last executing test programs:

814.852004ms ago: executing program 2:
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x8, 0xb}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000047000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a876d839240d29c035055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7e8dc34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bb44b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334583239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bf4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc508afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd360000000000000000ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c97a088a22e8b15c3e233db00002e30d46a0024d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c29c5c0ed5bcdf510c3c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ced92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f68fa8d7c2dfb28e1f05e46b0933c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d588afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda6900002a070886df42b27098773b45198b4a34ac97febd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d63521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07afef12ef060cd4403a099f32468f658000b4082d43e12186195cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea209b53b230ef0f2ab85cbdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bd3339403004b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab900000000000000000000d71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdbf24a0c5441ce046078492b53467cfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89cb349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb15f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c00c57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137df47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b558982016b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8b49e3d0168bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85a3009a5d30f479e293a3302e11350ea857b37e76ca3f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c8ffe0d508dcee3070e8b42ac38545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f98117919472b61b20026d7e646174b55d251f7f8ca5ccc22a5efb33b217eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4444e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24000000000000000000000000000000000000cd3211b3842b68a4eddca2eae28529e97a98d7ec3fd902df1ba8fc2ad2377e72d4e7aeacbbccef5614cd965511558f40720025c022bc9c213e407f6bc4b673c55aa8e729299a37fd6339acd906ac861ba56c9fa9b8b12b5e68a3cdadb906355e1f1d336a243172affe50d0fb36c3718a7498eed3d398f405a34d494414e87ef1ce1845510d43d00171d6b4b762f89564c22d542a119878709cd6822c3a3eb47a849b0737929fe9e1eecd1bff5a2b9880e2a6d8a3b3b7e88a673c96cda4455eff1c530db0e6598a2686aa09aeaf0f1aed95aeb8b0a2cc5ca31c0f56285cc05f7090a0e0583cf540d18cd8817e685c7b4ff176178ac1234f23e54445ec20b2689832d78409897a0307e89ebcd5f4ba042a3d10237a5a8a9a6eda36d2f337dc54537b80e8433341b135b4c5bb0173ffde46ccd260e1d4f2c51e8b07bb256f1317912cb1fc9e491e0bb9109e475cc795c23ad9f4f0042c5e9c655a4d865bc4a266e6a1d3d2b7ee53be9efb33a98933b5ba74ee3ac8d34b6af8c1fdbffade3abc80842b74354162f5b994ab5254cb068bc5e2ae242a1d37d0d49947c9317fa1a46c9e259ce0e1f9db992c53f7830a5e8f4fac6b187eb9f15ba61f730f86d7d7b63bbc7a1d9ff37e87a90a14e0655304da069f9009b62717649b6c6af94fcba713f8ee6fcce25aef44d009966614b61be9369ffc589a79051b0a0000000000000003ebd34c41afe268c33c9322c3a783772aec998f51a6e70fb932a8019e72ef5ab127bb30c79ebfd867441083546305fb39449c40a166ea389a6b77b7c87f66e8bf5806726b8fc50b943627314803a12c33312dce0a10f852da3e000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x7}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0x1c, 