last executing test programs:

7.933961023s ago: executing program 4 (id=7337):
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
setuid(0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
symlink(&(0x7f0000000dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
readlink(&(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000001200)=""/4096, 0x1000)

7.881228353s ago: executing program 4 (id=7339):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40282, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140)=0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000df0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
pwritev(r0, &(0x7f0000000040)=[{&(0x7f0000000180)="80fd", 0x2}], 0x1, 0x0, 0x0)

7.680662516s ago: executing program 3 (id=7342):
socket$pppl2tp(0x18, 0x1, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x8, 0x0, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000200)='kmem_cache_free\x00', r0}, 0x18)
socket$inet6_udp(0xa, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="05000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
fsetxattr(r2, &(0x7f0000000080)=@known='trusted.overlay.upper\x00', 0x0, 0x0, 0x0)
r3 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000440)="4c0000001200ff09ff3a150099a283ff04b8008000f0ffff0000000600401500240036001fc411a0b598bc593ab6821148a730cc33a49868c62b2ca654a6613b6aab", 0x42}, {&(0x7f0000000080)='G%\t\x00\x00\x00\x00\x00\x00\x00', 0xa}], 0x2}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$NS_GET_OWNER_UID(r2, 0xb704, &(0x7f00000000c0))
fgetxattr(r2, &(0x7f0000000100)=@random={'system.', '@#&\\!-.\x00\xf94\xf6 4,\x17\xc7\x0452\x0f\x9e\xda'}, 0x0, 0x0)

7.625254866s ago: executing program 4 (id=7344):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
unshare(0x40000000) (fail_nth: 1)

7.137014312s ago: executing program 4 (id=7351):
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f00000002c0)='./file0\x00', 0xc80, &(0x7f0000020100)=ANY=[@ANYBLOB="00631dda01aef2456795dd9b26209f1c0f624854ea3dd5a00bd6df44035f5c3ae796fec6d633a0ffad0569794acfef7da01767fd4175f2cd82df769aa2ee7bfe3640554507d2e660c9f9e222a72e1e3e71145c480657d2864e5e276f028d64701ae31cde0ceaf408fdb05c0f4142da00e900000100000149e6d308cbe315789f4baffe39bbced9b1d421d2e290e9fc563b62225f002ee310e1fa7321000000000000d6231001a4b2d467825f3abb0c167e129cf1fa0e7854103f4bf2d3a0194983bc86cbd3d75ccef3c8ac4516dac102"], 0x1, 0x27c, &(0x7f0000000600)="$eJzs281qE1EYxvGnH9ov20Sr1VbEF93oZmjjFYTSghhQaiN+gDC1Ew2ZJiUTKhGx3bn1LoTi0p0g3kA3XoELd9247EIc6UxskzaiFXRs8/9tzhvOPOGcnDPhLGY2775aKhUCp+DW1N1l6pX6tSWl1a0exboabXdUH1ezNV0dzX26cPve/RvZXG5mzmw2O38tY2YjF98/ff7m0ofa0J23I+/6tJF+uPkl83ljbGN889v8k2JgxcDKlZq5tlCp1NwF37PFYlByzG75nht4ViwHXrWlv+BXlpfr5pYXhweXq14QmFuuW8mrW61itWrd3MdusWyO49jwoPAr+fW5OTeb9Cjwd1WrWXda0sS+nvx6IgMCAACJanP+X+P83yk4/3eC7fP/g8b924rzPwAAAAAAAAAAAAAAAAAAAAAAh8FWGKbCMEz9aI9J0Rs+YePzgKRBSUOSTkgaljQiKSUpLemkpFOSRiWdlnRG0piks5LOSRpv+q6k54r9kln/gSSnjCbc/52N9e9sTS/u9ktLL1fyK/m4jfuzBRXly9OkUvoarWVDXM9ez81MWiSt80urjfzqSr6nNT+l1PaGaZefivPWmu+L9t1OPqPU9gZrl8+0zffryuWmvKOUPj5SRb4Woz25m38xZTZ9M7cnPxFdd9Q5tqPt+jnOz/rj/AH2x57ft1cTvcnOHVJQf1Zyfd+rUlAcheK1/othHP4i6X8m/Au7i570SAAAAAAAAAAAAAAAAAAAB/GnTwiGq3H+dy5Oeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOz1PQAA//+5gF2o")
sched_setscheduler(0x0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'vlan0\x00', <r1=>0x0})
unshare(0x62040200)
r2 = gettid()
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000005f00)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r1, @ANYBLOB="6d3082610000000008001300", @ANYRES32=r2], 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x7, 0x4, 0x208, 0x1}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000021000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x4, 0x4, 0x4, 0x10000, 0x808, 0xffffffffffffffff, 0x20000000, '\x00', 0x0, 0xffffffffffffffff, 0x3000000, 0xffffffff}, 0x50)
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', 0xcc04, &(0x7f0000000100)={[{@dots}, {@fat=@quiet}, {@dots}, {@dots}, {@dots}, {@fat=@flush}, {@nodots}, {@nodots}, {@dots}, {@nodots}, {@nodots}, {@dots}, {@nodots}, {@dots}, {@nodots}, {@dots}, {@fat=@usefree}, {@fat=@gid}, {}, {@dots}, {@fat=@codepage={'codepage', 0x3d, '864'}}, {@dots}]}, 0x1, 0x1bf, &(0x7f0000000300)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000180)='sys_enter\x00', r5}, 0x10)
kcmp(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000010000000800000008"], 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r8, &(0x7f0000000000)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x4, 0x0}, 0x54}, 0x1c)
bind$inet6(r8, &(0x7f0000000040)={0xa, 0xe21, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c)
getsockopt$inet6_opts(r8, 0x29, 0x37, &(0x7f0000000000)=""/38, &(0x7f0000000080)=0x26)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r7}, 0x10)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='tcp_probe\x00', r9}, 0x18)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

6.688705278s ago: executing program 4 (id=7363):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x200, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x1c, r6, 0x9c3fa077fa966179, 0x4, 0x0, {{0x7e}, {@void, @void}}}, 0x1c}}, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="11000000040000000400000022"], 0x48)
r8 = socket(0x2c, 0x3, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r9, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r8}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r7, &(0x7f0000000140), 0x0}, 0x20)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x100779, &(0x7f0000000880)={[], [], 0x2c}, 0x2, 0x4f8, &(0x7f0000000980)="$eJzs3MtrXNUfAPDvnSRN08cv+fX389GHdrSKQbFp0ufCRSsK3QiCInUZk7TUpq00EdoSbCpSwYXSv8DHTvAvcKUbUXGhuFXcilAkm1YXcuXO3BknuZm8OsmY5vOBmZ5777lzznfuPZ3zmEkAG1Y5e0oitkXETxHRW92cnaFc/efOzNTIHzNTI0mk6Uu/J5V8t2emRmpZa+dtzTf6SxGld5LYXSy2e+LK1XPD4+Njl/IdA5OlPHV++MzYmbELQ8eOHTrYc/TI0OGWxJnV6fauty7u2Xny1ZsvjJy6+do3n2X1TfPjjXFU9VWeNy25hI7CnnKUZ7+XDR5fetXXhe0N6aQzey61rzIsWXbXZperq9L+e6OjslXVG8+/3dbKAasqTdO0u7C3/lk2nTZKkuoJaXo9Be4BSbS7BkB71D7ob89kI9WpkeI4+N5260RURkBZ3HfyR/VIZ2UEW+6rjo26Vqn8/0fEqek/P8weMe88BABAa31xImJL3u+oPapHSnF/Q77/5GtDfRHx34jYERH/y/sv90VU8j4QEQ82nLNtCasA5Tnbxf7PDz15orG72jJZ/++ZfG1rdv+vXvO+jnxreyX+ruT02fGxA/l70h9d3dn2YPGl69NqXz734wfNyi839P+yR1Z+rS+Y1+O3zjkTdKPDk8N3G3fNreuVN/ZaMf4kOpNaKmJnROxawetn79nZJz/d0+z4rPizOAvxv9/8xTtXUKE50o8jnqhe/+mYE3/k639JZX3y/BsDE1euPn22cX1y8OiRocMDm2N87MBA7a4o+vb7Gy/mycIwYoHrX2saq7qQll3/LfPe//WVy74sVV+vnVh+GTd+frfpmGal9/+m5OVKurY+e3l4cvLSYMSmZLq4f+ifcy8P98zKn8Xfv2/+9r8j4q+P8vN2R0R2Ez8UEQ9HxN687o9ExKMRsW+B+L9+9rHXmw0hF49/dWXxjy7r+jdLHP8uYv5DHee++rxQ8HvlQvxd0ez6H6qk+vM9o8OTmxeLa6GaNibu+g0EAACAdWBvZZ42Ke3PJ5q2Ram0f3/E1voMysTkU6cvvnlhtDqf2xddpdpMV2/DfOhgPjecbWdnDTVsZ8cPVuaN0zRNe7LtbPw+vr29ocOGt7VJ+8/8WvxJC3CvWdY6WrNftAHr0tz2v+jqWl3rv5ABrK0WfI8GWKe0f9i4ltz+V+tXcEDbzNf+r0XcaUNVgDU2X/t/pbDn+JrUBVhbxv+wca28/fsyAKx3Pv9hQ1rSj+RXkNhxcoE8SefqFNo8UYqF/wpAX0RtT61Ps/AL/lKKaE0NO1oaac+sa1qaN8/maEVZUVo0T+cy/hDD2iZK/45qVBPdEbHI3Vu/2a7VEldXu2KVRvBJe/93AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuHt/BwAA//9n7NJW")

6.52874673s ago: executing program 4 (id=7366):
openat(0xffffffffffffff9c, 0x0, 0x2040, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x1c916, &(0x7f0000000100)={[{@nobarrier}, {@noblock_validity}, {@data_err_abort}, {@nouser_xattr}, {@barrier_val={'barrier', 0x3d, 0xc}}, {@auto_da_alloc}, {@nodiscard}, {@data_journal}, {@resgid, 0x32}]}, 0x9b, 0x4dc, &(0x7f0000000f40)="$eJzs3c9rm+cdAPDv+9ry8sOZHbZDFlgWlgw7bJHseEnMYNkGYzsFtmWH3TLPlo2xbBlLTmITNof9AYMRtsFOPfVS6B9QKLn1WloC7b20paW0SXvooY2KZCl1HMk/EtkK1ucDr/W8v/z9PhJ6pOd9HvQG0LVOR8SFiHhUqVTORcRAfXtaX+4djYi19eMePrg9WV2SqFSufZpEUt9WPX54w/+sn1Lzp99H/C15Om5pZXVuolDIL9XXc+X5xVxpZfX87PxEX0QsjI2NXhq/PH5xfKQt9eyPiCu//fA//3r5d1de/9nN965/PPz3alq/rO9v1KPd1queiUMbtvVGxNJeBOuAnnp9Mp1OBACAHWl8z/9xRJyLgeipfZsDAAAADpLKr/rjqySiAgAAABxYaW1ubJJm6/MA+iNNs9n1ObzfjyNpoVgq/3S6uLwwtT6HdjAy6fRsIT9Snys8GJmkuj5aK3+7fmHT+lhEHI+IuwOHa+vZyWJhqtMXPwAAAKBLHN3U//9iYL3/DwAAABwwg51OAAAAANhz+v8AAABw8DXp//+lE3kAAAAAe+IPV69Wl0rj/tdTN1aW54o3zk/lS3PZ+eXJ7GRxaTE7UyzO1H6zb367/1coFhd/HgvLt3LlfKmcK62sXp8vLi+Ur88+cQtsAAAAYB8d/9G9d5OIWPvF4dpS1dfppIB90bubgz/YuzyA/dfT6QSAjtnV5z9woGQ6nQDQcck2+1tO3nnzmUPeeeYzAQCAZzL0g+bj/8m21wbW0n1KEdgjrv9B9zL+D93L+D90r0z0hI48dLe9H/+vVHaVEAAA0Hb9tSVJsxG16wD9kabZbMSx2m0BMsn0bCE/EhHfjYh3BjLfqa6P1s5MIjF6CAAAAAAAAAAAAAAAAAAAAAAAAAA7UqkkUQEAAAAOtIj0o6R+/6+hgbP9m68P9CVfDtQeI+Lm/6/999ZEubw0Wt3+2ePt5f/Vt1/oxBUMAAAAYLNGP73RjwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdnr44PZkY9nPuJ/8JiIGm8XvjUO1x0ORiYgjnyfRu+G8JCJ62hB/7U5EnGgWP6mmFYP1LJrFP9zB+GlEHG1DfOhm96rtz6+bvf/SOF17bP7+u1RroZ5f6/Yvfdz+9bRof47tMMbJ+6/mWsa/E3Gyt3n704iftIh/Zofx//rn1dVW+yovRQw1/fxJnoiVK88v5korq+dn5ydm8jP5hbGx0Uvjl8cvjo/kpmcL+frfJhH64t8/fO3RVvU/Endbtr9b1f/sDuv/9f1bD763Xsw0iz98pvnrf6JF/LT+2feTerm6f6hRXlsvb3TqlbdORbz9Rqv6T7V4/rd7/Yd3WP9zf/zn+zs8FADYB6WV1bmJQiG/1NWF53o2ql+LXohaKOy28I8XI40XstDZdgkAAGi/p/vAT2rHGDsAAAAAAAAAAAAAAAAAAACwtf38db2Gtc5UFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgS98EAAD//5EF1pc=")

6.52856623s ago: executing program 32 (id=7366):
openat(0xffffffffffffff9c, 0x0, 0x2040, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x1c916, &(0x7f0000000100)={[{@nobarrier}, {@noblock_validity}, {@data_err_abort}, {@nouser_xattr}, {@barrier_val={'barrier', 0x3d, 0xc}}, {@auto_da_alloc}, {@nodiscard}, {@data_journal}, {@resgid, 0x32}]}, 0x9b, 0x4dc, &(0x7f0000000f40)="$eJzs3c9rm+cdAPDv+9ry8sOZHbZDFlgWlgw7bJHseEnMYNkGYzsFtmWH3TLPlo2xbBlLTmITNof9AYMRtsFOPfVS6B9QKLn1WloC7b20paW0SXvooY2KZCl1HMk/EtkK1ucDr/W8v/z9PhJ6pOd9HvQG0LVOR8SFiHhUqVTORcRAfXtaX+4djYi19eMePrg9WV2SqFSufZpEUt9WPX54w/+sn1Lzp99H/C15Om5pZXVuolDIL9XXc+X5xVxpZfX87PxEX0QsjI2NXhq/PH5xfKQt9eyPiCu//fA//3r5d1de/9nN965/PPz3alq/rO9v1KPd1queiUMbtvVGxNJeBOuAnnp9Mp1OBACAHWl8z/9xRJyLgeipfZsDAAAADpLKr/rjqySiAgAAABxYaW1ubJJm6/MA+iNNs9n1ObzfjyNpoVgq/3S6uLwwtT6HdjAy6fRsIT9Snys8GJmkuj5aK3+7fmHT+lhEHI+IuwOHa+vZyWJhqtMXPwAAAKBLHN3U//9iYL3/DwAAABwwg51OAAAAANhz+v8AAABw8DXp//+lE3kAAAAAe+IPV69Wl0rj/tdTN1aW54o3zk/lS3PZ+eXJ7GRxaTE7UyzO1H6zb367/1coFhd/HgvLt3LlfKmcK62sXp8vLi+Ur88+cQtsAAAAYB8d/9G9d5OIWPvF4dpS1dfppIB90bubgz/YuzyA/dfT6QSAjtnV5z9woGQ6nQDQcck2+1tO3nnzmUPeeeYzAQCAZzL0g+bj/8m21wbW0n1KEdgjrv9B9zL+D93L+D90r0z0hI48dLe9H/+vVHaVEAAA0Hb9tSVJsxG16wD9kabZbMSx2m0BMsn0bCE/EhHfjYh3BjLfqa6P1s5MIjF6CAAAAAAAAAAAAAAAAAAAAAAAAAA7UqkkUQEAAAAOtIj0o6R+/6+hgbP9m68P9CVfDtQeI+Lm/6/999ZEubw0Wt3+2ePt5f/Vt1/oxBUMAAAAYLNGP73RjwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdnr44PZkY9nPuJ/8JiIGm8XvjUO1x0ORiYgjnyfRu+G8JCJ62hB/7U5EnGgWP6mmFYP1LJrFP9zB+GlEHG1DfOhm96rtz6+bvf/SOF17bP7+u1RroZ5f6/Yvfdz+9bRof47tMMbJ+6/mWsa/E3Gyt3n704iftIh/Zofx//rn1dVW+yovRQw1/fxJnoiVK88v5korq+dn5ydm8jP5hbGx0Uvjl8cvjo/kpmcL+frfJhH64t8/fO3RVvU/Endbtr9b1f/sDuv/9f1bD763Xsw0iz98pvnrf6JF/LT+2feTerm6f6hRXlsvb3TqlbdORbz9Rqv6T7V4/rd7/Yd3WP9zf/zn+zs8FADYB6WV1bmJQiG/1NWF53o2ql+LXohaKOy28I8XI40XstDZdgkAAGi/p/vAT2rHGDsAAAAAAAAAAAAAAAAAAACwtf38db2Gtc5UFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgS98EAAD//5EF1pc=")

5.966770507s ago: executing program 1 (id=7371):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110e22fff6)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r2}, 0x10)
ioctl$TUNSETOFFLOAD(r1, 0x4004743d, 0x110e22fff6)
write$cgroup_type(r1, &(0x7f0000000280), 0xfffffeed)

5.909948248s ago: executing program 3 (id=7372):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x5)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0xc044)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r7 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000040)={[{0x2d, 'pids'}, {0x2b, 'cpu'}]}, 0xb)

5.820756369s ago: executing program 1 (id=7373):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10) (async)
mkdir(0x0, 0x81)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x60242, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4800000010000304eee029bd7000e8dbdf2500007400", @ANYRES32=0x0, @ANYBLOB="1018000047740500280012800b00010062726964676500001800028006000900000000000a0014000180c20000010000"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x0) (async)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000f40)={'pimreg\x00', 0x3c32}) (async)
r2 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000016000000b40000007f"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000280)='sys_enter\x00', r3}, 0x18) (async, rerun: 64)
process_mrelease(0xffffffffffffffff, 0x700000000000000) (async, rerun: 64)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0xa, &(0x7f0000000cc0)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018100000", @ANYRES32=r2, @ANYBLOB="0000000000000000790048020000000018000000000000000000000000000000950000000000000095000000000000009674a56f931144aee621c0fc0ba74afa1b94941d565f18543aeaeaa5ded63fe10500000097fc11a53b2bae415006005eb16564753d1c78672710ace88b3fdf081aa9b6174d0a888721cb1e198383b44c81bb623f32d06f0da119a9bf9c02c82748304c29fddc9f6e3ac97e17a986f43947411ba5934821a995e1043d0ddbfa3957fb55952b0cf6167bb7f2c435ec118c0168803f92e4b58e269da22e25afc7cd090d4c1b685b9469d75bb085db73f51bb1ab4b72fef96a8fecfc735a7987841ecc408bab2bbed336f3710d94aa7bac92ccea5537e01eb981c660debe0b6b106ab3965591ea8ee08aeba03b26e16acee70ff4fadf7766db9a77c7520e1653656717eb0eb5da65ad44be8c9cb6f6c5bc6f57c4116843c786a86347bd2ce7b7a76508785b2d7d76c9277369e35b282f0011433ca4640d8d69b0881ccd75a7e268f983555a66375518e6187467e6f918ccd3d04160001f0def821d84409aa6cd786e6f01c37e4ea924982f1430489c36637af0fc4a81b33e663038c26e1b0c975faa71e00fb96871954d9e246ab179d04702834ada3ed9fab88df20a36d6f38d448bf05d929ce7ed83c6ac652a16332172a3b64d6103"], &(0x7f0000000000)='GPL\x00', 0x4, 0xee, &(0x7f0000000340)=""/238}, 0x80)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="280000001000010024bd7000fc0ddf2500000000", @ANYRES32=0x0, @ANYBLOB="1b0b04000300000008001b"], 0x28}, 0x1, 0x0, 0x0, 0x68010}, 0x0)
pwritev2(r1, &(0x7f0000000340)=[{&(0x7f0000000100)="981887f8", 0x4}, {&(0x7f0000000080)="69640b5fb11d", 0x6}, {&(0x7f0000000240)="7e88a871", 0x4}], 0x3, 0x4, 0x5, 0x0)

