ino=151854 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[ 2907.210474][ T6832] loop6: detected capacity change from 0 to 1024
[ 2907.240022][T29186] usb 1-1: 0:2 : does not exist
[ 2907.245127][T29186] usb 1-1: unit 5: unexpected type 0x09
[ 2907.259643][T29186] usb 1-1: USB disconnect, device number 56
[ 2907.278427][ T6832] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 2907.295990][ T6832] EXT4-fs (loop6): shut down requested (0)
[ 2907.375566][ T6836] loop9: detected capacity change from 0 to 256
[ 2907.440637][ T6836] exfat: Deprecated parameter 'utf8'
[ 2907.446276][ T6836] exfat: Deprecated parameter 'utf8'
[ 2907.461019][ T6836] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d)
[ 2908.155694][ T6844] loop6: detected capacity change from 0 to 512
[ 2908.168905][ T6845] loop5: detected capacity change from 0 to 1024
[ 2908.220073][ T6845] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:476: comm syz.5.11355: Invalid block bitmap block 0 in block_group 0
[ 2908.242620][ T6845] Quota error (device loop5): write_blk: dquota write failed
[ 2908.250064][ T6845] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[ 2908.259993][ T6845] EXT4-fs error (device loop5): ext4_acquire_dquot:6195: comm syz.5.11355: Failed to acquire dquot type 0
[ 2908.794312][ T6845] EXT4-fs error (device loop5): ext4_free_blocks:6223: comm syz.5.11355: Freeing blocks not in datazone - block = 0, count = 4096
[ 2908.810151][ T6845] EXT4-fs error (device loop5): ext4_read_inode_bitmap:140: comm syz.5.11355: Invalid inode bitmap blk 0 in block_group 0
[ 2908.823530][ T6845] EXT4-fs error (device loop5) in ext4_free_inode:362: Corrupt filesystem
[ 2908.832305][ T6845] EXT4-fs (loop5): 1 orphan inode deleted
[ 2908.838053][ T6845] EXT4-fs (loop5): mounted filesystem without journal. Opts: €�; max_batch_time=0x0000000000000006,i_version,,errors=continue. Quota mode: writeback.
[ 2908.862060][ T6844] EXT4-fs error (device loop6): ext4_do_update_inode:5234: inode #3: comm syz.6.11356: corrupted inode contents
[ 2908.874245][ T6844] EXT4-fs error (device loop6): ext4_dirty_inode:6070: inode #3: comm syz.6.11356: mark_inode_dirty error
[ 2908.886060][ T6844] EXT4-fs error (device loop6): ext4_do_update_inode:5234: inode #3: comm syz.6.11356: corrupted inode contents
[ 2908.898194][ T6844] EXT4-fs error (device loop6): __ext4_ext_dirty:183: inode #3: comm syz.6.11356: mark_inode_dirty error
[ 2908.910273][ T6768] Quota error (device loop5): remove_tree: Getting block too big (0 >= 9)
[ 2908.918884][ T6768] EXT4-fs error (device loop5): ext4_release_dquot:6231: comm kworker/u4:0: Failed to release dquot type 0
[ 2908.930402][ T6844] Quota error (device loop6): write_blk: dquota write failed
[ 2908.937826][ T6844] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[ 2908.947789][ T6844] EXT4-fs error (device loop6): ext4_acquire_dquot:6195: comm syz.6.11356: Failed to acquire dquot type 0
[ 2908.991858][ T6844] EXT4-fs (loop6): 1 orphan inode deleted
[ 2908.997620][ T6844] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2909.040434][ T6866] loop6: detected capacity change from 0 to 256
[ 2909.049027][   T30] audit: type=1400 audit(2909.027:9613): avc:  denied  { name_bind } for  pid=6858 comm="syz.0.11362" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[ 2909.077792][ T6866] FAT-fs (loop6): Directory bread(block 64) failed
[ 2909.094432][ T6866] FAT-fs (loop6): Directory bread(block 65) failed
[ 2909.107958][ T6866] FAT-fs (loop6): Directory bread(block 66) failed
[ 2909.114722][ T6866] FAT-fs (loop6): Directory bread(block 67) failed
[ 2909.121608][ T6866] FAT-fs (loop6): Directory bread(block 68) failed
[ 2909.128169][ T6866] FAT-fs (loop6): Directory bread(block 69) failed
[ 2909.135234][ T6866] FAT-fs (loop6): Directory bread(block 70) failed