0x0, &(0x7f0000000480)="b9ff03076844268cb89e14f088a847", 0x0, 0xfe, 0x60000009, 0x0, 0x0, 0x0, 0x0}, 0x50)

738.467406ms ago: executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="5000000010003b0c00"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000300012800b00010065727370616e00002000028006000f0000000000040012000600f5ffffff0000060011"], 0x50}}, 0x0)

595.790068ms ago: executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x63}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

585.1702ms ago: executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r1 = syz_open_pts(r0, 0x0)
r2 = dup3(r1, r0, 0x0)
ioctl$TIOCSTI(r2, 0x5415, 0x0)

563.918453ms ago: executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
chdir(&(0x7f0000000000)='./file0\x00')
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)

552.732355ms ago: executing program 3:
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2a, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2c, &(0x7f00000004c0)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}, 0x108)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x6}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xd00}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x6}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {0x7, 0x1, 0xb, 0x4, 0x2}, {0x7, 0x0, 0x0, 0x6}, {0x4, 0x0, 0x7}, {0x18, 0x6, 0x2, 0x0, r6}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

552.426035ms ago: executing program 1:
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x4052, r2, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0)

538.515367ms ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x8, 0xb}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000540)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="b4080000000000e2e5fdd9a468944328cba80073114100000000008510000002000200b7000000000000009500c20000"], &(0x7f0000000080)='GPL\x00', 0x0, 0xc3, &(0x7f000000cf3d)=""/195}, 0x70)

512.163271ms ago: executing program 4:
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
mkdir(&(0x7f0000000140)='./file0\x00', 0x34)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
creat(&(0x7f00000003c0)='./bus\x00', 0x0)
r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14103e, 0x0)
r2 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
dup2(r2, 0xffffffffffffffff)
sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x10, 0x0, 0x0)
r3 = open(&(0x7f0000000100)='./bus\x00', 0x143042, 0x0)
mlockall(0x0)
ftruncate(r3, 0x2008002)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x11, r1, 0x0)
r4 = gettid()
ftruncate(0xffffffffffffffff, 0x0)
prlimit64(r4, 0x4, 0x0, &(0x7f00000001c0))
open(0x0, 0x0, 0x0)
process_vm_writev(r4, &(0x7f0000c22000)=[{&(0x7f000034afa4)=""/1, 0x1f80}], 0x2b, &(0x7f0000c22fa0)=[{&(0x7f0000000080)=""/1, 0x2034afa5}], 0x1, 0x0)