5.346230905s ago: executing program 2 (id=7378):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x200, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x7)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket(0x2c, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_i', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x100779, &(0x7f0000000880)={[], [], 0x2c}, 0x2, 0x4f8, &(0x7f0000000980)="$eJzs3MtrXNUfAPDvnSRN08cv+fX389GHdrSKQbFp0ufCRSsK3QiCInUZk7TUpq00EdoSbCpSwYXSv8DHTvAvcKUbUXGhuFXcilAkm1YXcuXO3BknuZm8OsmY5vOBmZ5777lzznfuPZ3zmEkAG1Y5e0oitkXETxHRW92cnaFc/efOzNTIHzNTI0mk6Uu/J5V8t2emRmpZa+dtzTf6SxGld5LYXSy2e+LK1XPD4+Njl/IdA5OlPHV++MzYmbELQ8eOHTrYc/TI0OGWxJnV6fauty7u2Xny1ZsvjJy6+do3n2X1TfPjjXFU9VWeNy25hI7CnnKUZ7+XDR5fetXXhe0N6aQzey61rzIsWXbXZperq9L+e6OjslXVG8+/3dbKAasqTdO0u7C3/lk2nTZKkuoJaXo9Be4BSbS7BkB71D7ob89kI9WpkeI4+N5260RURkBZ3HfyR/VIZ2UEW+6rjo26Vqn8/0fEqek/P8weMe88BABAa31xImJL3u+oPapHSnF/Q77/5GtDfRHx34jYERH/y/sv90VU8j4QEQ82nLNtCasA5Tnbxf7PDz15orG72jJZ/++ZfG1rdv+vXvO+jnxreyX+ruT02fGxA/l70h9d3dn2YPGl69NqXz734wfNyi839P+yR1Z+rS+Y1+O3zjkTdKPDk8N3G3fNreuVN/ZaMf4kOpNaKmJnROxawetn79nZJz/d0+z4rPizOAvxv9/8xTtXUKE50o8jnqhe/+mYE3/k639JZX3y/BsDE1euPn22cX1y8OiRocMDm2N87MBA7a4o+vb7Gy/mycIwYoHrX2saq7qQll3/LfPe//WVy74sVV+vnVh+GTd+frfpmGal9/+m5OVKurY+e3l4cvLSYMSmZLq4f+ifcy8P98zKn8Xfv2/+9r8j4q+P8vN2R0R2Ez8UEQ9HxN687o9ExKMRsW+B+L9+9rHXmw0hF49/dWXxjy7r+jdLHP8uYv5DHee++rxQ8HvlQvxd0ez6H6qk+vM9o8OTmxeLa6GaNibu+g0EAACAdWBvZZ42Ke3PJ5q2Ram0f3/E1voMysTkU6cvvnlhtDqf2xddpdpMV2/DfOhgPjecbWdnDTVsZ8cPVuaN0zRNe7LtbPw+vr29ocOGt7VJ+8/8WvxJC3CvWdY6WrNftAHr0tz2v+jqWl3rv5ABrK0WfI8GWKe0f9i4ltz+V+tXcEDbzNf+r0XcaUNVgDU2X/t/pbDn+JrUBVhbxv+wca28/fsyAKx3Pv9hQ1rSj+RXkNhxcoE8SefqFNo8UYqF/wpAX0RtT61Ps/AL/lKKaE0NO1oaac+sa1qaN8/maEVZUVo0T+cy/hDD2iZK/45qVBPdEbHI3Vu/2a7VEldXu2KVRvBJe/93AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuHt/BwAA//9n7NJW")

5.216844936s ago: executing program 1 (id=7381):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x7}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0xc, 0xc, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {0x3, 0x3, 0x3, 0xa, 0x5}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x1e}}]}, &(0x7f0000000840)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000d80)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="76ea090000000000009ba56a88ca", 0x0, 0x6400, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) (fail_nth: 1)

5.211637476s ago: executing program 5 (id=7367):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x1c)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r2, &(0x7f0000000440)=[{{&(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000200)="a90500040000746400009e150451160200000064", 0x14}], 0x1}}], 0x1, 0x4004040) (fail_nth: 1)

4.596266184s ago: executing program 3 (id=7382):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110e22fff6)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r2}, 0x10)
ioctl$TUNSETOFFLOAD(r1, 0x4004743d, 0x110e22fff6)
write$cgroup_type(r1, &(0x7f0000000280), 0xfffffeed)

4.484724265s ago: executing program 1 (id=7383):
openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mknod$loop(0x0, 0x200, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x7)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x1c, r5, 0x9c3fa077fa966179, 0x4, 0x0, {{0x7e}, {@void, @void}}}, 0x1c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00'}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="11000000040000000400000022"], 0x48)
r7 = socket(0x2c, 0x3, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r8, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r7}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r6, &(0x7f0000000140), &(0x7f0000000080)=@udp=r7}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000002c0)={r8, &(0x7f0000000540)}, 0x20)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x100779, &(0x7f0000000880)={[], [], 0x2c}, 0x2, 0x4f8, &(0x7f0000000980)="$eJzs3MtrXNUfAPDvnSRN08cv+fX389GHdrSKQbFp0ufCRSsK3QiCInUZk7TUpq00EdoSbCpSwYXSv8DHTvAvcKUbUXGhuFXcilAkm1YXcuXO3BknuZm8OsmY5vOBmZ5777lzznfuPZ3zmEkAG1Y5e0oitkXETxHRW92cnaFc/efOzNTIHzNTI0mk6Uu/J5V8t2emRmpZa+dtzTf6SxGld5LYXSy2e+LK1XPD4+Njl/IdA5OlPHV++MzYmbELQ8eOHTrYc/TI0OGWxJnV6fauty7u2Xny1ZsvjJy6+do3n2X1TfPjjXFU9VWeNy25hI7CnnKUZ7+XDR5fetXXhe0N6aQzey61rzIsWXbXZperq9L+e6OjslXVG8+/3dbKAasqTdO0u7C3/lk2nTZKkuoJaXo9Be4BSbS7BkB71D7ob89kI9WpkeI4+N5260RURkBZ3HfyR/VIZ2UEW+6rjo26Vqn8/0fEqek/P8weMe88BABAa31xImJL3u+oPapHSnF/Q77/5GtDfRHx34jYERH/y/sv90VU8j4QEQ82nLNtCasA5Tnbxf7PDz15orG72jJZ/++ZfG1rdv+vXvO+jnxreyX+ruT02fGxA/l70h9d3dn2YPGl69NqXz734wfNyi839P+yR1Z+rS+Y1+O3zjkTdKPDk8N3G3fNreuVN/ZaMf4kOpNaKmJnROxawetn79nZJz/d0+z4rPizOAvxv9/8xTtXUKE50o8jnqhe/+mYE3/k639JZX3y/BsDE1euPn22cX1y8OiRocMDm2N87MBA7a4o+vb7Gy/mycIwYoHrX2saq7qQll3/LfPe//WVy74sVV+vnVh+GTd+frfpmGal9/+m5OVKurY+e3l4cvLSYMSmZLq4f+ifcy8P98zKn8Xfv2/+9r8j4q+P8vN2R0R2Ez8UEQ9HxN687o9ExKMRsW+B+L9+9rHXmw0hF49/dWXxjy7r+jdLHP8uYv5DHee++rxQ8HvlQvxd0ez6H6qk+vM9o8OTmxeLa6GaNibu+g0EAACAdWBvZZ42Ke3PJ5q2Ram0f3/E1voMysTkU6cvvnlhtDqf2xddpdpMV2/DfOhgPjecbWdnDTVsZ8cPVuaN0zRNe7LtbPw+vr29ocOGt7VJ+8/8WvxJC3CvWdY6WrNftAHr0tz2v+jqWl3rv5ABrK0WfI8GWKe0f9i4ltz+V+tXcEDbzNf+r0XcaUNVgDU2X/t/pbDn+JrUBVhbxv+wca28/fsyAKx3Pv9hQ1rSj+RXkNhxcoE8SefqFNo8UYqF/wpAX0RtT61Ps/AL/lKKaE0NO1oaac+sa1qaN8/maEVZUVo0T+cy/hDD2iZK/45qVBPdEbHI3Vu/2a7VEldXu2KVRvBJe/93AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuHt/BwAA//9n7NJW")

4.370247666s ago: executing program 0 (id=7384):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) (fail_nth: 1)

4.244938578s ago: executing program 5 (id=7385):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r3 = dup(0xffffffffffffffff)
write$FUSE_BMAP(r3, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r3, &(0x7f00000000c0)={0x18}, 0x18)
write$FUSE_INIT(r3, &(0x7f0000000100)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',cache=fscache'])
utime(&(0x7f0000000200)='./file0\x00', 0x0)
r4 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r4, &(0x7f0000000440)={'#! ', './file0'}, 0xb)
execveat(r4, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

4.09673151s ago: executing program 0 (id=7386):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1900000004000000080000000200000000000000", @ANYRES32=0x1, @ANYBLOB="000000000000000000ffffffff00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000740)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000006c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_LINKS(r3, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f00000008c0)={0x24, r4, 0x3, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x1000}}}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x4000)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r0}, &(0x7f0000000080), &(0x7f00000000c0), 0x2000000}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r5, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00'}, 0x10)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r7=>0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r7, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0)

3.840457214s ago: executing program 2 (id=7387):
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xe0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000003c0), 0x0, 0x0, 0x0, 0x0, 0xffec, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
rt_tgsigqueueinfo(0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0xffffff01})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
fcntl$setpipe(r0, 0x407, 0x1)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x181281, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0x10, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r4, 0x5411, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(r5, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0)
sendmmsg(r5, &(0x7f0000000180), 0x400008a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d100d6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b74cd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b2c2f56411e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeedd005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe00000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b35a20af1752f3f2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e170000000000000e83e1300000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450fc21d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e80339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd52364600000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f7b5bf21ecd12357309e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a4de84ff1907140070000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba9b49254d8192124c20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000a5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f3390343c12aa51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35e9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff17320adda5867947257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a927de6f4c09f4b742e037381c85d2ec7bb2a8152f0d6a99a0370e0cbd65744eb2efd7b65f04aa7e72588757b9612bb4253a63bb303c0c68a07f115d104f2007237a4f771416741bfd63fdfe3ae6f8bea755d8b7202c2bbae137dc1c3cf40db74a4c1c219d8ddec8f91dae2cdea1353fe062830fa1d233296ec9d8317872257e154665485e7f31cdbfbf435517faf93015b57417d84b8bc8662e097d5ba55d02d48e150695ffae3a676555b10da11751865126d19336116a1e58ab727dda6b343cc97f94791369df1cffe6740f90735f66ca54fd87800b4bda4db5e68aaccf44d24e09f8a769e3ae7bf246673f15e3d1adae4384bdb7cd30a33e30466b421feb96006c810fd3830a1c75af2580727ffc604d2b04f476acc21419fad9b1baec88974da2db29b80859bde08b85c8086e4b7f1fd568042ad5396d3179c717ed53db529a811662841b1dc43291e450ce9b8d7d80fcb44966d7ad4691a3787000000000000000000000000000000000000000000001cadd5e4558166315878c65b6b"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
getsockopt$sock_int(r5, 0x1, 0x6, &(0x7f0000000f80), &(0x7f0000000fc0)=0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x5}, 0x48)
r6 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r6, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
close(r6)

3.31759002s ago: executing program 3 (id=7388):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b00000007000000010001000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
dup(0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x20800, 0x0)
ioctl$RTC_UIE_ON(r2, 0x7003)
ioctl$RTC_SET_TIME(r2, 0x4024700a, &(0x7f00000000c0)={0x7, 0x21, 0x0, 0x17, 0x4, 0xc0, 0x5, 0x14c, 0x1})
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', &(0x7f0000000100), 0x0)
r3 = syz_open_dev$evdev(&(0x7f0000000240), 0x20000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x78}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x22}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb}, 0x48)
r4 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r4, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000001c0)=@ipv6_getaddr={0x18, 0x16, 0x1}, 0x18}}, 0x0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
open(&(0x7f0000000040)='./file0\x00', 0x101040, 0x0)
ioctl$EVIOCGLED(r3, 0x80284504, &(0x7f0000000000)=""/56)
syz_clone3(&(0x7f0000004fc0)={0x94b40080, 0x0, 0x0, 0x0, {0x30}, 0x0, 0x0, 0x0, 0x0}, 0x58)

3.29546724s ago: executing program 5 (id=7389):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='br_fdb_add\x00', r0}, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x401c2, 0x0)
ftruncate(r1, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
sendfile(r2, r1, 0x0, 0x578410eb)
sendfile(r2, r1, 0x0, 0x100000000)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xa, 0x6, &(0x7f0000000940)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad1f50ad32d3fd25dfd73a015e0ca6a0f68a7d007f15451dfb265a0e3ccae669e173a64bc1cfd5587d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661ca3dbe74bd09de8793dbcceef76b2e5feecf9c66c54c3b3ffe1b4ce25d7c983c044c06cd0a48dfe3e26e7a23129d6606fd28a69989d552af6d9a9df2c3af36e0360050011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a13ed38ae82f87925bfacba83109753f541cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b70a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a92895614cd50cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba73c31b05c00fba8a4aee676d7c45bb29671a68ee2e60da7b01a2e5785a238afa4aba70c07fcd95bf8b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf334178b04963d67dd5a5707e618a1ef9057fec00f9e930219fa8d30e716de8cde9c60f0000000c3b64d10f0939b42b788daa7075fa542242b00f6bf9b64ad460e386b6f388351fbdacb3ad074574ee9d450f9dcfaef1be95ff3c449e6482e4403174618c20e887d6f320616d31d78a0e5421d5742cc52509fd90cf2df6d1404f6b8f810d7b94d421971b77a3270153a0d57cccfe27872f3e8e44480f93c33421986a7737842627301fb2fee8cabab074adaa2024ff57e609ba2f4d83b3bbf52309484532416f48f43b31395c6f45fee8f1682a4e8d5e3b9ae634ed24fb0e8b5fadaf5cb7eea62b7bb4264e72950c9dc791d771acc24c08cdb6ef24c813d082a86d9b879bdf5aefdfd905a2bd4ea36b0b54915a68fe149db154a8340017e1855511e9c0fe62d0cf55"], &(0x7f0000000080)='GPL\x00', 0x5, 0xcf, &(0x7f0000000480)=""/207, 0x0, 0x33, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
syz_emit_ethernet(0xae, &(0x7f0000000440)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa86dd60f4adf700382900000000000000000000f9000000000000ff020000000000000000000000000001"], 0x0)

3.24142152s ago: executing program 3 (id=7390):
socket(0x1, 0x803, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r4 = dup(r3)
write$FUSE_DIRENTPLUS(r4, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="01000000010000000500080001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000f7ff0000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)

3.226567201s ago: executing program 0 (id=7391):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000d00000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r5, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r6}, 0x10)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r8)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r9, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newtfilter={0x54, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0x24, 0x2, [@TCA_BASIC_EMATCHES={0x20, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xffff}}, @TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x1, 0x0, 0x0, {{0x0, 0x2, 0xf2ff}}}]}]}]}}]}, 0x54}}, 0x0)

3.200830471s ago: executing program 2 (id=7392):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x5)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0xc044)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r7 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000040)={[{0x2d, 'pids'}, {0x2b, 'cpu'}]}, 0xb)

3.121371382s ago: executing program 0 (id=7393):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
close(r2)

3.120768792s ago: executing program 0 (id=7394):
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r1 = dup(r0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000880)=@newlink={0x38, 0x10, 0x439, 0x70bd25, 0xffffffea, {0x0, 0x0, 0xe403, 0x0, 0x3, 0x54000}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_TYPE={0x6, 0xf, 0x1}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x4008040)
write$FUSE_BMAP(r1, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r1, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r3)
sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)={0x1c, r4, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40111}, 0x20000004)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
write$FUSE_NOTIFY_RETRIEVE(r1, &(0x7f00000000c0)={0x14c}, 0x137)
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3d0, &(0x7f00000004c0)="$eJzs3M1uG0UcAPD/br5I+mEjcUCFgyUQBAFxHQhQhEThyscFeAArSUuF21SNkWjJoSBOnDggbhz6Ahx4gKpCSEi8Ai+AKlUozQFuQWvvOm4cp7Fix2r6+0mjndkdZ/bv3axm1rsTwGOrEhHnI2IiIhYjopSvT/MUN9spq3d/c2N5a3NjOYnt7U/+SSLJ1xV/K8mXJ/LCfBqRfhfxzM3edtev3/ii3misXsvL1eblq9X16zdevXS5fnH14uqV2pvnarWlxbdqrw8t1p+ef+ncxPvnz/z8V+nO0vT0bLa/J/Nt3XEMSyUqne9kt6VhNzZm0+PeAQAADiTN+/6Trf5/KSZaubZSVDfGunMAAADAUGy/my8BAACAYywx9gcAAIBjrngO4P7mxnKRxvg4wpG7915ElHfebd7qxD8ZT+R1pkb4fmslIq6+kJSyFCN6DxkAoNudrP9zdq/+XxpPd9WbiWj1h2aH3H5lV7m3/5PeHXKTD8j6f+9ExFZP/y8tqpQn8tKpVldxKrlwqbF6NiJOR8R8TM1k5do+bXzw7y8f99uWxf97cup0kbL2s+VOjfTu5MyDn1mpN+uHibnbvW8izkzuFX/S6f8mETF3iDYmvr71dr9tD49/tLZvRby45/Hfmbkn2X9+omrrfKgWZ0Wv/7799aN+7Y87/uz4z+0ffznpnq9pffA2bn/+57P9tnWPfwY5/6eTT1v5Ylz2Vb3ZvFaLmE4+7F2/uPPZolzUz+Kff27v///i+pfkc1qdzK8Bg/r+h99eOUj8WcraL8aCRyGLf2Wg4z945o3bf3zWr/2Hx58d//YcYPP5moNc/w66g4f57gAAAOBRkbbuayTpQiefpgsL7fsdT8Vc2lhbb758Ye3LKyvt+x/lmEqLO12lrvuhtfbP6J3y4q7yaxHxZET8WJptlReW1xor4w4eAAAAHhMn+oz/M38f2VMIAAAAwMiVx70DAAAAwMgZ/wMAAMCxdph5/WRkZI5rZtxXJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEfb/wEAAP//Wt22ag==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x181)
setxattr$trusted_overlay_origin(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040), 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x88, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

2.937692874s ago: executing program 1 (id=7395):
pipe2$9p(0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x15)
r0 = dup(0xffffffffffffffff)
write$FUSE_DIRENTPLUS(r0, &(0x7f0000000440)=ANY=[], 0xb0)
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(0xffffffffffffffff, 0x0, 0x20000004)
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3d0, &(0x7f00000004c0)="$eJzs3M1uG0UcAPD/br5I+mEjcUCFgyUQBAFxHQhQhEThyscFeAArSUuF21SNkWjJoSBOnDggbhz6Ahx4gKpCSEi8Ai+AKlUozQFuQWvvOm4cp7Fix2r6+0mjndkdZ/bv3axm1rsTwGOrEhHnI2IiIhYjopSvT/MUN9spq3d/c2N5a3NjOYnt7U/+SSLJ1xV/K8mXJ/LCfBqRfhfxzM3edtev3/ii3misXsvL1eblq9X16zdevXS5fnH14uqV2pvnarWlxbdqrw8t1p+ef+ncxPvnz/z8V+nO0vT0bLa/J/Nt3XEMSyUqne9kt6VhNzZm0+PeAQAADiTN+/6Trf5/KSZaubZSVDfGunMAAADAUGy/my8BAACAYywx9gcAAIBjrngO4P7mxnKRxvg4wpG7915ElHfebd7qxD8ZT+R1pkb4fmslIq6+kJSyFCN6DxkAoNudrP9zdq/+XxpPd9WbiWj1h2aH3H5lV7m3/5PeHXKTD8j6f+9ExFZP/y8tqpQn8tKpVldxKrlwqbF6NiJOR8R8TM1k5do+bXzw7y8f99uWxf97cup0kbL2s+VOjfTu5MyDn1mpN+uHibnbvW8izkzuFX/S6f8mETF3iDYmvr71dr9tD49/tLZvRby45/Hfmbkn2X9+omrrfKgWZ0Wv/7799aN+7Y87/uz4z+0ffznpnq9pffA2bn/+57P9tnWPfwY5/6eTT1v5Ylz2Vb3ZvFaLmE4+7F2/uPPZolzUz+Kff27v///i+pfkc1qdzK8Bg/r+h99eOUj8WcraL8aCRyGLf2Wg4z945o3bf3zWr/2Hx58d//YcYPP5moNc/w66g4f57gAAAOBRkbbuayTpQiefpgsL7fsdT8Vc2lhbb758Ye3LKyvt+x/lmEqLO12lrvuhtfbP6J3y4q7yaxHxZET8WJptlReW1xor4w4eAAAAHhMn+oz/M38f2VMIAAAAwMiVx70DAAAAwMgZ/wMAAMCxdph5/WRkZI5rZtxXJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEfb/wEAAP//Wt22ag==")
setxattr$trusted_overlay_origin(0x0, &(0x7f0000000040), 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc87"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x88, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