[ 2909.141921][ T6866] FAT-fs (loop6): Directory bread(block 71) failed
[ 2909.148690][ T6866] FAT-fs (loop6): Directory bread(block 72) failed
[ 2909.155326][ T6866] FAT-fs (loop6): Directory bread(block 73) failed
[ 2911.245846][ T6902] loop5: detected capacity change from 0 to 256
[ 2911.287372][ T6897] loop7: detected capacity change from 0 to 256
[ 2913.092855][ T6921] loop6: detected capacity change from 0 to 256
[ 2914.734237][ T6921] FAT-fs (loop6): Directory bread(block 64) failed
[ 2914.740999][ T6921] FAT-fs (loop6): Directory bread(block 65) failed
[ 2914.748193][ T6921] FAT-fs (loop6): Directory bread(block 66) failed
[ 2914.757706][ T6921] FAT-fs (loop6): Directory bread(block 67) failed
[ 2914.764737][ T6921] FAT-fs (loop6): Directory bread(block 68) failed
[ 2914.771459][ T6921] FAT-fs (loop6): Directory bread(block 69) failed
[ 2914.778090][ T6921] FAT-fs (loop6): Directory bread(block 70) failed
[ 2914.785009][ T6921] FAT-fs (loop6): Directory bread(block 71) failed
[ 2914.802133][ T6921] FAT-fs (loop6): Directory bread(block 72) failed
[ 2914.808798][ T6921] FAT-fs (loop6): Directory bread(block 73) failed
[ 2914.811647][ T6930] netlink: 28 bytes leftover after parsing attributes in process `syz.5.11383'.
[ 2914.940937][ T6935] loop5: detected capacity change from 0 to 256
[ 2915.211919][ T6935] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[ 2915.324857][ T5326] tipc: Left network mode
[ 2915.418373][ T6947] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11384'.
[ 2915.568358][ T6943] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2915.575656][ T6943] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2915.585913][ T6943] device bridge_slave_0 entered promiscuous mode
[ 2915.616761][ T6943] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2915.624330][ T6943] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2915.633082][ T6943] device bridge_slave_1 entered promiscuous mode
[ 2916.545486][ T6960] loop7: detected capacity change from 0 to 512
[ 2916.595678][ T6960] EXT4-fs (loop7): Ignoring removed mblk_io_submit option
[ 2916.602903][ T6960] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[ 2916.611656][ T6960] EXT4-fs (loop7): can't mount with commit=3, fs mounted w/o journal
[ 2916.637444][   T30] audit: type=1326 audit(2916.617:9614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6961 comm="syz.9.11390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e38272929 code=0x7ffc0000
[ 2917.660106][   T30] audit: type=1326 audit(2916.647:9615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6961 comm="syz.9.11390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=311 compat=0 ip=0x7f5e38272929 code=0x7ffc0000
[ 2917.690553][   T30] audit: type=1326 audit(2916.647:9616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6961 comm="syz.9.11390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e38272929 code=0x7ffc0000
[ 2917.785462][T28358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2917.802278][T28358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2917.810469][T28358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2917.811087][ T6973] loop9: detected capacity change from 0 to 256
[ 2917.818890][T28358] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2917.833279][T28358] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2917.840335][T28358] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2917.848010][T28358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2917.856711][T28358] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2917.865020][T28358] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2917.872074][T28358] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2917.880366][T28358] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2917.898304][T28358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2917.906785][T28358] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2917.915156][T28358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2917.923378][T28358] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2917.960236][T28358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2917.968851][T28358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2917.993348][ T6943] device veth0_vlan entered promiscuous mode