408.798877ms ago: executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2000000, &(0x7f00000001c0), 0x2, 0x52a, &(0x7f0000000540)="$eJzs3c1vI2cZAPBnnDjZ7AYSoIeC1A/RomwFtZOGthGHtkiIWyVQuS9R4kRRnDiKnbKJKpQVZ4SEEFTceuKCxB+AhHrjipAqwYUTAgSqYAuHHoBBY082OB1vbDa2Ufz7SW/mnS8/z+t4xvPxJhPAxHo6Il6LiKmIeC4iFvLppbzEaadky31w/62NrCSRpm/8NYkkn5YtluQlcytf7UZnUKh5fLK7Xq/XDvPxamvvoNo8Pnl+Z299u7Zd219dXXlp7eW1F9eWC9aeHridWbte+cqffvi9n3z1lV984Vu/v/OX29/O8p3P55+146p13pNy9l48kGV/OIxgYzCVt6c87kQAAOhLdoz/yYj4bPv4fyGmBji2ToaaGQAAAHBV0lfn459JRAoAAABcW6V2H9ikVMn7AsxHqVSpdPrwPhY3S/VGs/X5rcbR/manr+xilEtbO/Xa8kynT+1ilJNsfKVdPx9/4cF40tUH+AcLc+35lY1GfXN8lz0AAABgoty6cP7/j4XO+f9D3BtZcgAAAMDVWRx3AgAAAMDQffT8/52x5AEAAAAMj/v/AAAAcK197fXXs5KePf96883jo93Gm7+MWnO3sne0UdloHB5UthuN7Xo6G7F32evVG42DL8b+0d1qq9ZsVZvHJ3f2Gkf7rTs7XY/ABgAAAEboE0+9+9skIk6/NNcumZnsx1SPFTp9BUqjyxAYloE25D8OLw9g9Hp9zX/U9FDzAEbPVg2Tq9wZJOPOAxify3YAPTvv/OrqcwEAAIZj6dPF9/+nz68NANeUjjwwufq//w9cN+7/w+QqOwKAiTbXxzIX7v+fdxfo+/5/mnaGM/4RCAAAjMl8uySlSn4vcD5KH6YdsRjlZGunXluOiI9HxG8WyrPZ+Ep7zcQfDQAAAAAAAAAAAAAAAAAAAAAAAABAn9I0iRQAAAC41iJKf07yB3otLTw7f/H6wEzy4UJ72H46wBs/urveah2uZNP/lk+PaL2dT39hkCsPnjwOAAAAw9I+T/9uPlwZdzYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXDcf3H9r46yMMu77X46IxaL403GjPbwR5Yi4+fckps9WeioiiYipK4h/ei8iHi+Kn2RpxWKeRVf8iChFxFw7i6HHfyJN08L4tx45Oky2d7P9z2tF218pnm4Pi7f/6bw8qt77v9KD/d9UQfxsz/OxPmN85r2fVYvnzHbmTxfvf87iJz3iP1P0kgVvyje/cXLSK7f0nYilwu+fpCtWtbV3UG0enzy/s7e+Xduu7a+urry09vLai2vL1a2dei3/WRjj+0/8/N+94r9/L+Jmj/iL3e1fv9j+Z7NKudcrn/vXe3fvf6pTLV94iXb8288U//4f747f9dZmn4nP5d8D2fyls/ppp/7fnvzpr598WPs3e7T/st//7cub3vbc17/zhz4XBQBGoHl8srter9cOB6/MDbbW22ma/s+xBqxkR0c9Zv3ux52GjyKN/iqP9Ur1/7ny6iALp7OP/GFT6a6Uen/Cr6gy1t0SAAAwBOcH/ePOBAAAAAAAAAAAAAAAAAAAACbXKP5j2cWYp+NpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAQ/0nAAD//+Eg1f4=")
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0/file0\x00', 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = open(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
syz_usb_connect(0x0, 0x45, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100001c2097088680030b28f4010203010902"], 0x0)
getdents(r0, &(0x7f0000000180)=""/98, 0xba)

72.69533ms ago: executing program 4:
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
r4 = openat$cgroup_pressure(r3, &(0x7f0000000240)='io.pressure\x00', 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r5, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r5, &(0x7f00000015c0)="a6", 0x1, 0x0, 0x0, 0x0)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f00000004c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x6, [@volatile={0x0, 0x0, 0x0, 0x9, 0x2}, @fwd={0x4}, @restrict={0x0, 0x0, 0x0, 0xb, 0x1}]}, {0x0, [0x0, 0x0, 0x0, 0x5f]}}, &(0x7f0000000540)=""/246, 0x42, 0xf6, 0x1}, 0x20)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b00)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r6, 0x3, 0x1}, 0x48)
write$cgroup_pressure(r4, &(0x7f0000000000)={'some', 0x20, 0x0, 0x20, 0x10000}, 0x2f)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup3(r5, r7, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)

0s ago: executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x6}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r3}, 0x10)
write$cgroup_pid(r1, &(0x7f0000000980), 0x12)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.68' (ED25519) to the list of known hosts.