2.896597975s ago: executing program 3 (id=7396):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x200, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x1c, r6, 0x9c3fa077fa966179, 0x4, 0x0, {{0x7e}, {@void, @void}}}, 0x1c}}, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="11000000040000000400000022"], 0x48)
r8 = socket(0x2c, 0x3, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r9, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r8}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r7, &(0x7f0000000140), 0x0}, 0x20)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x100779, &(0x7f0000000880)={[], [], 0x2c}, 0x2, 0x4f8, &(0x7f0000000980)="$eJzs3MtrXNUfAPDvnSRN08cv+fX389GHdrSKQbFp0ufCRSsK3QiCInUZk7TUpq00EdoSbCpSwYXSv8DHTvAvcKUbUXGhuFXcilAkm1YXcuXO3BknuZm8OsmY5vOBmZ5777lzznfuPZ3zmEkAG1Y5e0oitkXETxHRW92cnaFc/efOzNTIHzNTI0mk6Uu/J5V8t2emRmpZa+dtzTf6SxGld5LYXSy2e+LK1XPD4+Njl/IdA5OlPHV++MzYmbELQ8eOHTrYc/TI0OGWxJnV6fauty7u2Xny1ZsvjJy6+do3n2X1TfPjjXFU9VWeNy25hI7CnnKUZ7+XDR5fetXXhe0N6aQzey61rzIsWXbXZperq9L+e6OjslXVG8+/3dbKAasqTdO0u7C3/lk2nTZKkuoJaXo9Be4BSbS7BkB71D7ob89kI9WpkeI4+N5260RURkBZ3HfyR/VIZ2UEW+6rjo26Vqn8/0fEqek/P8weMe88BABAa31xImJL3u+oPapHSnF/Q77/5GtDfRHx34jYERH/y/sv90VU8j4QEQ82nLNtCasA5Tnbxf7PDz15orG72jJZ/++ZfG1rdv+vXvO+jnxreyX+ruT02fGxA/l70h9d3dn2YPGl69NqXz734wfNyi839P+yR1Z+rS+Y1+O3zjkTdKPDk8N3G3fNreuVN/ZaMf4kOpNaKmJnROxawetn79nZJz/d0+z4rPizOAvxv9/8xTtXUKE50o8jnqhe/+mYE3/k639JZX3y/BsDE1euPn22cX1y8OiRocMDm2N87MBA7a4o+vb7Gy/mycIwYoHrX2saq7qQll3/LfPe//WVy74sVV+vnVh+GTd+frfpmGal9/+m5OVKurY+e3l4cvLSYMSmZLq4f+ifcy8P98zKn8Xfv2/+9r8j4q+P8vN2R0R2Ez8UEQ9HxN687o9ExKMRsW+B+L9+9rHXmw0hF49/dWXxjy7r+jdLHP8uYv5DHee++rxQ8HvlQvxd0ez6H6qk+vM9o8OTmxeLa6GaNibu+g0EAACAdWBvZZ42Ke3PJ5q2Ram0f3/E1voMysTkU6cvvnlhtDqf2xddpdpMV2/DfOhgPjecbWdnDTVsZ8cPVuaN0zRNe7LtbPw+vr29ocOGt7VJ+8/8WvxJC3CvWdY6WrNftAHr0tz2v+jqWl3rv5ABrK0WfI8GWKe0f9i4ltz+V+tXcEDbzNf+r0XcaUNVgDU2X/t/pbDn+JrUBVhbxv+wca28/fsyAKx3Pv9hQ1rSj+RXkNhxcoE8SefqFNo8UYqF/wpAX0RtT61Ps/AL/lKKaE0NO1oaac+sa1qaN8/maEVZUVo0T+cy/hDD2iZK/45qVBPdEbHI3Vu/2a7VEldXu2KVRvBJe/93AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuHt/BwAA//9n7NJW")

2.365863842s ago: executing program 5 (id=7397):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x200, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x7)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket(0x2c, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_i', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x100779, &(0x7f0000000880)={[], [], 0x2c}, 0x2, 0x4f8, &(0x7f0000000980)="$eJzs3MtrXNUfAPDvnSRN08cv+fX389GHdrSKQbFp0ufCRSsK3QiCInUZk7TUpq00EdoSbCpSwYXSv8DHTvAvcKUbUXGhuFXcilAkm1YXcuXO3BknuZm8OsmY5vOBmZ5777lzznfuPZ3zmEkAG1Y5e0oitkXETxHRW92cnaFc/efOzNTIHzNTI0mk6Uu/J5V8t2emRmpZa+dtzTf6SxGld5LYXSy2e+LK1XPD4+Njl/IdA5OlPHV++MzYmbELQ8eOHTrYc/TI0OGWxJnV6fauty7u2Xny1ZsvjJy6+do3n2X1TfPjjXFU9VWeNy25hI7CnnKUZ7+XDR5fetXXhe0N6aQzey61rzIsWXbXZperq9L+e6OjslXVG8+/3dbKAasqTdO0u7C3/lk2nTZKkuoJaXo9Be4BSbS7BkB71D7ob89kI9WpkeI4+N5260RURkBZ3HfyR/VIZ2UEW+6rjo26Vqn8/0fEqek/P8weMe88BABAa31xImJL3u+oPapHSnF/Q77/5GtDfRHx34jYERH/y/sv90VU8j4QEQ82nLNtCasA5Tnbxf7PDz15orG72jJZ/++ZfG1rdv+vXvO+jnxreyX+ruT02fGxA/l70h9d3dn2YPGl69NqXz734wfNyi839P+yR1Z+rS+Y1+O3zjkTdKPDk8N3G3fNreuVN/ZaMf4kOpNaKmJnROxawetn79nZJz/d0+z4rPizOAvxv9/8xTtXUKE50o8jnqhe/+mYE3/k639JZX3y/BsDE1euPn22cX1y8OiRocMDm2N87MBA7a4o+vb7Gy/mycIwYoHrX2saq7qQll3/LfPe//WVy74sVV+vnVh+GTd+frfpmGal9/+m5OVKurY+e3l4cvLSYMSmZLq4f+ifcy8P98zKn8Xfv2/+9r8j4q+P8vN2R0R2Ez8UEQ9HxN687o9ExKMRsW+B+L9+9rHXmw0hF49/dWXxjy7r+jdLHP8uYv5DHee++rxQ8HvlQvxd0ez6H6qk+vM9o8OTmxeLa6GaNibu+g0EAACAdWBvZZ42Ke3PJ5q2Ram0f3/E1voMysTkU6cvvnlhtDqf2xddpdpMV2/DfOhgPjecbWdnDTVsZ8cPVuaN0zRNe7LtbPw+vr29ocOGt7VJ+8/8WvxJC3CvWdY6WrNftAHr0tz2v+jqWl3rv5ABrK0WfI8GWKe0f9i4ltz+V+tXcEDbzNf+r0XcaUNVgDU2X/t/pbDn+JrUBVhbxv+wca28/fsyAKx3Pv9hQ1rSj+RXkNhxcoE8SefqFNo8UYqF/wpAX0RtT61Ps/AL/lKKaE0NO1oaac+sa1qaN8/maEVZUVo0T+cy/hDD2iZK/45qVBPdEbHI3Vu/2a7VEldXu2KVRvBJe/93AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuHt/BwAA//9n7NJW")

254.357917ms ago: executing program 0 (id=7398):
bind$inet6(0xffffffffffffffff, &(0x7f0000000500)={0xa, 0x2, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = userfaultfd(0x1)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000))
read(r1, &(0x7f0000000140)=""/238, 0xee)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2c, &(0x7f0000000400)={0x6, {{0xa, 0x4e24, 0x4, @mcast2, 0x4}}, {{0xa, 0x4e24, 0x7781, @dev={0xfe, 0x80, '\x00', 0x18}, 0x400}}}, 0x108)
io_submit(0x0, 0x0, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@bloom_filter={0x1e, 0x0, 0x6, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x9}, 0x50)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
r3 = eventfd(0x401)
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000780)={0x0, 0x1, 0x0, &(0x7f0000000700)=""/88, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000001c40))
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x20000)

88.95647ms ago: executing program 2 (id=7399):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b703000010000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r2, 0x0, 0x60, &(0x7f0000000080)={'filter\x00', 0x1058, [{0xa00}, {0x0, 0x100000000000000}]}, 0xa50)

81.36419ms ago: executing program 1 (id=7400):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b00000007000000010001000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
dup(0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x20800, 0x0)
ioctl$RTC_UIE_ON(r2, 0x7003)
ioctl$RTC_SET_TIME(r2, 0x4024700a, &(0x7f00000000c0)={0x7, 0x21, 0x0, 0x17, 0x4, 0xc0, 0x5, 0x14c, 0x1})
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', &(0x7f0000000100), 0x0)
r3 = syz_open_dev$evdev(&(0x7f0000000240), 0x20000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x78}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x22}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb}, 0x48)
r4 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r4, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000001c0)=@ipv6_getaddr={0x18, 0x16, 0x1}, 0x18}}, 0x0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
open(&(0x7f0000000040)='./file0\x00', 0x101040, 0x0)
ioctl$EVIOCGLED(r3, 0x80284504, &(0x7f0000000000)=""/56)
syz_clone3(&(0x7f0000004fc0)={0x94b40080, 0x0, 0x0, 0x0, {0x30}, 0x0, 0x0, 0x0, 0x0}, 0x58)

30.64678ms ago: executing program 2 (id=7401):
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
setuid(0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
symlink(&(0x7f0000000dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
readlink(&(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000001200)=""/4096, 0x1000)

0s ago: executing program 2 (id=7402):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r5 = dup(r4)
r6 = socket(0x10, 0x80003, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xf, "0000000000000000000100000e00"}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x2000000}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000000040)={'syztnl1\x00', &(0x7f00000004c0)={'ip6gre0\x00', r8, 0x4, 0x7, 0x81, 0x4, 0x18, @loopback, @remote, 0x7, 0x700, 0xff, 0x8}})
write$FUSE_BMAP(r5, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_GETXATTR(r5, &(0x7f00000000c0)={0x18}, 0x18)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',cache=fscache'])
utime(&(0x7f0000000200)='./file0\x00', 0x0)
r9 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r11}, 0x10)
write$binfmt_script(r9, &(0x7f0000000440)={'#! ', './file0'}, 0xb)
execveat(r9, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

kernel console output (not intermixed with test programs):

ot:6226: comm syz.4.6766: Failed to acquire dquot type 0
[ 1474.273810][T24918] EXT4-fs error (device loop4): mb_free_blocks:1524: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[ 1474.300773][T24918] EXT4-fs (loop4): 1 truncate cleaned up
[ 1474.309675][T24918] EXT4-fs (loop4): pa ffff888130bfd888: logic 1, phys. 41, len 23
[ 1474.317748][T24918] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4359: group 0, free 22, pa_free 23
[ 1474.329252][T24918] EXT4-fs (loop4): mounted filesystem without journal. Opts: max_dir_size_kb=0x000000000000000d,noblock_validity,usrquota,nolazytime,nogrpid,errors=continue,delalloc,i_version,inode_readahead_blks=0x00000000000000002,errors=continue
[ 1474.461018][T10808] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1474.498703][T24935] erofs: (device loop1): mounted with root inode @ nid 36.
[ 1474.569325][T24944] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1475.004160][T24955] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6774'.
[ 1475.695646][T24959] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6778'.
[ 1476.508952][T24965]  loop2: p1 < > p3
[ 1476.576119][T24965] loop2: p3 size 134217728 extends beyond EOD, truncated
[ 1476.743028][   T94]  loop2: p1 < > p3
[ 1476.747522][   T94] loop2: p3 size 134217728 extends beyond EOD, truncated
[ 1476.768543][T24979] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1476.775766][T24979] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1476.784865][T24979] EXT4-fs (loop0): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,noauto_da_alloc,dioread_nolock,test_dummy_encryption,nobarrier,mblk_io_submit,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue
[ 1476.902603][T24990] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1476.952899][T24996] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1477.065391][ T1347] udevd[1347]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[ 1477.591554][ T1348] udevd[1348]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[ 1478.133865][   T24] kauditd_printk_skb: 30 callbacks suppressed
[ 1478.133881][   T24] audit: type=1326 audit(1753369817.727:6222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25014 comm="syz.3.6793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1478.307652][   T24] audit: type=1326 audit(1753369817.737:6223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25014 comm="syz.3.6793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1478.472169][   T24] audit: type=1326 audit(1753369817.737:6224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25014 comm="syz.3.6793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1478.513956][   T24] audit: type=1326 audit(1753369817.737:6225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25014 comm="syz.3.6793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1478.537857][   T24] audit: type=1326 audit(1753369817.737:6226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25014 comm="syz.3.6793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1478.561928][   T24] audit: type=1326 audit(1753369817.737:6227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25014 comm="syz.3.6793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1478.585775][   T24] audit: type=1326 audit(1753369817.737:6228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25014 comm="syz.3.6793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1478.585801][ T1645] usb 1-1: new low-speed USB device number 63 using dummy_hcd
[ 1478.617844][   T24] audit: type=1326 audit(1753369817.737:6229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25014 comm="syz.3.6793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1478.642990][   T24] audit: type=1326 audit(1753369817.737:6230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25014 comm="syz.3.6793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1478.643387][T25023]  loop4: p1 < > p3
[ 1478.666619][   T24] audit: type=1326 audit(1753369817.737:6231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25014 comm="syz.3.6793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4d2a9ae310 code=0x7ffc0000
[ 1478.695094][T25023] loop4: p3 size 134217728 extends beyond EOD, truncated
[ 1478.780298][   T20] usb 2-1: new full-speed USB device number 44 using dummy_hcd
[ 1478.791819][ T1348] print_req_error: 152 callbacks suppressed
[ 1478.791836][ T1348] blk_update_request: I/O error, dev loop4, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1478.792136][T22272] __loop_clr_fd: partition scan of loop4 failed (rc=-16)
[ 1478.798215][ T1348] blk_update_request: I/O error, dev loop4, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1478.810802][ T1347] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1478.820779][ T1348] buffer_io_error: 134 callbacks suppressed
[ 1478.820792][ T1348] Buffer I/O error on dev loop4p3, logical block 8, async page read
[ 1478.831451][ T1347] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1478.839275][ T1348] blk_update_request: I/O error, dev loop4, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1478.878813][ T1348] Buffer I/O error on dev loop4p3, logical block 9, async page read
[ 1478.938696][ T1348] blk_update_request: I/O error, dev loop4, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1478.951088][ T1348] Buffer I/O error on dev loop4p3, logical block 10, async page read
[ 1478.956145][ T1347] Buffer I/O error on dev loop4p1, logical block 0, async page read
[ 1478.967789][ T1347] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1478.970735][ T1348] blk_update_request: I/O error, dev loop4, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1478.979103][ T1347] Buffer I/O error on dev loop4p1, logical block 0, async page read
[ 1478.990030][ T1348] Buffer I/O error on dev loop4p3, logical block 11, async page read
[ 1478.998539][ T1347] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1479.006847][ T1348] blk_update_request: I/O error, dev loop4, sector 13 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1479.017473][ T1347] Buffer I/O error on dev loop4p1, logical block 0, async page read
[ 1479.029729][ T1348] Buffer I/O error on dev loop4p3, logical block 12, async page read
[ 1479.037209][ T1347] Buffer I/O error on dev loop4p1, logical block 0, async page read
[ 1479.054736][ T1347] Buffer I/O error on dev loop4p1, logical block 0, async page read
[ 1479.090648][ T1645] usb 1-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 10
[ 1479.178892][ T1645] usb 1-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 65535, setting to 8
[ 1479.201249][   T20] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1479.251847][   T20] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[ 1479.311335][ T1645] usb 1-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[ 1479.320734][   T20] usb 2-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00
[ 1479.329918][ T1645] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1479.338477][   T20] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1479.349017][   T20] usb 2-1: config 0 descriptor??
[ 1479.360437][T25017] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1479.371021][T25021] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[ 1479.382684][T25038] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1479.485673][T25043] EXT4-fs (loop3): mounted filesystem without journal. Opts: usrjquota=,bsddf,,errors=continue
[ 1479.496140][T25043] ext4 filesystem being mounted at /192/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1479.578688][T25047] FAULT_INJECTION: forcing a failure.
[ 1479.578688][T25047] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1479.592042][T25047] CPU: 0 PID: 25047 Comm: syz.3.6805 Not tainted 5.10.240-syzkaller-00213-gad9a98ef27a4 #0
[ 1479.602071][T25047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1479.612134][T25047] Call Trace:
[ 1479.615424][T25047]  __dump_stack+0x21/0x24
[ 1479.619752][T25047]  dump_stack_lvl+0x169/0x1d8
[ 1479.620254][ T1645] usb 1-1: string descriptor 0 read error: -71
[ 1479.624427][T25047]  ? show_regs_print_info+0x18/0x18
[ 1479.624448][T25047]  ? vfs_write+0xac8/0xd60
[ 1479.640212][T25047]  dump_stack+0x15/0x1c
[ 1479.644392][T25047]  should_fail+0x3c1/0x510
[ 1479.648816][T25047]  should_fail_usercopy+0x1a/0x20
[ 1479.653841][T25047]  _copy_from_user+0x20/0xd0
[ 1479.658432][T25047]  __se_sys_bpf+0x181/0x680
[ 1479.662935][T25047]  ? __x64_sys_bpf+0x90/0x90
[ 1479.667534][T25047]  ? fpu__clear_all+0x20/0x20
[ 1479.672214][T25047]  __x64_sys_bpf+0x7b/0x90
[ 1479.676625][T25047]  do_syscall_64+0x31/0x40
[ 1479.681037][T25047]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1479.686933][T25047] RIP: 0033:0x7f4d2a9af9a9
[ 1479.691347][T25047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1479.710945][T25047] RSP: 002b:00007f4d29018038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1479.719361][T25047] RAX: ffffffffffffffda RBX: 00007f4d2abd6fa0 RCX: 00007f4d2a9af9a9
[ 1479.727326][T25047] RDX: 0000000000000020 RSI: 00002000000000c0 RDI: 0000000000000001
[ 1479.735297][T25047] RBP: 00007f4d29018090 R08: 0000000000000000 R09: 0000000000000000
[ 1479.743267][T25047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1479.751238][T25047] R13: 0000000000000000 R14: 00007f4d2abd6fa0 R15: 00007ffed837b758
[ 1479.765172][ T1645] hub 1-1:32.0: USB hub found
[ 1479.860341][ T1645] hub 1-1:32.0: config failed, can't read hub descriptor (err -22)
[ 1479.875439][T25021] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1479.885271][T25021] ext4 filesystem being mounted at /160/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1479.911155][ T1645] usb 1-1: USB disconnect, device number 63
[ 1479.923843][T25021] overlayfs: './file1' not a directory
[ 1479.936725][T25052] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1479.963336][T25052] ext4 filesystem being mounted at /161/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1479.980847][T25049] F2FS-fs (loop3): Invalid log sectorsize (131081)
[ 1479.987473][T25049] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1479.997206][T25049] F2FS-fs (loop3): invalid crc value
[ 1480.010196][   T20] usbhid 2-1:0.0: can't add hid device: -71
[ 1480.016585][   T20] usbhid: probe of 2-1:0.0 failed with error -71
[ 1480.024181][   T20] usb 2-1: USB disconnect, device number 44
[ 1480.033354][T25049] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[ 1480.071036][T25049] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2
[ 1480.078092][T25049] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1480.085702][T25049] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1480.161049][  T297] udevd[297]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:32.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1480.198107][T25065] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1480.225877][T25065] ext4 filesystem being mounted at /163/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1480.265029][T25065] FAULT_INJECTION: forcing a failure.
[ 1480.265029][T25065] name failslab, interval 1, probability 0, space 0, times 0
[ 1480.277874][T25065] CPU: 0 PID: 25065 Comm: syz.4.6810 Not tainted 5.10.240-syzkaller-00213-gad9a98ef27a4 #0
[ 1480.287860][T25065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1480.297909][T25065] Call Trace:
[ 1480.301198][T25065]  __dump_stack+0x21/0x24
[ 1480.305523][T25065]  dump_stack_lvl+0x169/0x1d8
[ 1480.310213][T25065]  ? show_regs_print_info+0x18/0x18
[ 1480.315406][T25065]  ? write_boundary_block+0x140/0x140
[ 1480.320773][T25065]  ? do_sys_openat2+0x14c/0x6d0
[ 1480.325619][T25065]  ? do_syscall_64+0x31/0x40
[ 1480.330213][T25065]  dump_stack+0x15/0x1c
[ 1480.334361][T25065]  should_fail+0x3c1/0x510
[ 1480.338776][T25065]  ? mb_cache_entry_create+0x166/0x860
[ 1480.344235][T25065]  __should_failslab+0xa4/0xe0
[ 1480.348996][T25065]  should_failslab+0x9/0x20
[ 1480.353496][T25065]  kmem_cache_alloc+0x3d/0x2e0
[ 1480.358257][T25065]  mb_cache_entry_create+0x166/0x860
[ 1480.363547][T25065]  ? __kasan_check_write+0x14/0x20
[ 1480.368743][T25065]  ext4_xattr_get+0x33b/0x820
[ 1480.373440][T25065]  ext4_xattr_security_get+0x32/0x40
[ 1480.378721][T25065]  ? ext4_initxattrs+0x110/0x110
[ 1480.383914][T25065]  __vfs_getxattr+0x5a5/0x690
[ 1480.388590][T25065]  ? vfs_getxattr_alloc+0x580/0x580
[ 1480.393786][T25065]  ? __kernel_text_address+0xa0/0x100
[ 1480.399178][T25065]  ? unwind_get_return_address+0x4d/0x90
[ 1480.404927][T25065]  cap_inode_need_killpriv+0x4b/0x70
[ 1480.410318][T25065]  security_inode_need_killpriv+0x62/0x90
[ 1480.416051][T25065]  file_remove_privs+0x1f6/0x580
[ 1480.421003][T25065]  ? dentry_needs_remove_privs+0xf0/0xf0
[ 1480.426721][T25065]  ? stack_trace_save+0x98/0xe0
[ 1480.431571][T25065]  ? stack_trace_snprint+0xf0/0xf0
[ 1480.436682][T25065]  ? __kasan_check_write+0x14/0x20
[ 1480.441791][T25065]  ? down_write+0xac/0x110
[ 1480.446259][T25065]  ? down_read_killable+0xe0/0xe0
[ 1480.451299][T25065]  ? kasan_set_track+0x5b/0x70
[ 1480.456077][T25065]  ? generic_write_checks+0x3d4/0x480
[ 1480.461467][T25065]  file_modified+0x19/0xb0
[ 1480.465895][T25065]  ext4_buffered_write_iter+0x334/0x640
[ 1480.471583][T25065]  ext4_file_write_iter+0x536/0x1980
[ 1480.476879][T25065]  ? __fsnotify_parent+0x5f5/0x6c0
[ 1480.481988][T25065]  ? avc_policy_seqno+0x1b/0x70
[ 1480.486972][T25065]  ? selinux_file_permission+0x2a5/0x510
[ 1480.492719][T25065]  ? ext4_file_read_iter+0x530/0x530
[ 1480.498004][T25065]  ? security_file_permission+0x83/0xa0
[ 1480.503545][T25065]  ? iov_iter_init+0x3f/0x120
[ 1480.508303][T25065]  vfs_write+0x725/0xd60
[ 1480.512543][T25065]  ? __kasan_slab_free+0x11/0x20
[ 1480.517478][T25065]  ? kernel_write+0x3c0/0x3c0
[ 1480.522164][T25065]  ? mutex_trylock+0xa0/0xa0
[ 1480.526750][T25065]  ? __fget_files+0x2c4/0x320
[ 1480.531437][T25065]  ? __fdget_pos+0x2d2/0x380
[ 1480.536023][T25065]  ? ksys_write+0x71/0x240
[ 1480.540444][T25065]  ksys_write+0x140/0x240
[ 1480.544773][T25065]  ? __ia32_sys_read+0x90/0x90
[ 1480.549733][T25065]  ? fpu__clear_all+0x20/0x20
[ 1480.554504][T25065]  __x64_sys_write+0x7b/0x90
[ 1480.559114][T25065]  do_syscall_64+0x31/0x40
[ 1480.563570][T25065]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1480.569477][T25065] RIP: 0033:0x7f595a4c09a9
[ 1480.573891][T25065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1480.593585][T25065] RSP: 002b:00007f5958b29038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1480.601996][T25065] RAX: ffffffffffffffda RBX: 00007f595a6e7fa0 RCX: 00007f595a4c09a9
[ 1480.609964][T25065] RDX: 000000000208e24b RSI: 0000200000000040 RDI: 0000000000000007
[ 1480.617927][T25065] RBP: 00007f5958b29090 R08: 0000000000000000 R09: 0000000000000000
[ 1480.625889][T25065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1480.633853][T25065] R13: 0000000000000000 R14: 00007f595a6e7fa0 R15: 00007ffc2a66a898
[ 1480.773676][T25077] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1480.838938][T25086] FAULT_INJECTION: forcing a failure.
[ 1480.838938][T25086] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1480.852479][T25086] CPU: 0 PID: 25086 Comm: syz.1.6816 Not tainted 5.10.240-syzkaller-00213-gad9a98ef27a4 #0
[ 1480.862485][T25086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1480.872556][T25086] Call Trace:
[ 1480.875868][T25086]  __dump_stack+0x21/0x24
[ 1480.880230][T25086]  dump_stack_lvl+0x169/0x1d8
[ 1480.884925][T25086]  ? show_regs_print_info+0x18/0x18
[ 1480.890140][T25086]  dump_stack+0x15/0x1c
[ 1480.894438][T25086]  should_fail+0x3c1/0x510
[ 1480.898862][T25086]  should_fail_alloc_page+0x4f/0x60
[ 1480.904073][T25086]  __alloc_pages_nodemask+0x109/0x5f0
[ 1480.909446][T25086]  ? kasan_set_track+0x4a/0x70
[ 1480.914208][T25086]  ? kasan_set_free_info+0x23/0x40
[ 1480.919316][T25086]  ? __kasan_slab_free+0x11/0x20
[ 1480.924243][T25086]  ? slab_free_freelist_hook+0xc5/0x190
[ 1480.929795][T25086]  ? kmem_cache_free+0x100/0x2d0
[ 1480.934833][T25086]  ? putname+0xfe/0x150
[ 1480.938999][T25086]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1480.944560][T25086]  ? kstrtouint_from_user+0x1a0/0x200
[ 1480.949946][T25086]  handle_pte_fault+0x1719/0x3750
[ 1480.954993][T25086]  __handle_speculative_fault+0xdd6/0x12c0
[ 1480.960890][T25086]  ? finish_fault+0xa70/0xa70
[ 1480.965570][T25086]  ? putname+0xfe/0x150
[ 1480.969725][T25086]  ? do_sys_openat2+0x207/0x6d0
[ 1480.974571][T25086]  do_user_addr_fault+0x7e7/0xc80
[ 1480.979590][T25086]  ? ksys_write+0x1da/0x240
[ 1480.984086][T25086]  ? do_kern_addr_fault+0x80/0x80
[ 1480.989117][T25086]  ? debug_smp_processor_id+0x17/0x20
[ 1480.994489][T25086]  exc_page_fault+0x5a/0xc0
[ 1480.999016][T25086]  ? asm_exc_page_fault+0x8/0x30
[ 1481.003957][T25086]  asm_exc_page_fault+0x1e/0x30
[ 1481.008826][T25086] RIP: 0033:0x7f3431231026
[ 1481.013282][T25086] Code: 00 00 00 00 41 57 31 c0 41 56 49 89 d6 41 55 49 89 f5 48 89 d6 41 54 49 89 fc 48 8d 3d 4e 21 1b 00 55 53 48 81 ec 88 20 00 00 <48> 89 0c 24 4c 89 44 24 08 e8 ec df fe ff 4d 85 f6 0f 84 46 0a 00
[ 1481.032969][T25086] RSP: 002b:00007f342f9c5f70 EFLAGS: 00010202
[ 1481.039034][T25086] RAX: 0000000000000000 RBX: 00007f3431586fa0 RCX: 0000000000000000
[ 1481.047003][T25086] RDX: 0000200000000440 RSI: 0000200000000440 RDI: 00007f34313e316b
[ 1481.054982][T25086] RBP: 00007f342f9c8090 R08: 00007f343121f3a0 R09: 0000000000000000
[ 1481.063086][T25086] R10: 0000000000000000 R11: 0000200000000440 R12: 0000000000000000
[ 1481.071056][T25086] R13: 0000000000000024 R14: 0000200000000440 R15: 00007ffde3dd0648
[ 1481.091467][T25086] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1481.620205][T11777] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[ 1482.811866][T25105] erofs: (device loop3): mounted with root inode @ nid 36.
[ 1482.824425][T25100] erofs: (device loop0): mounted with root inode @ nid 36.
[ 1483.993838][  T297] print_req_error: 65 callbacks suppressed
[ 1483.993855][  T297] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1484.074919][  T358] blk_update_request: I/O error, dev loop4, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1484.097097][  T358] blk_update_request: I/O error, dev loop4, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1484.143379][  T358] buffer_io_error: 55 callbacks suppressed
[ 1484.143411][  T358] Buffer I/O error on dev loop4p3, logical block 8, async page read
[ 1484.185612][  T297] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1484.205708][  T297] Buffer I/O error on dev loop4p1, logical block 0, async page read
[ 1484.549196][T11777] usb 2-1: device not accepting address 45, error -71
[ 1484.921130][  T358] blk_update_request: I/O error, dev loop4, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1484.954893][  T358] Buffer I/O error on dev loop4p3, logical block 9, async page read
[ 1485.266553][T25119] EXT4-fs (loop4): 1 orphan inode deleted
[ 1485.272546][T25119] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1485.281787][T25119] ext4 filesystem being mounted at /165/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1485.343613][T25111] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1485.426139][T25111] SELinux: security_context_str_to_sid(staff_u) failed for (dev loop2, type ext4) errno=-22
[ 1485.844172][T25129] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1485.972460][T25133]  loop1: p1 < > p3
[ 1485.977058][T25133] loop1: p3 size 134217728 extends beyond EOD, truncated
[ 1486.115307][   T24] kauditd_printk_skb: 113 callbacks suppressed
[ 1486.115322][   T24] audit: type=1326 audit(1753369825.727:6345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25141 comm="syz.0.6830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f787ea9a9 code=0x7ffc0000
[ 1486.145995][   T24] audit: type=1326 audit(1753369825.727:6346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25141 comm="syz.0.6830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f787ea9a9 code=0x7ffc0000
[ 1486.169750][   T24] audit: type=1326 audit(1753369825.727:6347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25141 comm="syz.0.6830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f9f787ea9a9 code=0x7ffc0000
[ 1486.194102][   T24] audit: type=1326 audit(1753369825.737:6348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25141 comm="syz.0.6830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f787ea9a9 code=0x7ffc0000
[ 1486.217999][   T24] audit: type=1326 audit(1753369825.737:6349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25141 comm="syz.0.6830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f787ea9a9 code=0x7ffc0000
[ 1486.242110][   T24] audit: type=1326 audit(1753369825.737:6350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25141 comm="syz.0.6830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9f787ea9a9 code=0x7ffc0000
[ 1486.265850][   T24] audit: type=1326 audit(1753369825.737:6351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25141 comm="syz.0.6830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f787ea9a9 code=0x7ffc0000
[ 1486.289696][   T24] audit: type=1326 audit(1753369825.737:6352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25141 comm="syz.0.6830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f787ea9a9 code=0x7ffc0000
[ 1486.290380][T25129] overlayfs: failed to resolve './bus': -2
[ 1486.313363][   T24] audit: type=1326 audit(1753369825.737:6353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25141 comm="syz.0.6830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9f787ea9a9 code=0x7ffc0000
[ 1486.340270][T25149] bridge: RTM_NEWNEIGH with invalid ether address
[ 1486.360214][   T24] audit: type=1326 audit(1753369825.737:6354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25141 comm="syz.0.6830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f787ea9a9 code=0x7ffc0000
[ 1486.397926][T25144] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1486.408992][ T1347] udevd[1347]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[ 1486.423183][ T1348] udevd[1348]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[ 1486.468002][  T297] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1486.481913][  T358] blk_update_request: I/O error, dev loop4, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1486.790708][  T358] blk_update_request: I/O error, dev loop4, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1486.802365][  T297] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1486.808958][T25151] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1486.824516][  T358] Buffer I/O error on dev loop4p3, logical block 8, async page read
[ 1486.826240][T25151] SELinux: security_context_str_to_sid(staff_u) failed for (dev loop1, type ext4) errno=-22
[ 1486.832998][  T358] blk_update_request: I/O error, dev loop4, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1486.843183][  T297] Buffer I/O error on dev loop4p1, logical block 0, async page read
[ 1486.854298][  T358] Buffer I/O error on dev loop4p3, logical block 9, async page read
[ 1486.870288][  T358] Buffer I/O error on dev loop4p3, logical block 10, async page read
[ 1486.878554][  T358] Buffer I/O error on dev loop4p3, logical block 11, async page read
[ 1486.891854][  T358] Buffer I/O error on dev loop4p3, logical block 12, async page read
[ 1486.903615][  T358] Buffer I/O error on dev loop4p3, logical block 13, async page read
[ 1486.981116][T25156] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1487.067195][T25167] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=25167 comm=syz.3.6836
[ 1487.230744][T25165] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1487.237772][T25165] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[ 1487.264525][T25165] EXT4-fs (loop1): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,noauto_da_alloc,dioread_nolock,test_dummy_encryption,nobarrier,mblk_io_submit,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue
[ 1487.310095][T25171] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6838'.
[ 1487.325619][T25171] netem: change failed
[ 1487.405838][T25173] overlayfs: failed to resolve './bus': -2
[ 1487.611825][ T4970] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1487.856285][T25179] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1488.861533][T25190] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 1488.868607][T25190] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[ 1488.900006][T25190] EXT4-fs (loop2): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,noauto_da_alloc,dioread_nolock,test_dummy_encryption,nobarrier,mblk_io_submit,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue
[ 1488.933335][T25196] bridge: RTM_NEWNEIGH with invalid ether address
[ 1488.980765][T25202] FAT-fs (loop1): Unrecognized mount option "uuf8=1" or missing value
[ 1489.073286][T25207] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6850'.