[ 2918.020053][ T6768] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2918.028100][ T6768] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2918.037338][ T6768] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2918.050171][ T6768] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2918.064776][ T6943] device veth1_macvtap entered promiscuous mode
[ 2918.071504][ T6768] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2918.080374][ T6768] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2918.088936][ T6768] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2918.100568][ T5326] device bridge_slave_0 left promiscuous mode
[ 2918.107101][ T5326] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2918.115307][ T5326] device veth0_vlan left promiscuous mode
[ 2918.264849][ T6990] serio: Serial port ptm0
[ 2918.386185][ T6997] loop7: detected capacity change from 0 to 1024
[ 2918.394113][ T6997] EXT4-fs (loop7): Ignoring removed nobh option
[ 2918.400817][ T6997] EXT4-fs (loop7): Ignoring removed bh option
[ 2918.406961][ T6997] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 2918.424728][ T6768] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2918.433408][ T6768] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2918.442618][ T6997] EXT4-fs error (device loop7): ext4_orphan_get:1427: comm syz.7.11401: bad orphan inode 32767
[ 2918.453281][ T6997] EXT4-fs (loop7): mounted filesystem without journal. Opts: delalloc,data_err=abort,noload,dioread_lock,data_err=ignore,resgid=0x0000000000000000,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 2918.479051][ T6768] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2918.494568][ T6768] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2918.618671][ T7007] loop5: detected capacity change from 0 to 512
[ 2918.651825][ T7007] EXT4-fs (loop5): Ignoring removed oldalloc option
[ 2919.536137][ T7007] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 2919.545088][ T7007] Quota error (device loop5): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 2919.554794][ T7007] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[ 2919.564249][ T7007] EXT4-fs error (device loop5): ext4_acquire_dquot:6195: comm syz.5.11402: Failed to acquire dquot type 1
[ 2919.578324][ T7007] EXT4-fs (loop5): 1 truncate cleaned up
[ 2919.584724][ T7007] EXT4-fs (loop5): mounted filesystem without journal. Opts: bsdgroups,nodiscard,oldalloc,grpjquota=,nobarrier,noquota,abort,nodiscard,nodiscard,,errors=continue. Quota mode: writeback.
[ 2919.881102][ T7016] tipc: Started in network mode
[ 2919.912927][ T7016] tipc: Node identity ac14140f, cluster identity 4711
[ 2919.928666][ T7016] tipc: New replicast peer: 255.255.255.255
[ 2919.935856][ T7016] tipc: Enabled bearer <udp:syz2>, priority 10
[ 2920.117069][ T7031] loop6: detected capacity change from 0 to 256
[ 2920.120462][ T7030] loop9: detected capacity change from 0 to 128
[ 2920.596241][ T7030] x_tables: duplicate underflow at hook 4
[ 2920.760960][ T7030] overlayfs: './file1' not a directory
[ 2920.832450][ T7042] loop7: detected capacity change from 0 to 256
[ 2921.055578][T15874] tipc: Node number set to 2886997007
[ 2921.603787][  T303] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[ 2921.671200][ T7050] loop5: detected capacity change from 0 to 512