2024/06/16 05:05:31 fuzzer started
2024/06/16 05:05:32 dialing manager at 10.128.0.163:30000
[   22.723459][   T23] audit: type=1400 audit(1718514332.080:66): avc:  denied  { node_bind } for  pid=345 comm="syz-fuzzer" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   22.743889][   T23] audit: type=1400 audit(1718514332.080:67): avc:  denied  { name_bind } for  pid=345 comm="syz-fuzzer" src=6060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   22.797493][   T23] audit: type=1400 audit(1718514332.150:68): avc:  denied  { mounton } for  pid=353 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   22.799527][  T353] cgroup1: Unknown subsys name 'net'
[   22.828921][  T353] cgroup1: Unknown subsys name 'net_prio'
[   22.837907][   T23] audit: type=1400 audit(1718514332.150:69): avc:  denied  { mount } for  pid=353 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   22.845706][  T353] cgroup1: Unknown subsys name 'devices'
[   22.874470][   T23] audit: type=1400 audit(1718514332.190:70): avc:  denied  { mounton } for  pid=356 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   22.899200][   T23] audit: type=1400 audit(1718514332.190:71): avc:  denied  { mount } for  pid=356 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   22.908044][  T360] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   22.922406][   T23] audit: type=1400 audit(1718514332.230:72): avc:  denied  { unmount } for  pid=353 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   22.951277][   T23] audit: type=1400 audit(1718514332.230:73): avc:  denied  { setattr } for  pid=359 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=9261 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   22.974318][   T23] audit: type=1400 audit(1718514332.290:74): avc:  denied  { relabelto } for  pid=360 comm="mkswap" name="swap-file" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   22.999529][  T355] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   23.008052][   T23] audit: type=1400 audit(1718514332.290:75): avc:  denied  { write } for  pid=360 comm="mkswap" path="/root/swap-file" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   23.043446][  T353] cgroup1: Unknown subsys name 'hugetlb'
[   23.049403][  T353] cgroup1: Unknown subsys name 'rlimit'
2024/06/16 05:05:32 starting 5 executor processes
[   23.685433][  T370] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.692298][  T370] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.699714][  T370] device bridge_slave_0 entered promiscuous mode
[   23.709255][  T370] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.716130][  T370] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.723556][  T370] device bridge_slave_1 entered promiscuous mode
[   23.797312][  T372] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.804496][  T372] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.811971][  T372] device bridge_slave_0 entered promiscuous mode
[   23.832244][  T372] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.839081][  T372] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.846624][  T372] device bridge_slave_1 entered promiscuous mode
[   23.899689][  T374] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.906649][  T374] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.914072][  T374] device bridge_slave_0 entered promiscuous mode
[   23.924512][  T374] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.931364][  T374] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.938771][  T374] device bridge_slave_1 entered promiscuous mode
[   23.945915][  T373] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.952775][  T373] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.960126][  T373] device bridge_slave_0 entered promiscuous mode
[   23.972989][  T373] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.979821][  T373] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.987327][  T373] device bridge_slave_1 entered promiscuous mode
[   24.053859][  T375] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.060817][  T375] bridge0: port 1(bridge_slave_0) entered disabled state
[   24.068009][  T375] device bridge_slave_0 entered promiscuous mode
[   24.075086][  T375] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.082124][  T375] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.089513][  T375] device bridge_slave_1 entered promiscuous mode
[   24.236385][  T372] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.243247][  T372] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.250506][  T372] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.257325][  T372] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.269371][  T374] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.276236][  T374] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.283356][  T374] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.290090][  T374] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.310123][  T370] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.316983][  T370] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.324107][  T370] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.330893][  T370] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.376947][  T373] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.383807][  T373] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.390930][  T373] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.397855][  T373] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.434428][  T375] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.441291][  T375] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.448417][  T375] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.455183][  T375] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.481022][  T107] bridge0: port 1(bridge_slave_0) entered disabled state
[   24.488006][  T107] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.495719][  T107] bridge0: port 1(bridge_slave_0) entered disabled state
[   24.503592][  T107] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.510835][  T107] bridge0: port 1(bridge_slave_0) entered disabled state
[   24.517831][  T107] bridge0: port 1(bridge_slave_0) entered disabled state
[   24.525269][  T107] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.532282][  T107] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.539401][  T107] bridge0: port 1(bridge_slave_0) entered disabled state
[   24.546572][  T107] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.554227][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   24.561757][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   24.593369][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   24.601655][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   24.609452][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   24.618206][  T124] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.625057][  T124] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.632906][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   24.640249][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   24.648281][  T124] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.655140][  T124] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.675084][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   24.683514][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   24.691800][  T124] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.698618][  T124] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.706253][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   24.714445][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   24.722538][  T124] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.729354][  T124] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.751031][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   24.759272][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   24.767942][  T107] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.774887][  T107] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.782033][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   24.790121][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   24.798184][  T107] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.805016][  T107] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.812357][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   24.820529][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   24.828467][  T107] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.835480][  