[ 1489.082789][T25207] netem: change failed
[ 1489.202390][ T1347] print_req_error: 55 callbacks suppressed
[ 1489.202408][ T1347] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1489.219594][T25202] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1489.237589][ T1348] blk_update_request: I/O error, dev loop4, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1489.267904][T18341] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1489.272097][ T1348] blk_update_request: I/O error, dev loop4, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1489.293641][ T1347] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1489.306631][T25202] EXT4-fs error (device loop1): ext4_orphan_get:1395: inode #15: comm syz.1.6848: iget: bad extended attribute block 512
[ 1489.319590][ T1347] buffer_io_error: 45 callbacks suppressed
[ 1489.319602][ T1347] Buffer I/O error on dev loop4p1, logical block 0, async page read
[ 1489.333629][T25202] EXT4-fs error (device loop1): ext4_orphan_get:1400: comm syz.1.6848: couldn't read orphan inode 15 (err -117)
[ 1489.345639][ T1348] Buffer I/O error on dev loop4p3, logical block 8, async page read
[ 1489.353799][T25202] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1489.365773][ T1348] blk_update_request: I/O error, dev loop4, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1489.377453][ T1348] Buffer I/O error on dev loop4p3, logical block 9, async page read
[ 1489.385692][ T1348] blk_update_request: I/O error, dev loop4, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1489.396806][ T1348] Buffer I/O error on dev loop4p3, logical block 10, async page read
[ 1489.405058][ T1348] blk_update_request: I/O error, dev loop4, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1489.416099][ T1348] Buffer I/O error on dev loop4p3, logical block 11, async page read
[ 1489.424345][ T1348] blk_update_request: I/O error, dev loop4, sector 13 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1489.445596][ T1348] Buffer I/O error on dev loop4p3, logical block 12, async page read
[ 1489.456196][ T1347] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1489.467536][ T1347] Buffer I/O error on dev loop4p1, logical block 0, async page read
[ 1489.475882][ T1347] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1489.486937][ T1347] Buffer I/O error on dev loop4p1, logical block 0, async page read
[ 1489.495375][ T1347] Buffer I/O error on dev loop4p1, logical block 0, async page read
[ 1489.503653][ T1348] Buffer I/O error on dev loop4p3, logical block 13, async page read
[ 1490.102482][T25213] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1490.110379][T25213] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1490.119703][T25213] F2FS-fs (loop4): invalid crc value
[ 1490.197187][T25213] F2FS-fs (loop4): Mismatch valid blocks 0 vs. 2
[ 1490.204503][T25213] F2FS-fs (loop4): Failed to initialize F2FS segment manager (-117)
[ 1491.697717][T25257] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6863'.
[ 1491.729468][T25257] netem: change failed
[ 1491.738805][T25249] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 1491.762098][T25249] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[ 1491.842680][T25249] EXT4-fs (loop2): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,noauto_da_alloc,dioread_nolock,test_dummy_encryption,nobarrier,mblk_io_submit,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue
[ 1493.074665][   T24] kauditd_printk_skb: 88 callbacks suppressed
[ 1493.074680][   T24] audit: type=1326 audit(1753369832.687:6443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25274 comm="syz.3.6868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1493.165759][   T24] audit: type=1326 audit(1753369832.687:6444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25274 comm="syz.3.6868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1493.189724][   T24] audit: type=1326 audit(1753369832.687:6445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25274 comm="syz.3.6868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1493.219385][   T24] audit: type=1326 audit(1753369832.687:6446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25274 comm="syz.3.6868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1493.243255][   T24] audit: type=1326 audit(1753369832.687:6447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25274 comm="syz.3.6868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1493.266851][   T24] audit: type=1326 audit(1753369832.687:6448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25274 comm="syz.3.6868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1493.290434][   T24] audit: type=1326 audit(1753369832.687:6449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25274 comm="syz.3.6868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1493.314127][   T24] audit: type=1326 audit(1753369832.687:6450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25274 comm="syz.3.6868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1493.337839][   T24] audit: type=1326 audit(1753369832.687:6451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25274 comm="syz.3.6868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1493.371600][   T24] audit: type=1326 audit(1753369832.687:6452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25274 comm="syz.3.6868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1493.481503][T25291] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6875'.
[ 1493.506493][T25291] netem: change failed
[ 1493.620570][T25285] EXT4-fs (loop4): mounted filesystem without journal. Opts: barrier,,errors=continue
[ 1493.720849][T25285] ext4 filesystem being mounted at /172/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1494.272143][T25300] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1494.279288][T25300] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1494.292832][T25309] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1494.370507][ T1348] print_req_error: 20 callbacks suppressed
[ 1494.370536][ T1347] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1494.370612][ T1348] blk_update_request: I/O error, dev loop4, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1494.401890][ T1348] blk_update_request: I/O error, dev loop4, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1494.448159][T25300] EXT4-fs (loop0): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,noauto_da_alloc,dioread_nolock,test_dummy_encryption,nobarrier,mblk_io_submit,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue
[ 1494.554503][ T1348] buffer_io_error: 16 callbacks suppressed
[ 1494.554547][ T1348] Buffer I/O error on dev loop4p3, logical block 8, async page read
[ 1494.658042][ T1348] blk_update_request: I/O error, dev loop4, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1494.691526][ T1347] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1495.039297][ T1348] Buffer I/O error on dev loop4p3, logical block 9, async page read
[ 1495.047717][ T1347] Buffer I/O error on dev loop4p1, logical block 0, async page read
[ 1495.056514][ T1348] blk_update_request: I/O error, dev loop4, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1495.067751][ T1348] Buffer I/O error on dev loop4p3, logical block 10, async page read
[ 1495.077476][ T1347] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1495.140321][ T1347] Buffer I/O error on dev loop4p1, logical block 0, async page read
[ 1495.155332][ T1348] blk_update_request: I/O error, dev loop4, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1495.174295][ T1347] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1495.208686][ T1348] Buffer I/O error on dev loop4p3, logical block 11, async page read
[ 1495.215461][ T1347] Buffer I/O error on dev loop4p1, logical block 0, async page read
[ 1495.226934][T25306] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1495.236266][T25306] ext4 filesystem being mounted at /210/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1495.757496][ T1347] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1495.770904][  T297] Buffer I/O error on dev loop4p3, logical block 8, async page read
[ 1495.795357][T25329] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1495.799634][ T1347] Buffer I/O error on dev loop4p1, logical block 0, async page read
[ 1495.808811][  T297] Buffer I/O error on dev loop4p3, logical block 9, async page read
[ 1496.223069][T25343] overlayfs: failed to resolve './bus': -2
[ 1496.542758][T25345] erofs: (device loop3): mounted with root inode @ nid 36.
[ 1498.115407][   T24] kauditd_printk_skb: 13 callbacks suppressed
[ 1498.115423][   T24] audit: type=1326 audit(1753369837.707:6466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25356 comm="syz.3.6892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1498.175231][T25357] netlink: 104 bytes leftover after parsing attributes in process `syz.4.6891'.
[ 1498.213560][   T24] audit: type=1326 audit(1753369837.707:6467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25356 comm="syz.3.6892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1498.285863][T25363] bridge: RTM_NEWNEIGH with invalid ether address
[ 1498.763448][T25357] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1498.786470][   T24] audit: type=1326 audit(1753369837.707:6468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25356 comm="syz.3.6892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1498.902769][T25357] ext4 filesystem being mounted at /178/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1499.061051][   T24] audit: type=1326 audit(1753369837.707:6469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25356 comm="syz.3.6892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1499.099057][   T24] audit: type=1326 audit(1753369837.707:6470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25356 comm="syz.3.6892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1499.154143][   T24] audit: type=1326 audit(1753369837.707:6471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25356 comm="syz.3.6892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1499.196345][   T24] audit: type=1326 audit(1753369837.707:6472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25356 comm="syz.3.6892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1499.242456][   T24] audit: type=1326 audit(1753369837.707:6473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25356 comm="syz.3.6892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1499.267347][   T24] audit: type=1326 audit(1753369837.707:6474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25356 comm="syz.3.6892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1499.301962][   T24] audit: type=1326 audit(1753369837.707:6475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25356 comm="syz.3.6892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1499.558137][T25385]  loop2: p1 < > p3
[ 1499.568303][T25385] loop2: p3 size 134217728 extends beyond EOD, truncated
[ 1499.752904][T25404] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6909'.
[ 1500.143052][ T1347] print_req_error: 119 callbacks suppressed
[ 1500.143070][ T1347] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1500.161912][  T297] blk_update_request: I/O error, dev loop2, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1500.174057][T22052] __loop_clr_fd: partition scan of loop2 failed (rc=-16)
[ 1500.186083][T25395] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1500.212623][T25395] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1500.236224][  T297] blk_update_request: I/O error, dev loop2, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1500.262960][ T1347] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1500.273988][ T1347] buffer_io_error: 101 callbacks suppressed
[ 1500.274000][ T1347] Buffer I/O error on dev loop2p1, logical block 0, async page read
[ 1500.288090][ T1347] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1500.299100][ T1347] Buffer I/O error on dev loop2p1, logical block 0, async page read
[ 1500.307280][ T1347] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1500.318259][ T1347] Buffer I/O error on dev loop2p1, logical block 0, async page read
[ 1500.326426][ T1347] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1500.344068][ T1347] Buffer I/O error on dev loop2p1, logical block 0, async page read
[ 1500.352423][  T297] Buffer I/O error on dev loop2p3, logical block 8, async page read
[ 1500.369474][ T1347] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1500.380940][  T297] blk_update_request: I/O error, dev loop2, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1500.393608][T25400]  loop4: p1 < > p3
[ 1500.415525][T23491] usb 1-1: new full-speed USB device number 64 using dummy_hcd
[ 1500.431217][T25400] loop4: p3 size 134217728 extends beyond EOD, truncated
[ 1500.438593][ T1347] Buffer I/O error on dev loop2p1, logical block 0, async page read
[ 1500.457126][  T297] Buffer I/O error on dev loop2p3, logical block 9, async page read
[ 1500.483289][  T297] blk_update_request: I/O error, dev loop2, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1500.496267][   T94]  loop4: p1 < > p3
[ 1500.500779][   T94] loop4: p3 size 134217728 extends beyond EOD, truncated
[ 1500.519375][  T297] Buffer I/O error on dev loop2p3, logical block 10, async page read
[ 1500.528283][  T297] Buffer I/O error on dev loop2p3, logical block 11, async page read
[ 1500.537894][T25395] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1500.544495][  T297] Buffer I/O error on dev loop2p3, logical block 12, async page read
[ 1500.599029][  T297] udevd[297]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[ 1500.603743][ T1347] udevd[1347]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[ 1500.628570][ T1348] udevd[1348]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[ 1500.632167][ T1347] udevd[1347]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[ 1500.640327][T25395] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1500.655648][T25395] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1500.692214][T25395] attempt to access beyond end of device
[ 1500.692214][T25395] loop1: rw=2049, want=45104, limit=40427
[ 1500.803324][T23491] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1500.819409][T23491] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[ 1500.830582][T23491] usb 1-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00
[ 1500.839722][T23491] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1503.009267][T23491] usb 1-1: config 0 descriptor??
[ 1503.030370][T23491] usb 1-1: can't set config #0, error -71
[ 1503.036660][T23491] usb 1-1: USB disconnect, device number 64
[ 1503.229851][T25432] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1503.245556][T25434] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1503.476664][T25447] EXT4-fs (loop3): mounted filesystem without journal. Opts: barrier,,errors=continue
[ 1503.492266][T25447] ext4 filesystem being mounted at /220/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1503.726207][T25457] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 1503.736232][T25464] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=25464 comm=syz.0.6928
[ 1503.750654][T25457] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[ 1503.800799][T25457] EXT4-fs (loop2): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,noauto_da_alloc,dioread_nolock,test_dummy_encryption,nobarrier,mblk_io_submit,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue
[ 1504.171737][   T24] kauditd_printk_skb: 20 callbacks suppressed
[ 1504.171752][   T24] audit: type=1400 audit(1753369843.787:6496): avc:  denied  { setattr } for  pid=25476 comm="syz.3.6934" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1504.263578][T25471] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[ 1504.274696][T25471] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1504.292645][T25471] F2FS-fs (loop2): invalid crc value
[ 1504.300058][T25471] F2FS-fs (loop2): Mismatch valid blocks 0 vs. 2
[ 1504.307308][T25471] F2FS-fs (loop2): Failed to initialize F2FS segment manager (-117)
[ 1504.739381][T25488] erofs: (device loop1): mounted with root inode @ nid 36.
[ 1505.070668][T25493] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[ 1505.500800][T25493] exFAT-fs (loop3): IO charset iso8859- not found
[ 1505.666465][ T1347] print_req_error: 80 callbacks suppressed
[ 1505.666493][ T1347] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1505.698821][ T1347] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1505.710312][ T1347] buffer_io_error: 68 callbacks suppressed
[ 1505.710323][ T1347] Buffer I/O error on dev loop2p1, logical block 0, async page read
[ 1505.735657][ T1348] blk_update_request: I/O error, dev loop2, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1505.759347][ T1347] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1505.774662][ T1348] blk_update_request: I/O error, dev loop2, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1505.790294][T25496] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 1505.798581][T25496] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 1505.831885][ T1347] Buffer I/O error on dev loop2p1, logical block 0, async page read
[ 1505.838783][ T1348] Buffer I/O error on dev loop2p3, logical block 8, async page read
[ 1505.848368][ T1348] blk_update_request: I/O error, dev loop2, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1505.859555][ T1348] Buffer I/O error on dev loop2p3, logical block 9, async page read
[ 1505.867576][ T1347] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1505.879251][ T1348] blk_update_request: I/O error, dev loop2, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1505.890506][ T1348] Buffer I/O error on dev loop2p3, logical block 10, async page read
[ 1505.891589][ T1347] Buffer I/O error on dev loop2p1, logical block 0, async page read
[ 1505.898982][ T1348] blk_update_request: I/O error, dev loop2, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1506.086700][T25496] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1506.543612][ T1348] Buffer I/O error on dev loop2p3, logical block 11, async page read
[ 1506.604508][T25511] EXT4-fs (loop4): mounted filesystem without journal. Opts: barrier,,errors=continue
[ 1506.630441][T25511] ext4 filesystem being mounted at /187/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1506.650238][  T297] blk_update_request: I/O error, dev loop2, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1506.672795][ T1348] Buffer I/O error on dev loop2p1, logical block 0, async page read
[ 1506.721960][ T1348] Buffer I/O error on dev loop2p1, logical block 0, async page read
[ 1506.730586][  T297] Buffer I/O error on dev loop2p3, logical block 8, async page read
[ 1506.833786][T25496] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 1506.851248][T25496] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1506.909809][T25496] attempt to access beyond end of device
[ 1506.909809][T25496] loop0: rw=0, want=79880, limit=40427
[ 1506.940703][T25524] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1506.964708][T22791] attempt to access beyond end of device
[ 1506.964708][T22791] loop0: rw=2051, want=81920, limit=40427
[ 1506.976408][T22791] F2FS-fs (loop0): Issue discard(9985, 9985, 255) failed, ret: -5
[ 1507.052730][T25527] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1507.401090][T25540] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1507.407992][T25540] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1507.417483][T25540] EXT4-fs (loop0): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,noauto_da_alloc,dioread_nolock,test_dummy_encryption,nobarrier,mblk_io_submit,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue
[ 1507.513436][T25546] incfs: Can't find or create .index dir in ./file0
[ 1507.520626][T25546] incfs: mount failed -14
[ 1507.591526][T25548] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1507.600684][T25548] SELinux: security_context_str_to_sid(staff_u) failed for (dev loop0, type ext4) errno=-22
[ 1507.747605][T25555] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1509.101971][T25569] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1509.111252][T25569] SELinux: security_context_str_to_sid(staff_u) failed for (dev loop2, type ext4) errno=-22
[ 1509.134663][T25567] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1509.148499][T25567] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1509.205881][T25567] EXT4-fs (loop0): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,noauto_da_alloc,dioread_nolock,test_dummy_encryption,nobarrier,mblk_io_submit,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue
[ 1509.296724][T25577] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1509.360251][T25577] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1509.374915][T25577] F2FS-fs (loop1): invalid crc value
[ 1509.404335][T25577] F2FS-fs (loop1): Mismatch valid blocks 0 vs. 2
[ 1509.416457][T25577] F2FS-fs (loop1): Failed to initialize F2FS segment manager (-117)
[ 1509.431987][T25589] loop_reread_partitions: partition scan of loop2 () failed (rc=-16)
[ 1509.712201][ T1348] udevd[1348]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[ 1509.712227][  T297] udevd[297]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[ 1509.972737][ T1347] udevd[1347]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[ 1509.993323][  T358] udevd[358]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[ 1510.054936][T25601] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1510.127009][T25617] netlink: 408 bytes leftover after parsing attributes in process `syz.0.6970'.
[ 1510.811858][T25612] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1510.991962][T25612] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1511.006744][T25612] F2FS-fs (loop1): invalid crc value
[ 1511.013822][T25612] F2FS-fs (loop1): Mismatch valid blocks 0 vs. 2
[ 1511.020436][T25612] F2FS-fs (loop1): Failed to initialize F2FS segment manager (-117)
[ 1511.139373][   T24] audit: type=1326 audit(1753369850.747:6497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25640 comm="syz.0.6978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f787ea9a9 code=0x7ffc0000
[ 1511.208212][   T24] audit: type=1326 audit(1753369850.777:6498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25640 comm="syz.0.6978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f9f787ea9a9 code=0x7ffc0000
[ 1511.235196][   T24] audit: type=1326 audit(1753369850.777:6499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25640 comm="syz.0.6978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f787ea9a9 code=0x7ffc0000
[ 1511.264150][   T24] audit: type=1326 audit(1753369850.777:6500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25640 comm="syz.0.6978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9f787ea9a9 code=0x7ffc0000
[ 1511.334562][   T24] audit: type=1326 audit(1753369850.787:6501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25640 comm="syz.0.6978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f787ea9a9 code=0x7ffc0000
[ 1511.694749][T25648] EXT4-fs (loop3): 1 orphan inode deleted
[ 1511.700632][T25648] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1511.709855][T25648] ext4 filesystem being mounted at /235/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1512.722448][   T24] audit: type=1326 audit(1753369850.787:6502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25640 comm="syz.0.6978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9f787ea9a9 code=0x7ffc0000
[ 1512.911871][   T24] audit: type=1326 audit(1753369850.787:6503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25640 comm="syz.0.6978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f787ea9a9 code=0x7ffc0000
[ 1512.935648][   T24] audit: type=1326 audit(1753369850.787:6504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25640 comm="syz.0.6978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f9f787ea9a9 code=0x7ffc0000
[ 1512.959740][   T24] audit: type=1326 audit(1753369850.787:6505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25640 comm="syz.0.6978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f787ea9a9 code=0x7ffc0000
[ 1512.983506][   T24] audit: type=1326 audit(1753369850.787:6506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25640 comm="syz.0.6978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f9f787ea9a9 code=0x7ffc0000
[ 1513.194291][T25659] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1513.791591][T25675] incfs: Can't find or create .index dir in ./file0
[ 1513.798421][T25675] incfs: mount failed -14
[ 1514.283618][T25682] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1515.192614][T25691] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1515.488384][T25703] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6994'.
[ 1515.835904][T25700] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1515.845901][T25700] ext4 filesystem being mounted at /195/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1517.465139][T25708] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[ 1517.508064][T25708] exFAT-fs (loop4): IO charset iso8859- not found
[ 1519.032728][T25719] EXT4-fs (loop4): mounted filesystem without journal. Opts: barrier,,errors=continue
[ 1519.044977][T25719] ext4 filesystem being mounted at /201/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1519.078781][T25724] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1519.093314][T25724] SELinux: security_context_str_to_sid(staff_u) failed for (dev loop2, type ext4) errno=-22
[ 1519.327018][T25741] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7002'.
[ 1519.877029][T25738] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1520.456374][T25752] bridge: RTM_NEWNEIGH with invalid ether address
[ 1520.531464][T25753] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1520.586760][T25756] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1521.041346][T25760] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1521.049177][T25760] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1521.058551][T25760] F2FS-fs (loop3): invalid crc value
[ 1521.069526][T25760] F2FS-fs (loop3): Mismatch valid blocks 0 vs. 2
[ 1521.076106][T25760] F2FS-fs (loop3): Failed to initialize F2FS segment manager (-117)
[ 1521.514819][   T24] kauditd_printk_skb: 1 callbacks suppressed
[ 1521.514859][   T24] audit: type=1326 audit(1753369861.107:6508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25777 comm="syz.1.7014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1521.568836][   T24] audit: type=1326 audit(1753369861.117:6509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25777 comm="syz.1.7014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1522.170239][   T24] audit: type=1326 audit(1753369861.127:6510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25777 comm="syz.1.7014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1522.221661][   T24] audit: type=1326 audit(1753369861.127:6511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25777 comm="syz.1.7014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1522.262469][T25789] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1522.276987][T25789] SELinux: security_context_str_to_sid(staff_u) failed for (dev loop3, type ext4) errno=-22
[ 1522.288531][T25797] incfs: Can't find or create .index dir in ./file0
[ 1522.295504][T25797] incfs: mount failed -14
[ 1522.346936][T25791] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1522.360693][   T24] audit: type=1326 audit(1753369861.127:6512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25777 comm="syz.1.7014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1522.386308][T25791] ext4 filesystem being mounted at /193/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1522.391787][   T24] audit: type=1326 audit(1753369861.127:6513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25777 comm="syz.1.7014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1522.420428][   T24] audit: type=1326 audit(1753369861.127:6514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25777 comm="syz.1.7014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1522.444425][   T24] audit: type=1326 audit(1753369861.127:6515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25777 comm="syz.1.7014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1522.468689][   T24] audit: type=1326 audit(1753369861.757:6516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25783 comm="syz.2.7015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4d22449a9 code=0x7ffc0000
[ 1522.553596][   T24] audit: type=1326 audit(1753369861.757:6517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25783 comm="syz.2.7015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4d22449a9 code=0x7ffc0000
[ 1522.614546][T25806] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1522.737510][T25815] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7020'.
[ 1522.890841][T25816] overlayfs: missing 'lowerdir'
[ 1523.100880][T25820] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1523.410879][T25824] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[ 1523.524585][T25824] exFAT-fs (loop4): IO charset iso8859- not found
[ 1523.701008][T25829] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1523.870730][T25834] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1523.878766][T25834] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1523.891607][T25834] F2FS-fs (loop3): invalid crc value
[ 1523.918511][T25834] F2FS-fs (loop3): Mismatch valid blocks 0 vs. 2
[ 1523.925090][T25834] F2FS-fs (loop3): Failed to initialize F2FS segment manager (-117)
[ 1524.030646][T25851] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1524.039652][T25851] SELinux: security_context_str_to_sid(staff_u) failed for (dev loop1, type ext4) errno=-22
[ 1524.172109][T25846] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1524.180149][T25846] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1524.191916][T25846] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1524.231282][T25846] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1524.240187][T25846] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1524.282659][T25846] attempt to access beyond end of device
[ 1524.282659][T25846] loop4: rw=0, want=79880, limit=40427
[ 1524.296128][T25865] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1524.380819][T22272] attempt to access beyond end of device
[ 1524.380819][T22272] loop4: rw=2051, want=81920, limit=40427
[ 1524.392710][T22272] F2FS-fs (loop4): Issue discard(9985, 9985, 255) failed, ret: -5
[ 1525.414952][T25887] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7040'.
[ 1525.680296][ T2463] usb 3-1: new full-speed USB device number 36 using dummy_hcd
[ 1525.690051][T25877] EXT4-fs (loop4): Test dummy encryption mode enabled
[ 1525.697035][T25877] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[ 1525.811472][T25879] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[ 1525.872547][T25877] EXT4-fs (loop4): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,noauto_da_alloc,dioread_nolock,test_dummy_encryption,nobarrier,mblk_io_submit,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue
[ 1526.048647][T25879] exFAT-fs (loop3): IO charset iso8859- not found
[ 1526.500281][ T2463] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1526.511777][ T2463] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[ 1526.553113][ T2463] usb 3-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00
[ 1526.617154][ T2463] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1526.627229][ T2463] usb 3-1: config 0 descriptor??
[ 1526.650229][T25883] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1526.684197][T25895] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1526.695456][T25901] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[ 1526.739324][T25895] SELinux: security_context_str_to_sid(staff_u) failed for (dev loop1, type ext4) errno=-22
[ 1526.757290][T25905] incfs: Can't find or create .index dir in ./file0
[ 1526.771180][T25905] incfs: mount failed -14
[ 1526.832795][T25906] erofs: (device loop0): mounted with root inode @ nid 36.
[ 1526.890574][T25901] exFAT-fs (loop4): IO charset iso8859- not found
[ 1527.733173][T25883] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1527.762602][T25883] ext4 filesystem being mounted at /204/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1527.873713][T25883] overlayfs: './file1' not a directory
[ 1527.950244][ T2463] usbhid 3-1:0.0: can't add hid device: -71
[ 1527.956974][ T2463] usbhid: probe of 3-1:0.0 failed with error -71
[ 1527.964276][ T2463] usb 3-1: USB disconnect, device number 36
[ 1528.046151][T25916] EXT4-fs (loop3): mounted filesystem without journal. Opts: barrier,,errors=continue
[ 1528.056171][T25916] ext4 filesystem being mounted at /248/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1528.111562][T25928] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7054'.
[ 1528.120677][T25928] netem: change failed
[ 1528.156011][T25920] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1528.621624][T25932] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7053'.
[ 1528.728935][T25943] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7057'.
[ 1529.791344][T25956] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1529.865572][T25946] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1530.820703][T25963] fuse: Bad value for 'user_id'
[ 1531.505878][T25953] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1532.067437][   T24] kauditd_printk_skb: 23 callbacks suppressed
[ 1532.067451][   T24] audit: type=1326 audit(1753369871.677:6541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25969 comm="syz.1.7064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1532.098867][   T24] audit: type=1326 audit(1753369871.677:6542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25969 comm="syz.1.7064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1532.170641][   T24] audit: type=1326 audit(1753369871.677:6543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25969 comm="syz.1.7064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1532.201889][   T24] audit: type=1326 audit(1753369871.677:6544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25969 comm="syz.1.7064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1532.225831][   T24] audit: type=1326 audit(1753369871.677:6545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25969 comm="syz.1.7064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1532.249929][   T24] audit: type=1326 audit(1753369871.677:6546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25969 comm="syz.1.7064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1532.274829][   T24] audit: type=1326 audit(1753369871.677:6547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25969 comm="syz.1.7064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1532.299076][   T24] audit: type=1326 audit(1753369871.677:6548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25969 comm="syz.1.7064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1532.299495][T25971] overlayfs: failed to resolve './bus': -2
[ 1532.324945][   T24] audit: type=1326 audit(1753369871.677:6549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25969 comm="syz.1.7064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1532.355726][   T24] audit: type=1326 audit(1753369871.677:6550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25969 comm="syz.1.7064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1532.391737][T25967] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1532.404221][T25967] SELinux: security_context_str_to_sid(staff_u) failed for (dev loop2, type ext4) errno=-22
[ 1532.468622][T25974] EXT4-fs (loop0): mounted filesystem without journal. Opts: barrier,,errors=continue
[ 1532.570237][T25974] ext4 filesystem being mounted at /187/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1532.735660][T25987] netlink: 348 bytes leftover after parsing attributes in process `syz.2.7067'.
[ 1533.118453][T25993] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1534.137481][T25999] EXT4-fs (loop4): 1 orphan inode deleted
[ 1534.143379][T25999] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1534.152610][T25999] ext4 filesystem being mounted at /214/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1535.041891][T26013] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7078'.
[ 1535.066352][T26013] netem: change failed
[ 1535.128042][T26017] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1535.225129][T26032] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7072'.
[ 1535.377382][T26034] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1535.386233][T26034] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1535.530541][T26028] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1536.818457][T26043] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1537.463465][T26048] FAT-fs (loop1): Directory bread(block 64) failed
[ 1537.480181][T26048] FAT-fs (loop1): Directory bread(block 65) failed
[ 1537.493611][T26050] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1537.502704][T26048] FAT-fs (loop1): Directory bread(block 66) failed
[ 1537.509330][T26048] FAT-fs (loop1): Directory bread(block 67) failed
[ 1537.516572][T26048] FAT-fs (loop1): Directory bread(block 68) failed
[ 1537.523304][T26048] FAT-fs (loop1): Directory bread(block 69) failed
[ 1537.529971][T26048] FAT-fs (loop1): Directory bread(block 70) failed
[ 1537.623570][T26048] FAT-fs (loop1): Directory bread(block 71) failed
[ 1537.635807][T26052] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1537.651494][T26048] FAT-fs (loop1): Directory bread(block 72) failed
[ 1538.173259][T26048] FAT-fs (loop1): Directory bread(block 73) failed
[ 1538.241321][T26048] FAULT_INJECTION: forcing a failure.
[ 1538.241321][T26048] name failslab, interval 1, probability 0, space 0, times 0
[ 1538.254255][T26048] CPU: 1 PID: 26048 Comm: syz.1.7084 Not tainted 5.10.240-syzkaller-00213-gad9a98ef27a4 #0
[ 1538.264241][T26048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1538.274291][T26048] Call Trace:
[ 1538.277599][T26048]  __dump_stack+0x21/0x24
[ 1538.281927][T26048]  dump_stack_lvl+0x169/0x1d8
[ 1538.286597][T26048]  ? thaw_kernel_threads+0x220/0x220
[ 1538.291873][T26048]  ? show_regs_print_info+0x18/0x18
[ 1538.297064][T26048]  ? proc_fail_nth_read+0x210/0x210
[ 1538.302254][T26048]  dump_stack+0x15/0x1c
[ 1538.306400][T26048]  should_fail+0x3c1/0x510
[ 1538.310807][T26048]  ? getname_flags+0xb9/0x500
[ 1538.315480][T26048]  __should_failslab+0xa4/0xe0
[ 1538.320263][T26048]  should_failslab+0x9/0x20
[ 1538.324755][T26048]  kmem_cache_alloc+0x3d/0x2e0
[ 1538.329508][T26048]  getname_flags+0xb9/0x500
[ 1538.334004][T26048]  getname+0x19/0x20
[ 1538.337923][T26048]  do_sys_openat2+0xd9/0x6d0
[ 1538.342515][T26048]  ? __kasan_check_write+0x14/0x20
[ 1538.347622][T26048]  ? fput_many+0x15a/0x1a0
[ 1538.352029][T26048]  ? do_sys_open+0xe0/0xe0
[ 1538.356433][T26048]  ? fput+0x1a/0x20
[ 1538.360235][T26048]  ? ksys_write+0x1eb/0x240
[ 1538.364726][T26048]  ? __ia32_sys_read+0x90/0x90
[ 1538.369492][T26048]  ? fpu__clear_all+0x20/0x20
[ 1538.374155][T26048]  __x64_sys_openat+0x136/0x160
[ 1538.379001][T26048]  do_syscall_64+0x31/0x40
[ 1538.383424][T26048]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1538.389310][T26048] RIP: 0033:0x7f343135f9a9
[ 1538.393720][T26048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1538.413415][T26048] RSP: 002b:00007f342f9c8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1538.421820][T26048] RAX: ffffffffffffffda RBX: 00007f3431586fa0 RCX: 00007f343135f9a9
[ 1538.429826][T26048] RDX: 00000000000c2142 RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 1538.437790][T26048] RBP: 00007f342f9c8090 R08: 0000000000000000 R09: 0000000000000000
[ 1538.445751][T26048] R10: 000000000000014a R11: 0000000000000246 R12: 0000000000000001
[ 1538.453737][T26048] R13: 0000000000000000 R14: 00007f3431586fa0 R15: 00007ffde3dd0648
[ 1538.591686][   T94]  loop0: p1 < > p3
[ 1538.596079][   T94] loop0: p3 size 134217728 extends beyond EOD, truncated
[ 1538.605187][T26083]  loop0: p1 < > p3
[ 1538.609600][T26083] loop0: p3 size 134217728 extends beyond EOD, truncated
[ 1538.692778][T26087] fuse: Bad value for 'fd'
[ 1538.726833][   T94]  loop0: p1 < > p3
[ 1538.738730][   T94] loop0: p3 size 134217728 extends beyond EOD, truncated
[ 1538.780207][  T286] usb 3-1: new full-speed USB device number 37 using dummy_hcd
[ 1538.985013][   T24] kauditd_printk_skb: 14 callbacks suppressed
[ 1538.985037][   T24] audit: type=1400 audit(1753369878.597:6565): avc:  denied  { setopt } for  pid=26089 comm="syz.3.7094" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1539.090247][  T286] usb 3-1: device descriptor read/64, error -71
[ 1539.541255][ T1347] udevd[1347]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[ 1539.686446][ T1348] udevd[1348]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[ 1539.707602][T26096] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1539.781382][  T286] usb 3-1: device descriptor read/64, error -71
[ 1539.783418][T26102] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1539.797460][T26102] ext4 filesystem being mounted at /194/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1540.007067][T26110] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7098'.
[ 1543.165432][T26098] EXT4-fs: failed to create workqueue
[ 1543.171068][T26098] EXT4-fs (loop3): mount failed
[ 1543.437629][  T286] usb 3-1: new full-speed USB device number 38 using dummy_hcd
[ 1543.770836][ T1347] udevd[1347]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[ 1543.778258][T26122] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1543.790780][  T297] udevd[297]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[ 1543.796354][T26122] ext4 filesystem being mounted at /219/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1543.819641][  T297] udevd[297]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[ 1543.857278][ T1347] udevd[1347]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[ 1543.917976][T26118] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1544.013645][T26143] fuse: Bad value for 'fd'
[ 1545.077235][T26152] incfs: Can't find or create .index dir in ./file0
[ 1545.084158][T26152] incfs: mount failed -14
[ 1545.293633][T26149] EXT4-fs (loop4): mounted filesystem without journal. Opts: barrier,,errors=continue
[ 1545.320243][T26149] ext4 filesystem being mounted at /220/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1545.367517][T26165] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1545.434297][T26168] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1545.545653][T26173] overlayfs: missing 'workdir'
[ 1545.583552][T26160] F2FS-fs (loop1): invalid crc value
[ 1545.599377][T26160] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1545.654147][T26160] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1545.683530][T22318] attempt to access beyond end of device
[ 1545.683530][T22318] loop1: rw=2049, want=45104, limit=40427
[ 1545.711806][T26180] overlayfs: failed to resolve './bus': -2
[ 1545.831096][T26186] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1545.840291][T26186] ext4 filesystem being mounted at /222/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1545.875624][T26186] overlayfs: './file1' not a directory
[ 1545.884047][T26192] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[ 1545.904505][T26192] exFAT-fs (loop1): IO charset iso8859- not found
[ 1546.217954][T26206] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1546.376878][T26214] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1546.423376][T26217] overlayfs: failed to resolve './bus': -2
[ 1546.489727][   T24] audit: type=1400 audit(1753369886.097:6566): avc:  denied  { ioctl } for  pid=26213 comm="syz.2.7126" path="/219/file0/file0/file0" dev="loop2" ino=13 ioctlcmd=0x6685 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1546.515413][T26214] fs-verity: sha256 using implementation "sha256-avx2"
[ 1546.523392][T26214] fs-verity (loop2, inode 13): ext4_end_enable_verity() failed with err -28
[ 1546.610164][T11776] usb 4-1: new full-speed USB device number 44 using dummy_hcd
[ 1546.942869][T26224] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 1546.976984][T26224] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 1546.990222][T11776] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1547.003163][T11776] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[ 1547.019391][T11776] usb 4-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00
[ 1547.029163][T11776] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1547.044049][T26224] F2FS-fs (loop0): invalid crc value
[ 1547.056993][T11776] usb 4-1: config 0 descriptor??
[ 1547.063333][T26224] F2FS-fs (loop0): Mismatch valid blocks 0 vs. 2
[ 1547.069772][T26224] F2FS-fs (loop0): Failed to initialize F2FS segment manager (-117)
[ 1547.080208][T26216] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1547.377156][T24620] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1547.651937][T26216] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1547.661099][T26216] ext4 filesystem being mounted at /259/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1547.703814][T26244] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1547.712092][T26244] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1547.748161][T26244] F2FS-fs (loop1): invalid crc value
[ 1547.913162][T26248] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1547.940879][T26244] F2FS-fs (loop1): Mismatch valid blocks 0 vs. 2
[ 1547.960293][T26244] F2FS-fs (loop1): Failed to initialize F2FS segment manager (-117)
[ 1547.989261][T26254] EXT4-fs (loop0): mounted filesystem without journal. Opts: usrquota,nojournal_checksum,,errors=continue
[ 1548.000736][T26254] ext4 filesystem being mounted at /204/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1548.040317][T11776] usbhid 4-1:0.0: can't add hid device: -71
[ 1548.046476][T11776] usbhid: probe of 4-1:0.0 failed with error -71
[ 1548.058515][T11776] usb 4-1: USB disconnect, device number 44
[ 1548.088442][   T24] audit: type=1400 audit(1753369887.697:6567): avc:  denied  { create } for  pid=26242 comm="syz.0.7134" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[ 1549.498555][   T24] audit: type=1326 audit(1753369889.097:6568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26269 comm="syz.1.7140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1549.522473][   T24] audit: type=1326 audit(1753369889.097:6569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26269 comm="syz.1.7140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1549.548003][   T24] audit: type=1326 audit(1753369889.097:6570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26269 comm="syz.1.7140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1549.585980][   T24] audit: type=1326 audit(1753369889.097:6571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26269 comm="syz.1.7140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1549.616607][   T24] audit: type=1326 audit(1753369889.097:6572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26269 comm="syz.1.7140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1549.640900][   T24] audit: type=1326 audit(1753369889.097:6573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26269 comm="syz.1.7140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1549.664882][   T24] audit: type=1326 audit(1753369889.097:6574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26269 comm="syz.1.7140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1549.704119][   T24] audit: type=1326 audit(1753369889.097:6575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26269 comm="syz.1.7140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1549.850301][T26282] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7143'.
[ 1550.141549][T26275] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1550.256651][T26275] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[ 1550.293868][T26271] EXT4-fs (loop4): mounted filesystem without journal. Opts: resgid=0x0000000000000000,jqfmt=vfsv1,,errors=continue
[ 1550.883624][T26271] EXT4-fs error (device loop4): ext4_mb_generate_buddy:808: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1550.910926][T26271] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 1 with error 28
[ 1550.919319][T26275] EXT4-fs (loop1): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,noauto_da_alloc,dioread_nolock,test_dummy_encryption,nobarrier,mblk_io_submit,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue
[ 1550.950286][T26271] EXT4-fs (loop4): This should not happen!! Data will be lost
[ 1550.950286][T26271] 
[ 1550.960055][T26271] EXT4-fs (loop4): Total free blocks count 0
[ 1550.969816][T26271] EXT4-fs (loop4): Free/Dirty block details
[ 1551.027852][T26271] EXT4-fs (loop4): free_blocks=2415919104
[ 1551.045099][T26271] EXT4-fs (loop4): dirty_blocks=16
[ 1551.065264][T26271] EXT4-fs (loop4): Block reservation details
[ 1551.071910][T26271] EXT4-fs (loop4): i_reserved_data_blocks=1
[ 1551.227121][ T4970] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[ 1551.253359][T26303] EXT4-fs (loop0): 1 orphan inode deleted
[ 1551.259163][T26303] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1551.268467][T26303] ext4 filesystem being mounted at /207/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1551.375810][ T4970] EXT4-fs (loop4): This should not happen!! Data will be lost
[ 1551.375810][ T4970] 
[ 1552.291315][T26315] incfs: Can't find or create .index dir in ./file0
[ 1552.298431][T26315] incfs: mount failed -14
[ 1552.347117][T26320] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7152'.
[ 1552.392571][T26320] netem: change failed
[ 1552.507774][T26325] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1552.517112][T26322] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1552.700310][T22372] usb 3-1: new low-speed USB device number 39 using dummy_hcd
[ 1552.980611][T26346] netlink: 340 bytes leftover after parsing attributes in process `syz.1.7158'.
[ 1553.702343][T26347] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1553.908723][T26360] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7160'.
[ 1553.917801][T26360] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7160'.
[ 1553.926848][T26360] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7160'.
[ 1553.935960][T26360] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7160'.
[ 1554.154880][T22372] usb 3-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 10
[ 1554.263100][T22372] usb 3-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 65535, setting to 8
[ 1554.275352][T22372] usb 3-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[ 1554.285549][T22372] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1554.520756][T26321] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1555.121247][T26368] incfs: Can't find or create .index dir in ./file0
[ 1555.128231][T26368] incfs: mount failed -14
[ 1555.213447][T26370] EXT4-fs (loop3): Mount option "nouser_xattr" will be removed by 3.5
[ 1555.213447][T26370] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[ 1555.213447][T26370] 
[ 1555.242085][T26370] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1555.355131][T26379] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1555.373149][T26370] [EXT4 FS bs=4096, gc=1, bpg=3008, ipg=32, mo=9002a018, mo2=0000]
[ 1555.391560][T26370] EXT4-fs (loop3): 1 truncate cleaned up
[ 1555.397302][T26370] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobarrier,noblock_validity,data_err=abort,nouser_xattr,barrier=0x000000000000000c,auto_da_alloc,nodiscard,data=journal,resgid=0x00000000000000002,errors=continue
[ 1555.467613][T24620] Quota error (device loop3): free_dqentry: Quota structure has offset to other block (1) than it should (5)
[ 1555.480462][T24620] EXT4-fs error (device loop3): ext4_release_dquot:6262: comm kworker/u4:9: Failed to release dquot type 1
[ 1555.510238][T26386] fuse: Bad value for 'fd'
[ 1556.322990][T26377] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 1556.372054][T26377] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 1556.389761][T26377] F2FS-fs (loop0): invalid crc value
[ 1556.395412][T22372] usb 3-1: string descriptor 0 read error: -71
[ 1556.403213][T22372] hub 3-1:32.0: USB hub found
[ 1556.438908][T26377] F2FS-fs (loop0): Mismatch valid blocks 0 vs. 2
[ 1556.447606][T26377] F2FS-fs (loop0): Failed to initialize F2FS segment manager (-117)
[ 1556.470197][T22372] hub 3-1:32.0: config failed, can't read hub descriptor (err -22)
[ 1556.530638][T22372] usb 3-1: USB disconnect, device number 39
[ 1556.688340][T26390] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1556.696407][T26390] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1556.710936][T26390] F2FS-fs (loop3): invalid crc value
[ 1556.718761][T26406] incfs: Can't find or create .index dir in ./file0
[ 1556.725668][T26406] incfs: mount failed -14
[ 1556.727148][T26397] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1556.739889][T26397] SELinux: security_context_str_to_sid(staff_u) failed for (dev loop1, type ext4) errno=-22
[ 1556.747853][T26390] F2FS-fs (loop3): Mismatch valid blocks 0 vs. 2
[ 1556.752107][ T1347] udevd[1347]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:32.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1556.772759][T26390] F2FS-fs (loop3): Failed to initialize F2FS segment manager (-117)
[ 1556.840192][T11776] usb 5-1: new low-speed USB device number 45 using dummy_hcd
[ 1557.210478][T11776] usb 5-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 10
[ 1557.223001][T26420] exfat: Unknown parameter 'Ϙ'
[ 1557.229257][T11776] usb 5-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 65535, setting to 8
[ 1557.240837][T11776] usb 5-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[ 1557.249929][T11776] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1557.327888][T26399] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1557.620471][T11776] usb 5-1: string descriptor 0 read error: -71
[ 1557.989114][T11776] hub 5-1:32.0: USB hub found
[ 1558.090371][T11776] hub 5-1:32.0: config failed, can't read hub descriptor (err -22)
[ 1558.320479][T11776] usb 5-1: USB disconnect, device number 45
[ 1558.503449][T26440] netlink: 324 bytes leftover after parsing attributes in process `syz.2.7179'.
[ 1558.512841][T26440] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7179'.
[ 1558.551132][T26434] EXT4-fs (loop0): Mount option "nouser_xattr" will be removed by 3.5
[ 1558.551132][T26434] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[ 1558.551132][T26434] 
[ 1558.760223][   T24] audit: type=1326 audit(1753369898.357:6576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26441 comm="syz.4.7186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f595a4c09a9 code=0x7ffc0000
[ 1558.791430][T26434] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1558.826982][   T24] audit: type=1326 audit(1753369898.357:6577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26441 comm="syz.4.7186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f595a4c09a9 code=0x7ffc0000
[ 1558.850921][   T24] audit: type=1326 audit(1753369898.357:6578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26441 comm="syz.4.7186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f595a4c09a9 code=0x7ffc0000
[ 1558.874749][   T24] audit: type=1326 audit(1753369898.357:6579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26441 comm="syz.4.7186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f595a4c09a9 code=0x7ffc0000
[ 1558.875881][T26434] [EXT4 FS bs=4096, gc=1, bpg=3008, ipg=32, mo=9002a018, mo2=0000]
[ 1558.907904][ T1347] udevd[1347]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:32.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1558.931158][   T24] audit: type=1326 audit(1753369898.357:6580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26441 comm="syz.4.7186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f595a4c09a9 code=0x7ffc0000
[ 1558.956438][   T24] audit: type=1326 audit(1753369898.357:6581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26441 comm="syz.4.7186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f595a4c09a9 code=0x7ffc0000
[ 1558.958391][T26437]  loop1: p1 < > p3
[ 1558.982043][T26434] EXT4-fs (loop0): 1 truncate cleaned up
[ 1558.989557][T26434] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobarrier,noblock_validity,data_err=abort,nouser_xattr,barrier=0x000000000000000c,auto_da_alloc,nodiscard,data=journal,resgid=0x00000000000000002,errors=continue
[ 1559.011369][T23681] Quota error (device loop0): free_dqentry: Quota structure has offset to other block (1) than it should (5)
[ 1559.023360][T23681] EXT4-fs error (device loop0): ext4_release_dquot:6262: comm kworker/u4:8: Failed to release dquot type 1
[ 1559.041805][T26437] loop1: p3 size 134217728 extends beyond EOD, truncated
[ 1559.056357][   T24] audit: type=1326 audit(1753369898.357:6582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26441 comm="syz.4.7186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f595a4c09a9 code=0x7ffc0000
[ 1559.087238][   T24] audit: type=1326 audit(1753369898.357:6583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26441 comm="syz.4.7186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f595a4c09a9 code=0x7ffc0000
[ 1559.161420][   T94]  loop1: p1 < > p3
[ 1559.165872][   T94] loop1: p3 size 134217728 extends beyond EOD, truncated
[ 1559.254032][T26455] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7189'.
[ 1559.676196][T26458] incfs: Can't find or create .index dir in ./file0
[ 1559.805927][T26458] incfs: mount failed -14
[ 1560.254948][ T1347] udevd[1347]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[ 1560.271404][ T1348] udevd[1348]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[ 1560.318117][ T1348] udevd[1348]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[ 1560.334462][ T1347] udevd[1347]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[ 1560.512111][   T24] kauditd_printk_skb: 18 callbacks suppressed
[ 1560.512123][   T24] audit: type=1400 audit(1753369900.127:6602): avc:  denied  { unmount } for  pid=26481 comm="syz.0.7201" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 1560.622216][T26490] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1560.631244][T26490] ext4 filesystem being mounted at /234/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1560.683923][T26499] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1560.694284][T26499] ext4 filesystem being mounted at /238/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1560.731600][   T24] audit: type=1326 audit(1753369900.347:6603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26508 comm="syz.3.7211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1560.763971][   T24] audit: type=1326 audit(1753369900.347:6604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26508 comm="syz.3.7211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1560.803571][   T24] audit: type=1326 audit(1753369900.347:6605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26508 comm="syz.3.7211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1560.827296][   T24] audit: type=1326 audit(1753369900.347:6606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26508 comm="syz.3.7211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1560.851477][   T24] audit: type=1326 audit(1753369900.347:6607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26508 comm="syz.3.7211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1560.875469][   T24] audit: type=1326 audit(1753369900.347:6608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26508 comm="syz.3.7211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1560.899449][   T24] audit: type=1326 audit(1753369900.347:6609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26508 comm="syz.3.7211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1560.923900][   T24] audit: type=1326 audit(1753369900.347:6610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26508 comm="syz.3.7211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1560.958791][   T24] audit: type=1326 audit(1753369900.347:6611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26508 comm="syz.3.7211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d2a9af9a9 code=0x7ffc0000
[ 1560.984849][T26514] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1560.994094][T26514] ext4 filesystem being mounted at /236/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1561.011853][T26514] overlayfs: './file1' not a directory
[ 1561.135469][T26523] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[ 1561.147465][T26523] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[ 1561.160717][T26523] EXT4-fs (loop3): revision level too high, forcing read-only mode
[ 1561.168836][T26523] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=4040e01c, mo2=0000]
[ 1561.176764][T26523] EXT4-fs (loop3): too many log groups per flexible block group
[ 1561.188421][T26523] EXT4-fs (loop3): failed to initialize mballoc (-12)
[ 1561.196119][T26523] EXT4-fs (loop3): mount failed
[ 1561.314726][T26531] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[ 1561.324737][T26531] EXT4-fs (loop2): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[ 1561.335473][T26531] EXT4-fs (loop2): revision level too high, forcing read-only mode
[ 1561.343549][T26531] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=4040e01c, mo2=0000]
[ 1561.351505][T26531] EXT4-fs (loop2): too many log groups per flexible block group
[ 1561.359267][T26531] EXT4-fs (loop2): failed to initialize mballoc (-12)
[ 1561.366576][T26531] EXT4-fs (loop2): mount failed
[ 1561.368231][T26523] FAULT_INJECTION: forcing a failure.
[ 1561.368231][T26523] name failslab, interval 1, probability 0, space 0, times 0
[ 1561.391115][T26523] CPU: 1 PID: 26523 Comm: syz.3.7215 Not tainted 5.10.240-syzkaller-00213-gad9a98ef27a4 #0
[ 1561.401126][T26523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1561.411235][T26523] Call Trace:
[ 1561.414525][T26523]  __dump_stack+0x21/0x24
[ 1561.418850][T26523]  dump_stack_lvl+0x169/0x1d8
[ 1561.423557][T26523]  ? show_regs_print_info+0x18/0x18
[ 1561.428893][T26523]  ? stack_trace_save+0x98/0xe0
[ 1561.433765][T26523]  dump_stack+0x15/0x1c
[ 1561.437928][T26523]  should_fail+0x3c1/0x510
[ 1561.442349][T26523]  ? kvm_mmu_topup_memory_cache+0xe4/0x220
[ 1561.448154][T26523]  __should_failslab+0xa4/0xe0
[ 1561.452914][T26523]  should_failslab+0x9/0x20
[ 1561.457497][T26523]  kmem_cache_alloc+0x3d/0x2e0
[ 1561.462289][T26523]  ? kvm_hv_setup_tsc_page+0xaa/0x720
[ 1561.467660][T26523]  kvm_mmu_topup_memory_cache+0xe4/0x220
[ 1561.473289][T26523]  kvm_mmu_load+0x70/0x1580
[ 1561.477789][T26523]  vcpu_enter_guest+0x5c3f/0x6d70
[ 1561.482814][T26523]  ? local_bh_enable+0x30/0x30
[ 1561.487607][T26523]  ? is_bpf_text_address+0x177/0x190
[ 1561.492915][T26523]  ? __kernel_text_address+0xa0/0x100
[ 1561.498291][T26523]  ? unwind_get_return_address+0x4d/0x90
[ 1561.503941][T26523]  ? stack_trace_save+0xe0/0xe0
[ 1561.509053][T26523]  ? arch_stack_walk+0xee/0x140
[ 1561.513906][T26523]  ? stack_trace_save+0x98/0xe0
[ 1561.518752][T26523]  ? stack_trace_snprint+0xf0/0xf0
[ 1561.523860][T26523]  ? __kasan_check_write+0x14/0x20
[ 1561.528972][T26523]  ? _raw_spin_lock_irqsave+0xb0/0x110
[ 1561.534426][T26523]  ? _raw_spin_lock+0xe0/0xe0
[ 1561.539097][T26523]  ? kasan_set_track+0x5b/0x70
[ 1561.543856][T26523]  ? kasan_set_free_info+0x23/0x40
[ 1561.548965][T26523]  ? __kasan_slab_free+0x11/0x20
[ 1561.553951][T26523]  ? slab_free_freelist_hook+0xc5/0x190
[ 1561.559506][T26523]  ? kmem_cache_free+0x100/0x2d0
[ 1561.564440][T26523]  ? putname+0xfe/0x150
[ 1561.568608][T26523]  ? do_sys_openat2+0x207/0x6d0
[ 1561.573450][T26523]  ? do_syscall_64+0x31/0x40
[ 1561.578043][T26523]  ? _kstrtoull+0x3c0/0x4d0
[ 1561.582541][T26523]  ? __kasan_check_read+0x11/0x20
[ 1561.587558][T26523]  ? vmx_vcpu_pi_load+0xa5/0x3e0
[ 1561.592491][T26523]  ? __local_bh_enable_ip+0x53/0x80
[ 1561.597680][T26523]  ? kvm_load_guest_fpu+0x159/0x290
[ 1561.602874][T26523]  kvm_arch_vcpu_ioctl_run+0x7d0/0x1970
[ 1561.608421][T26523]  kvm_vcpu_ioctl+0x78e/0xb50
[ 1561.613112][T26523]  ? kernel_write+0x3c0/0x3c0
[ 1561.617811][T26523]  ? kvm_create_vcpu_debugfs+0x170/0x170
[ 1561.623444][T26523]  ? selinux_file_ioctl+0x377/0x480
[ 1561.628853][T26523]  ? mutex_trylock+0xa0/0xa0
[ 1561.633443][T26523]  ? __fget_files+0x2c4/0x320
[ 1561.638124][T26523]  ? selinux_file_alloc_security+0x120/0x120
[ 1561.644097][T26523]  ? __fget_files+0x2c4/0x320
[ 1561.648814][T26523]  ? security_file_ioctl+0x84/0xa0
[ 1561.653942][T26523]  ? kvm_create_vcpu_debugfs+0x170/0x170
[ 1561.659702][T26523]  __se_sys_ioctl+0x121/0x1a0
[ 1561.664386][T26523]  __x64_sys_ioctl+0x7b/0x90
[ 1561.668976][T26523]  do_syscall_64+0x31/0x40
[ 1561.673413][T26523]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1561.679463][T26523] RIP: 0033:0x7f4d2a9af9a9
[ 1561.683889][T26523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1561.703615][T26523] RSP: 002b:00007f4d29018038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1561.712031][T26523] RAX: ffffffffffffffda RBX: 00007f4d2abd6fa0 RCX: 00007f4d2a9af9a9
[ 1561.719998][T26523] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[ 1561.727963][T26523] RBP: 00007f4d29018090 R08: 0000000000000000 R09: 0000000000000000
[ 1561.735926][T26523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1561.743910][T26523] R13: 0000000000000000 R14: 00007f4d2abd6fa0 R15: 00007ffed837b758
[ 1561.878102][T26544] overlayfs: failed to resolve './file0': -2
[ 1561.987827][T26558] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7221'.
[ 1563.071581][T26531] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1563.081106][T26531] ext4 filesystem being mounted at /239/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1563.152298][T26562] erofs: (device loop1): mounted with root inode @ nid 36.
[ 1563.171368][T26549] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[ 1563.187624][T26549] exFAT-fs (loop3): IO charset iso8859- not found
[ 1563.328475][T26569] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1563.869661][T26587] netlink: 324 bytes leftover after parsing attributes in process `syz.2.7231'.
[ 1564.636110][T26607] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1564.645434][T26607] SELinux: security_context_str_to_sid(staff_u) failed for (dev loop4, type ext4) errno=-22
[ 1564.712098][T26614] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1564.926581][T26623] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1564.981258][T26629] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1564.990558][T26629] ext4 filesystem being mounted at /279/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1565.596835][   T24] kauditd_printk_skb: 9 callbacks suppressed
[ 1565.596849][   T24] audit: type=1400 audit(1753369905.207:6621): avc:  denied  { listen } for  pid=26653 comm="syz.0.7255" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1565.739650][T26655] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7253'.
[ 1567.126091][T26661] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,bsdgroups,
[ 1567.190768][T26661] ext4 filesystem being mounted at /282/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1567.216797][T26681] overlayfs: failed to clone upperpath
[ 1567.276700][T26678] incfs: Can't find or create .index dir in ./file0
[ 1567.325157][T26678] incfs: mount failed -14
[ 1567.361519][T26679] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1567.649213][T26685] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1567.671661][T26685] SELinux: security_context_str_to_sid(staff_u) failed for (dev loop3, type ext4) errno=-22
[ 1567.731487][T26693] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1567.810371][T26693] ext4 filesystem being mounted at /248/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1567.937361][T26696] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1568.170997][T26702] EXT4-fs (loop3): Mount option "nouser_xattr" will be removed by 3.5
[ 1568.170997][T26702] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[ 1568.170997][T26702] 
[ 1568.296867][T26702] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1568.336776][T26702] [EXT4 FS bs=4096, gc=1, bpg=3008, ipg=32, mo=9002a018, mo2=0000]
[ 1568.662084][T26702] EXT4-fs (loop3): 1 truncate cleaned up
[ 1568.668929][T26702] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobarrier,noblock_validity,data_err=abort,nouser_xattr,barrier=0x000000000000000c,auto_da_alloc,nodiscard,data=journal,resgid=0x00000000000000002,errors=continue
[ 1568.691244][T23681] Quota error (device loop3): free_dqentry: Quota structure has offset to other block (1) than it should (5)
[ 1568.708076][T23681] EXT4-fs error (device loop3): ext4_release_dquot:6262: comm kworker/u4:8: Failed to release dquot type 1
[ 1568.957185][T26726] incfs: Can't find or create .index dir in ./file0
[ 1568.964117][T26726] incfs: mount failed -14
[ 1569.093969][T26732] netlink: 324 bytes leftover after parsing attributes in process `syz.4.7271'.
[ 1569.337201][T26735] fuse: root generation should be zero
[ 1569.537395][T26752] fuse: Bad value for 'fd'
[ 1569.637068][T26759] netlink: 324 bytes leftover after parsing attributes in process `syz.2.7279'.
[ 1569.646445][T26759] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7279'.
[ 1569.908837][T26762] incfs: Can't find or create .index dir in ./file0
[ 1569.927359][T26762] incfs: mount failed -14
[ 1569.962411][T26756] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1569.973149][T26756] ext4 filesystem being mounted at /254/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1570.029530][T26756] overlayfs: './file1' not a directory
[ 1570.051487][T26773] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[ 1570.066866][T26773] EXT4-fs (loop3): Ignoring removed bh option
[ 1570.109559][T26773] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1570.131522][T26773] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1570.146271][T26773] EXT4-fs (loop3): 1 truncate cleaned up
[ 1570.152231][T26773] EXT4-fs (loop3): mounted filesystem without journal. Opts: mblk_io_submit,dioread_nolock,bh,errors=continue,nouid32,quota,nogrpid,,errors=continue
[ 1570.237820][T26782] fuse: Unknown parameter 'user00000000000000000000'
[ 1571.100886][T26779] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,bsdgroups,
[ 1571.114525][T26779] ext4 filesystem being mounted at /255/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1571.206642][T26799] fuse: Unknown parameter '00000000000000000000'
[ 1571.296649][T26800] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7293'.
[ 1571.346475][T26795] binder: 26793:26795 unknown command 767
[ 1571.376490][T26795] binder: 26793:26795 ioctl c0306201 2000000003c0 returned -22
[ 1572.028388][T26803] fuse: Bad value for 'fd'
[ 1572.084107][T26808] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[ 1572.127168][T26808] exFAT-fs (loop2): IO charset iso8859- not found
[ 1572.312245][T26818] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1572.323169][T26818] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[ 1572.358889][T26818] EXT4-fs (loop1): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,noauto_da_alloc,dioread_nolock,test_dummy_encryption,nobarrier,mblk_io_submit,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue
[ 1572.439836][T26824] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1572.449162][T26824] ext4 filesystem being mounted at /289/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1572.550177][  T947] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[ 1572.606211][   T24] audit: type=1400 audit(1753369912.217:6622): avc:  denied  { getopt } for  pid=26841 comm="syz.0.7308" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 1572.668119][T26837] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1572.749673][T26840] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,bsdgroups,
[ 1572.813768][T26840] ext4 filesystem being mounted at /259/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1572.900212][  T947] usb 5-1: Using ep0 maxpacket: 32
[ 1573.040367][  T947] usb 5-1: config 0 has an invalid interface number: 224 but max is 0
[ 1573.074752][  T947] usb 5-1: config 0 has no interface number 0
[ 1573.152511][  T947] usb 5-1: config 0 interface 224 has no altsetting 0
[ 1573.317533][   T24] audit: type=1326 audit(1753369912.927:6623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26856 comm="syz.1.7313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1573.348589][   T24] audit: type=1326 audit(1753369912.957:6624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26856 comm="syz.1.7313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1573.372739][   T24] audit: type=1326 audit(1753369912.957:6625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26856 comm="syz.1.7313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1573.396718][   T24] audit: type=1326 audit(1753369912.957:6626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26856 comm="syz.1.7313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=162 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1573.453745][  T947] usb 5-1: New USB device found, idVendor=0499, idProduct=100d, bcdDevice=7a.5c
[ 1573.470142][  T947] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1573.480112][  T947] usb 5-1: Product: syz
[ 1573.484290][  T947] usb 5-1: Manufacturer: syz
[ 1573.489145][  T947] usb 5-1: SerialNumber: syz
[ 1573.498405][  T947] usb 5-1: config 0 descriptor??
[ 1573.566391][T26861] netlink: 324 bytes leftover after parsing attributes in process `syz.0.7312'.
[ 1573.575760][T26861] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7312'.
[ 1573.607126][   T24] audit: type=1326 audit(1753369913.207:6627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26856 comm="syz.1.7313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f343135f9a9 code=0x7ffc0000