[ 2921.707680][ T7050] EXT4-fs error (device loop5): ext4_do_update_inode:5234: inode #3: comm syz.5.11416: corrupted inode contents
[ 2921.709839][ T7053] loop7: detected capacity change from 0 to 1024
[ 2921.719801][ T7050] EXT4-fs error (device loop5): ext4_dirty_inode:6070: inode #3: comm syz.5.11416: mark_inode_dirty error
[ 2921.738500][ T7050] EXT4-fs error (device loop5): ext4_do_update_inode:5234: inode #3: comm syz.5.11416: corrupted inode contents
[ 2921.738874][ T7053] EXT4-fs (loop7): Ignoring removed nobh option
[ 2921.755848][ T7050] EXT4-fs error (device loop5): __ext4_ext_dirty:183: inode #3: comm syz.5.11416: mark_inode_dirty error
[ 2921.756857][ T7053] EXT4-fs (loop7): Ignoring removed bh option
[ 2921.768317][ T7050] Quota error (device loop5): write_blk: dquota write failed
[ 2921.774502][ T7053] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 2921.781481][ T7050] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[ 2921.801004][ T7053] EXT4-fs error (device loop7): ext4_orphan_get:1427: comm syz.7.11417: bad orphan inode 32767
[ 2921.809542][ T7050] EXT4-fs error (device loop5): ext4_acquire_dquot:6195: comm syz.5.11416: Failed to acquire dquot type 0
[ 2921.825850][ T7053] EXT4-fs (loop7): mounted filesystem without journal. Opts: delalloc,data_err=abort,noload,dioread_lock,data_err=ignore,resgid=0x0000000000000000,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 2921.826222][ T7050] EXT4-fs (loop5): 1 orphan inode deleted
[ 2921.945388][ T7058] loop9: detected capacity change from 0 to 256
[ 2921.959963][ T7050] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2922.009364][  T303] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2922.020245][  T303] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2922.149422][  T303] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2922.163848][  T303] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2922.179327][  T303] usb 1-1: SerialNumber: syz
[ 2922.499790][  T303] usb 1-1: 0:2 : does not exist
[ 2922.504886][  T303] usb 1-1: unit 5: unexpected type 0x0b
[ 2922.523906][  T303] usb 1-1: USB disconnect, device number 57
[ 2922.589591][ T7079] netlink: 20 bytes leftover after parsing attributes in process `syz.7.11424'.
[ 2922.789384][T32449] usb 6-1: new high-speed USB device number 55 using dummy_hcd
[ 2923.387062][ T7089] device veth1_macvtap left promiscuous mode
[ 2923.393200][ T7089] device macsec0 entered promiscuous mode
[ 2923.580930][T32449] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2923.591235][T32449] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2923.608239][ T7087] loop6: detected capacity change from 0 to 256
[ 2923.679667][T32449] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2923.692829][T32449] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2923.709311][T32449] usb 6-1: SerialNumber: syz
[ 2924.540237][ T7097] loop9: detected capacity change from 0 to 512
[ 2924.583758][ T7097] EXT4-fs (loop9): Ignoring removed oldalloc option
[ 2924.756871][ T7097] EXT4-fs (loop9): orphan cleanup on readonly fs
[ 2924.765166][ T7097] Quota error (device loop9): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 2924.774841][ T7097] Quota error (device loop9): qtree_read_dquot: Can't read quota structure for id 0
[ 2924.784270][ T7097] EXT4-fs error (device loop9): ext4_acquire_dquot:6195: comm syz.9.11429: Failed to acquire dquot type 1
[ 2924.798519][ T7097] EXT4-fs (loop9): 1 truncate cleaned up
[ 2924.807964][T32449] usb 6-1: 0:2 : does not exist
[ 2924.813957][T32449] usb 6-1: unit 5: unexpected type 0x0b
[ 2924.894488][ T7097] EXT4-fs (loop9): mounted filesystem without journal. Opts: bsdgroups,nodiscard,oldalloc,grpjquota=,nobarrier,noquota,abort,nodiscard,nodiscard,,errors=continue. Quota mode: writeback.