T107] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.842810][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   24.850740][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   24.858470][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   24.866427][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   24.874167][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   24.881589][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   24.904376][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   24.912852][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   24.921326][  T394] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.928142][  T394] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.936196][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   24.944409][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   24.952276][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   24.960138][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   24.967976][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   24.975854][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   24.988903][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   24.997456][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   25.005972][  T124] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.012817][  T124] bridge0: port 1(bridge_slave_0) entered forwarding state
[   25.020335][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   25.028755][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   25.037789][  T124] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.044638][  T124] bridge0: port 2(bridge_slave_1) entered forwarding state
[   25.062039][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   25.070001][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   25.090907][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   25.099104][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   25.106938][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   25.133746][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   25.143122][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   25.151590][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   25.159433][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   25.167734][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   25.175671][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   25.195062][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   25.203892][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   25.220600][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   25.243613][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   25.252767][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   25.261535][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   25.269660][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   25.278250][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   25.286528][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   25.294395][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   25.302294][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   25.309949][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   25.342925][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   25.351595][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   25.359258][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   25.367884][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   25.376337][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   25.384792][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   25.393940][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   25.402630][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   25.411277][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   25.440978][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   25.449012][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   25.457376][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   25.466878][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   25.475627][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   25.483938][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   25.492139][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   25.500458][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   25.508390][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   25.533967][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   25.543463][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   25.571141][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   25.572033][  T398] 
[   25.579477][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   25.581316][  T398] **********************************************************
[   25.581319][  T398] **   NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE   **
[   25.581322][  T398] **                                                      **
[   25.581326][  T398] ** trace_printk() being used. Allocating extra memory.  **
[   25.581329][  T398] **                                                      **
[   25.581332][  T398] ** This means that this is a DEBUG kernel and it is     **
[   25.581335][  T398] ** unsafe for production use.                           **
[   25.581338][  T398] **                                                      **
[   25.581342][  T398] ** If you see this message and you are not debugging    **
[   25.581345][  T398] ** the kernel, report this immediately to your vendor!  **
[   25.581348][  T398] **                                                      **
[   25.581351][  T398] **   NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE   **
[   25.581354][  T398] **********************************************************
[   25.684801][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   25.693066][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   25.701117][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   25.709230][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   25.717533][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   25.725787][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   25.734136][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   25.868969][  T408] EXT4-fs (loop0): Ignoring removed orlov option
[   25.888634][  T408] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[   25.964145][  T408] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,errors=continue,noauto_da_alloc,nomblk_io_submit,,errors=continue
[   26.139416][  T428] EXT4-fs error (device loop1): ext4_ext_check_inode:540: inode #15: comm syz-executor.1: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[   26.242379][  T408] EXT4-fs error (device loop0): get_max_inline_xattr_value_size:68: inode #12: comm syz-executor.0: corrupt xattr in inline inode
[   26.259564][  T428] EXT4-fs error (device loop1): ext4_orphan_get:1240: comm syz-executor.1: couldn't read orphan inode 15 (err -117)
[   26.281099][  T428] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   26.311071][  T408] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2221: inode #12: comm syz-executor.0: corrupted in-inode xattr
[   26.322705][  T428] ext4 filesystem being mounted at /root/syzkaller-testdir1123191696/syzkaller.ewJokT/1/file0 supports timestamps until 2038 (0x7fffffff)
[   26.356406][  T373] ==================================================================
[   26.364325][  T373] BUG: KASAN: use-after-free in ext4_xattr_delete_inode+0xc1f/0xc30
[   26.372109][  T373] Read of size 4 at addr ffff8881d42ba000 by task syz-executor.0/373
[   26.380001][  T373] 
[   26.382186][  T373] CPU: 0 PID: 373 Comm: syz-executor.0 Not tainted 5.4.274-syzkaller-00002-g6f97bd951d82 #0
[   26.392068][  T373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   26.401963][  T373] Call Trace:
[   26.405109][  T373]  dump_stack+0x1d8/0x241
[   26.409265][  T373]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[   26.414901][  T373]  ? printk+0xd1/0x111
[   26.418806][  T373]  ? ext4_xattr_delete_inode+0xc1f/0xc30
[   26.424281][  T373]  print_address_description+0x8c/0x600
[   26.429660][  T373]  ? ext4_xattr_delete_inode+0xc1f/0xc30
[   26.435125][  T373]  __kasan_report+0xf3/0x120
[   26.439556][  T373]  ? ext4_xattr_delete_inode+0xc1f/0xc30
[   26.445039][  T373]  kasan_report+0x30/0x60
[   26.449190][  T373]  ext4_xattr_delete_inode+0xc1f/0xc30
[   26.454489][  T373]  ? check_preemption_disabled+0x9f/0x320
[   26.457268][  T428] overlayfs: upper fs needs to support d_type.