[ 1573.777304][  T947] snd-usb-audio: probe of 5-1:0.224 failed with error -2
[ 1573.793272][  T947] usb 5-1: USB disconnect, device number 46
[ 1574.068817][T26870] netlink: 324 bytes leftover after parsing attributes in process `syz.2.7314'.
[ 1574.078246][T26870] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7314'.
[ 1574.691184][T26892] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1574.767077][   T24] audit: type=1400 audit(1753369914.377:6628): avc:  denied  { nlmsg_read } for  pid=26904 comm="syz.2.7330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1574.870511][T26909] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1574.980838][T26909] ext4 filesystem being mounted at /259/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1575.400710][   T24] audit: type=1326 audit(1753369915.017:6629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26926 comm="syz.4.7337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f595a4c09a9 code=0x7ffc0000
[ 1575.463763][   T24] audit: type=1326 audit(1753369915.037:6630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26926 comm="syz.4.7337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f595a4c09a9 code=0x7ffc0000
[ 1575.566041][T26933] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7335'.
[ 1575.602973][   T24] audit: type=1326 audit(1753369915.037:6631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26926 comm="syz.4.7337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f595a4c09a9 code=0x7ffc0000
[ 1575.705283][T26938] overlayfs: failed to resolve './file1': -2
[ 1575.747352][T26942] FAULT_INJECTION: forcing a failure.
[ 1575.747352][T26942] name failslab, interval 1, probability 0, space 0, times 0
[ 1575.810932][T26942] CPU: 1 PID: 26942 Comm: syz.4.7344 Not tainted 5.10.240-syzkaller-00213-gad9a98ef27a4 #0
[ 1575.821128][T26942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1575.831292][T26942] Call Trace:
[ 1575.834613][T26942]  __dump_stack+0x21/0x24
[ 1575.839027][T26942]  dump_stack_lvl+0x169/0x1d8
[ 1575.843718][T26942]  ? asm_sysvec_reschedule_ipi+0x12/0x20
[ 1575.849356][T26942]  ? show_regs_print_info+0x18/0x18
[ 1575.854567][T26942]  dump_stack+0x15/0x1c
[ 1575.858731][T26942]  should_fail+0x3c1/0x510
[ 1575.863160][T26942]  ? create_new_namespaces+0x34/0x650
[ 1575.868650][T26942]  __should_failslab+0xa4/0xe0
[ 1575.873436][T26942]  should_failslab+0x9/0x20
[ 1575.878050][T26942]  kmem_cache_alloc+0x3d/0x2e0
[ 1575.882912][T26942]  create_new_namespaces+0x34/0x650
[ 1575.888118][T26942]  ? security_capable+0x87/0xb0
[ 1575.892973][T26942]  ? ns_capable+0x8c/0xf0
[ 1575.897400][T26942]  unshare_nsproxy_namespaces+0x120/0x170
[ 1575.903125][T26942]  ksys_unshare+0x4ac/0x7d0
[ 1575.907635][T26942]  ? unshare_fd+0x1d0/0x1d0
[ 1575.912153][T26942]  ? debug_smp_processor_id+0x17/0x20
[ 1575.917545][T26942]  __x64_sys_unshare+0x38/0x40
[ 1575.922315][T26942]  do_syscall_64+0x31/0x40
[ 1575.926740][T26942]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1575.932636][T26942] RIP: 0033:0x7f595a4c09a9
[ 1575.937061][T26942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1575.956683][T26942] RSP: 002b:00007f5958b29038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1575.965109][T26942] RAX: ffffffffffffffda RBX: 00007f595a6e7fa0 RCX: 00007f595a4c09a9
[ 1575.973180][T26942] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
[ 1575.981169][T26942] RBP: 00007f5958b29090 R08: 0000000000000000 R09: 0000000000000000
[ 1575.989149][T26942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1575.997125][T26942] R13: 0000000000000000 R14: 00007f595a6e7fa0 R15: 00007ffc2a66a898
[ 1576.039498][T26945] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1576.058164][T26945] ext4 filesystem being mounted at /259/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1576.521577][T26987]  loop2: p1 < > p3
[ 1576.526122][T26987] loop2: p3 size 134217728 extends beyond EOD, truncated
[ 1576.652869][ T1348] udevd[1348]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[ 1576.663782][ T1347] udevd[1347]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[ 1576.861789][T26999] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1576.869171][T26999] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1576.875612][T27001] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,bsdgroups,
[ 1576.877349][T26999] device bridge_slave_0 entered promiscuous mode
[ 1576.886790][T27001] ext4 filesystem being mounted at /268/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1576.913408][T26999] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1576.923157][T26999] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1576.931089][T26999] device bridge_slave_1 entered promiscuous mode
[ 1577.006338][T26999] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1577.013475][T26999] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1577.020823][T26999] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1577.027870][T26999] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1577.375137][T27011] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1577.398753][T18341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1577.407718][T27011] SELinux: security_context_str_to_sid(staff_u) failed for (dev loop2, type ext4) errno=-22
[ 1577.418058][T18341] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1577.425549][T18341] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1577.443347][T18341] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1577.451942][T18341] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1577.459046][T18341] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1577.468317][T18341] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1577.476695][T18341] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1577.483793][T18341] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1577.608309][T26999] device veth0_vlan entered promiscuous mode
[ 1577.826137][T26999] device veth1_macvtap entered promiscuous mode
[ 1577.859180][T18341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1577.871821][   T24] kauditd_printk_skb: 60 callbacks suppressed
[ 1577.871836][   T24] audit: type=1326 audit(1753369917.487:6692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27032 comm="syz.2.7375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4d22449a9 code=0x7ffc0000
[ 1577.876120][T18341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1577.878880][   T24] audit: type=1326 audit(1753369917.487:6693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27032 comm="syz.2.7375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc4d22449a9 code=0x7ffc0000
[ 1577.913619][T18341] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1577.941708][T18341] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1577.949609][T18341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1577.968817][T18341] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1577.978235][T18341] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1577.987504][   T24] audit: type=1326 audit(1753369917.557:6694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27032 comm="syz.2.7375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4d22449a9 code=0x7ffc0000
[ 1578.011710][   T24] audit: type=1326 audit(1753369917.557:6695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27032 comm="syz.2.7375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4d22449a9 code=0x7ffc0000
[ 1578.095665][T27046] FAULT_INJECTION: forcing a failure.
[ 1578.095665][T27046] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1578.128819][T27048] FAULT_INJECTION: forcing a failure.
[ 1578.128819][T27048] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1578.150532][T27046] CPU: 0 PID: 27046 Comm: syz.1.7381 Not tainted 5.10.240-syzkaller-00213-gad9a98ef27a4 #0
[ 1578.160532][T27046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1578.170620][T27046] Call Trace:
[ 1578.173916][T27046]  __dump_stack+0x21/0x24
[ 1578.178241][T27046]  dump_stack_lvl+0x169/0x1d8
[ 1578.182915][T27046]  ? show_regs_print_info+0x18/0x18
[ 1578.188106][T27046]  ? vfs_write+0xac8/0xd60
[ 1578.192522][T27046]  dump_stack+0x15/0x1c
[ 1578.196708][T27046]  should_fail+0x3c1/0x510
[ 1578.201129][T27046]  should_fail_usercopy+0x1a/0x20
[ 1578.206153][T27046]  _copy_from_user+0x20/0xd0
[ 1578.210831][T27046]  __se_sys_bpf+0x181/0x680
[ 1578.210985][T18341] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1578.215365][T27046]  ? __x64_sys_bpf+0x90/0x90
[ 1578.227970][T27046]  ? fpu__clear_all+0x20/0x20
[ 1578.230556][T18341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1578.232668][T27046]  __x64_sys_bpf+0x7b/0x90
[ 1578.245182][T27046]  do_syscall_64+0x31/0x40
[ 1578.249601][T27046]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1578.250532][T18341] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1578.255494][T27046] RIP: 0033:0x7f343135f9a9
[ 1578.255507][T27046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1578.255523][T27046] RSP: 002b:00007f342f9c8038 EFLAGS: 00000246
[ 1578.280508][T18341] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1578.287784][T27046]  ORIG_RAX: 0000000000000141
[ 1578.287794][T27046] RAX: ffffffffffffffda RBX: 00007f3431586fa0 RCX: 00007f343135f9a9
[ 1578.287811][T27046] RDX: 0000000000000050 RSI: 0000200000000d80 RDI: 000000000000000a
[ 1578.322527][T27046] RBP: 00007f342f9c8090 R08: 0000000000000000 R09: 0000000000000000
[ 1578.330501][T27046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1578.338651][T27046] R13: 0000000000000000 R14: 00007f3431586fa0 R15: 00007ffde3dd0648
[ 1578.346722][T27048] CPU: 1 PID: 27048 Comm: syz.5.7367 Not tainted 5.10.240-syzkaller-00213-gad9a98ef27a4 #0
[ 1578.356709][T27048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1578.366774][T27048] Call Trace:
[ 1578.370073][T27048]  __dump_stack+0x21/0x24
[ 1578.374402][T27048]  dump_stack_lvl+0x169/0x1d8
[ 1578.379078][T27048]  ? show_regs_print_info+0x18/0x18
[ 1578.384272][T27048]  ? 0xffffffffa002610c
[ 1578.388429][T27048]  ? is_bpf_text_address+0x177/0x190
[ 1578.393707][T27048]  dump_stack+0x15/0x1c
[ 1578.397861][T27048]  should_fail+0x3c1/0x510
[ 1578.402271][T27048]  should_fail_usercopy+0x1a/0x20
[ 1578.407288][T27048]  _copy_from_user+0x20/0xd0
[ 1578.411879][T27048]  __copy_msghdr_from_user+0xaf/0x5e0
[ 1578.417253][T27048]  ? stack_trace_save+0x98/0xe0
[ 1578.422101][T27048]  ? __ia32_sys_shutdown+0x1e0/0x1e0
[ 1578.427383][T27048]  ? kasan_set_track+0x5b/0x70
[ 1578.432142][T27048]  ? kasan_set_free_info+0x23/0x40
[ 1578.437334][T27048]  ___sys_sendmsg+0x156/0x260
[ 1578.442023][T27048]  ? __sys_sendmsg+0x250/0x250
[ 1578.446917][T27048]  ? kstrtouint_from_user+0x1a0/0x200
[ 1578.452295][T27048]  ? __fdget+0x1a1/0x230
[ 1578.456537][T27048]  __sys_sendmmsg+0x273/0x450
[ 1578.461217][T27048]  ? __ia32_sys_sendmsg+0x2a0/0x2a0
[ 1578.466434][T27048]  ? __ia32_sys_read+0x90/0x90
[ 1578.471195][T27048]  ? fpu__clear_all+0x20/0x20
[ 1578.475869][T27048]  ? fd_install+0x50/0x60
[ 1578.480197][T27048]  __x64_sys_sendmmsg+0xa0/0xb0
[ 1578.485043][T27048]  do_syscall_64+0x31/0x40
[ 1578.489455][T27048]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1578.495341][T27048] RIP: 0033:0x7f4e5b0e29a9
[ 1578.499752][T27048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1578.519359][T27048] RSP: 002b:00007f4e5974b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1578.527772][T27048] RAX: ffffffffffffffda RBX: 00007f4e5b309fa0 RCX: 00007f4e5b0e29a9
[ 1578.535737][T27048] RDX: 0000000000000001 RSI: 0000200000000440 RDI: 0000000000000006
[ 1578.543700][T27048] RBP: 00007f4e5974b090 R08: 0000000000000000 R09: 0000000000000000
[ 1578.551694][T27048] R10: 0000000004004040 R11: 0000000000000246 R12: 0000000000000001
[ 1578.559659][T27048] R13: 0000000000000000 R14: 00007f4e5b309fa0 R15: 00007fff24be9d88
[ 1578.568841][T27051] overlayfs: failed to clone upperpath
[ 1578.627820][T27052] fuse: Unknown parameter 'user_i00000000000000000000'
[ 1579.186453][T27062] 9pnet: Insufficient options for proto=fd
[ 1579.571970][T27066] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7383'.
[ 1580.093290][T27076] incfs: Can't find or create .index dir in ./file0
[ 1580.100032][T27076] incfs: mount failed -14
[ 1580.149088][T27078] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7391'.
[ 1580.165084][T27078] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7391'.
[ 1580.669575][T27091] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1580.764706][T27097] overlayfs: failed to clone upperpath
[ 1580.929778][T23681] device bridge_slave_1 left promiscuous mode
[ 1580.936037][T23681] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1580.943921][T23681] device bridge_slave_0 left promiscuous mode
[ 1580.950318][T23681] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1580.974944][T23681] device veth1_macvtap left promiscuous mode
[ 1581.091053][T27101] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7396'.
[ 1582.010239][T27104] fuse: Unknown parameter 'user_i00000000000000000000'
[ 1583.339222][   T24] audit: type=1326 audit(1753369922.927:6696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27112 comm="syz.2.7401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4d22449a9 code=0x7ffc0000
[ 1583.364738][   T24] audit: type=1326 audit(1753369922.927:6697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27112 comm="syz.2.7401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7fc4d22449a9 code=0x7ffc0000
[ 1583.386171][  T279] ==================================================================
[ 1583.396299][  T279] BUG: KASAN: use-after-free in vlan_dev_get_iflink+0x6d/0x70
[ 1583.403775][  T279] Read of size 4 at addr ffff8881138de100 by task kworker/u4:2/279
[ 1583.409486][   T24] audit: type=1326 audit(1753369922.927:6698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27112 comm="syz.2.7401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4d22449a9 code=0x7ffc0000
[ 1583.411675][  T279] 
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1583.411690][  T279] CPU: 0 PID: 279 Comm: kworker/u4:2 Not tainted 5.10.240-syzkaller-00213-gad9a98ef27a4 #0
[ 1583.411698][  T279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1583.411725][  T279] Workqueue: events_unbound linkwatch_event
[ 1583.463586][  T279] Call Trace:
[ 1583.466897][  T279]  __dump_stack+0x21/0x24
[ 1583.471246][  T279]  dump_stack_lvl+0x169/0x1d8
[ 1583.475942][  T279]  ? show_regs_print_info+0x18/0x18
[ 1583.481168][  T279]  ? thaw_kernel_threads+0x220/0x220
[ 1583.486468][  T279]  print_address_description+0x7f/0x2c0
[ 1583.492032][  T279]  ? vlan_dev_get_iflink+0x6d/0x70
[ 1583.497185][  T279]  kasan_report+0xe2/0x130
[ 1583.501816][  T279]  ? preempt_count_add+0x90/0x1b0
[ 1583.506899][  T279]  ? vlan_dev_get_iflink+0x6d/0x70
[ 1583.512033][  T279]  __asan_report_load4_noabort+0x14/0x20
[ 1583.517822][  T279]  vlan_dev_get_iflink+0x6d/0x70
[ 1583.522781][  T279]  ? vlan_dev_fix_features+0x180/0x180
[ 1583.528273][  T279]  dev_get_iflink+0x70/0xc0
[ 1583.532799][  T279]  rfc2863_policy+0x124/0x2b0
[ 1583.537496][  T279]  ? linkwatch_forget_dev+0xc1/0x180
[ 1583.542799][  T279]  linkwatch_do_dev+0x3b/0x140
[ 1583.547586][  T279]  __linkwatch_run_queue+0x4a9/0x7b0
[ 1583.550351][   T24] audit: type=1326 audit(1753369922.927:6699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27112 comm="syz.2.7401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc4d22449a9 code=0x7ffc0000
[ 1583.552889][  T279]  ? linkwatch_run_queue+0x20/0x20
[ 1583.581005][   T24] audit: type=1326 audit(1753369922.927:6700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27112 comm="syz.2.7401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4d22449a9 code=0x7ffc0000
[ 1583.581565][  T279]  ? try_to_wake_up+0x616/0xd70
[ 1583.605284][   T24] audit: type=1326 audit(1753369922.927:6701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27112 comm="syz.2.7401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc4d22449a9 code=0x7ffc0000
[ 1583.609830][  T279]  linkwatch_event+0x4c/0x60
[ 1583.633795][   T24] audit: type=1326 audit(1753369922.927:6702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27112 comm="syz.2.7401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4d22449a9 code=0x7ffc0000
[ 1583.637956][  T279]  process_one_work+0x6e1/0xba0
[ 1583.661735][   T24] audit: type=1326 audit(1753369922.927:6703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27112 comm="syz.2.7401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7fc4d22449a9 code=0x7ffc0000
[ 1583.666235][  T279]  worker_thread+0xa6a/0x13b0
[ 1583.690098][   T24] audit: type=1326 audit(1753369922.927:6704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27112 comm="syz.2.7401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4d22449a9 code=0x7ffc0000
[ 1583.694390][  T279]  kthread+0x346/0x3d0
[ 1583.717851][   T24] audit: type=1326 audit(1753369922.927:6705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27112 comm="syz.2.7401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7fc4d22449a9 code=0x7ffc0000
[ 1583.721861][  T279]  ? worker_clr_flags+0x190/0x190
[ 1583.721875][  T279]  ? kthread_blkcg+0xd0/0xd0
[ 1583.721888][  T279]  ret_from_fork+0x1f/0x30
[ 1583.721895][  T279] 
[ 1583.721903][  T279] Allocated by task 22272:
[ 1583.721917][  T279]  __kasan_kmalloc+0xda/0x110
[ 1583.721927][  T279]  __kmalloc+0x1a7/0x330
[ 1583.721939][  T279]  kvmalloc_node+0x88/0x130
[ 1583.721951][  T279]  alloc_netdev_mqs+0x88/0xc80
[ 1583.721960][  T279]  rtnl_create_link+0x242/0x930
[ 1583.721970][  T279]  rtnl_newlink+0x105e/0x1640
[ 1583.721981][  T279]  rtnetlink_rcv_msg+0x9db/0xb90
[ 1583.721992][  T279]  netlink_rcv_skb+0x1e0/0x430
[ 1583.722001][  T279]  rtnetlink_rcv+0x1c/0x20
[ 1583.722010][  T279]  netlink_unicast+0x876/0xa40
[ 1583.722020][  T279]  netlink_sendmsg+0x88d/0xb30
[ 1583.722031][  T279]  __sys_sendto+0x41d/0x580
[ 1583.722041][  T279]  __x64_sys_sendto+0xe5/0x100
[ 1583.722051][  T279]  do_syscall_64+0x31/0x40
[ 1583.722063][  T279]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1583.722066][  T279] 
[ 1583.722071][  T279] Freed by task 23681:
[ 1583.722081][  T279]  kasan_set_track+0x4a/0x70
[ 1583.722091][  T279]  kasan_set_free_info+0x23/0x40
[ 1583.722101][  T279]  ____kasan_slab_free+0x125/0x160
[ 1583.722119][  T279]  __kasan_slab_free+0x11/0x20
[ 1583.863275][  T279]  slab_free_freelist_hook+0xc5/0x190
[ 1583.868633][  T279]  kfree+0xc0/0x270
[ 1583.872432][  T279]  kvfree+0x35/0x40
[ 1583.876297][  T279]  netdev_freemem+0x3f/0x60
[ 1583.881049][  T279]  netdev_release+0x7f/0xb0
[ 1583.885537][  T279]  device_release+0x96/0x1c0
[ 1583.890118][  T279]  kobject_put+0x18a/0x270
[ 1583.894543][  T279]  netdev_run_todo+0xb99/0xd20
[ 1583.899295][  T279]  rtnl_unlock+0xe/0x10
[ 1583.903439][  T279]  default_device_exit_batch+0x335/0x390
[ 1583.909059][  T279]  cleanup_net+0x5fb/0xb70
[ 1583.913470][  T279]  process_one_work+0x6e1/0xba0
[ 1583.918310][  T279]  worker_thread+0xa6a/0x13b0
[ 1583.922974][  T279]  kthread+0x346/0x3d0
[ 1583.927029][  T279]  ret_from_fork+0x1f/0x30
[ 1583.931426][  T279] 
[ 1583.933749][  T279] The buggy address belongs to the object at ffff8881138de000
[ 1583.933749][  T279]  which belongs to the cache kmalloc-4k of size 4096
[ 1583.947790][  T279] The buggy address is located 256 bytes inside of
[ 1583.947790][  T279]  4096-byte region [ffff8881138de000, ffff8881138df000)
[ 1583.961135][  T279] The buggy address belongs to the page:
[ 1583.966774][  T279] page:ffffea00044e3600 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8881138d8000 pfn:0x1138d8
[ 1583.978300][  T279] head:ffffea00044e3600 order:3 compound_mapcount:0 compound_pincount:0
[ 1583.986613][  T279] flags: 0x4000000000010200(slab|head)
[ 1583.992068][  T279] raw: 4000000000010200 ffffea00046e5608 ffffea0004d18808 ffff888100042c00
[ 1584.000656][  T279] raw: ffff8881138d8000 0000000000040003 00000001ffffffff 0000000000000000
[ 1584.009220][  T279] page dumped because: kasan: bad access detected
[ 1584.015622][  T279] page_owner tracks the page as allocated
[ 1584.021340][  T279] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d60c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_RETRY_MAYFAIL|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 22272, ts 1347416267629, free_ts 1347404796999
[ 1584.044095][  T279]  prep_new_page+0x179/0x180
[ 1584.048676][  T279]  get_page_from_freelist+0x2235/0x23d0
[ 1584.054213][  T279]  __alloc_pages_nodemask+0x268/0x5f0
[ 1584.059573][  T279]  new_slab+0x84/0x3f0
[ 1584.063628][  T279]  ___slab_alloc+0x2a6/0x450
[ 1584.068204][  T279]  __slab_alloc+0x63/0xa0
[ 1584.072523][  T279]  __kmalloc+0x201/0x330
[ 1584.076763][  T279]  kvmalloc_node+0x88/0x130
[ 1584.081254][  T279]  alloc_netdev_mqs+0x88/0xc80
[ 1584.086004][  T279]  rtnl_create_link+0x242/0x930
[ 1584.090851][  T279]  rtnl_newlink+0x105e/0x1640
[ 1584.095547][  T279]  rtnetlink_rcv_msg+0x9db/0xb90
[ 1584.100477][  T279]  netlink_rcv_skb+0x1e0/0x430
[ 1584.105226][  T279]  rtnetlink_rcv+0x1c/0x20
[ 1584.109629][  T279]  netlink_unicast+0x876/0xa40
[ 1584.114383][  T279]  netlink_sendmsg+0x88d/0xb30
[ 1584.119133][  T279] page last free stack trace:
[ 1584.123804][  T279]  __free_pages_ok+0x7fc/0x820
[ 1584.128555][  T279]  __free_pages+0xdd/0x380
[ 1584.132966][  T279]  __free_slab+0xcf/0x190
[ 1584.137285][  T279]  unfreeze_partials+0x15f/0x190
[ 1584.142206][  T279]  put_cpu_partial+0xc1/0x180
[ 1584.146895][  T279]  __slab_free+0x2c9/0x3a0
[ 1584.151305][  T279]  ___cache_free+0x111/0x130
[ 1584.155915][  T279]  qlink_free+0x50/0x90
[ 1584.160063][  T279]  qlist_free_all+0x5f/0xb0
[ 1584.164550][  T279]  kasan_quarantine_reduce+0x14a/0x160
[ 1584.170178][  T279]  __kasan_slab_alloc+0x2f/0xf0
[ 1584.175117][  T279]  slab_post_alloc_hook+0x5d/0x2f0
[ 1584.180220][  T279]  kmem_cache_alloc+0x165/0x2e0
[ 1584.185057][  T279]  __alloc_skb+0x9e/0x520
[ 1584.189375][  T279]  netlink_ack+0x3a6/0xb80
[ 1584.193790][  T279]  netlink_rcv_skb+0x265/0x430
[ 1584.198534][  T279] 
[ 1584.200847][  T279] Memory state around the buggy address:
[ 1584.206462][  T279]  ffff8881138de000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1584.214510][  T279]  ffff8881138de080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1584.222644][  T279] >ffff8881138de100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1584.230773][  T279]                    ^
[ 1584.234828][  T279]  ffff8881138de180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1584.242874][  T279]  ffff8881138de200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1584.250921][  T279] ==================================================================
[ 1584.258968][  T279] Disabling lock debugging due to kernel taint
[ 1584.494407][T23681] tipc: Left network mode
[ 1585.312316][T23681] device bridge_slave_1 left promiscuous mode
[ 1585.318467][T23681] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1585.326031][T23681] device bridge_slave_0 left promiscuous mode
[ 1585.332259][T23681] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1585.340371][T23681] device bridge_slave_1 left promiscuous mode
[ 1585.346490][T23681] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1585.353958][T23681] device bridge_slave_0 left promiscuous mode
[ 1585.360186][T23681] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1585.368274][T23681] device bridge_slave_1 left promiscuous mode
[ 1585.374515][T23681] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1585.382118][T23681] device bridge_slave_0 left promiscuous mode
[ 1585.388233][T23681] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1585.396627][T23681] device bridge_slave_1 left promiscuous mode
[ 1585.402809][T23681] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1585.410499][T23681] device bridge_slave_0 left promiscuous mode
[ 1585.416644][T23681] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1585.425192][T23681] device bridge_slave_1 left promiscuous mode
[ 1585.431408][T23681] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1585.438883][T23681] device bridge_slave_0 left promiscuous mode
[ 1585.445180][T23681] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1585.453973][T23681] device veth1_macvtap left promiscuous mode
[ 1585.460244][T23681] device veth0_vlan left promiscuous mode
[ 1585.466148][T23681] device veth1_macvtap left promiscuous mode
[ 1585.472192][T23681] device veth0_vlan left promiscuous mode
[ 1585.478120][T23681] device veth1_macvtap left promiscuous mode
[ 1585.484213][T23681] device veth0_vlan left promiscuous mode
[ 1585.490376][T23681] device veth1_macvtap left promiscuous mode
[ 1585.496375][T23681] device veth0_vlan left promiscuous mode
[ 1585.502405][T23681] device veth1_macvtap left promiscuous mode
[ 1585.508406][T23681] device veth0_vlan left promiscuous mode