[ 2925.027235][T32449] usb 6-1: USB disconnect, device number 55
[ 2925.669078][ T7113] loop9: detected capacity change from 0 to 1024
[ 2925.699987][T16856] udevd[16856]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 2925.752414][ T7113] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 2925.782645][ T7113] EXT4-fs (loop9): shut down requested (0)
[ 2925.862616][   T30] audit: type=1400 audit(2925.847:9617): avc:  denied  { create } for  pid=7129 comm="syz.0.11442" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmsvc_socket permissive=1
[ 2925.930677][ T7144] ==================================================================
[ 2925.938782][ T7144] BUG: KASAN: slab-out-of-bounds in tc_setup_flow_action+0x870/0x3240
[ 2925.946938][ T7144] Read of size 8 at addr ffff888113f8d2c0 by task syz.9.11449/7144
[ 2925.954820][ T7144] 
[ 2925.957141][ T7144] CPU: 1 PID: 7144 Comm: syz.9.11449 Tainted: G        W         5.15.185-syzkaller-00032-g0d918fa8e88d #0
[ 2925.968501][ T7144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2925.978570][ T7144] Call Trace:
[ 2925.981923][ T7144]  <TASK>
[ 2925.984856][ T7144]  __dump_stack+0x21/0x30
[ 2925.989191][ T7144]  dump_stack_lvl+0xee/0x150
[ 2925.993804][ T7144]  ? show_regs_print_info+0x20/0x20
[ 2925.999009][ T7144]  ? load_image+0x3a0/0x3a0
[ 2926.003519][ T7144]  print_address_description+0x7f/0x2c0
[ 2926.009063][ T7144]  ? tc_setup_flow_action+0x870/0x3240
[ 2926.014519][ T7144]  kasan_report+0xf1/0x140
[ 2926.018936][ T7144]  ? tc_setup_flow_action+0x870/0x3240
[ 2926.024390][ T7144]  __asan_report_load8_noabort+0x14/0x20
[ 2926.030017][ T7144]  tc_setup_flow_action+0x870/0x3240
[ 2926.035298][ T7144]  mall_replace_hw_filter+0x293/0x820
[ 2926.040663][ T7144]  ? pcpu_block_update_hint_alloc+0x8c1/0xc50
[ 2926.046729][ T7144]  ? mall_set_parms+0x520/0x520
[ 2926.051576][ T7144]  ? tcf_exts_destroy+0xb0/0xb0
[ 2926.056440][ T7144]  ? mall_set_parms+0x1e8/0x520
[ 2926.061299][ T7144]  mall_change+0x526/0x740
[ 2926.065720][ T7144]  ? __kasan_check_write+0x14/0x20
[ 2926.070841][ T7144]  ? mall_get+0xa0/0xa0
[ 2926.074997][ T7144]  ? tcf_chain_tp_insert_unique+0xac1/0xc10
[ 2926.080901][ T7144]  tc_new_tfilter+0x12a2/0x1870
[ 2926.085765][ T7144]  ? tcf_gate_entry_destructor+0x20/0x20
[ 2926.091402][ T7144]  ? update_curr+0x40d/0x5b0
[ 2926.095995][ T7144]  ? security_capable+0x87/0xb0
[ 2926.100849][ T7144]  ? ns_capable+0x8c/0xf0
[ 2926.105160][ T7144]  ? netlink_net_capable+0x125/0x160
[ 2926.110424][ T7144]  ? tcf_gate_entry_destructor+0x20/0x20
[ 2926.116035][ T7144]  rtnetlink_rcv_msg+0x81b/0xb90
[ 2926.120953][ T7144]  ? rtnetlink_bind+0x80/0x80
[ 2926.125608][ T7144]  ? memcpy+0x56/0x70
[ 2926.129570][ T7144]  ? avc_has_perm_noaudit+0x2f4/0x460
[ 2926.134943][ T7144]  ? arch_stack_walk+0xee/0x140
[ 2926.139775][ T7144]  ? avc_denied+0x1b0/0x1b0
[ 2926.144259][ T7144]  ? stack_trace_save+0x98/0xe0