[   26.460040][  T373]  ? ext4_expand_extra_isize_ea+0x1bb0/0x1bb0
[   26.460059][  T373]  ? __ext4_journal_start_sb+0x295/0x460
[   26.475304][  T408] syz-executor.0 (408) used greatest stack depth: 21688 bytes left
[   26.477395][  T373]  ext4_evict_inode+0x1378/0x1ac0
[   26.477419][  T373]  ? ext4_truncate_restart_trans+0xe0/0xe0
[   26.495619][  T373]  ? wb_io_lists_depopulated+0x85/0x170
[   26.500996][  T373]  ? ext4_truncate_restart_trans+0xe0/0xe0
[   26.506633][  T373]  evict+0x29b/0x6a0
[   26.510370][  T373]  vfs_rmdir+0x24b/0x3c0
[   26.514448][  T373]  do_rmdir+0x2c1/0x580
[   26.518464][  T373]  ? d_delete_notify+0xc0/0xc0
[   26.523138][  T373]  ? _raw_spin_unlock_irq+0x4a/0x60
[   26.528256][  T373]  do_syscall_64+0xca/0x1c0
[   26.532587][  T373]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   26.538331][  T373] RIP: 0033:0x7f506235a687
[   26.543010][  T373] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   26.562442][  T373] RSP: 002b:00007ffee1e11078 EFLAGS: 00000207 ORIG_RAX: 0000000000000107
[   26.570686][  T373] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007f506235a687
[   26.578492][  T373] RDX: 0000000000000200 RSI: 00007ffee1e12220 RDI: 00000000ffffff9c
[   26.586305][  T373] RBP: 00007f50623b7636 R08: 0000000000000000 R09: 0000000000000000
[   26.594212][  T373] R10: 0000000000000100 R11: 0000000000000207 R12: 00007ffee1e12220
[   26.602017][  T373] R13: 00007f50623b7636 R14: 00000000000064ab R15: 0000000000000008
[   26.609826][  T373] 
[   26.611991][  T373] Allocated by task 1:
[   26.615914][  T373]  __kasan_kmalloc+0x171/0x210
[   26.620511][  T373]  kmem_cache_alloc+0xd9/0x250
[   26.625103][  T373]  prepare_creds+0x2c/0x580
[   26.629442][  T373]  do_faccessat+0xa7/0x6f0
[   26.633696][  T373]  do_syscall_64+0xca/0x1c0
[   26.638038][  T373]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   26.643762][  T373] 
[   26.645936][  T373] Freed by task 1:
[   26.649503][  T373]  __kasan_slab_free+0x1b5/0x270
[   26.654277][  T373]  kmem_cache_free+0x10b/0x2c0
[   26.658873][  T373]  do_faccessat+0x52f/0x6f0
[   26.663208][  T373]  do_syscall_64+0xca/0x1c0
[   26.667559][  T373]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   26.673267][  T373] 
[   26.675444][  T373] The buggy address belongs to the object at ffff8881d42ba000
[   26.675444][  T373]  which belongs to the cache cred_jar of size 168
[   26.689199][  T373] The buggy address is located 0 bytes inside of
[   26.689199][  T373]  168-byte region [ffff8881d42ba000, ffff8881d42ba0a8)
[   26.702129][  T373] The buggy address belongs to the page:
[   26.707617][  T373] page:ffffea000750ae80 refcount:1 mapcount:0 mapping:ffff8881f5cf9400 index:0x0
[   26.716540][  T373] flags: 0x8000000000000200(slab)
[   26.721409][  T373] raw: 8000000000000200 dead000000000100 dead000000000122 ffff8881f5cf9400
[   26.729820][  T373] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[   26.738235][  T373] page dumped because: kasan: bad access detected