[ 2926.149090][ T7144]  ? avc_has_perm+0x158/0x240
[ 2926.153751][ T7144]  ? avc_has_perm_noaudit+0x460/0x460
[ 2926.159102][ T7144]  ? x64_sys_call+0x4b/0x9a0
[ 2926.163674][ T7144]  ? selinux_nlmsg_lookup+0x416/0x4c0
[ 2926.169026][ T7144]  netlink_rcv_skb+0x1e0/0x430
[ 2926.173767][ T7144]  ? rtnetlink_bind+0x80/0x80
[ 2926.178424][ T7144]  ? netlink_ack+0xb60/0xb60
[ 2926.182992][ T7144]  ? __netlink_lookup+0x387/0x3b0
[ 2926.187994][ T7144]  rtnetlink_rcv+0x1c/0x20
[ 2926.192390][ T7144]  netlink_unicast+0x87c/0xa40
[ 2926.197131][ T7144]  netlink_sendmsg+0x86a/0xb70
[ 2926.201877][ T7144]  ? netlink_getsockopt+0x530/0x530
[ 2926.207053][ T7144]  ? security_socket_sendmsg+0x82/0xa0
[ 2926.212514][ T7144]  ? netlink_getsockopt+0x530/0x530
[ 2926.217691][ T7144]  ____sys_sendmsg+0x5a2/0x8c0
[ 2926.222432][ T7144]  ? __sys_sendmsg_sock+0x40/0x40
[ 2926.227435][ T7144]  ? import_iovec+0x7c/0xb0
[ 2926.231917][ T7144]  ___sys_sendmsg+0x1f0/0x260
[ 2926.236586][ T7144]  ? __sys_sendmsg+0x250/0x250
[ 2926.241326][ T7144]  ? sock_show_fdinfo+0xa0/0xa0
[ 2926.246157][ T7144]  ? __fdget+0x1a1/0x230
[ 2926.250392][ T7144]  __x64_sys_sendmsg+0x1e2/0x2a0
[ 2926.255307][ T7144]  ? ___sys_sendmsg+0x260/0x260
[ 2926.260137][ T7144]  ? __kasan_check_write+0x14/0x20
[ 2926.265228][ T7144]  ? switch_fpu_return+0x15d/0x2c0
[ 2926.270317][ T7144]  x64_sys_call+0x4b/0x9a0
[ 2926.274708][ T7144]  do_syscall_64+0x4c/0xa0
[ 2926.279133][ T7144]  ? clear_bhb_loop+0x50/0xa0
[ 2926.283786][ T7144]  ? clear_bhb_loop+0x50/0xa0
[ 2926.288441][ T7144]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2926.294318][ T7144] RIP: 0033:0x7f5e38272929
[ 2926.298710][ T7144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2926.318295][ T7144] RSP: 002b:00007f5e368db038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2926.326685][ T7144] RAX: ffffffffffffffda RBX: 00007f5e38499fa0 RCX: 00007f5e38272929
[ 2926.334638][ T7144] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000004
[ 2926.342586][ T7144] RBP: 00007f5e382f4b39 R08: 0000000000000000 R09: 0000000000000000
[ 2926.350539][ T7144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2926.358509][ T7144] R13: 0000000000000000 R14: 00007f5e38499fa0 R15: 00007fff11a34f88
[ 2926.366488][ T7144]  </TASK>
[ 2926.369499][ T7144] 
[ 2926.371800][ T7144] Allocated by task 7144:
[ 2926.376106][ T7144]  __kasan_kmalloc+0xda/0x110
[ 2926.380761][ T7144]  __kmalloc+0x13d/0x2c0
[ 2926.384980][ T7144]  tcf_idr_create+0x5f/0x790
[ 2926.389546][ T7144]  tcf_idr_create_from_flags+0x61/0x70
[ 2926.394983][ T7144]  tcf_gact_init+0x346/0x580
[ 2926.399546][ T7144]  tcf_action_init_1+0x3f7/0x6a0
[ 2926.404459][ T7144]  tcf_action_init+0x1e9/0x710
[ 2926.409196][ T7144]  tcf_exts_validate+0x217/0x520
[ 2926.414108][ T7144]  mall_set_parms+0x48/0x520
[ 2926.418690][ T7144]  mall_change+0x45a/0x740
[ 2926.423706][ T7144]  tc_new_tfilter+0x12a2/0x1870
[ 2926.428536][ T7144]  rtnetlink_rcv_msg+0x81b/0xb90
[ 2926.433447][ T7144]  netlink_rcv_skb+0x1e0/0x430
[ 2926.438187][ T7144]  rtnetlink_rcv+0x1c/0x20
[ 2926.442581][ T7144]  netlink_unicast+0x87c/0xa40
[ 2926.447324][ T7144]  netlink_sendmsg+0x86a/0xb70
[ 2926.452066][ T7144]  ____sys_sendmsg+0x5a2/0x8c0
[ 2926.456808][ T7144]  ___sys_sendmsg+0x1f0/0x260
[ 2926.461456][ T7144]  __x64_sys_sendmsg+0x1e2/0x2a0
[ 2926.466368][ T7144]  x64_sys_call+0x4b/0x9a0
[ 2926.470759][ T7144]  do_syscall_64+0x4c/0xa0
[ 2926.475148][ T7144]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2926.481017][ T7144] 
[ 2926.483323][ T7144] Last potentially related work creation:
[ 2926.489014][ T7144]  kasan_save_stack+0x3a/0x60
[ 2926.493670][ T7144]  __kasan_record_aux_stack+0xd2/0x100
[ 2926.499118][ T7144]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 2926.504905][ T7144]  call_rcu+0xf6/0xf60
[ 2926.508961][ T7144]  neigh_parms_release+0x1e0/0x220
[ 2926.514053][ T7144]  inetdev_event+0x81c/0x10a0
[ 2926.518707][ T7144]  raw_notifier_call_chain+0x90/0x100
[ 2926.524056][ T7144]  unregister_netdevice_many+0xfb8/0x1990
[ 2926.529759][ T7144]  default_device_exit_batch+0x330/0x390
[ 2926.535374][ T7144]  cleanup_net+0x602/0xad0
[ 2926.539767][ T7144]  process_one_work+0x6be/0xba0
[ 2926.544605][ T7144]  worker_thread+0xa59/0x1200
[ 2926.549261][ T7144]  kthread+0x411/0x500
[ 2926.553312][ T7144]  ret_from_fork+0x1f/0x30
[ 2926.557707][ T7144] 
[ 2926.560008][ T7144] Second to last potentially related work creation:
[ 2926.566563][ T7144]  kasan_save_stack+0x3a/0x60
[ 2926.571219][ T7144]  __kasan_record_aux_stack+0xd2/0x100
[ 2926.576656][ T7144]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 2926.582438][ T7144]  call_rcu+0xf6/0xf60
[ 2926.586834][ T7144]  neigh_parms_release+0x1e0/0x220
[ 2926.591926][ T7144]  addrconf_ifdown+0x15e3/0x1880
[ 2926.596842][ T7144]  addrconf_notify+0x3bd/0xde0
[ 2926.601586][ T7144]  raw_notifier_call_chain+0x90/0x100
[ 2926.606938][ T7144]  unregister_netdevice_many+0xfb8/0x1990
[ 2926.612634][ T7144]  default_device_exit_batch+0x330/0x390
[ 2926.618251][ T7144]  cleanup_net+0x602/0xad0
[ 2926.622646][ T7144]  process_one_work+0x6be/0xba0
[ 2926.627475][ T7144]  worker_thread+0xa59/0x1200
[ 2926.632132][ T7144]  kthread+0x411/0x500
[ 2926.636180][ T7144]  ret_from_fork+0x1f/0x30
[ 2926.640573][ T7144] 
[ 2926.642876][ T7144] The buggy address belongs to the object at ffff888113f8d200
[ 2926.642876][ T7144]  which belongs to the cache kmalloc-192 of size 192
[ 2926.656904][ T7144] The buggy address is located 0 bytes to the right of
[ 2926.656904][ T7144]  192-byte region [ffff888113f8d200, ffff888113f8d2c0)
[ 2926.670502][ T7144] The buggy address belongs to the page:
[ 2926.676126][ T7144] page:ffffea00044fe340 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x113f8d
[ 2926.686339][ T7144] flags: 0x4000000000000200(slab|zone=1)
[ 2926.691966][ T7144] raw: 4000000000000200 dead000000000100 dead000000000122 ffff888100042c00
[ 2926.700529][ T7144] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 2926.709090][ T7144] page dumped because: kasan: bad access detected
[ 2926.715476][ T7144] page_owner tracks the page as allocated
[ 2926.721165][ T7144] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 110, ts 4618250776, free_ts 4618206245
[ 2926.736941][ T7144]  post_alloc_hook+0x192/0x1b0
[ 2926.741690][ T7144]  prep_new_page+0x1c/0x110
[ 2926.746173][ T7144]  get_page_from_freelist+0x2cc5/0x2d50
[ 2926.751702][ T7144]  __alloc_pages+0x18f/0x440
[ 2926.756270][ T7144]  new_slab+0xa1/0x4d0
[ 2926.760321][ T7144]  ___slab_alloc+0x381/0x810
[ 2926.764895][ T7144]  __slab_alloc+0x49/0x90
[ 2926.769203][ T7144]  kmem_cache_alloc_trace+0x146/0x270
[ 2926.774555][ T7144]  kernfs_fop_open+0x343/0xb30
[ 2926.779299][ T7144]  do_dentry_open+0x834/0x1010
[ 2926.784044][ T7144]  vfs_open+0x73/0x80
[ 2926.788002][ T7144]  path_openat+0x2646/0x2f10
[ 2926.792580][ T7144]  do_filp_open+0x1b3/0x3e0
[ 2926.797062][ T7144]  do_sys_openat2+0x14c/0x7b0
[ 2926.801718][ T7144]  __x64_sys_openat+0x136/0x160
[ 2926.806547][ T7144]  x64_sys_call+0x219/0x9a0
[ 2926.811028][ T7144] page last free stack trace:
[ 2926.815677][ T7144]  free_unref_page_prepare+0x542/0x550
[ 2926.821115][ T7144]  free_unref_page+0xa2/0x550
[ 2926.825777][ T7144]  __free_pages+0x6c/0x100
[ 2926.830171][ T7144]  free_pages+0x82/0x90
[ 2926.834305][ T7144]  selinux_genfs_get_sid+0x20b/0x250
[ 2926.839566][ T7144]  inode_doinit_with_dentry+0x86e/0xd70
[ 2926.845089][ T7144]  selinux_d_instantiate+0x27/0x40
[ 2926.850182][ T7144]  security_d_instantiate+0x9e/0xf0
[ 2926.855360][ T7144]  d_splice_alias+0x6d/0x390
[ 2926.859926][ T7144]  kernfs_iop_lookup+0x2c2/0x310
[ 2926.864841][ T7144]  __lookup_slow+0x2aa/0x3e0
[ 2926.869409][ T7144]  lookup_slow+0x57/0x70
[ 2926.873628][ T7144]  walk_component+0x325/0x460
[ 2926.878290][ T7144]  path_lookupat+0x180/0x490
[ 2926.882865][ T7144]  filename_lookup+0x1e2/0x4f0
[ 2926.887606][ T7144]  user_path_at_empty+0x47/0x1c0
[ 2926.892534][ T7144] 
[ 2926.894836][ T7144] Memory state around the buggy address:
[ 2926.900438][ T7144]  ffff888113f8d180: 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc
[ 2926.908477][ T7144]  ffff888113f8d200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2926.916522][ T7144] >ffff888113f8d280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 2926.924556][ T7144]                                            ^
[ 2926.930682][ T7144]  ffff888113f8d300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2926.938721][ T7144]  ffff888113f8d380: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 2926.946761][ T7144] ==================================================================
[ 2926.954793][ T7144] Disabling lock debugging due to kernel taint