[   26.740523][  T124] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   26.744496][  T373] page_owner tracks the page as allocated
[   26.744507][  T373] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY)
[   26.744531][  T373]  prep_new_page+0x18f/0x370
[   26.773485][  T373]  get_page_from_freelist+0x2d13/0x2d90
[   26.778863][  T373]  __alloc_pages_nodemask+0x393/0x840
[   26.784080][  T373]  alloc_slab_page+0x39/0x3c0
[   26.788578][  T373]  new_slab+0x97/0x440
[   26.792504][  T373]  ___slab_alloc+0x2fe/0x490
[   26.796912][  T373]  __slab_alloc+0x62/0xa0
[   26.801082][  T373]  kmem_cache_alloc+0x109/0x250
[   26.805761][  T373]  prepare_creds+0x2c/0x580
[   26.810120][  T373]  selinux_setprocattr+0x2e5/0xc20
[   26.815048][  T373]  proc_pid_attr_write+0x2a6/0x2f0
[   26.819994][  T373]  __vfs_write+0x103/0x750
[   26.824248][  T373]  vfs_write+0x206/0x4e0
[   26.828327][  T373]  ksys_write+0x199/0x2c0
[   26.832493][  T373]  do_syscall_64+0xca/0x1c0
[   26.836833][  T373]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   26.842564][  T373] page last free stack trace:
[   26.847097][  T373]  __free_pages_ok+0x847/0x950
[   26.851685][  T373]  free_pages+0xf6/0x1b0
[   26.855754][  T373]  stack_depot_save+0x42b/0x480
[   26.860442][  T373]  __kasan_kmalloc+0x1d9/0x210
[   26.865041][  T373]  kmem_cache_alloc+0xd9/0x250
[   26.869639][  T373]  __kernfs_new_node+0xdb/0x6e0
[   26.874327][  T373]  kernfs_new_node+0x130/0x230
[   26.878931][  T373]  __kernfs_create_file+0x45/0x260
[   26.883874][  T373]  sysfs_add_file_mode_ns+0x292/0x340
[   26.889085][  T373]  internal_create_group+0x573/0xf00
[   26.894203][  T373]  loop_configure+0xbfa/0x1270
[   26.898801][  T373]  lo_ioctl+0x7d6/0x22e0
[   26.902878][  T373]  blkdev_ioctl+0x8f6/0x2cf0
[   26.907321][  T373]  block_ioctl+0xaa/0xe0
[   26.911386][  T373]  do_vfs_ioctl+0x742/0x1720
[   26.915814][  T373]  __x64_sys_ioctl+0xd4/0x110
[   26.920326][  T373] 
[   26.922491][  T373] Memory state around the buggy address:
[   26.927965][  T373]  ffff8881d42b9f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   26.935865][  T373]  ffff8881d42b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   26.940299][  T363] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   26.943768][  T373] >ffff8881d42ba000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   26.958946][  T373]                    ^
[   26.962863][  T373]  ffff8881d42ba080: fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc
[   26.970754][  T373]  ffff8881d42ba100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   26.978758][  T373] ==================================================================
[   26.986653][  T373] Disabling lock debugging due to kernel taint
[   27.009672][  T124] usb 2-1: Using ep0 maxpacket: 8
2024/06/16 05:05:36 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF