last executing test programs:

4.127442425s ago: executing program 4 (id=1025):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r3}, &(0x7f0000000380), &(0x7f00000003c0)=r4}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x802, 0x0)
write$uinput_user_dev(r6, &(0x7f0000000200)={'syz0\x00'}, 0x45c)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$UI_DEV_CREATE(r6, 0x5501)
ioctl$UI_DEV_DESTROY(r6, 0x5502)

4.036300382s ago: executing program 0 (id=1026):
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x3b, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESOCT=r1, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
rename(&(0x7f0000000280)='./file0/../file0/file0/file0\x00', 0x0)
mount$fuse(0x0, &(0x7f0000000300)='./file0/../file0/file0\x00', 0x0, 0x0, 0x0)
read$FUSE(r1, &(0x7f000000e280)={0x2020, 0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000180)={0x50, 0x0, r2}, 0x50)
syz_fuse_handle_req(r1, 0x0, 0x0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x90, 0x0, 0x0, {0x4, 0x1, 0x0, 0x6, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x10000000000, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0xf}}}, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r1, &(0x7f0000004140)="c98bb9a2a79e72fbca051478fe6e24cbeab04e730a86fef02db30a01d33d07efbac36f4e0e786aa540e01cc4ec64adbac57f750e7b0b749206bb7fc70de5cbcd7bf78bdb59c1095a03ef60a8d22a4e0dcea0aa96c523a2c7f666f1ac51acec733c589f2ab3ca2c8e129a652d7ec8ce120c530ca4fad46123b30cb061fb9998ff71ed9844b1f49f8b8e30e887ecd82a0f44450a325720e5b5065ae543bad2cef4486d5759515a29f048b21b3c78e9a95913a9df61bc854512fc21a6d0376742532ad21cf3b18c7f70b25345a81ede616baf89824f817fb808ea9ca55ac0ecdb91687f27177bbf1f1cdb2321efa1366e8287587ec7f39237537c625c813feae6cffdcb4c829e5ac0bda5c1b746edeb78bc7e1c198ae04f319f0fe41f24c7cbc7c0e3278a349bbf7c804dd729114792d4f81f19f49b2c018e49f43e72eaf5fd4c0ae32f73c0106c2b202152cdb28b21cf2132c6f9c7c583114d7790d397177165952670ccbfc0f4eff26391e8f4faca3536a070470e76d26625a6ec4df17b0fb0923fc31dfc1606f6a9cadaf4718d681d2351ddd138df20ff419c67f684d0d13792c78bfa348e5d76f00503124114034f41283e15ddbe79d5f4e200d5f28ada106334eca95a37fa843aa23236ef3d8aff07df194e8c4396561132379a60c449c5f1b400d2709d5c5f1ee1542790d5843e35f11be0ca4e7caa32c8329320069daea18ab51fad9ae4080d79671d73242278044391b9187eb0c05bbfef7d51bf64275f64ce780b25b509741c695f9e396234e3a67bc6988f05f6ad547371709e50b599179f7fc3def57115b58be578feb01612126bf5d1f08091743b76cd9cac032998adeb68a066387edb528b08d2063c3c504574e3d64ebee51da66e92bc3201baf0fa10bf5686e077a606c2b03a5529c97612b5d299078b99fc644aa101565836991bdcb92afae97b0330fc10c9af1edf05337221c05731246d57f7b063ee01778b99c768c8a8eb07e88f472d53bb59ec1db64191a32e981d384653943289d58970f4785d0081e321e5411bbe8738ee580a36be332a9082126579c797e162a37987a348743225786cf2e4e46f0c0ab0f7c14a6a16dc33e0f7042f203855db6776a3d760846ba5fd2173af04989b2f21cfd7e9e61df98adebef311c1c31f8b14f49c63ce924258af21d2d1766313a60dd23cf1966772551649ed78110d2462e47f14de5eed932bb03d3635f3bcbb8824bfa8b5c77649f097d78ec071b0d09dcdfc2078d0a97f96cb3e32f4cf80da4e07fad909eeabeb5715296ce578ada637a133ada68676e30632acba4f32fd2d23267a685f14a47fad0b36f2940494283a15b30576ff31e2b4472388fe3fecaa2e243818fce1d5de9a0e10aed4dc38a8636bec2ce0d43da7aa2541e8123bc4229ba6f9db4ec6b03c208125be4c389f8e587081209531f3c187077318698b08ace5b1e5a1c5b82633abfb6c4ef2bad7f9e61a142caef3c44dd6b81a9937650f75dfdb6f56bc26edc801fb0f53aa49655ce5f51283d8bb56ba56e9fc9f48395299a4ca4ae5b74398e1be02e2ea0565976ab155ae5df2114301565e23c25595853247dae9c2a598776c44ec0cfc26b3447c20b08424762dd29bfff90cf3f71f0fe933d1b1a29c3f6839858c7993a666401e2a03a1117988b28ae1c82adef8caf1ab564eb445199b57666397a7e7301ccfa9304dbf2854c8b50ab72ce6887e9cd69a647766f87a59d580a19964c9f691fb1eabe8143228bb375cbf12b5167085168ed22de2fee1b26d44324321a632b43d1b7bd13f15b807f1ab259b8456ba5d014fad3876b492b7f14af2ac75cb0f19eef7ad5c3d7f692d81ce1eb3e3fb96200d9253d338cb6d4097f3e6f4f061edcc98994b694b64ce1a266eac23e0506e68d09e4a3d0049420be6e73d684f7566e01bb43c1d51ed2e2c76be592bf4c6cf7471a21ba817f8c708ed76e14d6352e28deb6199bd7ec1232a041c6a655fbc01be4f749def876e0a94275c79bded1eb5bb3f9bfe286e14702e81c0e8a65f4b0a0a7ae62cfd4093a7e0fb07a02ab6a2f005ef538fd56392a3072f8317a1cedcdaecd857cef0f574efca11a6a28fbaa6fa2f6d74676197dec824d96b4ce0cc5999766b4926a6c21e21d4a78f71e87e9a8f1e2c4e3005da888457957377defd70d82fe26041f5399f295d869eb65c8e185a4f853c64603decb3c499a6921534730afbc41c1be57539603f0c1bdc2f61b8d7cfc971fe3fff189faae8411928dc039cb1ee33404544992a7f5646efd1e12d890ef7290ecc5e957a35cc6defb180b8006f8c016621bf17a6546022b9c579e781a66e57bc30d4c5ec8c56c42efce79bb8f203cb3c08133be710f2061879b90905671b346aaf735f2a614e7e46755d35570754e365490e2658090f40c2cb9164b0a1742b3bda5a32a4ebe25166c4ec0b387538362e7998092b1b737370239ef58f1f68f80753146ca2c166119fae83b2c60a19a1461903341d315d5ef8c57473bfd995964dc7b73ca7d35e88589cc7766480c9829ce44af423dcbef90b1ec62d8da8d812ad001e8e67df683dcb9de40db531e9eab3ca59b84689453b40f7df2b04051a6f052f179df5989bcb2e9245d23dee5d9b9ee03ee1ca0cef1b843acf0eb8dacd69047f5afda11b2a7ce274279c8b8a5da4618580f14d6c80bf1a647c90d2ef66395da4a0284427227ed59cc010088f39c12af4fb420683803db81f5ed467508b4e34886ce1550d7e9e29f9c92872d50566726af8b66b10498ce695ebc41573bc9100b6373c53cec7696bb79260d8214390d453d3223b9261c49fca17cf9923d7d1f3ac3abb332f37ddd9d0e09fb4df9305e88fc11f00ca1ddfce8dcc386e05a517c9b42d74629ff2460557107e7d39c0c1938e5b5f1da2dbffb30e3eb77c53d459580077eefb5260d59ad9fba11a66ffa703a3750d5979850acd8644de3c23a5514b4ba922dc20f5911b0d5078a1704f4016c84e39719c280db3ad2cd5f0693c8da07969c239608067fa82aba83d9a3a0f5f3e1f845a27bae1d8708d82eb10c7c205c07234b6e71312d54e878b960c821fd2dd01685143ffad375598dfd10038002a0d9aeceec499669523fb865683cb9379229761ac546e700a26523769ff1432d00073eb387e393d674eeb33a17422b3c0cedd91b3f0802ee59f1307467900c0a919bfaf92578fc18765cfc29cee13da07e821cc26354f5793d9e507cf13fdb55befeb814f4863552cc22440c3e80a61d7db867d72dfb41196bcc020f265fc9beec0004afff442c4a01a772db48a02d2f109a2096ec6d0f938cf8bc0835e07fa180f17cebf8a25b950380be955c4eb6a4f7fc6543a7eee578f800f5137069d08cd04f50cd02580aa7b249156baecd972eb6d8d9ff7598b85c0b0395016ade7107dcc8663c265857fbd7e42b3d4fb7a8c5f58b8befb22530ab47add8ca50611b23770d39a041c7291f30a92873d6c9f193f0bd8a7dc0949d435a3dbd554bf884bee76c3b28b2836e297a7b2dd940e6199b3c14ddf6bf7989eb9f721da9adbd2c754e91304b431c61deff5a7a24107a4f5bbeb1f422fcf10af1f5bcd204deb239c47e93d2f4ac55f4920bb4cbb0c358567ae115bfbcbdb2ff940f0d897fd54e9c198142e5445dc4a6ca4f794e26382394f6f11fc93acc4930cdb6fb39b04867eae0dad3cd2414ca0a1d9d8836a54894697bc3710e1ec9f58b28588a7108e6d8ea098c3e26646818345680dfd4812f89a2b632d2197e8d0d88fe932a1e52a1345d9e9d968e000ccf3658162ca9f50beb08b858a26ffe9cc320bc49cba66582647c5358234d9b38d3e605a2c1c4ddce61dd90070e26fc211d01fbec9fbfcc4cb0c1882014438284303cc80dee1760f631fc66a72d0eb6c6d01a7701a92c2a45613000ce87734f37ecce7774083b8e71dfba4a455516447b4dffe7288d578a37908ce0256d70d07c936a5d21ae223a3197f9cbede4ae983b9356a7073f2b6ba2068556721fd9379041897472c237a0c2007aa8f75a6e145c60a2f0cb7ffda5b6443e2682ec08eea3c851a72aa31508a186185962e79620791a3337abfdf527e513ea287a7b95f2a50f58575aac96af999ce667b1e415545fb931a02282eefad0e9489ec6478218b2a9478aa6060566f2ce636e28ce3d7a6d0c62c340c224efe58b8c99b9d59e6890e858244cf85102a44909645fcd66f57a1e4cde0697e53547aefeadef57db39543bc4b444f1fb5e99d3df8860fa13b91b3c9c47cba2ef823f7739d93f1d59251f2ecbe25b2cd67be1fe37359c5a673564688806154cd28bff8cf321578ef5580b945d208050f13e4429247dadbfeb417519d6b48aeef36e32c656d138191d612b99bcd11225187c41cba1b17b401698a12a3d28f6807be56dee75b93a27a5a120ce4fa25b45a41e2ff5affcd8771ef5efaeba4763fca7f3cadb4a96fd45dc42767dac4efc77aec8803b9edb4e2a3843a5a4936754d42c6bfe35a677aa972873190683712960a9172e75d039ae8f724e51f3770e85efb65dceedbf3e41f5e25244771a004b77777d745ef7401ab7f4586e2c10b0bece0137db9e5285a27621cf0dbe74ddbdeb2904beea55318ff8d65836dd2a57ee5354ac92e7727d2efefa10885184a2647597fb6d482f928baf0be5f83feb05be019268d05e419f58e9e590094a7e3ad7da2aa0fdcd2cfa2f7e7b26750d9049c0402d3def15b15491e1326f71a1d1e4a2a24ff9902f2d0e0e36cfd4314610be7a4e5f6ded81cc6048ee9f4e857f91a131220eedb51838cb1e406c20ef20a5783fb2cfdbaebce5d56a59579b994a0bebf58626e98bc4a7387b9bee07d5dd14a38e27d350cf159200fb2761d8953f1906298c74ee6c78deadd208bb84d3bc074ef127166f6b6c9c6315a76e2606a3aa91b19ae867e3e7372225d8266b6c87aec5fe40af5c816e7771cba0ba9957b6736b6d556daac4c1f60479c7ca81783f6e97509ce609ee07891b79020199018e67c05de3ba577af655ab3b5c79672cfb14c57499558d76f9e1e9681a07acde5064380e0f0446b1e9c2a15cbfdf5fae562884c2bd1f724fec6b0c520aa7df5239c1d54bcbaeb711be9e224eb5aa5dac0df99d8782248f70d9f86c1b576bef030d386beb50ca315c14b768baa013f3b70d85b6fe13bdfe7aa839804a139877c54c5135c920e11404d33a8385559acca5600e96cae8f459bfe295df4198fd19a192ae26c8a694151c70d70d5101b002f2c2580f969571d2cce22218d577b9ec43136e6284953546650b5974da34ad5dd4b0fb1e8e699eb3333e7e3477f21aacd908c69b4d9d092f881039c59c03f4503dfb1dc84f89c16be07b39a0aba23ad387fbb0980809b4147fce3127aaeb40638c889ceda0144189352a3497912daebdde46fb603cec06d9dc6e49fc916c7265c8ef0122f60f46dfd5047f75178e8eed1e2323e67ffbb1de6ca51dfb052862eebc8c81a038906831ae942bbd1148c632af20a06e032f7d91d7a07c740b174d641eee12e66d8db9aa9fadb4004290302d4e35485d9118b4abbb97a2690ec53a1d8555861185f66ec039c627dc74b7b51c7e7754a1391ae29488dce09416116d3e5fb2511865181471a6e8d11febe050358294738931a58326faf5ad405941a8a90cf88b9e155470e4034ad0c3de21c03697d09ce094b5532a77ea66f9c05609f079edac54b310fdd8452a2134ecfddc899f57014754b4783dd4cf190bb957271e9f9f4aa1bf1e792f711c2156cf09015707371a4e88987c25707c5c5a7fc7891b358d1ce9b0ec38983853d0059d5bf5da2c4c5a7e8863ba0b91cb18e94ce20ff72c7cba848355f5afd5e5c086fd16c1647d145cef93f2e7e337f43f67198abff32dc3e624f768ace48bb989e49e02b42bb4831610f561c47b84624f00c011ffee7376ca0b0aa09b048826a40463a6949c47473ac1d524bd808ec7e876822f15512a6814dc335daa536e7148fbfb8200603b882e4c693f5960965e419bb00fe41743084b619cefa3fddf2485e753f1b96de55e3e54cef66885c73dde661978fe65a6966767c9991f030d1dc9b882cd6fbb83181474fb57360a591c2782369d00df5be76697dcc697351006d7fe8363437a220df1cf36f464de3ada90fb8b6c56d607f245a8a8175bbf63fea0c45c8a6462140c285a86ca0bc0b872297c0981bc33c53a0499f849cf9a86db6bb48b87b597f2dd04b29e376a757e070d6b724d7a4ded0a01fd03e58c2d1d7c9bd084c8388e3a193423010e328952c5a62b4100788d1ac5b61c203c31997003d7669f4eff0e01a75d3a06cc7ef7b9a621a93cc6954118d8f7736245665c24ba84f9bf5851c481cac617fbb0ff71f3eaf5441348e61f5e4e7e8bca22d9e91e4a6e843bf02d324c8b55ec8a519b6f95818d84ac9e0f4ec36b7fb44b3db6924bef1a431dde856cecfb479072bc2d97efedb1dfd9fffbcf6dd430899d0fd8dcf33a2c137296d28373cf70984d6ffd823abd4721303c0c4072bd9c0723b7e868290b9e6f2d5b92feb6a4d2ea5dfb31c3a9cae8611a567ade5fc050eb7b74a240ead9a70679e61b4b8ac671695e70879459afd7151bb29655274d7ec3d10766eb919f5dcc648394717507588a95800b0c9969c70b981dd37e1b5702f50f49a67aed32db437746da94c965344e7fda47d36488fd24489f462b8abc2bd08ffc7c54dd7a2d1ebffe3b126565b89b764a289e505411ae846f5b8f9877ffcd70a8a57b3b7dcf8356d774aaa2746f63fd8e9e5e4b6d5b2ea62bdea0a90696608d156623863985f13b312a56960e3d5cd908ce456a2465ac72232fafd4f1c779b8e6707f3b34c5dc1356ae159bcf311d77e15dccb6c094ab12e999e1aea1026afd8c3dafa5f761a7e82bc139951e1cac736d0e3ed163837b3e8a120df674355c32a17efb6d126beda38ac57722f16e5e2ff5a5979b219e6a886f3cb853291cb5c835d591b6229ae938cb59ac73caaff0a1e13f6efb4a3e1385fc8fe77a33a189cf1b1a5eed06bee4d5237aafdede0f3c883f64ceaed04d88ac0e3738f89f7eba17fa71ea5bdad5af6c2a3c281c6762cc70f277361aec24a666ccfd95a8cc9af0dbb331f840e1990083cf648f7068808f903f281e6222d3ea6da539d047f6309d2d0c0d1fc9b7e2b2b7d082432f8d819f923f54e2ffff2e1504c3f7b17a9b19c32bed9ef376fe6d0d0647f9be85c617eacc82cf9ec9a9c901cc4088fa90e1abbb6f1340e34e4445313922286d5d1e655da8b42e799eb04a8f766d88ae24dcbe9f589104ee2c83335d6b3a498fd236fdd26c1b8e72258925de84861e3946a389bbce2d87e044d242ce9684afaf75ff20306db09dfead4481c844dbba005146a50dfbe3b4d939d3bb587a00daefb7db1f1cfe616c0528941d28cae06f057650475dad0fd3be6e85f5693b32636e8677634fb17ed60379b9a74a22f0abb12f74f2084c8bff00afd1e7ccc43a3b08ecabc1aa4a722e1f3b1c2510476e643df4b4a6f069e8029c975f471c89a3c0c49c63c6c0899950ea89f6d692a0f2e2e7a8e828f7e9cadda537119db284505380296a689a7bc168da713671c3d47af2ac32e53a05796ae11afc14d87f2daae13201275228d0d536d72cd43580726378be6b9a7b4e56670998adf46cbcb2a61d5daffc57acbc682d1e1716409527db61a11bf2d0b6b8ec8ac9a6fb553935329ba9f877b1019d1bea3ea0e98d65b830765e50786a2dc0600000061efc79e406155f2e6df3187b0a22864cbd5ee9d29c0ed153fd2751ce7d6cc9178481c0a3806791f6e4be674352a76eeffcf07dc867fac687933d2b7597008c2614a2e0157cad1f7bcf75a3e98bfafa4addf57db94421b54c8e3580c554c11b15e9f10a33c21e430bf3e13f3fcea6b17ce4d7f32ac0ecc9540b1deebb0b73bcb56f9632cced1b0f5f1ba4a9fa5100e8916bb7f47f71e5fc4cc46b344dadc9a9bc1a470583490a6304b374da44a179533dc00f3614678b292841b47f34dde4f08f0f86fd50f4a6984bed2a1d8dbb49f987dc196180aa6797f8b9cf739a5b6b940c841346ed2189f76733ddad49787b44737ffd2179ce2d3c9b94332014ee0f3882f62ab697d09dd37cb5d602e1fb24fef4309e72e76cb43a2bdcfd5ba97ff84f19801aba142c1be10851cf937d4cef92423d630646b1c9ae3580907c84db42ec4132cb9702781760c5a7d3aadc0395bdd0b7dce7bbdf8cfe6610dd7187ae6534cdf6267f8e9423e9805bab23e22169f9af3312cbea92d784a343419e4f038d1547625e13258e2f7330c75adf5d810efd666ca9b93368ae3a745113f125f961a0ca79287c3eba8ac2a81e7ea5b66bbd04b5e12a9e73f776ff17bbb3deb2473e10a284ec98e9e52c178cff024e1885b86ef7559227e033ec4f8074e513d85b50810b158e9dc1d42a810251443b44f325dcca8e47f7b1dfcdccdca14947083a9377694bef2acc5af03e63edcd03f54bb53c0cb8769d1a009f096de7f43c79eb83d2f360fd5118f4ca54367389b9b3c68e0f655a25328585cd27d3d908787ff816968da7769838e26bb215e6823d987f09f3d5cea873c788d667e92fd590463c579bcccd21b0edc12eab5c6939487baa24a1e22ceff90b9d6587d6b7bd69a15efa818e30f3b65c4234de7951ba94f0e6726d1237e0168b2044b7067de2c0766e1d3502094ccf35d0882a09e9f50d7d20e3ac8ecfe6e1c0606fc750dd9f340a7776d2eeb6eb5e50823a82f308eaf3ad5908baf58a780759d6ae8022aaddcd599c427dde8d986f14fb433b5b351edf64e943f1fcc31a0e1fb7c077557d9581d91e9ce1f71193db30cc42d280517b8de8818dc1477882039247841870285cf1e1da4c443b83b5c791b0a8eaf697f571e7c3d51baf0cd27dfb809cb31df5f714051f5a9a83789102641f7d345bb18641f0eb4c8a168ad8f056662ef7565906a71ba7a79ce9f0853054655c432dcf32b78b7b3b4bdc5b40092da20b5a8859b4d2b863f94e21fcd70425177e6dd9a64b2ab690e14ccee1374a7815f06a5f09de4f6043d2b39fddcef29e92910a6eea18ced41c1bedfcdee1089ec2deee3ad76b7cabd255b1a2a53f7575f459e0230c018165747126060172d5f13816edc644972a072a7e401d439dad958949ef477d8a2b5e5899a8ea8846cbc7b335b78c7f2644c8c69a1e6b254f58b8aa7a7885c4234bfd962352c311a007c2a7bb5a8e34202dd52692304624117be8ce6f110782767587aa4943a9ddbb960b7e00396fdbabcddd4854e0313daa94422601af0462314c173afc2528db6052e221dc59d594f89e7c9452b5c605b5955b469482d5135cfbf2d0d3b455508d9f40f37eca2b11fbac931f4e2ebcc9bc690de80641ce0213689946735ea8473f6c89e24f5246d22ebb22dd377ef43579702cd3d80650e14766ce7a37a8823841967b650a7a3a347a6f0b2ba7d8bb1e9fded9cd7e2b47742fd726d07447de92ae4b02db7c30a7e065b2d05ff5ff5709b7cf283606903f80e99810799780780d6a28cdda40505d3a4df0996b9d9bb237477cac4fdd3fa1717c9365ac7318de52070fc91861db4624f83dc374690209ae7ff09a0d2aae536937cd86ddd187bace3b7b42974e81cbe54fc011ca1817c1323cd0914ea96b6e7ebb10b7213a51a34b3bba4c129d571ca9f41a6aa41ce336bca6911f24f45cbb4122e1100a559a3e580957dcdf5f14bb32154ed64f250f480b282f5fe9ee65621093d370682afd2b8f37a7e9aaab1447c5162887f3d0f6c74959938c0716ab03dd242f967f574df9cd25cfd64bcb2e6f5788530e761711990778960bd7a828497cec05da36777433fb27bd80d517f6850c46d84b101ea644b596d352714945d6e31b2c43c1acb4e09e443fe51890559a0dd049dbe33d375e46f008bb5ee4af3a7609120cb5498a7aa33fd64f7b3e18170cfe1875cb6e25ce1dc78d04130894d757b66da2349a7f038c747138b0eaf0f2fa933ef7f51dfedb586bc0f49c76860f46009e28ab730290080e0483c70635da84b373e7413fa576e2a3e464c1d2432b3fe5e1a08e06e004d6c47948da8f8290db7ef807a23aabce4fc3e2164be066a721a7ace91f82ceecf3a1339d60134e410dee712bc5585c2ad61389ddeb49bf8679112d537418f9d2379c4bc56850fc400c6ba0b3f9252d43bf5271167adea041bc537b33d22a6c7226a6b9897aa1d34a35198f151865243de05435a58716e5f8a864e01ebe6ec6fd841210b5a1c39027f59e3df97b3090ea6a0e7113bd1ee146e174aec4139bbf6f9fdd7b6dc5d92ee3b4d5044db49e04a90a820993bda6858c36e414e8fa033cb86c58ca687043a0754d0a96cd9833f188cb5b9ca73f412a81dc92b3b88f8585fc357129ab44fcd3c04d46aa09b6373539e784aa546106b7a7472829206a5a1df78df26d0cc691d158136da9661990109e74d75e866388e2fbc8a905c5e939e56a09bb168954ddac4be6f1b9770137440129c4328246cb71bcfc2e95925616fba756806fac7b4256597a837bd170674fa678d8bb70c9c50c4d62ed7bab199363854d073f50758f89d2670b39ba58e16267aa45f69367e003e3ee1899f7400580b375984dd040ab6eab1ec0fcd3ffa536004727ae17dc4cd76d4c2534bd50b92a5e1039e4cceeeb7e48cf347314db3534c6e835d94315fe129bdfbaaf4ab528d20fc0c802eebba43b81d31f2f25079057e25f3fab4bb1b61a8380694e586a5d248fdd0b30a54794eb3852267ea6e5b6d3dcec4e3c889ff42759c96f535f5330b1d869bdc41592791dc4a56f9de48e90182bcf0af670155b79291e811fee0098a39d12f6001f71547bed9f07a10ad3d8054dc5cabfa30feadcf25c851a64fa03d75c0f2e57f9887c9606707005d6d1fb9dee4b4ae52637ae6d963f6c3409e8506c165ae21185f04c55e7bc5af51de5b561a3493f2d7b30ec26bb8a03e4493d27de6608ede356b6b62111c25f446f4fac3056c70f762919f021d7bc4c1470ece9776dac82ed0678c88cd3c8fcd92de28e0ce9a091405f9b8f2d3aac3a78553f47b75b6d91cf53e4e93857b55edfc7afe956b264067d9a0591acd3f6b32ddd93de8ddc046ff55d1f41de1021ce62c988fb378e9e4e1efdc428dbccacf0fa8232a52673aa67ac0251bed7ec2eddad07ed57d9cc6a735171cc180544a8ba5887f7cb588474897376c3b5d0b633a54ea821f2117ef8bf9d4f509bd6487042b0208069d44aceff75f49fe3ab2a39069ec0ac2f3dbee0b982b8f04013ed2e99907030eff31be0b847bbc818f68103e8c24d99f8fee0fdd968751ee3482e90c210ee47cb2f6b5e5fb87248ed281dad438af5808128f83a3b602a2238632d3067e19a764b4386e726bbe17b70499c5b381d94d83c9ff03667f3b6cb8505efc134a7e2c1460349f0efe1b5ef15519445d5f4c146a1af51a164353733f8dd16704f462fdd309cdc5aa1d6be35643cbb94e3872d82c9ded4f3a287d199e6bf2a35567bc382b34957b8730b0dd9400", 0x2000, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a80)={0x90, 0x0, 0x0, {0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x2000, r3}}}, 0x0, 0x0, 0x0, 0x0})
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x3, 0x0, @loopback}, 0x1c)
getpid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000140)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x80, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0}, 0x90)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000001c000000000000002300850000000700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r5 = dup2(r4, r4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r5}, 0x10)

3.258379846s ago: executing program 4 (id=1035):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2d)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})

3.133367236s ago: executing program 0 (id=1036):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x1d, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x1c, 0x0, 0x0, 0x0, [0x401, 0x1000, 0x0, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x34, 0xc0, 0x3, 0x0, [{@multicast1}, {@dev={0xac, 0x14, 0x14, 0x2}, 0x659}, {@broadcast, 0x8000}, {@empty}, {@multicast1, 0xffd1fc}, {@private=0xfffffffd, 0x7}]}, @noop, @noop, @lsrr={0x83, 0xb, 0x0, [@private, @rand_addr]}]}}}}})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000a00), 0x460000, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f00000002c0)={[{@barrier}, {@jqfmt_vfsold}, {@noquota}, {@min_batch_time={'min_batch_time', 0x3d, 0x10}}, {@journal_dev={'journal_dev', 0x3d, 0xd}}]}, 0x1, 0x4be, &(0x7f0000000540)="$eJzs3ctrW1caAPBPUvyMZ/KYYUgyMAlkIPMglh8MsWdmM6uZWQSGCXTTQuraiutatowlp7EJ1Gl3WXRRWlooXXRZ6D/QbppVQ6F03e5LFiWlTV1oCwUVXUmO/JArGjsC398PbnTuOTf6zrH4jq+OrnUDSK1ztX8yEUMR8UlEHKvvbj3gXP1h48HN6dqWiWr1yleZ5LjafvPQ5v87GhHrEdEfEf//d8QzmZ1xy6tr81PFYmG5sZ+vLCzly6trF+cWpmYLs4XF0YlLk5MTI+Njk/s21tsvP3f78vv/7X33u5fu333lww9q3RpqtLWOYz/Vh94TJ1rqjkTEPw8iWBfkGuMZ6HZH+EVqr99vIuJ8kv/HIpe8mkAaVKvV6o/VvnbN61Xg0Mom58CZ7HBE1MvZ7PBw/Rz+tzGYLZbKlb9eK60sztTPlY9HT/baXLEw0nivcDx6MrX90aT8cH9s2/54RHIO/GpuINkfni4VZx7vVAdsc3Rb/n+bq+c/kBLe8kN6yX9IL/kP6SX/Ib3kP6SX/If0kv+QXvIf0kv+Q3rJf0gv+Q+p9L/Ll2tbtfn37zPXV1fmS9cvzhTK88MLK9PD06XlGJ4t9b3X2fMVS6Wl0b/Fyo18pVCu5Mura1cXSiuLlatzC1OzvVHoOeDxAJ07cfbOZ5mIWP/7QLLV9Dba5CocbtUX6t8BAKRPrtsTENA1lv4gvbzHB3b5it4t+ts1LD1S1J8LCxygbLc7AHTNhdM+/4O0sv4P6WX9H9Jr6zm+swFIo+6s/wPdZP0f0muo5f4/mZb7f/2q5d5dIxHx64j4NNfT17zXF3AYZL/INHL/wrE/Dm1v7c18nywK9EbE829eef3GVKWyPFqr/3qzvvJGvb63G90HOpbk71jj0S9yAEi1jQc3p5vbZuXxg4/75b/qFyHsjH+ksTbZn3xGObiR2XKtQmafrl1YvxURp3aLn2nc77z+ycfgRm5H/JONx0z9KZL+Hknum/4o8e+902n80y3x/9AS/8wj/1QgHe7U5p+R3fI/m+R0bObf1vlnaJ+uj24//2U3579cm/nvbIcxnn3rxXtt49+KOLNr/Ga8/iTW9vi1vl3oMP79p574Xbu26tv159ktflOtlK8sLOXLq2sX5xamZguzhcXRiUuTkxMj42OT+WSNOt9cqd7pH6c+vrvX+AfbxN9r/LW6P3c4/h9+/9GT5/aI/6fzu7/+J/eIPxARf+kw/jdjnz/drq0Wf6bN+LPb47cs8NXqxjuMX37tP30dHgoAPAbl1bX5qWKxsKygoKCwWej2zAQctIdJ3+2eAAAAAAAAAAAAAJ16HJcTd3uMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACHwU8BAAD//zAx0oQ=")
mkdir(&(0x7f0000000100)='./file2\x00', 0x0)

2.988757717s ago: executing program 4 (id=1037):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000540)='./file2\x00', 0x808d, &(0x7f00000000c0), 0xfe, 0x504, &(0x7f0000000a80)="$eJzs3c9vG1kdAPDvTOJukmZxFjgsK7Gs2EVJBHWSDd2NOCwgITitBCz3EhI3iuLEVeLsNtEKUvUPQEIIkLjAiQsSfwAI9cQZIVWCOwIEQtDCgUNhkO1xmho7cVX/QM7nI73OD9v5fl/ceZ733sQTwKX1SkQsRESWZdliRBTz/Wle4qRZ6s97+OD9jXpJIsve+VsSSXPfTOtnPZcvr+Yvm4qIr34p4hvJ/8Y9ODreWa9Uyvv59lJtN3mUZcfXtnfXt8pb5b3V1ZU31t5cu7623Jd6zkXEW1/40/e+/ZMvvvXLT733+xt/Wfhms4JN9Xr1JVCbZtULjd9Fy2RE7A8i2IhMNmrYdH3EuQAAcL76+f4HI+LjEbEYxZhonM0BAAAA4yT77Gw8SprzfwAAAMB4SiNiNpK01LyMM2YjTUul5jW8H46ZtFI9qH0yK56OF8xFIb25XSkv59cOzEUhqW+v5NfYtrZfb9tejYgXIuK7xenGdmmjWtkc5cAHAAAAXCJXH/f/G38O+89is/8PAAAAjJm5UScAAAAADJz+PwAAAIw//X8AAAAYa19+++16yVr3v9589+hwp/rutc3ywU5p93CjtFHdv1Xaqla3Gt/Zt3vRz6tUq7c+HXuHt5dq5YPa0sHR8Y3d6uFe7cb2E7fABgAAAIbohY/d+10SESefmU5b+67ky0JENnH2yZNDTw8YoLR9x3mjdH8cbC7AcE2MOgFgZJ76lP5XvxhMIsDQFUadADByF7UDXYcFft3/XAAAgMGY/8jp/H+jxJn5/2SkmQGDls//J451uHzM/8Pl1cv83+LdISQCDF3hvDMAnQIYe2kPh/qzz/9n2VMlBQAA9N1soyRpKe8HzEaalkoRzzduC1BIbm5XyssR8YGI+G2x8Fx9e6XxysTwAAAAAAAAAAAAAAAAAAAAAAAAAAD0KMuSyAAAAICxFpH+Ocnv/zVffG22fXzgSvKvYmMZEe/98J3v316v1fZX6vv/frq/9oN8/+ujGMEAAAAA2rX66a1+PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD008MH72+0yjDj/vXzETHXKf5kTDWWU1GIiJl/JDF55nVJREz0If7JnYh4sVP8pJ5WzOVZtMdPI2J6xPGv9iE+XGb36u3P5zodf2m80lh2Pv4m8/Ksurd/6Wn7N9Gl/Xu+xxgv3f/ZUtf4dyJemuzc/rTiJ13iv9pj/K9/7fi422PZjyPmO37+JE/EWqrt3lo6ODq+tr27vlXeKu+trq68sfbm2vW15aWb25Vy/m/HGN/56M//c179Z7rEn7ug/q/1WP9/37/94EPN1ULbQ4X4UZYtvNr5/X+x+RtqOBu/9dn3ifxzoL4931o/aa6f9fJPf/PyefXf7FL/i97/hR7rv/iVu3/o8akAwBAcHB3vrFcq5f1xW7ny/5GGlfrKdAwx6Hp0fijN/8sPre7fygMOI9ZU32ONqEECAAAG5vFJfz6BAAAAAAAAAAAAAAAAAAAAAAzdRV8DFn34OrH2mCejqSoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLn+GwAA//+6zNbf")
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x5)
r1 = getpid()
sched_setaffinity(0x0, 0xfffffffffffffd74, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
syz_open_dev$tty1(0xc, 0x4, 0x4)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r4, 0x0, 0x20000000}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000580)=ANY=[@ANYRES32=r4, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0xb}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000001c0)=@generic={0x0, r5}, 0x18)
syz_open_dev$usbfs(0x0, 0x205, 0x8401)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_GET_SYSNAME(r0, 0x8040552c, 0x0)

2.911496423s ago: executing program 0 (id=1038):
mount$incfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0x7, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x90)
socket$inet6(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000005000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r4, 0x0, 0x0)
write$binfmt_script(r4, 0x0, 0x0)
mkdir(0x0, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
open_tree(0xffffffffffffffff, 0x0, 0x0)

2.778810454s ago: executing program 1 (id=1043):
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000300)={{{@in6, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0}}, {{@in6=@mcast2}, 0x0, @in6=@dev}}, &(0x7f0000000100)=0xe8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
gettid()
r5 = getpid()
tgkill(r5, r1, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = open(0x0, 0x80000, 0x0)
r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x10, 0x6, &(0x7f0000000c80)=@raw=[@tail_call={{0x18, 0x2, 0x1, 0x0, r7}, {0x4}}, @exit], &(0x7f0000000180)='syzkaller\x00', 0x2, 0xe3, &(0x7f0000000240)=""/227}, 0x90)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x3, &(0x7f0000000140)={[{@resuid={'resuid', 0x3d, r0}}, {@data_writeback}, {@dax}, {@discard}]}, 0x1, 0x25f, &(0x7f0000000b00)="$eJzs3U1oHGUYB/Bn9oOYZJGoF0FQQUQkEOJN8BIvCgEJ4kFQISLiRUkETfC268mLF88iOXkJpbemPZZeQi8thZ7SNof00tKGHhoK/YAp+xXSdttsupuZNvP7wWZmknfmeQfm/74T2GECKKyJiJiJiHJETEZENSKSvQ3ebX8mOpsro+vzEWn61a2k1a693dbdbzwiGhHxcUScKSXxcyViee3brTsbn3/w91L1/f/XvhnN9CQ7trc2v9j5b+6vE7MfLZ+/eGMuiZmoPXJew5f0+F0liXj9MIq9IJJK3j2gH1/+cfxSM/dvRMR7rfzfTdsiHuyu9ZLW/7l54a2s+wsMV5pWm3NgIwUKpxQRtc5Nams9SqWpqfY9/OXyWOmXxd9+n/xpcWnhx7xHKmBYahGbn50aOTneWk9KU538Xyu38w8cVfXOcvVK8+dOOd/eAMO0f6Cb8//k9/UPQ/6hcA6U/1ey6ROQjU7+W8l+LP/X8+oTkI0Dzf9P+xoA8FLy/z8U1zPzX82nT0A2zP9QXPIPxSX/UFzyD8W1N/8AQLGkI30+KNzo7gAcFTkPPwAAAAAAAAAAAAAAAAAAQA8ro+vz3U9WNc/+G7H9aURUetUvt95H3H352NjtpNlsV9LebSDfvTPgAQZ0LOenr1+9mm/9c2/nW7++ENH4MyKmK5Unr7+kc/09v9f2+Xv1hwELDOiTrw/ryLW+Wt1fPaz6/ZndiDjdHH+me40/pXiztew9/tSG8JqEX+8NeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAy8zAAAP//JS12Fg==")
read$ptp(r6, &(0x7f0000000400)=""/95, 0x5f)
socket$nl_generic(0x10, 0x3, 0x10)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000700000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r9 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='ext4_es_lookup_extent_enter\x00', r8}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000000c0)=@generic={&(0x7f0000000080)='./file0\x00', r9}, 0x18)

2.505672717s ago: executing program 2 (id=1045):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r3}, &(0x7f0000000380), &(0x7f00000003c0)=r4}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x802, 0x0)
write$uinput_user_dev(r6, &(0x7f0000000200)={'syz0\x00'}, 0x45c)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$UI_DEV_CREATE(r6, 0x5501)
ioctl$UI_DEV_DESTROY(r6, 0x5502)

2.45813686s ago: executing program 3 (id=1046):
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x3b, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESOCT=r1, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
rename(&(0x7f0000000280)='./file0/../file0/file0/file0\x00', 0x0)
mount$fuse(0x0, &(0x7f0000000300)='./file0/../file0/file0\x00', 0x0, 0x0, 0x0)
read$FUSE(r1, &(0x7f000000e280)={0x2020, 0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000180)={0x50, 0x0, r2}, 0x50)
syz_fuse_handle_req(r1, 0x0, 0x0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x90, 0x0, 0x0, {0x4, 0x1, 0x0, 0x6, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x10000000000, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0xf}}}, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r1, &(0x7f0000004140)="c98bb9a2a79e72fbca051478fe6e24cbeab04e730a86fef02db30a01d33d07efbac36f4e0e786aa540e01cc4ec64adbac57f750e7b0b749206bb7fc70de5cbcd7bf78bdb59c1095a03ef60a8d22a4e0dcea0aa96c523a2c7f666f1ac51acec733c589f2ab3ca2c8e129a652d7ec8ce120c530ca4fad46123b30cb061fb9998ff71ed9844b1f49f8b8e30e887ecd82a0f44450a325720e5b5065ae543bad2cef4486d5759515a29f048b21b3c78e9a95913a9df61bc854512fc21a6d0376742532ad21cf3b18c7f70b25345a81ede616baf89824f817fb808ea9ca55ac0ecdb91687f27177bbf1f1cdb2321efa1366e8287587ec7f39237537c625c813feae6cffdcb4c829e5ac0bda5c1b746edeb78bc7e1c198ae04f319f0fe41f24c7cbc7c0e3278a349bbf7c804dd729114792d4f81f19f49b2c018e49f43e72eaf5fd4c0ae32f73c0106c2b202152cdb28b21cf2132c6f9c7c583114d7790d397177165952670ccbfc0f4eff26391e8f4faca3536a070470e76d26625a6ec4df17b0fb0923fc31dfc1606f6a9cadaf4718d681d2351ddd138df20ff419c67f684d0d13792c78bfa348e5d76f00503124114034f41283e15ddbe79d5f4e200d5f28ada106334eca95a37fa843aa23236ef3d8aff07df194e8c4396561132379a60c449c5f1b400d2709d5c5f1ee1542790d5843e35f11be0ca4e7caa32c8329320069daea18ab51fad9ae4080d79671d73242278044391b9187eb0c05bbfef7d51bf64275f64ce780b25b509741c695f9e396234e3a67bc6988f05f6ad547371709e50b599179f7fc3def57115b58be578feb01612126bf5d1f08091743b76cd9cac032998adeb68a066387edb528b08d2063c3c504574e3d64ebee51da66e92bc3201baf0fa10bf5686e077a606c2b03a5529c97612b5d299078b99fc644aa101565836991bdcb92afae97b0330fc10c9af1edf05337221c05731246d57f7b063ee01778b99c768c8a8eb07e88f472d53bb59ec1db64191a32e981d384653943289d58970f4785d0081e321e5411bbe8738ee580a36be332a9082126579c797e162a37987a348743225786cf2e4e46f0c0ab0f7c14a6a16dc33e0f7042f203855db6776a3d760846ba5fd2173af04989b2f21cfd7e9e61df98adebef311c1c31f8b14f49c63ce924258af21d2d1766313a60dd23cf1966772551649ed78110d2462e47f14de5eed932bb03d3635f3bcbb8824bfa8b5c77649f097d78ec071b0d09dcdfc2078d0a97f96cb3e32f4cf80da4e07fad909eeabeb5715296ce578ada637a133ada68676e30632acba4f32fd2d23267a685f14a47fad0b36f2940494283a15b30576ff31e2b4472388fe3fecaa2e243818fce1d5de9a0e10aed4dc38a8636bec2ce0d43da7aa2541e8123bc4229ba6f9db4ec6b03c208125be4c389f8e587081209531f3c187077318698b08ace5b1e5a1c5b82633abfb6c4ef2bad7f9e61a142caef3c44dd6b81a9937650f75dfdb6f56bc26edc801fb0f53aa49655ce5f51283d8bb56ba56e9fc9f48395299a4ca4ae5b74398e1be02e2ea0565976ab155ae5df2114301565e23c25595853247dae9c2a598776c44ec0cfc26b3447c20b08424762dd29bfff90cf3f71f0fe933d1b1a29c3f6839858c7993a666401e2a03a1117988b28ae1c82adef8caf1ab564eb445199b57666397a7e7301ccfa9304dbf2854c8b50ab72ce6887e9cd69a647766f87a59d580a19964c9f691fb1eabe8143228bb375cbf12b5167085168ed22de2fee1b26d44324321a632b43d1b7bd13f15b807f1ab259b8456ba5d014fad3876b492b7f14af2ac75cb0f19eef7ad5c3d7f692d81ce1eb3e3fb96200d9253d338cb6d4097f3e6f4f061edcc98994b694b64ce1a266eac23e0506e68d09e4a3d0049420be6e73d684f7566e01bb43c1d51ed2e2c76be592bf4c6cf7471a21ba817f8c708ed76e14d6352e28deb6199bd7ec1232a041c6a655fbc01be4f749def876e0a94275c79bded1eb5bb3f9bfe286e14702e81c0e8a65f4b0a0a7ae62cfd4093a7e0fb07a02ab6a2f005ef538fd56392a3072f8317a1cedcdaecd857cef0f574efca11a6a28fbaa6fa2f6d74676197dec824d96b4ce0cc5999766b4926a6c21e21d4a78f71e87e9a8f1e2c4e3005da888457957377defd70d82fe26041f5399f295d869eb65c8e185a4f853c64603decb3c499a6921534730afbc41c1be57539603f0c1bdc2f61b8d7cfc971fe3fff189faae8411928dc039cb1ee33404544992a7f5646efd1e12d890ef7290ecc5e957a35cc6defb180b8006f8c016621bf17a6546022b9c579e781a66e57bc30d4c5ec8c56c42efce79bb8f203cb3c08133be710f2061879b90905671b346aaf735f2a614e7e46755d35570754e365490e2658090f40c2cb9164b0a1742b3bda5a32a4ebe25166c4ec0b387538362e7998092b1b737370239ef58f1f68f80753146ca2c166119fae83b2c60a19a1461903341d315d5ef8c57473bfd995964dc7b73ca7d35e88589cc7766480c9829ce44af423dcbef90b1ec62d8da8d812ad001e8e67df683dcb9de40db531e9eab3ca59b84689453b40f7df2b04051a6f052f179df5989bcb2e9245d23dee5d9b9ee03ee1ca0cef1b843acf0eb8dacd69047f5afda11b2a7ce274279c8b8a5da4618580f14d6c80bf1a647c90d2ef66395da4a0284427227ed59cc010088f39c12af4fb420683803db81f5ed467508b4e34886ce1550d7e9e29f9c92872d50566726af8b66b10498ce695ebc41573bc9100b6373c53cec7696bb79260d8214390d453d3223b9261c49fca17cf9923d7d1f3ac3abb332f37ddd9d0e09fb4df9305e88fc11f00ca1ddfce8dcc386e05a517c9b42d74629ff2460557107e7d39c0c1938e5b5f1da2dbffb30e3eb77c53d459580077eefb5260d59ad9fba11a66ffa703a3750d5979850acd8644de3c23a5514b4ba922dc20f5911b0d5078a1704f4016c84e39719c280db3ad2cd5f0693c8da07969c239608067fa82aba83d9a3a0f5f3e1f845a27bae1d8708d82eb10c7c205c07234b6e71312d54e878b960c821fd2dd01685143ffad375598dfd10038002a0d9aeceec499669523fb865683cb9379229761ac546e700a26523769ff1432d00073eb387e393d674eeb33a17422b3c0cedd91b3f0802ee59f1307467900c0a919bfaf92578fc18765cfc29cee13da07e821cc26354f5793d9e507cf13fdb55befeb814f4863552cc22440c3e80a61d7db867d72dfb41196bcc020f265fc9beec0004afff442c4a01a772db48a02d2f109a2096ec6d0f938cf8bc0835e07fa180f17cebf8a25b950380be955c4eb6a4f7fc6543a7eee578f800f5137069d08cd04f50cd02580aa7b249156baecd972eb6d8d9ff7598b85c0b0395016ade7107dcc8663c265857fbd7e42b3d4fb7a8c5f58b8befb22530ab47add8ca50611b23770d39a041c7291f30a92873d6c9f193f0bd8a7dc0949d435a3dbd554bf884bee76c3b28b2836e297a7b2dd940e6199b3c14ddf6bf7989eb9f721da9adbd2c754e91304b431c61deff5a7a24107a4f5bbeb1f422fcf10af1f5bcd204deb239c47e93d2f4ac55f4920bb4cbb0c358567ae115bfbcbdb2ff940f0d897fd54e9c198142e5445dc4a6ca4f794e26382394f6f11fc93acc4930cdb6fb39b04867eae0dad3cd2414ca0a1d9d8836a54894697bc3710e1ec9f58b28588a7108e6d8ea098c3e26646818345680dfd4812f89a2b632d2197e8d0d88fe932a1e52a1345d9e9d968e000ccf3658162ca9f50beb08b858a26ffe9cc320bc49cba66582647c5358234d9b38d3e605a2c1c4ddce61dd90070e26fc211d01fbec9fbfcc4cb0c1882014438284303cc80dee1760f631fc66a72d0eb6c6d01a7701a92c2a45613000ce87734f37ecce7774083b8e71dfba4a455516447b4dffe7288d578a37908ce0256d70d07c936a5d21ae223a3197f9cbede4ae983b9356a7073f2b6ba2068556721fd9379041897472c237a0c2007aa8f75a6e145c60a2f0cb7ffda5b6443e2682ec08eea3c851a72aa31508a186185962e79620791a3337abfdf527e513ea287a7b95f2a50f58575aac96af999ce667b1e415545fb931a02282eefad0e9489ec6478218b2a9478aa6060566f2ce636e28ce3d7a6d0c62c340c224efe58b8c99b9d59e6890e858244cf85102a44909645fcd66f57a1e4cde0697e53547aefeadef57db39543bc4b444f1fb5e99d3df8860fa13b91b3c9c47cba2ef823f7739d93f1d59251f2ecbe25b2cd67be1fe37359c5a673564688806154cd28bff8cf321578ef5580b945d208050f13e4429247dadbfeb417519d6b48aeef36e32c656d138191d612b99bcd11225187c41cba1b17b401698a12a3d28f6807be56dee75b93a27a5a120ce4fa25b45a41e2ff5affcd8771ef5efaeba4763fca7f3cadb4a96fd45dc42767dac4efc77aec8803b9edb4e2a3843a5a4936754d42c6bfe35a677aa972873190683712960a9172e75d039ae8f724e51f3770e85efb65dceedbf3e41f5e25244771a004b77777d745ef7401ab7f4586e2c10b0bece0137db9e5285a27621cf0dbe74ddbdeb2904beea55318ff8d65836dd2a57ee5354ac92e7727d2efefa10885184a2647597fb6d482f928baf0be5f83feb05be019268d05e419f58e9e590094a7e3ad7da2aa0fdcd2cfa2f7e7b26750d9049c0402d3def15b15491e1326f71a1d1e4a2a24ff9902f2d0e0e36cfd4314610be7a4e5f6ded81cc6048ee9f4e857f91a131220eedb51838cb1e406c20ef20a5783fb2cfdbaebce5d56a59579b994a0bebf58626e98bc4a7387b9bee07d5dd14a38e27d350cf159200fb2761d8953f1906298c74ee6c78deadd208bb84d3bc074ef127166f6b6c9c6315a76e2606a3aa91b19ae867e3e7372225d8266b6c87aec5fe40af5c816e7771cba0ba9957b6736b6d556daac4c1f60479c7ca81783f6e97509ce609ee07891b79020199018e67c05de3ba577af655ab3b5c79672cfb14c57499558d76f9e1e9681a07acde5064380e0f0446b1e9c2a15cbfdf5fae562884c2bd1f724fec6b0c520aa7df5239c1d54bcbaeb711be9e224eb5aa5dac0df99d8782248f70d9f86c1b576bef030d386beb50ca315c14b768baa013f3b70d85b6fe13bdfe7aa839804a139877c54c5135c920e11404d33a8385559acca5600e96cae8f459bfe295df4198fd19a192ae26c8a694151c70d70d5101b002f2c2580f969571d2cce22218d577b9ec43136e6284953546650b5974da34ad5dd4b0fb1e8e699eb3333e7e3477f21aacd908c69b4d9d092f881039c59c03f4503dfb1dc84f89c16be07b39a0aba23ad387fbb0980809b4147fce3127aaeb40638c889ceda0144189352a3497912daebdde46fb603cec06d9dc6e49fc916c7265c8ef0122f60f46dfd5047f75178e8eed1e2323e67ffbb1de6ca51dfb052862eebc8c81a038906831ae942bbd1148c632af20a06e032f7d91d7a07c740b174d641eee12e66d8db9aa9fadb4004290302d4e35485d9118b4abbb97a2690ec53a1d8555861185f66ec039c627dc74b7b51c7e7754a1391ae29488dce09416116d3e5fb2511865181471a6e8d11febe050358294738931a58326faf5ad405941a8a90cf88b9e155470e4034ad0c3de21c03697d09ce094b5532a77ea66f9c05609f079edac54b310fdd8452a2134ecfddc899f57014754b4783dd4cf190bb957271e9f9f4aa1bf1e792f711c2156cf09015707371a4e88987c25707c5c5a7fc7891b358d1ce9b0ec38983853d0059d5bf5da2c4c5a7e8863ba0b91cb18e94ce20ff72c7cba848355f5afd5e5c086fd16c1647d145cef93f2e7e337f43f67198abff32dc3e624f768ace48bb989e49e02b42bb4831610f561c47b84624f00c011ffee7376ca0b0aa09b048826a40463a6949c47473ac1d524bd808ec7e876822f15512a6814dc335daa536e7148fbfb8200603b882e4c693f5960965e419bb00fe41743084b619cefa3fddf2485e753f1b96de55e3e54cef66885c73dde661978fe65a6966767c9991f030d1dc9b882cd6fbb83181474fb57360a591c2782369d00df5be76697dcc697351006d7fe8363437a220df1cf36f464de3ada90fb8b6c56d607f245a8a8175bbf63fea0c45c8a6462140c285a86ca0bc0b872297c0981bc33c53a0499f849cf9a86db6bb48b87b597f2dd04b29e376a757e070d6b724d7a4ded0a01fd03e58c2d1d7c9bd084c8388e3a193423010e328952c5a62b4100788d1ac5b61c203c31997003d7669f4eff0e01a75d3a06cc7ef7b9a621a93cc6954118d8f7736245665c24ba84f9bf5851c481cac617fbb0ff71f3eaf5441348e61f5e4e7e8bca22d9e91e4a6e843bf02d324c8b55ec8a519b6f95818d84ac9e0f4ec36b7fb44b3db6924bef1a431dde856cecfb479072bc2d97efedb1dfd9fffbcf6dd430899d0fd8dcf33a2c137296d28373cf70984d6ffd823abd4721303c0c4072bd9c0723b7e868290b9e6f2d5b92feb6a4d2ea5dfb31c3a9cae8611a567ade5fc050eb7b74a240ead9a70679e61b4b8ac671695e70879459afd7151bb29655274d7ec3d10766eb919f5dcc648394717507588a95800b0c9969c70b981dd37e1b5702f50f49a67aed32db437746da94c965344e7fda47d36488fd24489f462b8abc2bd08ffc7c54dd7a2d1ebffe3b126565b89b764a289e505411ae846f5b8f9877ffcd70a8a57b3b7dcf8356d774aaa2746f63fd8e9e5e4b6d5b2ea62bdea0a90696608d156623863985f13b312a56960e3d5cd908ce456a2465ac72232fafd4f1c779b8e6707f3b34c5dc1356ae159bcf311d77e15dccb6c094ab12e999e1aea1026afd8c3dafa5f761a7e82bc139951e1cac736d0e3ed163837b3e8a120df674355c32a17efb6d126beda38ac57722f16e5e2ff5a5979b219e6a886f3cb853291cb5c835d591b6229ae938cb59ac73caaff0a1e13f6efb4a3e1385fc8fe77a33a189cf1b1a5eed06bee4d5237aafdede0f3c883f64ceaed04d88ac0e3738f89f7eba17fa71ea5bdad5af6c2a3c281c6762cc70f277361aec24a666ccfd95a8cc9af0dbb331f840e1990083cf648f7068808f903f281e6222d3ea6da539d047f6309d2d0c0d1fc9b7e2b2b7d082432f8d819f923f54e2ffff2e1504c3f7b17a9b19c32bed9ef376fe6d0d0647f9be85c617eacc82cf9ec9a9c901cc4088fa90e1abbb6f1340e34e4445313922286d5d1e655da8b42e799eb04a8f766d88ae24dcbe9f589104ee2c83335d6b3a498fd236fdd26c1b8e72258925de84861e3946a389bbce2d87e044d242ce9684afaf75ff20306db09dfead4481c844dbba005146a50dfbe3b4d939d3bb587a00daefb7db1f1cfe616c0528941d28cae06f057650475dad0fd3be6e85f5693b32636e8677634fb17ed60379b9a74a22f0abb12f74f2084c8bff00afd1e7ccc43a3b08ecabc1aa4a722e1f3b1c2510476e643df4b4a6f069e8029c975f471c89a3c0c49c63c6c0899950ea89f6d692a0f2e2e7a8e828f7e9cadda537119db284505380296a689a7bc168da713671c3d47af2ac32e53a05796ae11afc14d87f2daae13201275228d0d536d72cd43580726378be6b9a7b4e56670998adf46cbcb2a61d5daffc57acbc682d1e1716409527db61a11bf2d0b6b8ec8ac9a6fb553935329ba9f877b1019d1bea3ea0e98d65b830765e50786a2dc0600000061efc79e406155f2e6df3187b0a22864cbd5ee9d29c0ed153fd2751ce7d6cc9178481c0a3806791f6e4be674352a76eeffcf07dc867fac687933d2b7597008c2614a2e0157cad1f7bcf75a3e98bfafa4addf57db94421b54c8e3580c554c11b15e9f10a33c21e430bf3e13f3fcea6b17ce4d7f32ac0ecc9540b1deebb0b73bcb56f9632cced1b0f5f1ba4a9fa5100e8916bb7f47f71e5fc4cc46b344dadc9a9bc1a470583490a6304b374da44a179533dc00f3614678b292841b47f34dde4f08f0f86fd50f4a6984bed2a1d8dbb49f987dc196180aa6797f8b9cf739a5b6b940c841346ed2189f76733ddad49787b44737ffd2179ce2d3c9b94332014ee0f3882f62ab697d09dd37cb5d602e1fb24fef4309e72e76cb43a2bdcfd5ba97ff84f19801aba142c1be10851cf937d4cef92423d630646b1c9ae3580907c84db42ec4132cb9702781760c5a7d3aadc0395bdd0b7dce7bbdf8cfe6610dd7187ae6534cdf6267f8e9423e9805bab23e22169f9af3312cbea92d784a343419e4f038d1547625e13258e2f7330c75adf5d810efd666ca9b93368ae3a745113f125f961a0ca79287c3eba8ac2a81e7ea5b66bbd04b5e12a9e73f776ff17bbb3deb2473e10a284ec98e9e52c178cff024e1885b86ef7559227e033ec4f8074e513d85b50810b158e9dc1d42a810251443b44f325dcca8e47f7b1dfcdccdca14947083a9377694bef2acc5af03e63edcd03f54bb53c0cb8769d1a009f096de7f43c79eb83d2f360fd5118f4ca54367389b9b3c68e0f655a25328585cd27d3d908787ff816968da7769838e26bb215e6823d987f09f3d5cea873c788d667e92fd590463c579bcccd21b0edc12eab5c6939487baa24a1e22ceff90b9d6587d6b7bd69a15efa818e30f3b65c4234de7951ba94f0e6726d1237e0168b2044b7067de2c0766e1d3502094ccf35d0882a09e9f50d7d20e3ac8ecfe6e1c0606fc750dd9f340a7776d2eeb6eb5e50823a82f308eaf3ad5908baf58a780759d6ae8022aaddcd599c427dde8d986f14fb433b5b351edf64e943f1fcc31a0e1fb7c077557d9581d91e9ce1f71193db30cc42d280517b8de8818dc1477882039247841870285cf1e1da4c443b83b5c791b0a8eaf697f571e7c3d51baf0cd27dfb809cb31df5f714051f5a9a83789102641f7d345bb18641f0eb4c8a168ad8f056662ef7565906a71ba7a79ce9f0853054655c432dcf32b78b7b3b4bdc5b40092da20b5a8859b4d2b863f94e21fcd70425177e6dd9a64b2ab690e14ccee1374a7815f06a5f09de4f6043d2b39fddcef29e92910a6eea18ced41c1bedfcdee1089ec2deee3ad76b7cabd255b1a2a53f7575f459e0230c018165747126060172d5f13816edc644972a072a7e401d439dad958949ef477d8a2b5e5899a8ea8846cbc7b335b78c7f2644c8c69a1e6b254f58b8aa7a7885c4234bfd962352c311a007c2a7bb5a8e34202dd52692304624117be8ce6f110782767587aa4943a9ddbb960b7e00396fdbabcddd4854e0313daa94422601af0462314c173afc2528db6052e221dc59d594f89e7c9452b5c605b5955b469482d5135cfbf2d0d3b455508d9f40f37eca2b11fbac931f4e2ebcc9bc690de80641ce0213689946735ea8473f6c89e24f5246d22ebb22dd377ef43579702cd3d80650e14766ce7a37a8823841967b650a7a3a347a6f0b2ba7d8bb1e9fded9cd7e2b47742fd726d07447de92ae4b02db7c30a7e065b2d05ff5ff5709b7cf283606903f80e99810799780780d6a28cdda40505d3a4df0996b9d9bb237477cac4fdd3fa1717c9365ac7318de52070fc91861db4624f83dc374690209ae7ff09a0d2aae536937cd86ddd187bace3b7b42974e81cbe54fc011ca1817c1323cd0914ea96b6e7ebb10b7213a51a34b3bba4c129d571ca9f41a6aa41ce336bca6911f24f45cbb4122e1100a559a3e580957dcdf5f14bb32154ed64f250f480b282f5fe9ee65621093d370682afd2b8f37a7e9aaab1447c5162887f3d0f6c74959938c0716ab03dd242f967f574df9cd25cfd64bcb2e6f5788530e761711990778960bd7a828497cec05da36777433fb27bd80d517f6850c46d84b101ea644b596d352714945d6e31b2c43c1acb4e09e443fe51890559a0dd049dbe33d375e46f008bb5ee4af3a7609120cb5498a7aa33fd64f7b3e18170cfe1875cb6e25ce1dc78d04130894d757b66da2349a7f038c747138b0eaf0f2fa933ef7f51dfedb586bc0f49c76860f46009e28ab730290080e0483c70635da84b373e7413fa576e2a3e464c1d2432b3fe5e1a08e06e004d6c47948da8f8290db7ef807a23aabce4fc3e2164be066a721a7ace91f82ceecf3a1339d60134e410dee712bc5585c2ad61389ddeb49bf8679112d537418f9d2379c4bc56850fc400c6ba0b3f9252d43bf5271167adea041bc537b33d22a6c7226a6b9897aa1d34a35198f151865243de05435a58716e5f8a864e01ebe6ec6fd841210b5a1c39027f59e3df97b3090ea6a0e7113bd1ee146e174aec4139bbf6f9fdd7b6dc5d92ee3b4d5044db49e04a90a820993bda6858c36e414e8fa033cb86c58ca687043a0754d0a96cd9833f188cb5b9ca73f412a81dc92b3b88f8585fc357129ab44fcd3c04d46aa09b6373539e784aa546106b7a7472829206a5a1df78df26d0cc691d158136da9661990109e74d75e866388e2fbc8a905c5e939e56a09bb168954ddac4be6f1b9770137440129c4328246cb71bcfc2e95925616fba756806fac7b4256597a837bd170674fa678d8bb70c9c50c4d62ed7bab199363854d073f50758f89d2670b39ba58e16267aa45f69367e003e3ee1899f7400580b375984dd040ab6eab1ec0fcd3ffa536004727ae17dc4cd76d4c2534bd50b92a5e1039e4cceeeb7e48cf347314db3534c6e835d94315fe129bdfbaaf4ab528d20fc0c802eebba43b81d31f2f25079057e25f3fab4bb1b61a8380694e586a5d248fdd0b30a54794eb3852267ea6e5b6d3dcec4e3c889ff42759c96f535f5330b1d869bdc41592791dc4a56f9de48e90182bcf0af670155b79291e811fee0098a39d12f6001f71547bed9f07a10ad3d8054dc5cabfa30feadcf25c851a64fa03d75c0f2e57f9887c9606707005d6d1fb9dee4b4ae52637ae6d963f6c3409e8506c165ae21185f04c55e7bc5af51de5b561a3493f2d7b30ec26bb8a03e4493d27de6608ede356b6b62111c25f446f4fac3056c70f762919f021d7bc4c1470ece9776dac82ed0678c88cd3c8fcd92de28e0ce9a091405f9b8f2d3aac3a78553f47b75b6d91cf53e4e93857b55edfc7afe956b264067d9a0591acd3f6b32ddd93de8ddc046ff55d1f41de1021ce62c988fb378e9e4e1efdc428dbccacf0fa8232a52673aa67ac0251bed7ec2eddad07ed57d9cc6a735171cc180544a8ba5887f7cb588474897376c3b5d0b633a54ea821f2117ef8bf9d4f509bd6487042b0208069d44aceff75f49fe3ab2a39069ec0ac2f3dbee0b982b8f04013ed2e99907030eff31be0b847bbc818f68103e8c24d99f8fee0fdd968751ee3482e90c210ee47cb2f6b5e5fb87248ed281dad438af5808128f83a3b602a2238632d3067e19a764b4386e726bbe17b70499c5b381d94d83c9ff03667f3b6cb8505efc134a7e2c1460349f0efe1b5ef15519445d5f4c146a1af51a164353733f8dd16704f462fdd309cdc5aa1d6be35643cbb94e3872d82c9ded4f3a287d199e6bf2a35567bc382b34957b8730b0dd9400", 0x2000, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a80)={0x90, 0x0, 0x0, {0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x2000, r3}}}, 0x0, 0x0, 0x0, 0x0})
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x3, 0x0, @loopback}, 0x1c)
getpid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000140)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x80, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0}, 0x90)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000001c000000000000002300850000000700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r5 = dup2(r4, r4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r5}, 0x10)

1.699897062s ago: executing program 1 (id=1047):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2d)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000030000008500000086000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})

1.635521727s ago: executing program 2 (id=1048):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r1=>r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000008000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='consume_skb\x00', r3}, 0x10)
syz_clone(0x40089000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.60478736s ago: executing program 1 (id=1049):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x1d, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x1c, 0x0, 0x0, 0x0, [0x401, 0x1000, 0x0, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x34, 0xc0, 0x3, 0x0, [{@multicast1}, {@dev={0xac, 0x14, 0x14, 0x2}, 0x659}, {@broadcast, 0x8000}, {@empty}, {@multicast1, 0xffd1fc}, {@private=0xfffffffd, 0x7}]}, @noop, @noop, @lsrr={0x83, 0xb, 0x0, [@private, @rand_addr]}]}}}}})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000a00), 0x460000, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f00000002c0)={[{@barrier}, {@jqfmt_vfsold}, {@noquota}, {@min_batch_time={'min_batch_time', 0x3d, 0x10}}, {@journal_dev={'journal_dev', 0x3d, 0xd}}]}, 0x1, 0x4be, &(0x7f0000000540)="$eJzs3ctrW1caAPBPUvyMZ/KYYUgyMAlkIPMglh8MsWdmM6uZWQSGCXTTQuraiutatowlp7EJ1Gl3WXRRWlooXXRZ6D/QbppVQ6F03e5LFiWlTV1oCwUVXUmO/JArGjsC398PbnTuOTf6zrH4jq+OrnUDSK1ztX8yEUMR8UlEHKvvbj3gXP1h48HN6dqWiWr1yleZ5LjafvPQ5v87GhHrEdEfEf//d8QzmZ1xy6tr81PFYmG5sZ+vLCzly6trF+cWpmYLs4XF0YlLk5MTI+Njk/s21tsvP3f78vv/7X33u5fu333lww9q3RpqtLWOYz/Vh94TJ1rqjkTEPw8iWBfkGuMZ6HZH+EVqr99vIuJ8kv/HIpe8mkAaVKvV6o/VvnbN61Xg0Mom58CZ7HBE1MvZ7PBw/Rz+tzGYLZbKlb9eK60sztTPlY9HT/baXLEw0nivcDx6MrX90aT8cH9s2/54RHIO/GpuINkfni4VZx7vVAdsc3Rb/n+bq+c/kBLe8kN6yX9IL/kP6SX/Ib3kP6SX/If0kv+QXvIf0kv+Q3rJf0gv+Q+p9L/Ll2tbtfn37zPXV1fmS9cvzhTK88MLK9PD06XlGJ4t9b3X2fMVS6Wl0b/Fyo18pVCu5Mura1cXSiuLlatzC1OzvVHoOeDxAJ07cfbOZ5mIWP/7QLLV9Dba5CocbtUX6t8BAKRPrtsTENA1lv4gvbzHB3b5it4t+ts1LD1S1J8LCxygbLc7AHTNhdM+/4O0sv4P6WX9H9Jr6zm+swFIo+6s/wPdZP0f0muo5f4/mZb7f/2q5d5dIxHx64j4NNfT17zXF3AYZL/INHL/wrE/Dm1v7c18nywK9EbE829eef3GVKWyPFqr/3qzvvJGvb63G90HOpbk71jj0S9yAEi1jQc3p5vbZuXxg4/75b/qFyHsjH+ksTbZn3xGObiR2XKtQmafrl1YvxURp3aLn2nc77z+ycfgRm5H/JONx0z9KZL+Hknum/4o8e+902n80y3x/9AS/8wj/1QgHe7U5p+R3fI/m+R0bObf1vlnaJ+uj24//2U3579cm/nvbIcxnn3rxXtt49+KOLNr/Ga8/iTW9vi1vl3oMP79p574Xbu26tv159ktflOtlK8sLOXLq2sX5xamZguzhcXRiUuTkxMj42OT+WSNOt9cqd7pH6c+vrvX+AfbxN9r/LW6P3c4/h9+/9GT5/aI/6fzu7/+J/eIPxARf+kw/jdjnz/drq0Wf6bN+LPb47cs8NXqxjuMX37tP30dHgoAPAbl1bX5qWKxsKygoKCwWej2zAQctIdJ3+2eAAAAAAAAAAAAAJ16HJcTd3uMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACHwU8BAAD//zAx0oQ=")
mkdir(&(0x7f0000000100)='./file2\x00', 0x0)

1.542476635s ago: executing program 3 (id=1050):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e85000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r3}, &(0x7f0000000380), &(0x7f00000003c0)=r4}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
socketpair$tipc(0x1e, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x802, 0x0)
write$uinput_user_dev(r6, &(0x7f0000000200)={'syz0\x00'}, 0x45c)
ioctl$UI_DEV_CREATE(r6, 0x5501)

1.496489269s ago: executing program 2 (id=1051):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r0, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000040)=0x1000, 0x4)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000180)=0x80000039f8, 0x4)
sendto$inet6(r0, &(0x7f0000000000)="8d", 0x1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000049c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000014c0)=""/185, 0x10}}], 0x1, 0x12040, 0x0)

1.496124099s ago: executing program 4 (id=1052):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000086"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x10)
syz_emit_ethernet(0x6e, &(0x7f0000000080)={@broadcast, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x38, 0x3a, 0x0, @local, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x7d0, {0x0, 0x6, "8cb02b", 0x0, 0x2f, 0x0, @loopback, @local, [@srh]}}}}}}}, 0x0)

1.439681953s ago: executing program 2 (id=1053):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000f000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
io_uring_register$IORING_REGISTER_FILES_UPDATE2(0xffffffffffffffff, 0xe, 0x0, 0x0)

1.439101173s ago: executing program 4 (id=1054):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r3}, &(0x7f0000000380), &(0x7f00000003c0)=r4}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
socketpair$tipc(0x1e, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket(0x10, 0x2, 0x0)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x802, 0x0)
write$uinput_user_dev(r6, &(0x7f0000000200)={'syz0\x00'}, 0x45c)
ioctl$UI_DEV_CREATE(r6, 0x5501)
ioctl$UI_DEV_DESTROY(r6, 0x5502)

1.407011906s ago: executing program 2 (id=1055):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@getnexthop={0x20, 0x6a, 0x501, 0x0, 0x0, {0x0, 0x0, 0x0, 0x2}, [@NHA_MASTER={0x8}]}, 0x20}}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000027c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000300), 0x240, 0x0)
r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r6, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000000)='./file0\x00')
open(&(0x7f0000000340)='./file0\x00', 0x121200, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f00000000c0)='netlink_extack\x00'}, 0x11)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)=@newtaction={0x14, 0x30, 0x1}, 0x14}}, 0x0)

1.371933768s ago: executing program 1 (id=1056):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff0184"], 0x15)
r1 = dup(r0)
write$FUSE_BMAP(r1, &(0x7f0000000080)={0x18}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
mount(0x0, 0x0, &(0x7f00000000c0)='hugetlbfs\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r6, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000000640)={{{@in=@loopback, @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xee01}, {}, {0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0x1}, {{@in=@remote, 0x0, 0x32}, 0x2, @in=@private, 0x0, 0x4}}, 0xe8)
sendmmsg$inet6(r7, &(0x7f0000000300)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x10000, @dev={0xfe, 0x80, '\x00', 0xa}, 0x8}, 0x1c, 0x0}}], 0x1, 0x0)

1.341928591s ago: executing program 0 (id=1057):
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000300)={{{@in6, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0}}, {{@in6=@mcast2}, 0x0, @in6=@dev}}, &(0x7f0000000100)=0xe8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
gettid()
r5 = getpid()
tgkill(r5, r1, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = open(0x0, 0x80000, 0x0)
r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x10, 0x6, &(0x7f0000000c80)=@raw=[@tail_call={{0x18, 0x2, 0x1, 0x0, r7}, {0x4}}, @exit], &(0x7f0000000180)='syzkaller\x00', 0x2, 0xe3, &(0x7f0000000240)=""/227}, 0x90)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x3, &(0x7f0000000140)={[{@resuid={'resuid', 0x3d, r0}}, {@data_writeback}, {@dax}, {@discard}]}, 0x1, 0x25f, &(0x7f0000000b00)="$eJzs3U1oHGUYB/Bn9oOYZJGoF0FQQUQkEOJN8BIvCgEJ4kFQISLiRUkETfC268mLF88iOXkJpbemPZZeQi8thZ7SNof00tKGHhoK/YAp+xXSdttsupuZNvP7wWZmknfmeQfm/74T2GECKKyJiJiJiHJETEZENSKSvQ3ebX8mOpsro+vzEWn61a2k1a693dbdbzwiGhHxcUScKSXxcyViee3brTsbn3/w91L1/f/XvhnN9CQ7trc2v9j5b+6vE7MfLZ+/eGMuiZmoPXJew5f0+F0liXj9MIq9IJJK3j2gH1/+cfxSM/dvRMR7rfzfTdsiHuyu9ZLW/7l54a2s+wsMV5pWm3NgIwUKpxQRtc5Nams9SqWpqfY9/OXyWOmXxd9+n/xpcWnhx7xHKmBYahGbn50aOTneWk9KU538Xyu38w8cVfXOcvVK8+dOOd/eAMO0f6Cb8//k9/UPQ/6hcA6U/1ey6ROQjU7+W8l+LP/X8+oTkI0Dzf9P+xoA8FLy/z8U1zPzX82nT0A2zP9QXPIPxSX/UFzyD8W1N/8AQLGkI30+KNzo7gAcFTkPPwAAAAAAAAAAAAAAAAAAQA8ro+vz3U9WNc/+G7H9aURUetUvt95H3H352NjtpNlsV9LebSDfvTPgAQZ0LOenr1+9mm/9c2/nW7++ENH4MyKmK5Unr7+kc/09v9f2+Xv1hwELDOiTrw/ryLW+Wt1fPaz6/ZndiDjdHH+me40/pXiztew9/tSG8JqEX+8NeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAy8zAAAP//JS12Fg==")
read$ptp(r6, &(0x7f0000000400)=""/95, 0x5f)
socket$nl_generic(0x10, 0x3, 0x10)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000700000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r9 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='ext4_es_lookup_extent_enter\x00', r8}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000000c0)=@generic={&(0x7f0000000080)='./file0\x00', r9}, 0x18)

611.48962ms ago: executing program 3 (id=1058):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec85"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0xc)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x6, 0x4, 0x6}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r3, &(0x7f0000000200), 0x20000000}, 0x20)
recvmsg$unix(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001140)=[{&(0x7f0000000280)=""/149, 0x95}], 0x1}, 0x100)
sendmsg$inet(r2, &(0x7f00000009c0)={0x0, 0x0, 0x0}, 0x0)

421.081896ms ago: executing program 2 (id=1059):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r3}, &(0x7f0000000380), &(0x7f00000003c0)=r4}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x802, 0x0)
write$uinput_user_dev(r6, &(0x7f0000000200)={'syz0\x00'}, 0x45c)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$UI_DEV_CREATE(r6, 0x5501)
ioctl$UI_DEV_DESTROY(r6, 0x5502)

416.583906ms ago: executing program 4 (id=1060):
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x3b, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESOCT=r1, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
rename(&(0x7f0000000280)='./file0/../file0/file0/file0\x00', 0x0)
mount$fuse(0x0, &(0x7f0000000300)='./file0/../file0/file0\x00', 0x0, 0x0, 0x0)
read$FUSE(r1, &(0x7f000000e280)={0x2020, 0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000180)={0x50, 0x0, r2}, 0x50)
syz_fuse_handle_req(r1, 0x0, 0x0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x90, 0x0, 0x0, {0x4, 0x1, 0x0, 0x6, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x10000000000, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0xf}}}, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r1, &(0x7f0000004140)="c98bb9a2a79e72fbca051478fe6e24cbeab04e730a86fef02db30a01d33d07efbac36f4e0e786aa540e01cc4ec64adbac57f750e7b0b749206bb7fc70de5cbcd7bf78bdb59c1095a03ef60a8d22a4e0dcea0aa96c523a2c7f666f1ac51acec733c589f2ab3ca2c8e129a652d7ec8ce120c530ca4fad46123b30cb061fb9998ff71ed9844b1f49f8b8e30e887ecd82a0f44450a325720e5b5065ae543bad2cef4486d5759515a29f048b21b3c78e9a95913a9df61bc854512fc21a6d0376742532ad21cf3b18c7f70b25345a81ede616baf89824f817fb808ea9ca55ac0ecdb91687f27177bbf1f1cdb2321efa1366e8287587ec7f39237537c625c813feae6cffdcb4c829e5ac0bda5c1b746edeb78bc7e1c198ae04f319f0fe41f24c7cbc7c0e3278a349bbf7c804dd729114792d4f81f19f49b2c018e49f43e72eaf5fd4c0ae32f73c0106c2b202152cdb28b21cf2132c6f9c7c583114d7790d397177165952670ccbfc0f4eff26391e8f4faca3536a070470e76d26625a6ec4df17b0fb0923fc31dfc1606f6a9cadaf4718d681d2351ddd138df20ff419c67f684d0d13792c78bfa348e5d76f00503124114034f41283e15ddbe79d5f4e200d5f28ada106334eca95a37fa843aa23236ef3d8aff07df194e8c4396561132379a60c449c5f1b400d2709d5c5f1ee1542790d5843e35f11be0ca4e7caa32c8329320069daea18ab51fad9ae4080d79671d73242278044391b9187eb0c05bbfef7d51bf64275f64ce780b25b509741c695f9e396234e3a67bc6988f05f6ad547371709e50b599179f7fc3def57115b58be578feb01612126bf5d1f08091743b76cd9cac032998adeb68a066387edb528b08d2063c3c504574e3d64ebee51da66e92bc3201baf0fa10bf5686e077a606c2b03a5529c97612b5d299078b99fc644aa101565836991bdcb92afae97b0330fc10c9af1edf05337221c05731246d57f7b063ee01778b99c768c8a8eb07e88f472d53bb59ec1db64191a32e981d384653943289d58970f4785d0081e321e5411bbe8738ee580a36be332a9082126579c797e162a37987a348743225786cf2e4e46f0c0ab0f7c14a6a16dc33e0f7042f203855db6776a3d760846ba5fd2173af04989b2f21cfd7e9e61df98adebef311c1c31f8b14f49c63ce924258af21d2d1766313a60dd23cf1966772551649ed78110d2462e47f14de5eed932bb03d3635f3bcbb8824bfa8b5c77649f097d78ec071b0d09dcdfc2078d0a97f96cb3e32f4cf80da4e07fad909eeabeb5715296ce578ada637a133ada68676e30632acba4f32fd2d23267a685f14a47fad0b36f2940494283a15b30576ff31e2b4472388fe3fecaa2e243818fce1d5de9a0e10aed4dc38a8636bec2ce0d43da7aa2541e8123bc4229ba6f9db4ec6b03c208125be4c389f8e587081209531f3c187077318698b08ace5b1e5a1c5b82633abfb6c4ef2bad7f9e61a142caef3c44dd6b81a9937650f75dfdb6f56bc26edc801fb0f53aa49655ce5f51283d8bb56ba56e9fc9f48395299a4ca4ae5b74398e1be02e2ea0565976ab155ae5df2114301565e23c25595853247dae9c2a598776c44ec0cfc26b3447c20b08424762dd29bfff90cf3f71f0fe933d1b1a29c3f6839858c7993a666401e2a03a1117988b28ae1c82adef8caf1ab564eb445199b57666397a7e7301ccfa9304dbf2854c8b50ab72ce6887e9cd69a647766f87a59d580a19964c9f691fb1eabe8143228bb375cbf12b5167085168ed22de2fee1b26d44324321a632b43d1b7bd13f15b807f1ab259b8456ba5d014fad3876b492b7f14af2ac75cb0f19eef7ad5c3d7f692d81ce1eb3e3fb96200d9253d338cb6d4097f3e6f4f061edcc98994b694b64ce1a266eac23e0506e68d09e4a3d0049420be6e73d684f7566e01bb43c1d51ed2e2c76be592bf4c6cf7471a21ba817f8c708ed76e14d6352e28deb6199bd7ec1232a041c6a655fbc01be4f749def876e0a94275c79bded1eb5bb3f9bfe286e14702e81c0e8a65f4b0a0a7ae62cfd4093a7e0fb07a02ab6a2f005ef538fd56392a3072f8317a1cedcdaecd857cef0f574efca11a6a28fbaa6fa2f6d74676197dec824d96b4ce0cc5999766b4926a6c21e21d4a78f71e87e9a8f1e2c4e3005da888457957377defd70d82fe26041f5399f295d869eb65c8e185a4f853c64603decb3c499a6921534730afbc41c1be57539603f0c1bdc2f61b8d7cfc971fe3fff189faae8411928dc039cb1ee33404544992a7f5646efd1e12d890ef7290ecc5e957a35cc6defb180b8006f8c016621bf17a6546022b9c579e781a66e57bc30d4c5ec8c56c42efce79bb8f203cb3c08133be710f2061879b90905671b346aaf735f2a614e7e46755d35570754e365490e2658090f40c2cb9164b0a1742b3bda5a32a4ebe25166c4ec0b387538362e7998092b1b737370239ef58f1f68f80753146ca2c166119fae83b2c60a19a1461903341d315d5ef8c57473bfd995964dc7b73ca7d35e88589cc7766480c9829ce44af423dcbef90b1ec62d8da8d812ad001e8e67df683dcb9de40db531e9eab3ca59b84689453b40f7df2b04051a6f052f179df5989bcb2e9245d23dee5d9b9ee03ee1ca0cef1b843acf0eb8dacd69047f5afda11b2a7ce274279c8b8a5da4618580f14d6c80bf1a647c90d2ef66395da4a0284427227ed59cc010088f39c12af4fb420683803db81f5ed467508b4e34886ce1550d7e9e29f9c92872d50566726af8b66b10498ce695ebc41573bc9100b6373c53cec7696bb79260d8214390d453d3223b9261c49fca17cf9923d7d1f3ac3abb332f37ddd9d0e09fb4df9305e88fc11f00ca1ddfce8dcc386e05a517c9b42d74629ff2460557107e7d39c0c1938e5b5f1da2dbffb30e3eb77c53d459580077eefb5260d59ad9fba11a66ffa703a3750d5979850acd8644de3c23a5514b4ba922dc20f5911b0d5078a1704f4016c84e39719c280db3ad2cd5f0693c8da07969c239608067fa82aba83d9a3a0f5f3e1f845a27bae1d8708d82eb10c7c205c07234b6e71312d54e878b960c821fd2dd01685143ffad375598dfd10038002a0d9aeceec499669523fb865683cb9379229761ac546e700a26523769ff1432d00073eb387e393d674eeb33a17422b3c0cedd91b3f0802ee59f1307467900c0a919bfaf92578fc18765cfc29cee13da07e821cc26354f5793d9e507cf13fdb55befeb814f4863552cc22440c3e80a61d7db867d72dfb41196bcc020f265fc9beec0004afff442c4a01a772db48a02d2f109a2096ec6d0f938cf8bc0835e07fa180f17cebf8a25b950380be955c4eb6a4f7fc6543a7eee578f800f5137069d08cd04f50cd02580aa7b249156baecd972eb6d8d9ff7598b85c0b0395016ade7107dcc8663c265857fbd7e42b3d4fb7a8c5f58b8befb22530ab47add8ca50611b23770d39a041c7291f30a92873d6c9f193f0bd8a7dc0949d435a3dbd554bf884bee76c3b28b2836e297a7b2dd940e6199b3c14ddf6bf7989eb9f721da9adbd2c754e91304b431c61deff5a7a24107a4f5bbeb1f422fcf10af1f5bcd204deb239c47e93d2f4ac55f4920bb4cbb0c358567ae115bfbcbdb2ff940f0d897fd54e9c198142e5445dc4a6ca4f794e26382394f6f11fc93acc4930cdb6fb39b04867eae0dad3cd2414ca0a1d9d8836a54894697bc3710e1ec9f58b28588a7108e6d8ea098c3e26646818345680dfd4812f89a2b632d2197e8d0d88fe932a1e52a1345d9e9d968e000ccf3658162ca9f50beb08b858a26ffe9cc320bc49cba66582647c5358234d9b38d3e605a2c1c4ddce61dd90070e26fc211d01fbec9fbfcc4cb0c1882014438284303cc80dee1760f631fc66a72d0eb6c6d01a7701a92c2a45613000ce87734f37ecce7774083b8e71dfba4a455516447b4dffe7288d578a37908ce0256d70d07c936a5d21ae223a3197f9cbede4ae983b9356a7073f2b6ba2068556721fd9379041897472c237a0c2007aa8f75a6e145c60a2f0cb7ffda5b6443e2682ec08eea3c851a72aa31508a186185962e79620791a3337abfdf527e513ea287a7b95f2a50f58575aac96af999ce667b1e415545fb931a02282eefad0e9489ec6478218b2a9478aa6060566f2ce636e28ce3d7a6d0c62c340c224efe58b8c99b9d59e6890e858244cf85102a44909645fcd66f57a1e4cde0697e53547aefeadef57db39543bc4b444f1fb5e99d3df8860fa13b91b3c9c47cba2ef823f7739d93f1d59251f2ecbe25b2cd67be1fe37359c5a673564688806154cd28bff8cf321578ef5580b945d208050f13e4429247dadbfeb417519d6b48aeef36e32c656d138191d612b99bcd11225187c41cba1b17b401698a12a3d28f6807be56dee75b93a27a5a120ce4fa25b45a41e2ff5affcd8771ef5efaeba4763fca7f3cadb4a96fd45dc42767dac4efc77aec8803b9edb4e2a3843a5a4936754d42c6bfe35a677aa972873190683712960a9172e75d039ae8f724e51f3770e85efb65dceedbf3e41f5e25244771a004b77777d745ef7401ab7f4586e2c10b0bece0137db9e5285a27621cf0dbe74ddbdeb2904beea55318ff8d65836dd2a57ee5354ac92e7727d2efefa10885184a2647597fb6d482f928baf0be5f83feb05be019268d05e419f58e9e590094a7e3ad7da2aa0fdcd2cfa2f7e7b26750d9049c0402d3def15b15491e1326f71a1d1e4a2a24ff9902f2d0e0e36cfd4314610be7a4e5f6ded81cc6048ee9f4e857f91a131220eedb51838cb1e406c20ef20a5783fb2cfdbaebce5d56a59579b994a0bebf58626e98bc4a7387b9bee07d5dd14a38e27d350cf159200fb2761d8953f1906298c74ee6c78deadd208bb84d3bc074ef127166f6b6c9c6315a76e2606a3aa91b19ae867e3e7372225d8266b6c87aec5fe40af5c816e7771cba0ba9957b6736b6d556daac4c1f60479c7ca81783f6e97509ce609ee07891b79020199018e67c05de3ba577af655ab3b5c79672cfb14c57499558d76f9e1e9681a07acde5064380e0f0446b1e9c2a15cbfdf5fae562884c2bd1f724fec6b0c520aa7df5239c1d54bcbaeb711be9e224eb5aa5dac0df99d8782248f70d9f86c1b576bef030d386beb50ca315c14b768baa013f3b70d85b6fe13bdfe7aa839804a139877c54c5135c920e11404d33a8385559acca5600e96cae8f459bfe295df4198fd19a192ae26c8a694151c70d70d5101b002f2c2580f969571d2cce22218d577b9ec43136e6284953546650b5974da34ad5dd4b0fb1e8e699eb3333e7e3477f21aacd908c69b4d9d092f881039c59c03f4503dfb1dc84f89c16be07b39a0aba23ad387fbb0980809b4147fce3127aaeb40638c889ceda0144189352a3497912daebdde46fb603cec06d9dc6e49fc916c7265c8ef0122f60f46dfd5047f75178e8eed1e2323e67ffbb1de6ca51dfb052862eebc8c81a038906831ae942bbd1148c632af20a06e032f7d91d7a07c740b174d641eee12e66d8db9aa9fadb4004290302d4e35485d9118b4abbb97a2690ec53a1d8555861185f66ec039c627dc74b7b51c7e7754a1391ae29488dce09416116d3e5fb2511865181471a6e8d11febe050358294738931a58326faf5ad405941a8a90cf88b9e155470e4034ad0c3de21c03697d09ce094b5532a77ea66f9c05609f079edac54b310fdd8452a2134ecfddc899f57014754b4783dd4cf190bb957271e9f9f4aa1bf1e792f711c2156cf09015707371a4e88987c25707c5c5a7fc7891b358d1ce9b0ec38983853d0059d5bf5da2c4c5a7e8863ba0b91cb18e94ce20ff72c7cba848355f5afd5e5c086fd16c1647d145cef93f2e7e337f43f67198abff32dc3e624f768ace48bb989e49e02b42bb4831610f561c47b84624f00c011ffee7376ca0b0aa09b048826a40463a6949c47473ac1d524bd808ec7e876822f15512a6814dc335daa536e7148fbfb8200603b882e4c693f5960965e419bb00fe41743084b619cefa3fddf2485e753f1b96de55e3e54cef66885c73dde661978fe65a6966767c9991f030d1dc9b882cd6fbb83181474fb57360a591c2782369d00df5be76697dcc697351006d7fe8363437a220df1cf36f464de3ada90fb8b6c56d607f245a8a8175bbf63fea0c45c8a6462140c285a86ca0bc0b872297c0981bc33c53a0499f849cf9a86db6bb48b87b597f2dd04b29e376a757e070d6b724d7a4ded0a01fd03e58c2d1d7c9bd084c8388e3a193423010e328952c5a62b4100788d1ac5b61c203c31997003d7669f4eff0e01a75d3a06cc7ef7b9a621a93cc6954118d8f7736245665c24ba84f9bf5851c481cac617fbb0ff71f3eaf5441348e61f5e4e7e8bca22d9e91e4a6e843bf02d324c8b55ec8a519b6f95818d84ac9e0f4ec36b7fb44b3db6924bef1a431dde856cecfb479072bc2d97efedb1dfd9fffbcf6dd430899d0fd8dcf33a2c137296d28373cf70984d6ffd823abd4721303c0c4072bd9c0723b7e868290b9e6f2d5b92feb6a4d2ea5dfb31c3a9cae8611a567ade5fc050eb7b74a240ead9a70679e61b4b8ac671695e70879459afd7151bb29655274d7ec3d10766eb919f5dcc648394717507588a95800b0c9969c70b981dd37e1b5702f50f49a67aed32db437746da94c965344e7fda47d36488fd24489f462b8abc2bd08ffc7c54dd7a2d1ebffe3b126565b89b764a289e505411ae846f5b8f9877ffcd70a8a57b3b7dcf8356d774aaa2746f63fd8e9e5e4b6d5b2ea62bdea0a90696608d156623863985f13b312a56960e3d5cd908ce456a2465ac72232fafd4f1c779b8e6707f3b34c5dc1356ae159bcf311d77e15dccb6c094ab12e999e1aea1026afd8c3dafa5f761a7e82bc139951e1cac736d0e3ed163837b3e8a120df674355c32a17efb6d126beda38ac57722f16e5e2ff5a5979b219e6a886f3cb853291cb5c835d591b6229ae938cb59ac73caaff0a1e13f6efb4a3e1385fc8fe77a33a189cf1b1a5eed06bee4d5237aafdede0f3c883f64ceaed04d88ac0e3738f89f7eba17fa71ea5bdad5af6c2a3c281c6762cc70f277361aec24a666ccfd95a8cc9af0dbb331f840e1990083cf648f7068808f903f281e6222d3ea6da539d047f6309d2d0c0d1fc9b7e2b2b7d082432f8d819f923f54e2ffff2e1504c3f7b17a9b19c32bed9ef376fe6d0d0647f9be85c617eacc82cf9ec9a9c901cc4088fa90e1abbb6f1340e34e4445313922286d5d1e655da8b42e799eb04a8f766d88ae24dcbe9f589104ee2c83335d6b3a498fd236fdd26c1b8e72258925de84861e3946a389bbce2d87e044d242ce9684afaf75ff20306db09dfead4481c844dbba005146a50dfbe3b4d939d3bb587a00daefb7db1f1cfe616c0528941d28cae06f057650475dad0fd3be6e85f5693b32636e8677634fb17ed60379b9a74a22f0abb12f74f2084c8bff00afd1e7ccc43a3b08ecabc1aa4a722e1f3b1c2510476e643df4b4a6f069e8029c975f471c89a3c0c49c63c6c0899950ea89f6d692a0f2e2e7a8e828f7e9cadda537119db284505380296a689a7bc168da713671c3d47af2ac32e53a05796ae11afc14d87f2daae13201275228d0d536d72cd43580726378be6b9a7b4e56670998adf46cbcb2a61d5daffc57acbc682d1e1716409527db61a11bf2d0b6b8ec8ac9a6fb553935329ba9f877b1019d1bea3ea0e98d65b830765e50786a2dc0600000061efc79e406155f2e6df3187b0a22864cbd5ee9d29c0ed153fd2751ce7d6cc9178481c0a3806791f6e4be674352a76eeffcf07dc867fac687933d2b7597008c2614a2e0157cad1f7bcf75a3e98bfafa4addf57db94421b54c8e3580c554c11b15e9f10a33c21e430bf3e13f3fcea6b17ce4d7f32ac0ecc9540b1deebb0b73bcb56f9632cced1b0f5f1ba4a9fa5100e8916bb7f47f71e5fc4cc46b344dadc9a9bc1a470583490a6304b374da44a179533dc00f3614678b292841b47f34dde4f08f0f86fd50f4a6984bed2a1d8dbb49f987dc196180aa6797f8b9cf739a5b6b940c841346ed2189f76733ddad49787b44737ffd2179ce2d3c9b94332014ee0f3882f62ab697d09dd37cb5d602e1fb24fef4309e72e76cb43a2bdcfd5ba97ff84f19801aba142c1be10851cf937d4cef92423d630646b1c9ae3580907c84db42ec4132cb9702781760c5a7d3aadc0395bdd0b7dce7bbdf8cfe6610dd7187ae6534cdf6267f8e9423e9805bab23e22169f9af3312cbea92d784a343419e4f038d1547625e13258e2f7330c75adf5d810efd666ca9b93368ae3a745113f125f961a0ca79287c3eba8ac2a81e7ea5b66bbd04b5e12a9e73f776ff17bbb3deb2473e10a284ec98e9e52c178cff024e1885b86ef7559227e033ec4f8074e513d85b50810b158e9dc1d42a810251443b44f325dcca8e47f7b1dfcdccdca14947083a9377694bef2acc5af03e63edcd03f54bb53c0cb8769d1a009f096de7f43c79eb83d2f360fd5118f4ca54367389b9b3c68e0f655a25328585cd27d3d908787ff816968da7769838e26bb215e6823d987f09f3d5cea873c788d667e92fd590463c579bcccd21b0edc12eab5c6939487baa24a1e22ceff90b9d6587d6b7bd69a15efa818e30f3b65c4234de7951ba94f0e6726d1237e0168b2044b7067de2c0766e1d3502094ccf35d0882a09e9f50d7d20e3ac8ecfe6e1c0606fc750dd9f340a7776d2eeb6eb5e50823a82f308eaf3ad5908baf58a780759d6ae8022aaddcd599c427dde8d986f14fb433b5b351edf64e943f1fcc31a0e1fb7c077557d9581d91e9ce1f71193db30cc42d280517b8de8818dc1477882039247841870285cf1e1da4c443b83b5c791b0a8eaf697f571e7c3d51baf0cd27dfb809cb31df5f714051f5a9a83789102641f7d345bb18641f0eb4c8a168ad8f056662ef7565906a71ba7a79ce9f0853054655c432dcf32b78b7b3b4bdc5b40092da20b5a8859b4d2b863f94e21fcd70425177e6dd9a64b2ab690e14ccee1374a7815f06a5f09de4f6043d2b39fddcef29e92910a6eea18ced41c1bedfcdee1089ec2deee3ad76b7cabd255b1a2a53f7575f459e0230c018165747126060172d5f13816edc644972a072a7e401d439dad958949ef477d8a2b5e5899a8ea8846cbc7b335b78c7f2644c8c69a1e6b254f58b8aa7a7885c4234bfd962352c311a007c2a7bb5a8e34202dd52692304624117be8ce6f110782767587aa4943a9ddbb960b7e00396fdbabcddd4854e0313daa94422601af0462314c173afc2528db6052e221dc59d594f89e7c9452b5c605b5955b469482d5135cfbf2d0d3b455508d9f40f37eca2b11fbac931f4e2ebcc9bc690de80641ce0213689946735ea8473f6c89e24f5246d22ebb22dd377ef43579702cd3d80650e14766ce7a37a8823841967b650a7a3a347a6f0b2ba7d8bb1e9fded9cd7e2b47742fd726d07447de92ae4b02db7c30a7e065b2d05ff5ff5709b7cf283606903f80e99810799780780d6a28cdda40505d3a4df0996b9d9bb237477cac4fdd3fa1717c9365ac7318de52070fc91861db4624f83dc374690209ae7ff09a0d2aae536937cd86ddd187bace3b7b42974e81cbe54fc011ca1817c1323cd0914ea96b6e7ebb10b7213a51a34b3bba4c129d571ca9f41a6aa41ce336bca6911f24f45cbb4122e1100a559a3e580957dcdf5f14bb32154ed64f250f480b282f5fe9ee65621093d370682afd2b8f37a7e9aaab1447c5162887f3d0f6c74959938c0716ab03dd242f967f574df9cd25cfd64bcb2e6f5788530e761711990778960bd7a828497cec05da36777433fb27bd80d517f6850c46d84b101ea644b596d352714945d6e31b2c43c1acb4e09e443fe51890559a0dd049dbe33d375e46f008bb5ee4af3a7609120cb5498a7aa33fd64f7b3e18170cfe1875cb6e25ce1dc78d04130894d757b66da2349a7f038c747138b0eaf0f2fa933ef7f51dfedb586bc0f49c76860f46009e28ab730290080e0483c70635da84b373e7413fa576e2a3e464c1d2432b3fe5e1a08e06e004d6c47948da8f8290db7ef807a23aabce4fc3e2164be066a721a7ace91f82ceecf3a1339d60134e410dee712bc5585c2ad61389ddeb49bf8679112d537418f9d2379c4bc56850fc400c6ba0b3f9252d43bf5271167adea041bc537b33d22a6c7226a6b9897aa1d34a35198f151865243de05435a58716e5f8a864e01ebe6ec6fd841210b5a1c39027f59e3df97b3090ea6a0e7113bd1ee146e174aec4139bbf6f9fdd7b6dc5d92ee3b4d5044db49e04a90a820993bda6858c36e414e8fa033cb86c58ca687043a0754d0a96cd9833f188cb5b9ca73f412a81dc92b3b88f8585fc357129ab44fcd3c04d46aa09b6373539e784aa546106b7a7472829206a5a1df78df26d0cc691d158136da9661990109e74d75e866388e2fbc8a905c5e939e56a09bb168954ddac4be6f1b9770137440129c4328246cb71bcfc2e95925616fba756806fac7b4256597a837bd170674fa678d8bb70c9c50c4d62ed7bab199363854d073f50758f89d2670b39ba58e16267aa45f69367e003e3ee1899f7400580b375984dd040ab6eab1ec0fcd3ffa536004727ae17dc4cd76d4c2534bd50b92a5e1039e4cceeeb7e48cf347314db3534c6e835d94315fe129bdfbaaf4ab528d20fc0c802eebba43b81d31f2f25079057e25f3fab4bb1b61a8380694e586a5d248fdd0b30a54794eb3852267ea6e5b6d3dcec4e3c889ff42759c96f535f5330b1d869bdc41592791dc4a56f9de48e90182bcf0af670155b79291e811fee0098a39d12f6001f71547bed9f07a10ad3d8054dc5cabfa30feadcf25c851a64fa03d75c0f2e57f9887c9606707005d6d1fb9dee4b4ae52637ae6d963f6c3409e8506c165ae21185f04c55e7bc5af51de5b561a3493f2d7b30ec26bb8a03e4493d27de6608ede356b6b62111c25f446f4fac3056c70f762919f021d7bc4c1470ece9776dac82ed0678c88cd3c8fcd92de28e0ce9a091405f9b8f2d3aac3a78553f47b75b6d91cf53e4e93857b55edfc7afe956b264067d9a0591acd3f6b32ddd93de8ddc046ff55d1f41de1021ce62c988fb378e9e4e1efdc428dbccacf0fa8232a52673aa67ac0251bed7ec2eddad07ed57d9cc6a735171cc180544a8ba5887f7cb588474897376c3b5d0b633a54ea821f2117ef8bf9d4f509bd6487042b0208069d44aceff75f49fe3ab2a39069ec0ac2f3dbee0b982b8f04013ed2e99907030eff31be0b847bbc818f68103e8c24d99f8fee0fdd968751ee3482e90c210ee47cb2f6b5e5fb87248ed281dad438af5808128f83a3b602a2238632d3067e19a764b4386e726bbe17b70499c5b381d94d83c9ff03667f3b6cb8505efc134a7e2c1460349f0efe1b5ef15519445d5f4c146a1af51a164353733f8dd16704f462fdd309cdc5aa1d6be35643cbb94e3872d82c9ded4f3a287d199e6bf2a35567bc382b34957b8730b0dd9400", 0x2000, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a80)={0x90, 0x0, 0x0, {0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x2000, r3}}}, 0x0, 0x0, 0x0, 0x0})
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x3, 0x0, @loopback}, 0x1c)
getpid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000140)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x80, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0}, 0x90)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000001c000000000000002300850000000700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r5 = dup2(r4, r4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r5}, 0x10)

389.026798ms ago: executing program 0 (id=1061):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2d)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000030000008500000086000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})

348.628062ms ago: executing program 1 (id=1062):
r0 = socket$netlink(0x10, 0x3, 0x8ab0117d794ff86)
setsockopt$sock_int(r0, 0x1, 0x8, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000480, &(0x7f0000000080), 0x1, 0x7a9, &(0x7f0000001a00)="$eJzs3c9rG9kdAPDvyLIdO2ntQqFNToZCawiR49RNWughpYdSaCDQnpsIWTGpZStYcoiNoQml0EuhLT0U2kvO/ZHeeu3uXnf/iz0sCdldJ6yXPSxeRh7Zciw5tmNJ3vXnA2O9NzPye1+9+fFG89AEcGpNpH9yEecj4k9JxFg2P4mIwUYqH3F9a72NoYhYXyslsbn5y4+Sxjov19dK0fKe1Nks8+2IePv3ERdze8utrazOFyuV8lKWn6ov3JuqraxeurtQnCvPlRevTs/MXLn2g2tX3yi8r7dmPnlv9dyzP//se/+5/tnvvvXkj+8kcT3OZcta4zguEzGRfSaD6Ue4y0+Pu7A+S/pdAY4k3TUHtvbyOB9jMdBIdTDSy5oBAN3y24jYBABOmcT5HwBOmeb3AC/X10rZdKG/30j01vOfRMSZrfg3smlrST67Z3emcR909GWy685IEhHjx1D+RET843+//lc6RZfuQwK08/BRRNwen2g5/mfHn2TPmIXDurzfws3hxsvEK7Md/6B3/p/2f364q/+X7X+57f5PtOn/DLfZd4/i9ft/7ukxFNNR2v/7cURs7On/bQ9aGx/Icl9r9PkGkzt3K+XL2eCyyRgcTvPTjVXbj4KafPH5i07lt/b/Pv7Lb/6Zlp++7qyRe5of3v2e2WK9+KZxNz1/FHEh3y7+ZLv9kw7935sHLOPnP/rD3zstS+NP421Oe+Pvrs3HEd9t2/47bZnsOz5xqrE5TDU3ijb++/7fRndyu8dXtbZ/OqXlN68FeiFt/9H94x9PWsdr1g5fxruPx97qtOz18bff/oeSXzXSQ9m8B8V6fWk6Yij5xd75V3be28w310/jn/xO+/1/v+0/vSa8fcD4888+/PfR4++uNP7ZQ7X/4RNPNuYHOpV/sPafaaQmszkHOf7t1CK/Z05r4qifGwAAAAAAAAAAAAAAAAAAAAAAAAAcRi4izkWSK2ync7lCYesZ3t+M0VylWqtfvFNdXpyNxrOyx2Mw1/ypy7GW30Odzn4Pv5m/8kr++xHxjYj46/BII18oVSuz/Q4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADJnOzz/P/XBcL9rBwB0zZl+VwAA6DnnfwA4fQ53/h/pWj0AgN5x/Q8Ap8+Bz/+3u1sPAKB3Dn39n+9OPQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPjKunnjRjptfrq+Vkrzs/dXluer9y/NlmvzhYXlUqFUXbpXmKtW5yrlQqm60PEfPdx6qVSr92ZicfnBVL1cq0/VVlZvLVSXF+u37i4U58q3yoM9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADq62sjpfrFTKSxL7JkZORjVOTCIf88XKWN+r0bm94kRU40ucaD1KjPTvAAUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwwn0RAAD//wBtIzw=")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_sys\x00', 0x275a, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = eventfd(0xb)
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000980))
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)
write$binfmt_script(r1, &(0x7f0000000040)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cpu.stat\x00', 0x275a, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
preadv(r4, 0x0, 0x0, 0x6, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180600"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)

186.840255ms ago: executing program 0 (id=1063):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r1=>r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000008000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='consume_skb\x00', r3}, 0x10)
syz_clone(0x40089000, 0x0, 0x0, 0x0, 0x0, 0x0)

149.683268ms ago: executing program 3 (id=1064):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000040)=0x1000, 0x4)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000180)=0x80000039f8, 0x4)
sendto$inet6(r0, &(0x7f0000000000)="8d", 0x1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000049c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000014c0)=""/185, 0x10}}], 0x1, 0x12040, 0x0)

35.065637ms ago: executing program 3 (id=1065):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000086"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x10)
syz_emit_ethernet(0x6e, &(0x7f0000000080)={@broadcast, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x38, 0x3a, 0x0, @local, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x7d0, {0x0, 0x6, "8cb02b", 0x0, 0x2f, 0x0, @loopback, @local, [@srh]}}}}}}}, 0x0)

34.461767ms ago: executing program 3 (id=1066):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000540)='./file2\x00', 0x808d, &(0x7f00000000c0), 0xfe, 0x504, &(0x7f0000000a80)="$eJzs3c9vG1kdAPDvTOJukmZxFjgsK7Gs2EVJBHWSDd2NOCwgITitBCz3EhI3iuLEVeLsNtEKUvUPQEIIkLjAiQsSfwAI9cQZIVWCOwIEQtDCgUNhkO1xmho7cVX/QM7nI73OD9v5fl/ceZ733sQTwKX1SkQsRESWZdliRBTz/Wle4qRZ6s97+OD9jXpJIsve+VsSSXPfTOtnPZcvr+Yvm4qIr34p4hvJ/8Y9ODreWa9Uyvv59lJtN3mUZcfXtnfXt8pb5b3V1ZU31t5cu7623Jd6zkXEW1/40/e+/ZMvvvXLT733+xt/Wfhms4JN9Xr1JVCbZtULjd9Fy2RE7A8i2IhMNmrYdH3EuQAAcL76+f4HI+LjEbEYxZhonM0BAAAA4yT77Gw8SprzfwAAAMB4SiNiNpK01LyMM2YjTUul5jW8H46ZtFI9qH0yK56OF8xFIb25XSkv59cOzEUhqW+v5NfYtrZfb9tejYgXIuK7xenGdmmjWtkc5cAHAAAAXCJXH/f/G38O+89is/8PAAAAjJm5UScAAAAADJz+PwAAAIw//X8AAAAYa19+++16yVr3v9589+hwp/rutc3ywU5p93CjtFHdv1Xaqla3Gt/Zt3vRz6tUq7c+HXuHt5dq5YPa0sHR8Y3d6uFe7cb2E7fABgAAAIbohY/d+10SESefmU5b+67ky0JENnH2yZNDTw8YoLR9x3mjdH8cbC7AcE2MOgFgZJ76lP5XvxhMIsDQFUadADByF7UDXYcFft3/XAAAgMGY/8jp/H+jxJn5/2SkmQGDls//J451uHzM/8Pl1cv83+LdISQCDF3hvDMAnQIYe2kPh/qzz/9n2VMlBQAA9N1soyRpKe8HzEaalkoRzzduC1BIbm5XyssR8YGI+G2x8Fx9e6XxysTwAAAAAAAAAAAAAAAAAAAAAAAAAAD0KMuSyAAAAICxFpH+Ocnv/zVffG22fXzgSvKvYmMZEe/98J3v316v1fZX6vv/frq/9oN8/+ujGMEAAAAA2rX66a1+PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD008MH72+0yjDj/vXzETHXKf5kTDWWU1GIiJl/JDF55nVJREz0If7JnYh4sVP8pJ5WzOVZtMdPI2J6xPGv9iE+XGb36u3P5zodf2m80lh2Pv4m8/Ksurd/6Wn7N9Gl/Xu+xxgv3f/ZUtf4dyJemuzc/rTiJ13iv9pj/K9/7fi422PZjyPmO37+JE/EWqrt3lo6ODq+tr27vlXeKu+trq68sfbm2vW15aWb25Vy/m/HGN/56M//c179Z7rEn7ug/q/1WP9/37/94EPN1ULbQ4X4UZYtvNr5/X+x+RtqOBu/9dn3ifxzoL4931o/aa6f9fJPf/PyefXf7FL/i97/hR7rv/iVu3/o8akAwBAcHB3vrFcq5f1xW7ny/5GGlfrKdAwx6Hp0fijN/8sPre7fygMOI9ZU32ONqEECAAAG5vFJfz6BAAAAAAAAAAAAAAAAAAAAAAzdRV8DFn34OrH2mCejqSoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLn+GwAA//+6zNbf")
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x5)
r1 = getpid()
sched_setaffinity(0x0, 0xfffffffffffffd74, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
syz_open_dev$tty1(0xc, 0x4, 0x4)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r4, 0x0, 0x20000000}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000580)=ANY=[@ANYRES32=r4, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0xb}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000001c0)=@generic={0x0, r5}, 0x18)
syz_open_dev$usbfs(0x0, 0x205, 0x8401)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f00000000c0)={{}, 'syz0\x00'})
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_GET_SYSNAME(r0, 0x8040552c, 0x0)

0s ago: executing program 1 (id=1067):
mount$incfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0x7, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x90)
socket$inet6(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000005000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r4, 0x0, 0x0)
write$binfmt_script(r4, 0x0, 0x0)
mkdir(0x0, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
open_tree(0xffffffffffffffff, 0x0, 0x0)

kernel console output (not intermixed with test programs):

00 48 c7 c2 a8 ff ff ff f7 d8
[   89.107254][  T292] RSP: 002b:00007ffca5fa76e8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[   89.115492][  T292] RAX: ffffffffffffffda RBX: 00005555557234e0 RCX: 00007f8d191ac013
[   89.123303][  T292] RDX: 0000000000008000 RSI: 00005555557234e0 RDI: 0000000000000005
[   89.131116][  T292] RBP: 00005555557234b4 R08: 0000000000000000 R09: 0000000000000000
[   89.138928][  T292] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[   89.146736][  T292] R13: 0000000000000010 R14: 00005555557234b0 R15: 00007ffca5fa9990
[   89.154555][  T292]  </TASK>
[   89.161599][  T292] syz-executor: attempt to access beyond end of device
[   89.161599][  T292] loop0: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[   89.161938][    T6] usb 4-1: USB disconnect, device number 4
[   89.175722][  T292] syz-executor: attempt to access beyond end of device
[   89.175722][  T292] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427
[   89.205948][   T10] kworker/u4:1: attempt to access beyond end of device
[   89.205948][   T10] loop0: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[   89.280784][   T10] tipc: Disabling bearer <udp:syz1>
[   89.286143][   T10] tipc: Left network mode
[   89.290864][  T449] usbhid 5-1:0.0: can't add hid device: -71
[   89.296851][  T449] usbhid: probe of 5-1:0.0 failed with error -71
[   89.306808][  T449] usb 5-1: USB disconnect, device number 4
[   89.678097][   T24] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[   89.778276][   T24] usbhid 3-1:0.0: can't add hid device: -71
[   89.784536][   T24] usbhid: probe of 3-1:0.0 failed with error -71
[   89.853867][   T24] usb 3-1: USB disconnect, device number 7
[   89.950753][ T1874] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.962131][ T1874] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.969515][ T1874] device bridge_slave_0 entered promiscuous mode
[   89.976395][ T1874] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.983363][ T1874] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.991081][ T1874] device bridge_slave_1 entered promiscuous mode
[   90.012828][ T1884] loop3: detected capacity change from 0 to 256
[   90.028180][ T1884] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[   90.093847][ T1874] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.100729][ T1874] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.107835][ T1874] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.114610][ T1874] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.129615][ T1890] loop1: detected capacity change from 0 to 512
[   90.143550][ T1890] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   90.144828][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   90.152112][ T1890] EXT4-fs (loop1): orphan cleanup on readonly fs
[   90.164902][ T1890] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #16: comm syz.1.477: casefold flag without casefold feature
[   90.177643][ T1890] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #16: comm syz.1.477: unexpected EA_INODE flag
[   90.188858][    T6] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.189336][ T1890] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.477: couldn't read orphan inode 16 (err -117)
[   90.207718][ T1890] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   90.208220][    T6] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.244364][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   90.252590][    T6] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.259470][    T6] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.268941][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   90.277199][    T6] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.284069][    T6] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.291759][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   90.299677][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   90.320454][   T10] device bridge_slave_1 left promiscuous mode
[   90.326476][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.333984][   T10] device bridge_slave_0 left promiscuous mode
[   90.340073][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.347456][   T10] device veth1_macvtap left promiscuous mode
[   90.353346][   T10] device veth0_vlan left promiscuous mode
[   90.489434][ T1895] input: syz0 as /devices/virtual/input/input59
[   90.788057][   T24] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[   90.820557][ T1834] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   90.830301][ T1834] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   90.852154][ T1874] device veth0_vlan entered promiscuous mode
[   90.858519][ T1191] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   90.866672][ T1191] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   90.882489][ T1874] device veth1_macvtap entered promiscuous mode
[   90.890706][ T1191] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   90.899978][ T1191] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   90.902290][ T1904] loop3: detected capacity change from 0 to 512
[   90.907277][ T1191] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   90.921162][ T1191] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   90.929803][ T1191] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   90.934016][ T1904] EXT4-fs (loop3): Test dummy encryption mode enabled
[   90.948294][ T1904] EXT4-fs error (device loop3): __ext4_iget:5046: inode #11: block 1: comm syz.3.482: invalid block
[   90.960107][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   90.970721][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   90.979582][ T1904] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.482: couldn't read orphan inode 11 (err -117)
[   90.991346][ T1904] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   90.992832][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   91.023031][ T1904] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[   91.034383][  T290] EXT4-fs (loop1): unmounting filesystem.
[   91.040543][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   91.074710][  T288] EXT4-fs (loop3): unmounting filesystem.
[   91.102062][   T24] usb 3-1: Using ep0 maxpacket: 16
[   91.645840][   T28] kauditd_printk_skb: 104 callbacks suppressed
[   91.645895][   T28] audit: type=1400 audit(1724088052.451:634): avc:  denied  { name_bind } for  pid=1914 comm="syz.1.485" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   91.687718][   T28] audit: type=1400 audit(1724088052.451:635): avc:  denied  { node_bind } for  pid=1914 comm="syz.1.485" saddr=::1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   91.804982][ T1191] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   91.900568][   T24] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[   91.909756][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   91.917620][   T24] usb 3-1: Product: syz
[   92.118082][ T1935] input: syz1 as /devices/virtual/input/input60
[   92.276353][   T24] usb 3-1: Manufacturer: syz
[   92.284887][   T24] usb 3-1: SerialNumber: syz
[   92.301641][   T24] r8152-cfgselector 3-1: config 0 descriptor??
[   92.418249][ T1191] usb 5-1: Using ep0 maxpacket: 8
[   92.548083][ T1191] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   92.559167][ T1191] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   92.568721][ T1191] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[   92.581302][ T1191] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2c24, bcdDevice= 0.00
[   92.590177][ T1191] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   92.602800][ T1191] usb 5-1: config 0 descriptor??
[   92.608973][   T28] audit: type=1400 audit(1724088053.501:636): avc:  denied  { bind } for  pid=1897 comm="syz.2.479" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   92.628195][   T28] audit: type=1400 audit(1724088053.501:637): avc:  denied  { listen } for  pid=1897 comm="syz.2.479" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   92.647516][   T28] audit: type=1400 audit(1724088053.501:638): avc:  denied  { write } for  pid=1897 comm="syz.2.479" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   92.666758][   T28] audit: type=1400 audit(1724088053.501:639): avc:  denied  { accept } for  pid=1897 comm="syz.2.479" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   92.738068][   T24] r8152-cfgselector 3-1: Unknown version 0x0000
[   92.762321][   T24] r8152-cfgselector 3-1: Unknown version 0x0000
[   92.768502][   T24] r8152-cfgselector 3-1: bad CDC descriptors
[   92.817868][   T24] r8152-cfgselector 3-1: Unknown version 0x0000
[   92.824838][   T24] r8152-cfgselector 3-1: USB disconnect, device number 8
[   92.946151][   T28] audit: type=1400 audit(1724088053.831:640): avc:  denied  { ioctl } for  pid=1943 comm="syz.1.492" path="/97/file0/.pending_reads" dev="incremental-fs" ino=2 ioctlcmd=0x6723 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   93.229028][   T28] audit: type=1400 audit(1724088054.121:641): avc:  denied  { create } for  pid=1953 comm="syz.3.496" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   93.249190][   T28] audit: type=1400 audit(1724088054.141:642): avc:  granted  { setsecparam } for  pid=1953 comm="syz.3.496" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[   93.289674][   T28] audit: type=1400 audit(1724088054.181:643): avc:  denied  { execute } for  pid=1958 comm="syz.2.498" path="/97/bus" dev="tmpfs" ino=533 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   93.311790][ T1191] usbhid 5-1:0.0: can't add hid device: -71
[   93.317582][ T1191] usbhid: probe of 5-1:0.0 failed with error -71
[   93.330932][ T1191] usb 5-1: USB disconnect, device number 5
[   93.416050][ T1956] loop0: detected capacity change from 0 to 40427
[   93.429544][ T1956] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   93.437129][ T1956] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   93.445957][ T1956] F2FS-fs (loop0): invalid crc value
[   93.458845][ T1956] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[   93.489860][ T1956] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   93.496789][ T1956] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   93.706710][ T1968] input: syz0 as /devices/virtual/input/input61
[   95.924304][ T1978] syz.0.497: attempt to access beyond end of device
[   95.924304][ T1978] loop0: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[   96.226790][ T1995] netlink: 112 bytes leftover after parsing attributes in process `syz.4.508'.
[   96.336226][ T1999] input: syz0 as /devices/virtual/input/input62
[   96.528064][   T24] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[   96.566014][ T2005] loop4: detected capacity change from 0 to 128
[   96.572521][ T2005] EXT4-fs: dax option not supported
[   96.768035][   T24] usb 4-1: Using ep0 maxpacket: 8
[   96.888091][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   96.904402][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   96.925340][   T24] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[   96.945554][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   96.965917][   T24] usb 4-1: config 0 descriptor??
[   97.021439][   T28] kauditd_printk_skb: 4 callbacks suppressed
[   97.021453][   T28] audit: type=1400 audit(1724088057.911:648): avc:  denied  { create } for  pid=2010 comm="syz.1.512" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   97.119740][   T28] audit: type=1400 audit(1724088057.911:649): avc:  denied  { write } for  pid=2010 comm="syz.1.512" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   97.746045][ T2024] input: syz0 as /devices/virtual/input/input63
[   98.089415][   T24] kone 0003:1E7D:2CED.000B: collection stack underflow
[   98.097232][   T24] kone 0003:1E7D:2CED.000B: item 0 1 0 12 parsing failed
[   98.116950][   T24] kone 0003:1E7D:2CED.000B: parse failed
[   98.123644][   T24] kone: probe of 0003:1E7D:2CED.000B failed with error -22
[   98.478100][   T28] audit: type=1400 audit(1724088059.351:650): avc:  denied  { bpf } for  pid=2027 comm="syz.1.516" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   98.483198][   T24] usb 4-1: USB disconnect, device number 5
[   98.511213][   T28] audit: type=1400 audit(1724088059.351:651): avc:  denied  { map_create } for  pid=2027 comm="syz.1.516" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   98.563131][ T2035] device syzkaller0 entered promiscuous mode
[   98.586103][   T28] audit: type=1400 audit(1724088059.351:652): avc:  denied  { map_read map_write } for  pid=2027 comm="syz.1.516" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   98.610350][   T28] audit: type=1400 audit(1724088059.351:653): avc:  denied  { prog_load } for  pid=2027 comm="syz.1.516" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   98.629660][   T28] audit: type=1400 audit(1724088059.351:654): avc:  denied  { perfmon } for  pid=2027 comm="syz.1.516" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   98.650900][   T28] audit: type=1400 audit(1724088059.361:655): avc:  denied  { read write } for  pid=1874 comm="syz-executor" name="loop0" dev="devtmpfs" ino=114 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   98.677065][   T28] audit: type=1400 audit(1724088059.361:656): avc:  denied  { open } for  pid=1874 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=114 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   98.694671][ T2044] fuse: Bad value for 'rootmode'
[   98.710794][   T28] audit: type=1400 audit(1724088059.361:657): avc:  denied  { ioctl } for  pid=1874 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=114 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   99.012331][ T2059] loop0: detected capacity change from 0 to 128
[   99.018816][ T2059] EXT4-fs: dax option not supported
[   99.104737][ T1312] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   99.215653][ T2057] loop1: detected capacity change from 0 to 40427
[   99.222909][ T2057] F2FS-fs (loop1): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[   99.238926][ T2057] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   99.338673][ T2064] input: syz0 as /devices/virtual/input/input64
[   99.478766][ T2057] F2FS-fs (loop1): invalid crc value
[   99.492528][ T2057] F2FS-fs (loop1): Found nat_bits in checkpoint
[   99.544812][ T2057] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   99.554403][ T2057] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   99.571803][ T2079] loop4: detected capacity change from 0 to 1024
[   99.579019][ T2079] EXT4-fs: Ignoring removed orlov option
[   99.585693][ T2079] EXT4-fs: Ignoring removed nomblk_io_submit option
[   99.612120][ T2083] fuse: Unknown parameter 'use00000000000000000000'
[   99.619051][ T2079] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   99.727009][  T289] EXT4-fs (loop4): unmounting filesystem.
[  100.012919][ T2091] futex_wake_op: syz.1.526 tries to shift op by -1; fix this program
[  100.032896][ T2097] loop0: detected capacity change from 0 to 128
[  100.088520][ T2095] loop3: detected capacity change from 0 to 4096
[  100.116854][ T2095] EXT4-fs: Ignoring removed oldalloc option
[  100.153984][ T2095] EXT4-fs (loop3): Test dummy encryption mode enabled
[  100.167728][ T2095] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  100.317085][ T2105] loop4: detected capacity change from 0 to 2048
[  100.398534][ T2105]  loop4: p3 < > p4 < >
[  100.402621][ T2105] loop4: partition table partially beyond EOD, truncated
[  100.410105][ T2105] loop4: p3 start 4284289 is beyond EOD, truncated
[  100.538742][ T2108] device pim6reg1 entered promiscuous mode
[  100.546158][  T290] F2FS-fs (loop1): access invalid blkaddr:2048
[  100.552360][  T290] CPU: 0 PID: 290 Comm: syz-executor Tainted: G        W          6.1.90-syzkaller-00020-gd6a513a78492 #0
[  100.563462][  T290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  100.573358][  T290] Call Trace:
[  100.576493][  T290]  <TASK>
[  100.579261][  T290]  dump_stack_lvl+0x151/0x1b7
[  100.583782][  T290]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  100.589067][  T290]  ? f2fs_get_next_page_offset+0x770/0x770
[  100.594710][  T290]  dump_stack+0x15/0x1c
[  100.598702][  T290]  __f2fs_is_valid_blkaddr+0xda6/0x1450
[  100.604088][  T290]  f2fs_is_valid_blkaddr+0x25/0x30
[  100.609029][  T290]  f2fs_map_blocks+0xd32/0x43a0
[  100.613719][  T290]  ? mempool_alloc_slab+0x1d/0x30
[  100.618580][  T290]  ? f2fs_map_lock+0x260/0x260
[  100.623176][  T290]  ? xa_load+0x1a1/0x210
[  100.627255][  T290]  ? xas_find_conflict+0x8c0/0x8c0
[  100.632204][  T290]  ? folio_unlock+0x5c/0x70
[  100.636544][  T290]  f2fs_mpage_readpages+0xc65/0x20f0
[  100.641665][  T290]  ? get_page_from_freelist+0x27ea/0x2870
[  100.647220][  T290]  ? xas_load+0x39d/0x3b0
[  100.651395][  T290]  ? dquot_release_reservation_block+0xa0/0xa0
[  100.657369][  T290]  ? __this_cpu_preempt_check+0x13/0x20
[  100.662756][  T290]  ? memcg_rstat_updated+0x4f/0x110
[  100.667799][  T290]  f2fs_readahead+0xfd/0x250
[  100.672218][  T290]  ? blk_start_plug+0x9c/0x130
[  100.676810][  T290]  read_pages+0x1be/0xd40
[  100.680978][  T290]  ? workingset_activation+0x430/0x430
[  100.686301][  T290]  ? folio_add_lru+0x280/0x3f0
[  100.690872][  T290]  ? page_cache_ra_unbounded+0x690/0x690
[  100.696337][  T290]  ? filemap_add_folio+0x18f/0x200
[  100.701286][  T290]  ? __filemap_add_folio+0xd10/0xd10
[  100.706414][  T290]  page_cache_ra_unbounded+0x4c1/0x690
[  100.711704][  T290]  ? readahead_gfp_mask+0x190/0x190
[  100.716735][  T290]  ? __kernel_text_address+0xd/0x40
[  100.721809][  T290]  ? unwind_get_return_address+0x4d/0x90
[  100.727237][  T290]  page_cache_ra_order+0x928/0xb30
[  100.732293][  T290]  ? do_page_cache_ra+0x110/0x110
[  100.737151][  T290]  ? __stack_depot_save+0x36/0x480
[  100.742095][  T290]  ? putname+0xfa/0x150
[  100.746088][  T290]  ondemand_readahead+0x91a/0xee0
[  100.750946][  T290]  ? kasan_set_track+0x4b/0x70
[  100.755547][  T290]  ? kasan_save_free_info+0x2b/0x40
[  100.760580][  T290]  ? ____kasan_slab_free+0x131/0x180
[  100.765706][  T290]  ? do_syscall_64+0x3b/0xb0
[  100.770132][  T290]  ? page_cache_sync_ra+0x450/0x450
[  100.775164][  T290]  ? blk_cgroup_congested+0x132/0x150
[  100.780370][  T290]  page_cache_sync_ra+0x3d6/0x450
[  100.785233][  T290]  f2fs_readdir+0x599/0xc10
[  100.789578][  T290]  ? f2fs_fill_dentries+0xd00/0xd00
[  100.794609][  T290]  ? __this_cpu_preempt_check+0x13/0x20
[  100.799985][  T290]  ? memcg_rstat_updated+0x4f/0x110
[  100.805024][  T290]  ? security_file_permission+0x86/0xb0
[  100.810402][  T290]  iterate_dir+0x265/0x610
[  100.814655][  T290]  ? f2fs_fill_dentries+0xd00/0xd00
[  100.819699][  T290]  __se_sys_getdents64+0x1c1/0x460
[  100.824640][  T290]  ? __x64_sys_getdents64+0x90/0x90
[  100.829669][  T290]  ? filldir+0x670/0x670
[  100.833757][  T290]  ? debug_smp_processor_id+0x17/0x20
[  100.838962][  T290]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  100.844869][  T290]  ? exit_to_user_mode_prepare+0x39/0xa0
[  100.850327][  T290]  __x64_sys_getdents64+0x7b/0x90
[  100.855188][  T290]  x64_sys_call+0x5ae/0x9a0
[  100.859528][  T290]  do_syscall_64+0x3b/0xb0
[  100.863780][  T290]  ? clear_bhb_loop+0x55/0xb0
[  100.868308][  T290]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  100.874024][  T290] RIP: 0033:0x7f1f4fbac013
[  100.878276][  T290] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 52 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  100.897726][  T290] RSP: 002b:00007ffcc44f8aa8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  100.905961][  T290] RAX: ffffffffffffffda RBX: 00005555555d14e0 RCX: 00007f1f4fbac013
[  100.913775][  T290] RDX: 0000000000008000 RSI: 00005555555d14e0 RDI: 0000000000000005
[  100.921584][  T290] RBP: 00005555555d14b4 R08: 0000000000000000 R09: 0000000000000000
[  100.929396][  T290] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  100.937208][  T290] R13: 0000000000000010 R14: 00005555555d14b0 R15: 00007ffcc44fad50
[  100.945024][  T290]  </TASK>
[  101.008124][  T290] syz-executor: attempt to access beyond end of device
[  101.008124][  T290] loop1: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  101.023350][  T290] syz-executor: attempt to access beyond end of device
[  101.023350][  T290] loop1: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  101.124022][  T456] kworker/u4:4: attempt to access beyond end of device
[  101.124022][  T456] loop1: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  101.231274][  T288] EXT4-fs (loop3): unmounting filesystem.
[  101.317848][ T2121] fuse: Unknown parameter 'use00000000000000000000'
[  101.329062][ T2122] input: syz0 as /devices/virtual/input/input65
[  101.496019][ T2125] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  101.504563][ T2125] device bridge_slave_0 left promiscuous mode
[  101.530409][ T2125] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.538387][ T2125] device bridge_slave_1 left promiscuous mode
[  101.544499][ T2125] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.601805][ T2125] loop0: detected capacity change from 0 to 512
[  101.608685][ T2125] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  101.622162][ T2125] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec018, mo2=0002]
[  101.631689][ T2125] System zones: 1-12
[  101.636514][ T2125] EXT4-fs (loop0): 1 truncate cleaned up
[  101.704241][ T2133] input: syz0 as /devices/virtual/input/input66
[  101.758423][ T2125] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  101.872815][ T2125] netlink: 36 bytes leftover after parsing attributes in process `syz.0.546'.
[  101.894612][ T2125] netlink: 4 bytes leftover after parsing attributes in process `syz.0.546'.
[  101.916412][ T1874] EXT4-fs (loop0): unmounting filesystem.
[  101.960782][ T2140] syz.0.551[2140] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  101.960854][ T2140] syz.0.551[2140] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  102.056476][  T456] device bridge_slave_1 left promiscuous mode
[  102.078825][  T456] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.087569][  T456] device bridge_slave_0 left promiscuous mode
[  102.098667][  T456] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.276890][ T2149] loop0: detected capacity change from 0 to 128
[  102.287490][   T28] kauditd_printk_skb: 81 callbacks suppressed
[  102.293537][   T28] audit: type=1400 audit(1724088063.061:739): avc:  denied  { read } for  pid=2138 comm="syz.0.551" name="ashmem" dev="devtmpfs" ino=177 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  102.322980][   T28] audit: type=1400 audit(1724088063.061:740): avc:  denied  { open } for  pid=2138 comm="syz.0.551" path="/dev/ashmem" dev="devtmpfs" ino=177 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  102.345858][   T28] audit: type=1400 audit(1724088063.101:741): avc:  denied  { ioctl } for  pid=2138 comm="syz.0.551" path="/dev/ashmem" dev="devtmpfs" ino=177 ioctlcmd=0x7701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  102.370258][  T456] device veth1_macvtap left promiscuous mode
[  102.377132][  T456] device veth0_vlan left promiscuous mode
[  102.409409][  T314] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  102.705431][   T28] audit: type=1400 audit(1724088063.571:742): avc:  denied  { shutdown } for  pid=2153 comm="syz.3.554" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  102.818044][ T2135] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.841090][ T2135] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.848748][ T2135] device bridge_slave_0 entered promiscuous mode
[  102.864452][ T2135] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.871435][ T2135] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.878991][ T2135] device bridge_slave_1 entered promiscuous mode
[  102.930516][ T2167] device pim6reg1 entered promiscuous mode
[  103.104167][ T1834] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  103.113510][ T1834] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  103.137855][ T1834] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  103.146873][ T1834] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  103.158544][ T1834] bridge0: port 1(bridge_slave_0) entered blocking state
[  103.165411][ T1834] bridge0: port 1(bridge_slave_0) entered forwarding state
[  104.363128][   T28] audit: type=1400 audit(1724088065.251:743): avc:  denied  { bind } for  pid=2183 comm="syz.3.563" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  104.371185][ T1834] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  104.398707][ T1834] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  104.435528][ T1834] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.442425][ T1834] bridge0: port 2(bridge_slave_1) entered forwarding state
[  104.446109][ T2186] loop0: detected capacity change from 0 to 256
[  104.450087][   T28] audit: type=1400 audit(1724088065.291:744): avc:  denied  { listen } for  pid=2183 comm="syz.3.563" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  104.576415][ T2186] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  104.676164][   T28] audit: type=1400 audit(1724088065.291:745): avc:  denied  { accept } for  pid=2183 comm="syz.3.563" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  104.693535][ T2169] loop4: detected capacity change from 0 to 40427
[  104.702634][ T2169] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  104.721761][ T2169] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  104.730916][ T2169] F2FS-fs (loop4): invalid crc value
[  104.737497][ T2169] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  104.768265][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  104.768874][ T2169] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  104.775741][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  104.782556][ T2169] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  104.790646][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  104.810946][ T2135] device veth0_vlan entered promiscuous mode
[  104.818594][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  104.829572][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  104.840617][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  104.850498][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  104.881886][   T28] audit: type=1400 audit(1724088065.771:746): avc:  denied  { write } for  pid=2185 comm="syz.0.564" name="/" dev="loop0" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  105.028759][ T2135] device veth1_macvtap entered promiscuous mode
[  105.040392][   T28] audit: type=1400 audit(1724088065.771:747): avc:  denied  { add_name } for  pid=2185 comm="syz.0.564" name="blkio.bfq.io_serviced_recursive" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  105.064308][   T28] audit: type=1400 audit(1724088065.771:748): avc:  denied  { associate } for  pid=2185 comm="syz.0.564" name="blkio.bfq.io_serviced_recursive" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  105.089039][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  105.129122][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  105.136540][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  105.150977][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  105.159143][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  105.181864][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  105.190030][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  105.198359][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  105.207550][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  105.332210][ T2199] syz.4.558: attempt to access beyond end of device
[  105.332210][ T2199] loop4: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[  105.999422][ T2211] loop0: detected capacity change from 0 to 128
[  106.023744][ T2211] EXT4-fs: dax option not supported
[  106.186904][ T2218] device pim6reg1 entered promiscuous mode
[  106.552044][ T2229] fuse: Unknown parameter 'user_i00000000000000000000'
[  106.664447][ T2231] gretap0: refused to change device tx_queue_len
[  106.671399][ T2231] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  107.798817][   T28] kauditd_printk_skb: 57 callbacks suppressed
[  107.798833][   T28] audit: type=1400 audit(1724088068.691:806): avc:  denied  { write } for  pid=2244 comm="syz.1.579" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  107.863864][ T2265] device pim6reg1 entered promiscuous mode
[  108.194833][ T2254] loop3: detected capacity change from 0 to 40427
[  108.308181][ T2254] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  108.353330][ T2254] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  108.367053][ T2254] F2FS-fs (loop3): invalid crc value
[  108.393962][ T2254] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  108.424852][ T2254] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  108.432061][ T2254] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  108.489449][ T2284] loop1: detected capacity change from 0 to 128
[  108.730780][ T2290] syz.3.581: attempt to access beyond end of device
[  108.730780][ T2290] loop3: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[  108.808508][ T2291] netlink: 24 bytes leftover after parsing attributes in process `syz.1.591'.
[  108.928878][ T2293] loop4: detected capacity change from 0 to 1024
[  108.988981][ T2293] EXT4-fs: Ignoring removed orlov option
[  108.998118][ T2293] EXT4-fs: Ignoring removed nomblk_io_submit option
[  109.053286][ T2293] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  109.105217][  T289] EXT4-fs (loop4): unmounting filesystem.
[  109.289142][ T2309] device pim6reg1 entered promiscuous mode
[  109.979312][   T28] audit: type=1400 audit(1724088070.861:807): avc:  denied  { connect } for  pid=2322 comm="syz.2.603" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  110.542668][ T2350] device pim6reg1 entered promiscuous mode
[  111.279952][ T2358] loop1: detected capacity change from 0 to 1024
[  111.286538][ T2358] EXT4-fs: Ignoring removed nomblk_io_submit option
[  111.295466][ T2358] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  111.306962][ T2358] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  111.321295][ T2358] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  111.987605][   T28] audit: type=1326 audit(1724088072.871:808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2388 comm="syz.3.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43a3b79e79 code=0x7ffc0000
[  112.086976][   T28] audit: type=1326 audit(1724088072.871:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2388 comm="syz.3.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43a3b79e79 code=0x7ffc0000
[  112.239491][ T2392] device pim6reg1 entered promiscuous mode
[  112.241928][ T2370] loop0: detected capacity change from 0 to 40427
[  112.251483][ T2394] loop3: detected capacity change from 0 to 256
[  112.258245][   T28] audit: type=1326 audit(1724088072.871:810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2388 comm="syz.3.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f43a3b79e79 code=0x7ffc0000
[  112.270220][ T2394] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  112.281880][   T28] audit: type=1326 audit(1724088072.871:811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2388 comm="syz.3.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43a3b79e79 code=0x7ffc0000
[  112.317472][ T2370] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  112.330241][ T2370] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  112.351570][   T28] audit: type=1326 audit(1724088072.871:812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2388 comm="syz.3.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43a3b79e79 code=0x7ffc0000
[  112.391000][   T28] audit: type=1326 audit(1724088072.871:813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2388 comm="syz.3.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f43a3b79e79 code=0x7ffc0000
[  112.429234][ T2370] F2FS-fs (loop0): invalid crc value
[  112.434278][   T28] audit: type=1326 audit(1724088072.871:814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2388 comm="syz.3.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43a3b79e79 code=0x7ffc0000
[  112.436225][ T2370] F2FS-fs (loop0): Found nat_bits in checkpoint
[  112.458241][ T2135] EXT4-fs (loop1): unmounting filesystem.
[  112.480934][   T28] audit: type=1326 audit(1724088072.871:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2388 comm="syz.3.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43a3b79e79 code=0x7ffc0000
[  112.498178][ T2370] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  112.511051][ T2370] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  113.193852][ T2408] fuse: Unknown parameter 'user_id00000000000000000000'
[  113.212847][ T2404] syz.3.626 (2404) used greatest stack depth: 18896 bytes left
[  113.262692][   T28] kauditd_printk_skb: 18 callbacks suppressed
[  113.262706][   T28] audit: type=1400 audit(1724088074.151:834): avc:  denied  { create } for  pid=2369 comm="syz.0.618" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  113.319014][   T10] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  113.328980][   T10] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  113.499755][ T2427] loop0: detected capacity change from 0 to 512
[  113.505715][   T28] audit: type=1400 audit(1724088074.391:835): avc:  denied  { write } for  pid=2428 comm="syz.3.637" name="001" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  113.506133][ T2427] EXT4-fs: Ignoring removed bh option
[  113.590729][ T2430] input: syz0 as /devices/virtual/input/input71
[  113.632238][ T2427] EXT4-fs (loop0): VFS: Can't find ext4 filesystem
[  113.662733][ T2429] loop3: detected capacity change from 0 to 128
[  113.838828][   T28] audit: type=1400 audit(1724088074.731:836): avc:  denied  { mounton } for  pid=2428 comm="syz.3.637" path="/130/file0" dev="loop3" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1
[  114.063522][ T2436] input: syz0 as /devices/virtual/input/input72
[  114.248091][   T28] audit: type=1400 audit(1724088075.131:837): avc:  denied  { unmount } for  pid=288 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  114.288019][   T28] audit: type=1400 audit(1724088075.161:838): avc:  denied  { write } for  pid=2437 comm="syz.2.649" name="raw-gadget" dev="devtmpfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  114.332277][ T2440] loop4: detected capacity change from 0 to 4096
[  114.338804][ T2440] EXT4-fs: Ignoring removed oldalloc option
[  114.344961][ T2440] EXT4-fs (loop4): Test dummy encryption mode enabled
[  114.356556][ T2440] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  114.366600][   T43] tipc: Disabling bearer <udp:syz1>
[  114.373981][   T43] tipc: Left network mode
[  114.538029][ T1834] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  114.548961][ T2453] loop1: detected capacity change from 0 to 128
[  114.582365][ T2453] EXT4-fs: dax option not supported
[  114.716926][   T28] audit: type=1400 audit(1724088075.601:839): avc:  denied  { write } for  pid=2457 comm="syz.0.646" laddr=127.0.0.1 lport=1 faddr=127.0.0.1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  114.744315][ T2452] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.752454][  T289] EXT4-fs (loop4): unmounting filesystem.
[  114.765979][ T2452] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.780726][ T2452] device bridge_slave_0 entered promiscuous mode
[  114.787583][ T2452] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.788025][ T1834] usb 3-1: Using ep0 maxpacket: 8
[  114.794457][ T2452] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.806687][ T2452] device bridge_slave_1 entered promiscuous mode
[  114.861486][ T2462] device pim6reg1 entered promiscuous mode
[  114.892664][ T2452] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.899540][ T2452] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.906592][ T2452] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.913426][ T2452] bridge0: port 1(bridge_slave_0) entered forwarding state
[  114.933246][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  114.942855][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.950401][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.959663][ T1834] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  114.983901][   T43] device veth1_macvtap left promiscuous mode
[  114.999380][   T43] device veth0_vlan left promiscuous mode
[  115.004985][ T1834] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  115.333071][ T1834] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  115.346434][ T1834] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2c24, bcdDevice= 0.00
[  115.355793][ T1834] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.346197][ T2471] input: syz0 as /devices/virtual/input/input74
[  116.358196][ T1834] usb 3-1: config 0 descriptor??
[  116.438767][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  116.494988][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.501967][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[  116.510067][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  116.528804][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[  116.535653][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[  116.546998][ T2485] input: syz0 as /devices/virtual/input/input75
[  116.612862][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  116.621577][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  116.640503][ T1191] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  116.649057][ T1191] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  116.661876][ T2452] device veth0_vlan entered promiscuous mode
[  116.668983][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  116.738411][ T2489] input: syz0 as /devices/virtual/input/input76
[  116.909068][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  116.920024][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  116.927394][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  116.940448][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  116.948113][ T1834] usbhid 3-1:0.0: can't add hid device: -71
[  116.948696][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  116.954100][ T1834] usbhid: probe of 3-1:0.0 failed with error -71
[  116.963132][ T2452] device veth1_macvtap entered promiscuous mode
[  116.978608][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  116.986319][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  116.994566][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  117.001006][ T1834] usb 3-1: USB disconnect, device number 9
[  117.015100][ T1191] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  117.023207][ T1191] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  117.043373][ T2491] fuse: Unknown parameter 'user_id00000000000000000000'
[  117.089304][ T2495] loop3: detected capacity change from 0 to 4096
[  117.095863][ T2495] EXT4-fs: Ignoring removed oldalloc option
[  117.102352][ T2495] EXT4-fs (loop3): Test dummy encryption mode enabled
[  117.110552][ T2495] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  117.289840][ T2502] device pim6reg1 entered promiscuous mode
[  117.393502][ T2452] EXT4-fs (loop3): unmounting filesystem.
[  117.559796][ T2512] loop1: detected capacity change from 0 to 128
[  117.566087][ T2512] EXT4-fs: dax option not supported
[  117.677689][ T2511] input: syz0 as /devices/virtual/input/input77
[  118.387179][ T2526] input: syz0 as /devices/virtual/input/input78
[  120.897606][ T2535] fuse: Bad value for 'fd'
[  120.983579][ T2541] loop0: detected capacity change from 0 to 512
[  121.000955][ T2546] device pim6reg1 entered promiscuous mode
[  121.019166][ T2541] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  122.423201][   T28] audit: type=1400 audit(1724088083.311:840): avc:  denied  { ioctl } for  pid=2543 comm="syz.1.673" path="/19/file0/.pending_reads" dev="incremental-fs" ino=2 ioctlcmd=0x6723 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  122.486659][ T2541] ext4 filesystem being mounted at /37/file0 supports timestamps until 2038 (0x7fffffff)
[  122.552581][ T2558] loop3: detected capacity change from 0 to 4096
[  122.559330][ T2558] EXT4-fs: Ignoring removed oldalloc option
[  122.565477][ T2558] EXT4-fs (loop3): Test dummy encryption mode enabled
[  122.582608][ T2558] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  122.611572][ T1874] EXT4-fs (loop0): unmounting filesystem.
[  122.646782][   T28] audit: type=1400 audit(1724088083.531:841): avc:  denied  { create } for  pid=2569 comm="syz.4.682" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  122.666098][   T28] audit: type=1400 audit(1724088083.531:842): avc:  denied  { write } for  pid=2569 comm="syz.4.682" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  122.687012][ T2574] fuse: Bad value for 'fd'
[  122.841765][ T2578] loop0: detected capacity change from 0 to 128
[  122.848092][ T2578] EXT4-fs: dax option not supported
[  123.212739][ T2577] input: syz0 as /devices/virtual/input/input80
[  123.386083][ T1191] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  124.078127][ T2452] EXT4-fs (loop3): unmounting filesystem.
[  124.171813][ T2597] loop0: detected capacity change from 0 to 512
[  124.209454][ T2597] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.686: inode #1: comm syz.0.686: iget: illegal inode #
[  124.223742][ T2596] input: syz0 as /devices/virtual/input/input82
[  124.230282][ T1191] usb 3-1: Using ep0 maxpacket: 8
[  124.240186][ T2597] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.686: error while reading EA inode 1 err=-117
[  124.253897][ T2597] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.686: inode #1: comm syz.0.686: iget: illegal inode #
[  124.306037][ T2597] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.686: error while reading EA inode 1 err=-117
[  124.318542][ T2597] EXT4-fs (loop0): 1 orphan inode deleted
[  124.324218][ T2597] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  124.468056][ T1191] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  124.483957][ T1191] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  124.495937][ T1874] EXT4-fs (loop0): unmounting filesystem.
[  124.607319][ T2600] loop4: detected capacity change from 0 to 40427
[  124.696109][ T2600] F2FS-fs (loop4): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  124.755161][ T1191] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  124.762167][ T2600] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  124.767875][ T1191] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2c24, bcdDevice= 0.00
[  124.783378][ T2600] F2FS-fs (loop4): invalid crc value
[  124.784851][ T1191] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.799311][ T1191] usb 3-1: config 0 descriptor??
[  124.807198][ T2600] F2FS-fs (loop4): Found nat_bits in checkpoint
[  124.833934][ T2600] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  124.841075][ T2600] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  124.878968][ T2619] fuse: Bad value for 'fd'
[  125.110601][ T2626] input: syz0 as /devices/virtual/input/input83
[  125.272871][ T2628] input: syz0 as /devices/virtual/input/input84
[  125.534797][ T2631] device pim6reg1 entered promiscuous mode
[  125.553178][ T2632] futex_wake_op: syz.4.688 tries to shift op by -1; fix this program
[  125.739287][  T289] F2FS-fs (loop4): access invalid blkaddr:2048
[  125.745585][  T289] CPU: 1 PID: 289 Comm: syz-executor Tainted: G        W          6.1.90-syzkaller-00020-gd6a513a78492 #0
[  125.756677][  T289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  125.766576][  T289] Call Trace:
[  125.769700][  T289]  <TASK>
[  125.772474][  T289]  dump_stack_lvl+0x151/0x1b7
[  125.776990][  T289]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  125.782281][  T289]  ? f2fs_get_next_page_offset+0x770/0x770
[  125.787929][  T289]  dump_stack+0x15/0x1c
[  125.790962][   T28] audit: type=1400 audit(1724088086.631:843): avc:  denied  { ioctl } for  pid=2637 comm="syz.0.699" path="socket:[24831]" dev="sockfs" ino=24831 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  125.791933][  T289]  __f2fs_is_valid_blkaddr+0xda6/0x1450
[  125.791958][  T289]  f2fs_is_valid_blkaddr+0x25/0x30
[  125.827587][  T289]  f2fs_map_blocks+0xd32/0x43a0
[  125.832275][  T289]  ? mempool_alloc_slab+0x1d/0x30
[  125.837134][  T289]  ? f2fs_map_lock+0x260/0x260
[  125.841733][  T289]  ? xa_load+0x1a1/0x210
[  125.845810][  T289]  ? xas_find_conflict+0x8c0/0x8c0
[  125.850762][  T289]  ? folio_unlock+0x5c/0x70
[  125.855096][  T289]  f2fs_mpage_readpages+0xc65/0x20f0
[  125.860222][  T289]  ? get_page_from_freelist+0x27ea/0x2870
[  125.865775][  T289]  ? xas_load+0x39d/0x3b0
[  125.869952][  T289]  ? dquot_release_reservation_block+0xa0/0xa0
[  125.875929][  T289]  ? __this_cpu_preempt_check+0x13/0x20
[  125.881308][  T289]  ? memcg_rstat_updated+0x4f/0x110
[  125.886347][  T289]  f2fs_readahead+0xfd/0x250
[  125.890769][  T289]  ? blk_start_plug+0x9c/0x130
[  125.895373][  T289]  read_pages+0x1be/0xd40
[  125.899537][  T289]  ? workingset_activation+0x430/0x430
[  125.904831][  T289]  ? folio_add_lru+0x280/0x3f0
[  125.909434][  T289]  ? page_cache_ra_unbounded+0x690/0x690
[  125.914899][  T289]  ? filemap_add_folio+0x18f/0x200
[  125.919846][  T289]  ? __filemap_add_folio+0xd10/0xd10
[  125.924972][  T289]  page_cache_ra_unbounded+0x4c1/0x690
[  125.930264][  T289]  ? readahead_gfp_mask+0x190/0x190
[  125.935293][  T289]  ? __kernel_text_address+0xd/0x40
[  125.940418][  T289]  ? unwind_get_return_address+0x4d/0x90
[  125.945882][  T289]  page_cache_ra_order+0x928/0xb30
[  125.950834][  T289]  ? do_page_cache_ra+0x110/0x110
[  125.955690][  T289]  ? __stack_depot_save+0x36/0x480
[  125.960640][  T289]  ? putname+0xfa/0x150
[  125.964638][  T289]  ondemand_readahead+0x91a/0xee0
[  125.969579][  T289]  ? kasan_set_track+0x4b/0x70
[  125.974331][  T289]  ? kasan_save_free_info+0x2b/0x40
[  125.979299][  T289]  ? ____kasan_slab_free+0x131/0x180
[  125.984421][  T289]  ? do_syscall_64+0x3b/0xb0
[  125.988851][  T289]  ? page_cache_sync_ra+0x450/0x450
[  125.993882][  T289]  ? blk_cgroup_congested+0x132/0x150
[  125.999090][  T289]  page_cache_sync_ra+0x3d6/0x450
[  126.003948][  T289]  f2fs_readdir+0x599/0xc10
[  126.008291][  T289]  ? f2fs_fill_dentries+0xd00/0xd00
[  126.013322][  T289]  ? __this_cpu_preempt_check+0x13/0x20
[  126.018716][  T289]  ? memcg_rstat_updated+0x4f/0x110
[  126.023740][  T289]  ? security_file_permission+0x86/0xb0
[  126.029121][  T289]  iterate_dir+0x265/0x610
[  126.033378][  T289]  ? f2fs_fill_dentries+0xd00/0xd00
[  126.038409][  T289]  __se_sys_getdents64+0x1c1/0x460
[  126.043356][  T289]  ? __x64_sys_getdents64+0x90/0x90
[  126.048388][  T289]  ? filldir+0x670/0x670
[  126.052476][  T289]  ? debug_smp_processor_id+0x17/0x20
[  126.057679][  T289]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  126.063579][  T289]  ? exit_to_user_mode_prepare+0x39/0xa0
[  126.069047][  T289]  __x64_sys_getdents64+0x7b/0x90
[  126.073906][  T289]  x64_sys_call+0x5ae/0x9a0
[  126.078245][  T289]  do_syscall_64+0x3b/0xb0
[  126.082496][  T289]  ? clear_bhb_loop+0x55/0xb0
[  126.087011][  T289]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  126.092739][  T289] RIP: 0033:0x7f6b8e7ac013
[  126.096992][  T289] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 52 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  126.116436][  T289] RSP: 002b:00007fffbf337908 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  126.124681][  T289] RAX: ffffffffffffffda RBX: 00005555556754e0 RCX: 00007f6b8e7ac013
[  126.132490][  T289] RDX: 0000000000008000 RSI: 00005555556754e0 RDI: 0000000000000005
[  126.140302][  T289] RBP: 00005555556754b4 R08: 0000000000000000 R09: 0000000000000000
[  126.148114][  T289] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  126.155931][  T289] R13: 0000000000000010 R14: 00005555556754b0 R15: 00007fffbf339bb0
[  126.163742][  T289]  </TASK>
[  126.854524][  T289] syz-executor: attempt to access beyond end of device
[  126.854524][  T289] loop4: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  126.877925][  T289] syz-executor: attempt to access beyond end of device
[  126.877925][  T289] loop4: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  126.891822][ T1191] usbhid 3-1:0.0: can't add hid device: -71
[  126.900687][ T1191] usbhid: probe of 3-1:0.0 failed with error -71
[  126.908576][ T1191] usb 3-1: USB disconnect, device number 10
[  126.930644][    T8] kworker/u4:0: attempt to access beyond end of device
[  126.930644][    T8] loop4: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  126.994269][ T2649] loop0: detected capacity change from 0 to 4096
[  127.000781][ T2649] EXT4-fs: Ignoring removed oldalloc option
[  127.007411][ T2649] EXT4-fs (loop0): Test dummy encryption mode enabled
[  127.017163][ T2649] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  127.360340][ T2658] fuse: Unknown parameter '00000000000000000000004'
[  127.753551][ T2664] device pim6reg1 entered promiscuous mode
[  127.807931][ T1874] EXT4-fs (loop0): unmounting filesystem.
[  127.841860][ T2671] loop0: detected capacity change from 0 to 128
[  128.158338][ T2668] bridge0: port 1(bridge_slave_0) entered blocking state
[  128.165262][ T2668] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.172661][ T2668] device bridge_slave_0 entered promiscuous mode
[  128.180482][ T2668] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.187361][ T2668] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.194733][ T2668] device bridge_slave_1 entered promiscuous mode
[  128.262551][ T2689] netlink: 24 bytes leftover after parsing attributes in process `syz.0.712'.
[  128.272594][ T2691] fuse: Unknown parameter '00000000000000000000004'
[  128.306035][ T2668] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.312928][ T2668] bridge0: port 2(bridge_slave_1) entered forwarding state
[  128.364548][ T1191] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.373878][ T1191] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  128.387903][ T1191] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  128.556522][ T2698] input: syz0 as /devices/virtual/input/input86
[  128.730961][  T864] device bridge_slave_1 left promiscuous mode
[  128.747722][  T864] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.805134][  T864] device bridge_slave_0 left promiscuous mode
[  128.812763][  T864] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.823005][  T864] device veth1_macvtap left promiscuous mode
[  128.833193][  T864] device veth0_vlan left promiscuous mode
[  128.968750][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  128.976880][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  129.000351][   T24] bridge0: port 1(bridge_slave_0) entered blocking state
[  129.007223][   T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[  129.018246][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  129.026460][   T24] bridge0: port 2(bridge_slave_1) entered blocking state
[  129.033324][   T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[  129.045513][  T493] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  129.067287][  T493] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  129.083188][ T1744] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  129.097404][ T1744] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  129.105586][ T1744] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  129.113594][ T1744] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  129.165242][ T2710] loop1: detected capacity change from 0 to 128
[  129.168186][ T2668] device veth0_vlan entered promiscuous mode
[  129.195337][ T2708] device pim6reg1 entered promiscuous mode
[  129.201428][ T2710] EXT4-fs (loop1): Test dummy encryption mode enabled
[  129.211283][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  129.220137][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  129.229382][ T2668] device veth1_macvtap entered promiscuous mode
[  129.243926][ T2710] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  129.267205][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  129.273425][ T2710] ext4 filesystem being mounted at /32/mnt supports timestamps until 2038 (0x7fffffff)
[  129.282086][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  129.305906][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  129.382149][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  129.390293][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  129.480426][   T28] audit: type=1400 audit(1724088090.371:844): avc:  denied  { create } for  pid=2709 comm="syz.1.724" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  129.508721][   T28] audit: type=1400 audit(1724088090.391:845): avc:  denied  { bind } for  pid=2709 comm="syz.1.724" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  129.600010][ T2730] fuse: Unknown parameter '00000000000000000000004'
[  130.182462][ T2747] input: syz0 as /devices/virtual/input/input87
[  130.334949][ T2723] loop4: detected capacity change from 0 to 40427
[  130.348186][ T2723] F2FS-fs (loop4): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  130.355789][ T2723] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  130.365778][ T2723] F2FS-fs (loop4): invalid crc value
[  130.380133][ T2723] F2FS-fs (loop4): Found nat_bits in checkpoint
[  130.396487][ T2135] EXT4-fs (loop1): unmounting filesystem.
[  130.417156][ T2755] device pim6reg1 entered promiscuous mode
[  130.423483][ T2723] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  130.430424][ T2723] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  130.553231][ T2767] fuse: Unknown parameter '00000000000000000000004'
[  130.637038][ T2773] futex_wake_op: syz.4.709 tries to shift op by -1; fix this program
[  130.972662][ T2668] F2FS-fs (loop4): access invalid blkaddr:2048
[  130.999150][ T2668] CPU: 1 PID: 2668 Comm: syz-executor Tainted: G        W          6.1.90-syzkaller-00020-gd6a513a78492 #0
[  131.010343][ T2668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  131.020242][ T2668] Call Trace:
[  131.023362][ T2668]  <TASK>
[  131.026143][ T2668]  dump_stack_lvl+0x151/0x1b7
[  131.030655][ T2668]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  131.035947][ T2668]  ? __wake_up_klogd+0xd5/0x110
[  131.040636][ T2668]  dump_stack+0x15/0x1c
[  131.044637][ T2668]  __f2fs_is_valid_blkaddr+0xda6/0x1450
[  131.050020][ T2668]  f2fs_is_valid_blkaddr+0x25/0x30
[  131.055041][ T2668]  f2fs_map_blocks+0xd32/0x43a0
[  131.059740][ T2668]  ? mempool_alloc_slab+0x1d/0x30
[  131.064594][ T2668]  ? f2fs_map_lock+0x260/0x260
[  131.069192][ T2668]  ? xa_load+0x1a1/0x210
[  131.073268][ T2668]  ? xas_find_conflict+0x8c0/0x8c0
[  131.078216][ T2668]  ? folio_unlock+0x5c/0x70
[  131.082554][ T2668]  f2fs_mpage_readpages+0xc65/0x20f0
[  131.087680][ T2668]  ? get_page_from_freelist+0x27ea/0x2870
[  131.093320][ T2668]  ? xas_load+0x39d/0x3b0
[  131.097519][ T2668]  ? dquot_release_reservation_block+0xa0/0xa0
[  131.103475][ T2668]  ? __this_cpu_preempt_check+0x13/0x20
[  131.108857][ T2668]  ? memcg_rstat_updated+0x4f/0x110
[  131.113887][ T2668]  f2fs_readahead+0xfd/0x250
[  131.118310][ T2668]  ? blk_start_plug+0x9c/0x130
[  131.122912][ T2668]  read_pages+0x1be/0xd40
[  131.127076][ T2668]  ? workingset_activation+0x430/0x430
[  131.132459][ T2668]  ? folio_add_lru+0x280/0x3f0
[  131.137057][ T2668]  ? page_cache_ra_unbounded+0x690/0x690
[  131.142525][ T2668]  ? filemap_add_folio+0x18f/0x200
[  131.147474][ T2668]  ? __filemap_add_folio+0xd10/0xd10
[  131.152594][ T2668]  ? __stack_depot_save+0x36/0x480
[  131.157548][ T2668]  page_cache_ra_unbounded+0x4c1/0x690
[  131.162925][ T2668]  ? readahead_gfp_mask+0x190/0x190
[  131.167968][ T2668]  ? __kasan_check_write+0x14/0x20
[  131.172914][ T2668]  ? __set_page_owner_handle+0x38a/0x3d0
[  131.178375][ T2668]  page_cache_ra_order+0x928/0xb30
[  131.183321][ T2668]  ? __set_page_owner+0x53/0x70
[  131.188014][ T2668]  ? get_page_from_freelist+0x27ea/0x2870
[  131.193561][ T2668]  ? do_page_cache_ra+0x110/0x110
[  131.198422][ T2668]  ? kasan_set_track+0x60/0x70
[  131.203023][ T2668]  ? kasan_set_track+0x4b/0x70
[  131.207621][ T2668]  ondemand_readahead+0x91a/0xee0
[  131.212487][ T2668]  ? asm_exc_page_fault+0x27/0x30
[  131.217342][ T2668]  ? try_charge_memcg+0x2ea/0x16e0
[  131.222289][ T2668]  ? page_cache_sync_ra+0x450/0x450
[  131.227324][ T2668]  ? blk_cgroup_congested+0x132/0x150
[  131.232534][ T2668]  page_cache_sync_ra+0x3d6/0x450
[  131.237403][ T2668]  f2fs_readdir+0x599/0xc10
[  131.241740][ T2668]  ? f2fs_fill_dentries+0xd00/0xd00
[  131.246882][ T2668]  ? __this_cpu_preempt_check+0x13/0x20
[  131.252266][ T2668]  ? memcg_rstat_updated+0x4f/0x110
[  131.257293][ T2668]  ? security_file_permission+0x86/0xb0
[  131.262673][ T2668]  iterate_dir+0x265/0x610
[  131.266923][ T2668]  ? f2fs_fill_dentries+0xd00/0xd00
[  131.271959][ T2668]  __se_sys_getdents64+0x1c1/0x460
[  131.276906][ T2668]  ? __x64_sys_getdents64+0x90/0x90
[  131.281939][ T2668]  ? filldir+0x670/0x670
[  131.286017][ T2668]  ? debug_smp_processor_id+0x17/0x20
[  131.291226][ T2668]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  131.297127][ T2668]  ? exit_to_user_mode_prepare+0x39/0xa0
[  131.302602][ T2668]  __x64_sys_getdents64+0x7b/0x90
[  131.307462][ T2668]  x64_sys_call+0x5ae/0x9a0
[  131.311796][ T2668]  do_syscall_64+0x3b/0xb0
[  131.316052][ T2668]  ? clear_bhb_loop+0x55/0xb0
[  131.320562][ T2668]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  131.326289][ T2668] RIP: 0033:0x7f033d9ac013
[  131.330543][ T2668] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 52 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  131.349991][ T2668] RSP: 002b:00007ffe9c2660f8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  131.358241][ T2668] RAX: ffffffffffffffda RBX: 00005555574754e0 RCX: 00007f033d9ac013
[  131.366043][ T2668] RDX: 0000000000008000 RSI: 00005555574754e0 RDI: 0000000000000005
[  131.373855][ T2668] RBP: 00005555574754b4 R08: 0000000000028b61 R09: 0000000000000000
[  131.381664][ T2668] R10: 00007f033daebca0 R11: 0000000000000293 R12: ffffffffffffffa8
[  131.389479][ T2668] R13: 0000000000000010 R14: 00005555574754b0 R15: 00007ffe9c2683a0
[  131.397293][ T2668]  </TASK>
[  131.578670][   T28] audit: type=1400 audit(1724088092.351:846): avc:  denied  { mount } for  pid=2780 comm="syz.3.746" name="/" dev="ramfs" ino=25322 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  131.636270][ T2668] syz-executor: attempt to access beyond end of device
[  131.636270][ T2668] loop4: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  131.657741][ T2668] syz-executor: attempt to access beyond end of device
[  131.657741][ T2668] loop4: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  131.672634][   T28] audit: type=1400 audit(1724088092.351:847): avc:  denied  { remount } for  pid=2780 comm="syz.3.746" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  131.692833][   T28] audit: type=1400 audit(1724088092.571:848): avc:  denied  { create } for  pid=2789 comm="syz.1.750" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  131.708608][   T10] kworker/u4:1: attempt to access beyond end of device
[  131.708608][   T10] loop4: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  131.712478][   T28] audit: type=1400 audit(1724088092.571:849): avc:  denied  { setopt } for  pid=2789 comm="syz.1.750" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  131.750670][   T28] audit: type=1400 audit(1724088092.631:850): avc:  denied  { bind } for  pid=2789 comm="syz.1.750" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  131.797106][ T2792] device pim6reg1 entered promiscuous mode
[  131.802743][ T2798] fuse: Unknown parameter '00000000000000000000004'
[  131.803901][   T28] audit: type=1400 audit(1724088092.661:851): avc:  denied  { unmount } for  pid=2452 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  131.832338][   T28] audit: type=1326 audit(1724088092.681:852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2795 comm="syz.2.753" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f630b179e79 code=0x0
[  132.094856][ T2815] loop3: detected capacity change from 0 to 128
[  132.101206][ T2815] EXT4-fs: dax option not supported
[  132.625127][ T2818] input: syz0 as /devices/virtual/input/input88
[  133.405465][ T2806] loop1: detected capacity change from 0 to 40427
[  133.415309][ T2806] F2FS-fs (loop1): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  133.422855][ T2806] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  133.432647][ T2806] F2FS-fs (loop1): invalid crc value
[  133.439134][ T2806] F2FS-fs (loop1): Found nat_bits in checkpoint
[  133.477758][ T2806] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  133.484883][ T2806] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  133.499191][ T2837] bridge0: port 1(bridge_slave_0) entered blocking state
[  133.506037][ T2837] bridge0: port 1(bridge_slave_0) entered disabled state
[  133.513483][ T2837] device bridge_slave_0 entered promiscuous mode
[  133.522716][ T2837] bridge0: port 2(bridge_slave_1) entered blocking state
[  133.529945][ T2837] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.537401][ T2837] device bridge_slave_1 entered promiscuous mode
[  133.606038][ T1744] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  133.608307][ T1834] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  133.613689][ T1744] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  133.641964][ T1744] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  133.650205][ T1744] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  133.658242][ T1744] bridge0: port 1(bridge_slave_0) entered blocking state
[  133.665093][ T1744] bridge0: port 1(bridge_slave_0) entered forwarding state
[  133.672454][ T1744] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  133.682602][ T2846] futex_wake_op: syz.1.758 tries to shift op by -1; fix this program
[  133.690817][ T1744] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  133.698873][ T1744] bridge0: port 2(bridge_slave_1) entered blocking state
[  133.705719][ T1744] bridge0: port 2(bridge_slave_1) entered forwarding state
[  133.726540][ T1744] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  133.734160][ T1744] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  133.742062][ T1744] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  133.759129][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  133.767621][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  133.775748][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  133.783501][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  133.795108][ T2837] device veth0_vlan entered promiscuous mode
[  133.807751][ T1191] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  133.817221][ T2837] device veth1_macvtap entered promiscuous mode
[  133.858533][ T1191] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  133.868956][   T43] device bridge_slave_1 left promiscuous mode
[  133.875080][ T1834] usb 1-1: Using ep0 maxpacket: 32
[  133.888150][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.891423][ T2852] loop3: detected capacity change from 0 to 512
[  133.905642][   T43] device bridge_slave_0 left promiscuous mode
[  133.911895][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[  133.919497][ T2852] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  133.931420][   T43] device veth1_macvtap left promiscuous mode
[  133.937259][   T43] device veth0_vlan left promiscuous mode
[  133.966584][ T2852] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #15: comm syz.3.770: corrupted in-inode xattr
[  133.978809][ T2852] EXT4-fs (loop3): Remounting filesystem read-only
[  133.985338][ T2852] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.770: couldn't read orphan inode 15 (err -117)
[  133.998352][ T2852] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  134.028383][ T1834] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  134.093973][ T1834] usb 1-1: New USB device found, idVendor=d5ff, idProduct=0066, bcdDevice=d8.b0
[  134.197847][ T1834] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.255641][ T2452] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor: corrupted in-inode xattr
[  134.271585][ T1834] usb 1-1: config 0 descriptor??
[  134.272738][ T1744] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  134.286633][ T2452] EXT4-fs (loop3): Remounting filesystem read-only
[  134.294945][ T2452] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor: corrupted in-inode xattr
[  134.308542][ T1834] usb 1-1: bad CDC descriptors
[  134.322119][   T28] audit: type=1326 audit(1724088095.211:853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2860 comm="syz.4.767" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f799df79e79 code=0x0
[  134.337913][ T2135] F2FS-fs (loop1): access invalid blkaddr:2048
[  134.350667][ T2135] CPU: 1 PID: 2135 Comm: syz-executor Tainted: G        W          6.1.90-syzkaller-00020-gd6a513a78492 #0
[  134.361787][ T2135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  134.371670][ T2135] Call Trace:
[  134.374793][ T2135]  <TASK>
[  134.377573][ T2135]  dump_stack_lvl+0x151/0x1b7
[  134.382083][ T2135]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  134.387385][ T2135]  ? f2fs_get_next_page_offset+0x770/0x770
[  134.393020][ T2135]  dump_stack+0x15/0x1c
[  134.397022][ T2135]  __f2fs_is_valid_blkaddr+0xda6/0x1450
[  134.402395][ T2135]  f2fs_is_valid_blkaddr+0x25/0x30
[  134.407340][ T2135]  f2fs_map_blocks+0xd32/0x43a0
[  134.412035][ T2135]  ? mempool_alloc_slab+0x1d/0x30
[  134.416891][ T2135]  ? f2fs_map_lock+0x260/0x260
[  134.421488][ T2135]  ? xa_load+0x1a1/0x210
[  134.425566][ T2135]  ? xas_find_conflict+0x8c0/0x8c0
[  134.430519][ T2135]  ? folio_unlock+0x5c/0x70
[  134.434854][ T2135]  f2fs_mpage_readpages+0xc65/0x20f0
[  134.439978][ T2135]  ? get_page_from_freelist+0x27ea/0x2870
[  134.445533][ T2135]  ? xas_load+0x39d/0x3b0
[  134.449697][ T2135]  ? dquot_release_reservation_block+0xa0/0xa0
[  134.455683][ T2135]  ? __this_cpu_preempt_check+0x13/0x20
[  134.461071][ T2135]  ? memcg_rstat_updated+0x4f/0x110
[  134.466104][ T2135]  f2fs_readahead+0xfd/0x250
[  134.470531][ T2135]  ? blk_start_plug+0x9c/0x130
[  134.475130][ T2135]  read_pages+0x1be/0xd40
[  134.479292][ T2135]  ? workingset_activation+0x430/0x430
[  134.484588][ T2135]  ? folio_add_lru+0x280/0x3f0
[  134.489189][ T2135]  ? page_cache_ra_unbounded+0x690/0x690
[  134.494658][ T2135]  ? filemap_add_folio+0x18f/0x200
[  134.499602][ T2135]  ? __filemap_add_folio+0xd10/0xd10
[  134.504725][ T2135]  page_cache_ra_unbounded+0x4c1/0x690
[  134.510023][ T2135]  ? readahead_gfp_mask+0x190/0x190
[  134.515049][ T2135]  ? __kernel_text_address+0xd/0x40
[  134.520086][ T2135]  ? unwind_get_return_address+0x4d/0x90
[  134.525553][ T2135]  page_cache_ra_order+0x928/0xb30
[  134.530503][ T2135]  ? do_page_cache_ra+0x110/0x110
[  134.535397][ T2135]  ? __stack_depot_save+0x36/0x480
[  134.540309][ T2135]  ? putname+0xfa/0x150
[  134.544302][ T2135]  ondemand_readahead+0x91a/0xee0
[  134.549248][ T2135]  ? kasan_set_track+0x4b/0x70
[  134.553846][ T2135]  ? kasan_save_free_info+0x2b/0x40
[  134.558883][ T2135]  ? ____kasan_slab_free+0x131/0x180
[  134.564004][ T2135]  ? do_syscall_64+0x3b/0xb0
[  134.568432][ T2135]  ? page_cache_sync_ra+0x450/0x450
[  134.573470][ T2135]  ? blk_cgroup_congested+0x132/0x150
[  134.578674][ T2135]  page_cache_sync_ra+0x3d6/0x450
[  134.583540][ T2135]  f2fs_readdir+0x599/0xc10
[  134.587872][ T2135]  ? f2fs_fill_dentries+0xd00/0xd00
[  134.592906][ T2135]  ? __this_cpu_preempt_check+0x13/0x20
[  134.598290][ T2135]  ? memcg_rstat_updated+0x4f/0x110
[  134.603324][ T2135]  ? security_file_permission+0x86/0xb0
[  134.608709][ T2135]  iterate_dir+0x265/0x610
[  134.612985][ T2135]  ? f2fs_fill_dentries+0xd00/0xd00
[  134.617993][ T2135]  __se_sys_getdents64+0x1c1/0x460
[  134.622940][ T2135]  ? __x64_sys_getdents64+0x90/0x90
[  134.627969][ T2135]  ? filldir+0x670/0x670
[  134.632051][ T2135]  ? debug_smp_processor_id+0x17/0x20
[  134.637263][ T2135]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  134.643159][ T2135]  ? exit_to_user_mode_prepare+0x39/0xa0
[  134.648626][ T2135]  __x64_sys_getdents64+0x7b/0x90
[  134.653489][ T2135]  x64_sys_call+0x5ae/0x9a0
[  134.657826][ T2135]  do_syscall_64+0x3b/0xb0
[  134.662138][ T2135]  ? clear_bhb_loop+0x55/0xb0
[  134.666595][ T2135]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  134.672322][ T2135] RIP: 0033:0x7fac549ac013
[  134.676586][ T2135] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 52 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  134.696019][ T2135] RSP: 002b:00007fff6d477628 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  134.704261][ T2135] RAX: ffffffffffffffda RBX: 00005555556d04e0 RCX: 00007fac549ac013
[  134.712256][ T2135] RDX: 0000000000008000 RSI: 00005555556d04e0 RDI: 0000000000000005
[  134.720059][ T2135] RBP: 00005555556d04b4 R08: 0000000000000000 R09: 0000000000000000
[  134.727867][ T2135] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  134.735681][ T2135] R13: 0000000000000010 R14: 00005555556d04b0 R15: 00007fff6d4798d0
[  134.743497][ T2135]  </TASK>
[  134.747767][ T2135] syz-executor: attempt to access beyond end of device
[  134.747767][ T2135] loop1: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  134.756066][  T493] usb 1-1: USB disconnect, device number 5
[  134.766440][ T2135] syz-executor: attempt to access beyond end of device
[  134.766440][ T2135] loop1: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  134.815934][    T8] kworker/u4:0: attempt to access beyond end of device
[  134.815934][    T8] loop1: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  134.889992][ T2452] EXT4-fs (loop3): unmounting filesystem.
[  134.983075][ T2869] input: syz0 as /devices/virtual/input/input89
[  135.284929][ T2873] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.292795][ T2873] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.300123][ T2873] device bridge_slave_0 entered promiscuous mode
[  135.309277][ T2873] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.316147][ T2873] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.324931][ T2873] device bridge_slave_1 entered promiscuous mode
[  135.368604][ T2880] device pim6reg1 entered promiscuous mode
[  135.427075][ T2883] loop0: detected capacity change from 0 to 4096
[  135.439692][ T2883] EXT4-fs: Ignoring removed oldalloc option
[  135.446854][ T2883] EXT4-fs (loop0): Test dummy encryption mode enabled
[  135.455121][ T2883] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  135.497654][ T2873] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.504571][ T2873] bridge0: port 2(bridge_slave_1) entered forwarding state
[  135.511732][ T2873] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.518614][ T2873] bridge0: port 1(bridge_slave_0) entered forwarding state
[  135.537874][ T2881] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.545293][ T2881] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.553203][ T2881] device bridge_slave_0 entered promiscuous mode
[  135.575250][ T2881] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.582417][ T2881] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.590096][ T2881] device bridge_slave_1 entered promiscuous mode
[  135.616861][  T449] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.624338][  T449] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.657225][ T1191] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  135.680174][ T1191] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  135.685376][ T2890] loop4: detected capacity change from 0 to 512
[  135.707579][ T2890] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[  135.722370][ T2890] EXT4-fs (loop4): Remounting filesystem read-only
[  135.729267][ T2890] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.783: invalid indirect mapped block 4278190080 (level 0)
[  135.734100][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  135.751844][ T2890] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.783: invalid indirect mapped block 1 (level 1)
[  135.752355][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  135.765379][ T2890] EXT4-fs (loop4): 1 truncate cleaned up
[  135.773253][  T449] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.785011][  T449] bridge0: port 1(bridge_slave_0) entered forwarding state
[  135.792665][ T2890] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  135.849966][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  135.858533][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  135.858595][ T2837] EXT4-fs (loop4): unmounting filesystem.
[  135.866778][  T449] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.878762][  T449] bridge0: port 2(bridge_slave_1) entered forwarding state
[  135.909315][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  135.917688][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  135.938588][ T1834] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  135.948841][ T1834] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  135.984679][ T1834] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  135.994611][ T1834] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  136.016377][ T2873] device veth0_vlan entered promiscuous mode
[  136.033325][  T493] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  136.071582][  T493] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  136.136961][   T43] device bridge_slave_1 left promiscuous mode
[  136.144752][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.147550][ T2893] loop4: detected capacity change from 0 to 40427
[  136.159226][   T43] device bridge_slave_0 left promiscuous mode
[  136.165204][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.174615][   T43] device bridge_slave_1 left promiscuous mode
[  136.181061][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.182050][ T2893] F2FS-fs (loop4): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  136.195735][ T2893] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  136.195983][   T43] device bridge_slave_0 left promiscuous mode
[  136.204513][ T2893] F2FS-fs (loop4): invalid crc value
[  136.210394][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.216319][ T2893] F2FS-fs (loop4): Found nat_bits in checkpoint
[  136.236709][   T43] device veth1_macvtap left promiscuous mode
[  136.244477][ T1874] EXT4-fs (loop0): unmounting filesystem.
[  136.250517][   T43] device veth0_vlan left promiscuous mode
[  136.262513][   T43] device veth1_macvtap left promiscuous mode
[  136.265269][ T2893] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  136.274285][   T43] device veth0_vlan left promiscuous mode
[  136.275653][ T2893] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  136.442060][  T493] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  136.449520][  T493] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  136.465420][ T2873] device veth1_macvtap entered promiscuous mode
[  136.474398][  T493] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  136.475296][ T2905] futex_wake_op: syz.4.784 tries to shift op by -1; fix this program
[  136.482943][  T493] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  136.502605][  T493] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  136.516533][  T493] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  136.524945][  T493] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  136.533348][  T493] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  136.541340][  T313] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  136.549438][  T493] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  136.571056][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  136.578610][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  136.585922][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  136.594292][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  136.602989][  T449] bridge0: port 1(bridge_slave_0) entered blocking state
[  136.609856][  T449] bridge0: port 1(bridge_slave_0) entered forwarding state
[  136.617055][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  136.625263][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  136.633247][  T449] bridge0: port 2(bridge_slave_1) entered blocking state
[  136.640098][  T449] bridge0: port 2(bridge_slave_1) entered forwarding state
[  136.647523][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  136.668052][ T1744] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  136.677901][ T1744] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  136.686066][ T1744] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  136.693988][ T2907] fuse: Unknown parameter 'fd00000000000000000000004'
[  136.701757][ T1744] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  136.720999][ T2881] device veth0_vlan entered promiscuous mode
[  136.730874][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  136.739327][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  136.752104][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  136.760531][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  136.769906][ T2909] loop3: detected capacity change from 0 to 128
[  136.774777][ T2881] device veth1_macvtap entered promiscuous mode
[  136.786508][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  136.793560][  T313] usb 1-1: Using ep0 maxpacket: 8
[  136.796631][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  136.799381][ T2837] F2FS-fs (loop4): access invalid blkaddr:2048
[  136.805893][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  136.821236][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  136.829287][ T2909] EXT4-fs (loop3): Test dummy encryption mode enabled
[  136.829506][ T2837] CPU: 1 PID: 2837 Comm: syz-executor Tainted: G        W          6.1.90-syzkaller-00020-gd6a513a78492 #0
[  136.847054][ T2837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  136.856954][ T2837] Call Trace:
[  136.860081][ T2837]  <TASK>
[  136.862850][ T2837]  dump_stack_lvl+0x151/0x1b7
[  136.867363][ T2837]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  136.872657][ T2837]  ? f2fs_get_next_page_offset+0x770/0x770
[  136.878298][ T2837]  dump_stack+0x15/0x1c
[  136.882291][ T2837]  __f2fs_is_valid_blkaddr+0xda6/0x1450
[  136.887673][ T2837]  f2fs_is_valid_blkaddr+0x25/0x30
[  136.892631][ T2837]  f2fs_map_blocks+0xd32/0x43a0
[  136.897316][ T2837]  ? mempool_alloc_slab+0x1d/0x30
[  136.902487][ T2837]  ? f2fs_map_lock+0x260/0x260
[  136.907032][ T2837]  ? xa_load+0x1a1/0x210
[  136.911106][ T2837]  ? xas_find_conflict+0x8c0/0x8c0
[  136.916051][ T2837]  ? folio_unlock+0x5c/0x70
[  136.920391][ T2837]  f2fs_mpage_readpages+0xc65/0x20f0
[  136.925515][ T2837]  ? get_page_from_freelist+0x27ea/0x2870
[  136.931068][ T2837]  ? xas_load+0x39d/0x3b0
[  136.935235][ T2837]  ? dquot_release_reservation_block+0xa0/0xa0
[  136.941239][ T2837]  ? __this_cpu_preempt_check+0x13/0x20
[  136.946608][ T2837]  ? memcg_rstat_updated+0x4f/0x110
[  136.951664][ T2837]  f2fs_readahead+0xfd/0x250
[  136.956066][ T2837]  ? blk_start_plug+0x9c/0x130
[  136.960673][ T2837]  read_pages+0x1be/0xd40
[  136.964831][ T2837]  ? workingset_activation+0x430/0x430
[  136.970130][ T2837]  ? folio_add_lru+0x280/0x3f0
[  136.974726][ T2837]  ? page_cache_ra_unbounded+0x690/0x690
[  136.980194][ T2837]  ? filemap_add_folio+0x18f/0x200
[  136.985144][ T2837]  ? __filemap_add_folio+0xd10/0xd10
[  136.990265][ T2837]  page_cache_ra_unbounded+0x4c1/0x690
[  136.995561][ T2837]  ? readahead_gfp_mask+0x190/0x190
[  137.000590][ T2837]  ? __kernel_text_address+0xd/0x40
[  137.005623][ T2837]  ? unwind_get_return_address+0x4d/0x90
[  137.011094][ T2837]  page_cache_ra_order+0x928/0xb30
[  137.016131][ T2837]  ? do_page_cache_ra+0x110/0x110
[  137.020986][ T2837]  ? __stack_depot_save+0x36/0x480
[  137.025946][ T2837]  ? putname+0xfa/0x150
[  137.029929][ T2837]  ondemand_readahead+0x91a/0xee0
[  137.034787][ T2837]  ? kasan_set_track+0x4b/0x70
[  137.039387][ T2837]  ? kasan_save_free_info+0x2b/0x40
[  137.044423][ T2837]  ? ____kasan_slab_free+0x131/0x180
[  137.049543][ T2837]  ? do_syscall_64+0x3b/0xb0
[  137.053969][ T2837]  ? page_cache_sync_ra+0x450/0x450
[  137.059008][ T2837]  ? blk_cgroup_congested+0x132/0x150
[  137.064242][ T2837]  page_cache_sync_ra+0x3d6/0x450
[  137.069163][ T2837]  f2fs_readdir+0x599/0xc10
[  137.073506][ T2837]  ? f2fs_fill_dentries+0xd00/0xd00
[  137.078534][ T2837]  ? __this_cpu_preempt_check+0x13/0x20
[  137.083912][ T2837]  ? memcg_rstat_updated+0x4f/0x110
[  137.088949][ T2837]  ? security_file_permission+0x86/0xb0
[  137.094327][ T2837]  iterate_dir+0x265/0x610
[  137.098582][ T2837]  ? f2fs_fill_dentries+0xd00/0xd00
[  137.103617][ T2837]  __se_sys_getdents64+0x1c1/0x460
[  137.108563][ T2837]  ? __x64_sys_getdents64+0x90/0x90
[  137.113598][ T2837]  ? filldir+0x670/0x670
[  137.117675][ T2837]  ? debug_smp_processor_id+0x17/0x20
[  137.122883][ T2837]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  137.128788][ T2837]  ? exit_to_user_mode_prepare+0x39/0xa0
[  137.134254][ T2837]  __x64_sys_getdents64+0x7b/0x90
[  137.139117][ T2837]  x64_sys_call+0x5ae/0x9a0
[  137.143452][ T2837]  do_syscall_64+0x3b/0xb0
[  137.147704][ T2837]  ? clear_bhb_loop+0x55/0xb0
[  137.152220][ T2837]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  137.157947][ T2837] RIP: 0033:0x7f799dfac013
[  137.162201][ T2837] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 52 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  137.181646][ T2837] RSP: 002b:00007fff77ba38d8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  137.189889][ T2837] RAX: ffffffffffffffda RBX: 0000555555e0a4e0 RCX: 00007f799dfac013
[  137.197706][ T2837] RDX: 0000000000008000 RSI: 0000555555e0a4e0 RDI: 0000000000000005
[  137.205516][ T2837] RBP: 0000555555e0a4b4 R08: 0000000000000000 R09: 0000000000000000
[  137.213409][ T2837] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  137.221221][ T2837] R13: 0000000000000010 R14: 0000555555e0a4b0 R15: 00007fff77ba5b80
[  137.229124][ T2837]  </TASK>
[  137.232348][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  137.244173][ T2837] syz-executor: attempt to access beyond end of device
[  137.244173][ T2837] loop4: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  137.258750][ T2837] syz-executor: attempt to access beyond end of device
[  137.258750][ T2837] loop4: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  137.274491][ T2909] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  137.278358][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  137.291395][  T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  137.312794][ T2909] ext4 filesystem being mounted at /1/mnt supports timestamps until 2038 (0x7fffffff)
[  137.325677][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  137.328133][  T313] usb 1-1: config 0 interface 0 has no altsetting 0
[  137.333856][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  137.364048][  T456] kworker/u4:4: attempt to access beyond end of device
[  137.364048][  T456] loop4: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  137.399265][ T2920] device pim6reg1 entered promiscuous mode
[  137.650825][  T313] usb 1-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[  137.668350][  T313] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  137.748357][  T313] usb 1-1: Product: syz
[  137.772535][  T313] usb 1-1: Manufacturer: syz
[  137.777063][  T313] usb 1-1: SerialNumber: syz
[  137.777633][ T2873] EXT4-fs (loop3): unmounting filesystem.
[  137.785042][  T313] usb 1-1: config 0 descriptor??
[  137.828408][  T313] hub 1-1:0.0: bad descriptor, ignoring hub
[  137.834142][  T313] hub: probe of 1-1:0.0 failed with error -5
[  137.880158][ T2932] loop3: detected capacity change from 0 to 4096
[  137.895936][ T2932] EXT4-fs: Ignoring removed oldalloc option
[  137.915356][ T2932] EXT4-fs (loop3): Test dummy encryption mode enabled
[  137.936396][ T2932] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  137.946605][   T28] audit: type=1400 audit(1724088098.841:854): avc:  denied  { write } for  pid=84 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  138.078036][   T28] audit: type=1400 audit(1724088098.841:855): avc:  denied  { remove_name } for  pid=84 comm="syslogd" name="messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  138.119931][   T28] audit: type=1400 audit(1724088098.841:856): avc:  denied  { rename } for  pid=84 comm="syslogd" name="messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  138.143467][   T28] audit: type=1400 audit(1724088098.841:857): avc:  denied  { add_name } for  pid=84 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  138.191743][   T28] audit: type=1400 audit(1724088098.841:858): avc:  denied  { unlink } for  pid=84 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  138.214076][   T28] audit: type=1400 audit(1724088098.841:859): avc:  denied  { create } for  pid=84 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  138.228158][  T313] usb 1-1: USB disconnect, device number 6
[  138.294334][   T10] device bridge_slave_1 left promiscuous mode
[  138.300380][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.309210][   T10] device bridge_slave_0 left promiscuous mode
[  138.315793][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.331666][   T10] device veth1_macvtap left promiscuous mode
[  138.337687][   T10] device veth0_vlan left promiscuous mode
[  138.538732][ T2873] EXT4-fs (loop3): unmounting filesystem.
[  138.545096][ T2946] input: syz0 as /devices/virtual/input/input90
[  138.565666][ T2937] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.572620][ T2937] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.579878][ T2937] device bridge_slave_0 entered promiscuous mode
[  138.586981][ T2937] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.594032][ T2937] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.609488][ T2937] device bridge_slave_1 entered promiscuous mode
[  138.748092][   T28] audit: type=1400 audit(1724088099.591:860): avc:  granted  { setsecparam } for  pid=2951 comm="syz.3.802" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  138.808623][ T1744] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  138.866291][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  138.873905][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  138.883475][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  138.891626][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  138.900194][  T313] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.907037][  T313] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.914395][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  138.922494][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  138.930498][  T313] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.937338][  T313] bridge0: port 2(bridge_slave_1) entered forwarding state
[  138.944744][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  138.960066][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  138.967815][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  138.982514][ T2937] device veth0_vlan entered promiscuous mode
[  138.989147][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  138.997457][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  139.005528][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  139.012838][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  139.026196][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  139.036294][ T2937] device veth1_macvtap entered promiscuous mode
[  139.045982][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  139.056049][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  139.064039][ T1744] usb 1-1: Using ep0 maxpacket: 32
[  139.094889][ T2959] device pim6reg1 entered promiscuous mode
[  139.188058][ T1744] usb 1-1: config 0 has no interfaces?
[  139.388093][ T1744] usb 1-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  139.401192][ T1744] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.434400][ T1744] usb 1-1: Product: syz
[  139.438986][ T1744] usb 1-1: Manufacturer: syz
[  139.447339][ T1744] usb 1-1: config 0 descriptor??
[  140.160260][ T2977] input: syz0 as /devices/virtual/input/input92
[  140.223421][ T1744] usb 1-1: can't set config #0, error -71
[  140.231305][ T1744] usb 1-1: USB disconnect, device number 7
[  140.394250][ T2986] loop0: detected capacity change from 0 to 128
[  140.499268][ T2990] input: syz0 as /devices/virtual/input/input93
[  141.888140][ T3007] device pim6reg1 entered promiscuous mode
[  141.929663][ T3010] input: syz0 as /devices/virtual/input/input94
[  142.034290][   T28] audit: type=1400 audit(1724088102.921:861): avc:  granted  { setsecparam } for  pid=3015 comm="syz.4.818" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  142.106816][ T3024] input: syz1 as /devices/virtual/input/input95
[  142.278079][   T19] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  142.548039][   T19] usb 3-1: Using ep0 maxpacket: 8
[  142.678095][   T19] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  142.688984][   T19] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  142.698579][   T19] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  142.711448][   T19] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2c24, bcdDevice= 0.00
[  142.975964][   T19] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.986632][   T19] usb 3-1: config 0 descriptor??
[  143.120265][   T28] audit: type=1400 audit(1724088104.001:862): avc:  granted  { setsecparam } for  pid=3033 comm="syz.0.835" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  143.338049][  T493] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  143.562551][ T3040] loop1: detected capacity change from 0 to 40427
[  143.571370][ T3040] F2FS-fs (loop1): Found nat_bits in checkpoint
[  143.596053][ T3040] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  143.718242][  T493] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  143.729486][  T493] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  143.739237][  T493] usb 4-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00
[  143.748668][  T493] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.906963][  T493] usb 4-1: config 0 descriptor??
[  143.918219][   T19] usbhid 3-1:0.0: can't add hid device: -71
[  143.924022][   T19] usbhid: probe of 3-1:0.0 failed with error -71
[  143.933836][   T19] usb 3-1: USB disconnect, device number 11
[  144.072166][ T3050] input: syz0 as /devices/virtual/input/input97
[  144.187600][ T3035] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  144.196603][ T3035] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  144.339113][ T2881] syz-executor: attempt to access beyond end of device
[  144.339113][ T2881] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  144.429125][  T493] samsung 0003:0419:0600.000C: unknown main item tag 0x0
[  144.438045][  T493] samsung 0003:0419:0600.000C: unknown main item tag 0x0
[  144.453319][  T493] samsung 0003:0419:0600.000C: hidraw0: USB HID v0.00 Device [HID 0419:0600] on usb-dummy_hcd.3-1/input0
[  144.834127][ T1834] usb 4-1: USB disconnect, device number 6
[  144.873366][ T3069] loop0: detected capacity change from 0 to 128
[  145.079437][ T3074] input: syz0 as /devices/virtual/input/input98
[  145.510976][ T3084] input: syz1 as /devices/virtual/input/input99
[  145.518926][   T28] audit: type=1400 audit(1724088106.411:863): avc:  granted  { setsecparam } for  pid=3082 comm="syz.3.838" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  146.168068][  T904] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  146.418049][  T904] usb 5-1: Using ep0 maxpacket: 8
[  146.536015][ T3106] input: syz0 as /devices/virtual/input/input101
[  147.548139][  T904] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  147.562268][  T904] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  147.588559][  T904] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  147.601356][  T904] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2c24, bcdDevice= 0.00
[  147.619465][  T904] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.064606][ T3126] input: syz0 as /devices/virtual/input/input102
[  148.248862][  T904] usb 5-1: config 0 descriptor??
[  148.414183][   T28] audit: type=1400 audit(1724088109.301:864): avc:  granted  { setsecparam } for  pid=3130 comm="syz.3.854" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  149.477450][ T3146] input: syz0 as /devices/virtual/input/input104
[  149.485065][ T3142] input: syz1 as /devices/virtual/input/input105
[  149.898112][  T904] usbhid 5-1:0.0: can't add hid device: -71
[  149.903885][  T904] usbhid: probe of 5-1:0.0 failed with error -71
[  149.918166][ T3163] device pim6reg1 entered promiscuous mode
[  149.926968][  T904] usb 5-1: USB disconnect, device number 6
[  150.937777][ T3166] input: syz0 as /devices/virtual/input/input106
[  152.188656][ T3181] input: syz0 as /devices/virtual/input/input107
[  152.924666][   T28] audit: type=1400 audit(1724088113.811:865): avc:  denied  { ioctl } for  pid=3186 comm="syz.4.869" path="socket:[27307]" dev="sockfs" ino=27307 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  152.957126][ T3189] device pim6reg1 entered promiscuous mode
[  152.957395][   T28] audit: type=1400 audit(1724088113.841:866): avc:  denied  { setopt } for  pid=3191 comm="syz.0.871" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  154.090005][ T3202] input: syz0 as /devices/virtual/input/input108
[  154.165929][   T28] audit: type=1400 audit(1724088115.041:867): avc:  granted  { setsecparam } for  pid=3198 comm="syz.4.873" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  154.330605][ T3213] loop1: detected capacity change from 0 to 128
[  154.409963][ T3213] EXT4-fs (loop1): Test dummy encryption mode enabled
[  154.420089][ T3213] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  154.437284][ T3213] ext4 filesystem being mounted at /22/mnt supports timestamps until 2038 (0x7fffffff)
[  154.803336][  T493] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  155.048030][  T493] usb 1-1: Using ep0 maxpacket: 8
[  155.168099][  T493] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  155.185023][  T493] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  155.211363][ T2881] EXT4-fs (loop1): unmounting filesystem.
[  155.247167][  T493] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  155.264032][  T493] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2c24, bcdDevice= 0.00
[  155.273142][  T493] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.293612][  T493] usb 1-1: config 0 descriptor??
[  155.606395][ T3240] input: syz0 as /devices/virtual/input/input109
[  155.867048][ T3244] device pim6reg1 entered promiscuous mode
[  155.878647][ T3245] loop1: detected capacity change from 0 to 4096
[  155.885199][ T3245] EXT4-fs: Ignoring removed oldalloc option
[  155.891640][ T3245] EXT4-fs (loop1): Test dummy encryption mode enabled
[  155.899603][ T3245] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  156.261955][ T3255] input: syz0 as /devices/virtual/input/input110
[  157.288085][  T493] usbhid 1-1:0.0: can't add hid device: -71
[  157.293869][  T493] usbhid: probe of 1-1:0.0 failed with error -71
[  157.303015][  T493] usb 1-1: USB disconnect, device number 8
[  157.318399][ T3267] loop3: detected capacity change from 0 to 256
[  157.330905][ T3269] loop4: detected capacity change from 0 to 128
[  157.331494][ T3267] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  157.337386][ T2881] EXT4-fs (loop1): unmounting filesystem.
[  157.385663][ T3269] EXT4-fs (loop4): Test dummy encryption mode enabled
[  157.495969][ T3270] input: syz0 as /devices/virtual/input/input112
[  157.687895][ T3269] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  157.777129][ T3269] ext4 filesystem being mounted at /19/mnt supports timestamps until 2038 (0x7fffffff)
[  157.798237][   T28] audit: type=1400 audit(1724088118.691:868): avc:  denied  { write } for  pid=3266 comm="syz.3.892" path="/21/file1/bus" dev="loop3" ino=1048659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  157.831032][   T28] audit: type=1400 audit(1724088118.701:869): avc:  denied  { map } for  pid=3266 comm="syz.3.892" path="/21/file1/bus" dev="loop3" ino=1048659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  157.856009][   T28] audit: type=1400 audit(1724088118.701:870): avc:  denied  { execute } for  pid=3266 comm="syz.3.892" path="/21/file1/bus" dev="loop3" ino=1048659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  158.344111][ T3291] device pim6reg1 entered promiscuous mode
[  158.399564][ T2937] EXT4-fs (loop4): unmounting filesystem.
[  158.687601][ T3306] loop1: detected capacity change from 0 to 4096
[  158.694713][ T3306] EXT4-fs: Ignoring removed oldalloc option
[  158.704705][ T3306] EXT4-fs (loop1): Test dummy encryption mode enabled
[  158.712317][ T3309] input: syz0 as /devices/virtual/input/input113
[  158.723324][ T3306] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  158.822442][ T3314] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.829722][ T3314] bridge0: port 2(bridge_slave_1) entered blocking state
[  158.836576][ T3314] bridge0: port 2(bridge_slave_1) entered forwarding state
[  159.060989][ T2881] EXT4-fs (loop1): unmounting filesystem.
[  159.488245][ T3332] input: syz0 as /devices/virtual/input/input114
[  159.500348][   T28] audit: type=1400 audit(1724088120.311:871): avc:  granted  { setsecparam } for  pid=3329 comm="syz.1.911" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  160.070434][ T3337] input: syz0 as /devices/virtual/input/input115
[  160.079198][ T3340] input: syz0 as /devices/virtual/input/input116
[  161.120726][ T3353] loop0: detected capacity change from 0 to 256
[  161.130157][ T3353] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  161.147594][ T3351] device pim6reg1 entered promiscuous mode
[  162.235627][ T3377] input: syz0 as /devices/virtual/input/input117
[  162.338382][   T28] audit: type=1400 audit(1724088123.221:872): avc:  granted  { setsecparam } for  pid=3379 comm="syz.1.925" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  162.399043][ T3382] input: syz0 as /devices/virtual/input/input118
[  163.089545][ T3384] input: syz0 as /devices/virtual/input/input119
[  163.878647][ T3398] loop3: detected capacity change from 0 to 512
[  163.907478][ T3398] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  163.925922][ T3398] EXT4-fs (loop3): orphan cleanup on readonly fs
[  163.942745][ T3398] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #16: comm syz.3.929: casefold flag without casefold feature
[  163.978355][ T3398] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #16: comm syz.3.929: unexpected EA_INODE flag
[  164.004944][ T3398] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.929: couldn't read orphan inode 16 (err -117)
[  164.190661][ T3405] input: syz0 as /devices/virtual/input/input121
[  164.309451][ T3408] input: syz0 as /devices/virtual/input/input122
[  164.342203][ T3398] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  164.768747][ T3413] input: syz0 as /devices/virtual/input/input123
[  165.169113][ T2873] EXT4-fs (loop3): unmounting filesystem.
[  165.568431][ T3411] loop0: detected capacity change from 0 to 40427
[  165.579200][ T3411] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  165.586917][ T3411] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  165.595918][ T3411] F2FS-fs (loop0): invalid crc value
[  165.610362][ T3411] F2FS-fs (loop0): Found nat_bits in checkpoint
[  165.641449][ T3411] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  165.648393][ T3411] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  166.332951][ T1874] syz-executor: attempt to access beyond end of device
[  166.332951][ T1874] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  166.335952][ T3438] device pim6reg1 entered promiscuous mode
[  166.364299][ T3441] loop3: detected capacity change from 0 to 128
[  166.385252][ T3441] EXT4-fs (loop3): Test dummy encryption mode enabled
[  166.393376][ T3441] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  166.402679][ T3441] ext4 filesystem being mounted at /30/mnt supports timestamps until 2038 (0x7fffffff)
[  166.413802][   T28] audit: type=1400 audit(1724088127.301:873): avc:  granted  { setsecparam } for  pid=3436 comm="syz.1.938" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  166.570725][ T3454] input: syz0 as /devices/virtual/input/input125
[  166.763171][ T3463] input: syz0 as /devices/virtual/input/input126
[  166.949231][ T3466] loop4: detected capacity change from 0 to 128
[  166.955565][ T3466] EXT4-fs: dax option not supported
[  167.400372][ T2873] EXT4-fs (loop3): unmounting filesystem.
[  168.158347][ T3495] loop1: detected capacity change from 0 to 40427
[  168.165111][ T3495] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  168.173064][ T3495] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  168.181828][ T3495] F2FS-fs (loop1): invalid crc value
[  168.205329][ T3495] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  168.234511][ T3495] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  168.241507][ T3495] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  169.142044][ T3510] syz.1.955: attempt to access beyond end of device
[  169.142044][ T3510] loop1: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[  169.195571][   T28] audit: type=1400 audit(1724088130.081:874): avc:  granted  { setsecparam } for  pid=3507 comm="syz.0.959" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  169.332186][   T28] audit: type=1400 audit(1724088130.221:875): avc:  denied  { bpf } for  pid=3513 comm="syz.4.960" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  169.352539][   T28] audit: type=1400 audit(1724088130.221:876): avc:  denied  { map_create } for  pid=3513 comm="syz.4.960" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  169.371836][   T28] audit: type=1400 audit(1724088130.221:877): avc:  denied  { map_read map_write } for  pid=3513 comm="syz.4.960" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  169.391824][   T28] audit: type=1400 audit(1724088130.221:878): avc:  denied  { prog_load } for  pid=3513 comm="syz.4.960" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  169.415671][   T28] audit: type=1400 audit(1724088130.221:879): avc:  denied  { perfmon } for  pid=3513 comm="syz.4.960" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  169.436940][   T28] audit: type=1400 audit(1724088130.221:880): avc:  denied  { ioctl } for  pid=3521 comm="syz.0.962" path="/dev/raw-gadget" dev="devtmpfs" ino=166 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  169.485471][   T28] audit: type=1400 audit(1724088130.221:881): avc:  denied  { unmount } for  pid=2881 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  169.505216][   T28] audit: type=1400 audit(1724088130.221:882): avc:  denied  { read } for  pid=3517 comm="syz.3.971" path="/dev/fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  169.618045][   T19] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  169.755961][ T3531] input: syz0 as /devices/virtual/input/input128
[  170.093828][ T3535] loop3: detected capacity change from 0 to 128
[  170.128130][   T19] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  170.138967][   T19] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  170.148757][   T19] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice= 0.00
[  170.158466][   T19] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  170.167421][   T19] usb 1-1: config 0 descriptor??
[  170.275159][ T3544] netlink: 24 bytes leftover after parsing attributes in process `syz.3.965'.
[  170.328033][  T493] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  170.479366][ T3547] loop1: detected capacity change from 0 to 128
[  170.485855][ T3547] ext4: Unknown parameter 'hash'
[  170.568035][  T493] usb 5-1: Using ep0 maxpacket: 8
[  170.618857][ T3522] syz.0.962[3522] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  170.618907][ T3522] syz.0.962[3522] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  170.638669][   T19] appleir 0003:05AC:8243.000D: unknown main item tag 0x0
[  170.656592][   T19] appleir 0003:05AC:8243.000D: item fetching failed at offset 3/5
[  170.664578][   T19] appleir 0003:05AC:8243.000D: parse failed
[  170.664617][   T19] appleir: probe of 0003:05AC:8243.000D failed with error -22
[  170.688108][  T493] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  170.698892][  T493] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  170.708394][  T493] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  170.717209][  T493] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  170.725558][  T493] usb 5-1: config 0 descriptor??
[  170.841480][   T19] usb 1-1: USB disconnect, device number 9
[  171.716161][  T493] kone 0003:1E7D:2CED.000E: collection stack underflow
[  171.723407][  T493] kone 0003:1E7D:2CED.000E: item 0 1 0 12 parsing failed
[  171.730506][  T493] kone 0003:1E7D:2CED.000E: parse failed
[  171.736041][  T493] kone: probe of 0003:1E7D:2CED.000E failed with error -22
[  171.846868][   T28] kauditd_printk_skb: 39 callbacks suppressed
[  173.326184][    T6] usb 5-1: USB disconnect, device number 7
[  173.331023][   T28] audit: type=1400 audit(1724088132.731:922): avc:  denied  { module_request } for  pid=3556 comm="syz.2.973" kmod="net-pf-10-proto-67-type-1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  173.427054][   T28] audit: type=1400 audit(1724088132.731:923): avc:  granted  { setsecparam } for  pid=3556 comm="syz.2.973" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  173.445963][   T28] audit: type=1400 audit(1724088133.291:924): avc:  denied  { create } for  pid=3559 comm="syz.1.974" anonclass=[userfaultfd] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  173.638417][   T28] audit: type=1400 audit(1724088133.421:925): avc:  denied  { ioctl } for  pid=3559 comm="syz.1.974" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=28881 ioctlcmd=0xaa00 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  173.702777][   T28] audit: type=1400 audit(1724088134.431:926): avc:  denied  { create } for  pid=3571 comm="syz.2.977" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  173.722163][   T28] audit: type=1400 audit(1724088134.441:927): avc:  denied  { setopt } for  pid=3571 comm="syz.2.977" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  173.741636][   T28] audit: type=1400 audit(1724088134.451:928): avc:  denied  { create } for  pid=3571 comm="syz.2.977" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  173.761840][   T28] audit: type=1400 audit(1724088134.471:929): avc:  denied  { write } for  pid=3571 comm="syz.2.977" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  173.798924][   T28] audit: type=1400 audit(1724088134.471:930): avc:  denied  { read } for  pid=3571 comm="syz.2.977" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  173.951363][ T3591] loop3: detected capacity change from 0 to 512
[  174.046879][ T3591] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.983: inode #1: comm syz.3.983: iget: illegal inode #
[  174.060667][ T3591] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.983: error while reading EA inode 1 err=-117
[  174.073141][ T3591] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.983: inode #1: comm syz.3.983: iget: illegal inode #
[  174.086168][ T3591] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.983: error while reading EA inode 1 err=-117
[  174.098573][ T3591] EXT4-fs (loop3): 1 orphan inode deleted
[  174.104182][ T3591] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  174.107390][ T3582] loop4: detected capacity change from 0 to 40427
[  174.121902][   T28] audit: type=1400 audit(1724088135.011:931): avc:  denied  { mount } for  pid=3588 comm="syz.3.983" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  174.143424][ T3582] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  174.151122][ T3582] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  174.160308][ T3582] F2FS-fs (loop4): invalid crc value
[  174.166982][ T3582] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  174.225003][ T3582] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  174.232047][ T3582] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  174.240891][ T3599] loop1: detected capacity change from 0 to 512
[  174.259215][ T3599] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[  174.274470][ T3599] EXT4-fs (loop1): Remounting filesystem read-only
[  174.294281][ T3599] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.984: invalid indirect mapped block 4278190080 (level 0)
[  174.311666][ T3599] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.984: invalid indirect mapped block 1 (level 1)
[  174.341533][ T3599] EXT4-fs (loop1): 1 truncate cleaned up
[  174.347008][ T3599] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  174.387143][ T2881] EXT4-fs (loop1): unmounting filesystem.
[  175.327410][ T2873] EXT4-fs (loop3): unmounting filesystem.
[  175.390933][ T3629] loop1: detected capacity change from 0 to 128
[  175.410941][ T3629] EXT4-fs (loop1): Test dummy encryption mode enabled
[  175.444851][ T3629] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  175.519111][ T3641] input: syz0 as /devices/virtual/input/input130
[  175.620510][ T3629] ext4 filesystem being mounted at /47/mnt supports timestamps until 2038 (0x7fffffff)
[  175.988277][ T3647] netlink: 8 bytes leftover after parsing attributes in process `syz.3.999'.
[  176.093255][ T3651] loop3: detected capacity change from 0 to 512
[  176.103064][ T3633] loop0: detected capacity change from 0 to 40427
[  176.110166][ T3633] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  176.114628][ T3651] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  176.117870][ T3633] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  176.126728][ T3651] ext4 filesystem being mounted at /41/bus supports timestamps until 2038 (0x7fffffff)
[  176.135650][ T3633] F2FS-fs (loop0): invalid crc value
[  176.152508][ T3651] EXT4-fs error (device loop3): ext4_get_first_dir_block:3548: inode #12: block 32: comm syz.3.1001: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  176.158067][ T3633] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  176.175975][ T3651] EXT4-fs error (device loop3): ext4_get_first_dir_block:3551: inode #12: comm syz.3.1001: directory missing '.'
[  176.226681][ T2881] EXT4-fs (loop1): unmounting filesystem.
[  176.237811][ T3633] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  176.245688][ T3633] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  176.246174][ T2873] EXT4-fs (loop3): unmounting filesystem.
[  176.270453][ T3633] syz.0.997: attempt to access beyond end of device
[  176.270453][ T3633] loop0: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[  176.447689][ T3678] input: syz0 as /devices/virtual/input/input131
[  176.469243][ T3677] device pim6reg1 entered promiscuous mode
[  176.715644][ T3692] loop4: detected capacity change from 0 to 128
[  176.722529][ T3692] EXT4-fs (loop4): Test dummy encryption mode enabled
[  176.737750][ T3692] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  176.748330][ T3694] input: syz0 as /devices/virtual/input/input132
[  176.761140][ T3692] ext4 filesystem being mounted at /48/mnt supports timestamps until 2038 (0x7fffffff)
[  176.879143][ T3697] input: syz0 as /devices/virtual/input/input133
[  177.578373][ T2937] EXT4-fs (loop4): unmounting filesystem.
[  177.591541][ T3719] loop0: detected capacity change from 0 to 512
[  177.618586][ T3719] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  177.640983][ T3720] loop1: detected capacity change from 0 to 128
[  177.647340][ T3720] EXT4-fs: dax option not supported
[  177.760061][  T534] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  177.771559][ T3719] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  177.892836][ T3719] ext4 filesystem being mounted at /104/file0 supports timestamps until 2038 (0x7fffffff)
[  177.945017][ T1874] EXT4-fs (loop0): unmounting filesystem.
[  177.982940][ T3730] device pim6reg1 entered promiscuous mode
[  178.165824][ T3734] input: syz0 as /devices/virtual/input/input134
[  178.438787][ T3749] input: syz0 as /devices/virtual/input/input135
[  178.537431][ T3751] input: syz0 as /devices/virtual/input/input136
[  179.082967][ T3763] loop0: detected capacity change from 0 to 512
[  179.092443][ T3763] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  179.101523][ T3765] loop4: detected capacity change from 0 to 512
[  179.109997][ T3765] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  179.115261][ T3763] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  179.118479][ T3765] EXT4-fs (loop4): orphan cleanup on readonly fs
[  179.127032][ T3763] ext4 filesystem being mounted at /107/file0 supports timestamps until 2038 (0x7fffffff)
[  179.133214][ T3765] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #16: comm syz.4.1037: casefold flag without casefold feature
[  179.155076][ T3765] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #16: comm syz.4.1037: unexpected EA_INODE flag
[  179.166783][ T3765] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.1037: couldn't read orphan inode 16 (err -117)
[  179.167022][ T1874] EXT4-fs (loop0): unmounting filesystem.
[  179.178973][ T3765] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  179.412016][ T3784] loop1: detected capacity change from 0 to 128
[  179.418445][ T3784] EXT4-fs: dax option not supported
[  179.801017][ T3794] input: syz0 as /devices/virtual/input/input138
[  180.502096][ T3805] loop1: detected capacity change from 0 to 512
[  180.526636][ T3805] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  180.582338][ T2937] EXT4-fs (loop4): unmounting filesystem.
[  180.625648][ T3805] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  180.640795][ T3805] ext4 filesystem being mounted at /56/file0 supports timestamps until 2038 (0x7fffffff)
[  180.661469][ T3812] input: syz0 as /devices/virtual/input/input139
[  180.706480][ T2881] EXT4-fs (loop1): unmounting filesystem.
[  180.988667][ T3825] input: syz0 as /devices/virtual/input/input140
[  181.221712][ T3828] loop0: detected capacity change from 0 to 128
[  181.228211][ T3828] EXT4-fs: dax option not supported
[  181.278573][  T534] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  181.678517][   T28] kauditd_printk_skb: 12 callbacks suppressed
[  181.682061][   T28] audit: type=1400 audit(1724088142.541:944): avc:  denied  { unmount } for  pid=291 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  181.743342][ T3844] loop1: detected capacity change from 0 to 2048
[  181.759344][ T3844] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  181.772662][   T28] audit: type=1400 audit(1724088142.661:945): avc:  denied  { read append } for  pid=3843 comm="syz.1.1062" path="/58/file0/cpuacct.usage_sys" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  181.858663][ T3852] input: syz0 as /devices/virtual/input/input141
[  181.971164][ T3843] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  181.992963][   T28] audit: type=1400 audit(1724088142.851:946): avc:  denied  { map } for  pid=3843 comm="syz.1.1062" path="/58/file0/cpuacct.usage_sys" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  182.055192][ T3864] loop3: detected capacity change from 0 to 512
[  182.062172][  T864] ------------[ cut here ]------------
[  182.067463][  T864] kernel BUG at fs/ext4/inode.c:2749!
[  182.073409][  T864] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  182.079419][  T864] CPU: 0 PID: 864 Comm: kworker/u4:5 Tainted: G        W          6.1.90-syzkaller-00020-gd6a513a78492 #0
[  182.090557][  T864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  182.100429][  T864] Workqueue: writeback wb_workfn (flush-7:1)
[  182.106243][  T864] RIP: 0010:ext4_writepages+0x3fab/0x3fd0
[  182.111786][  T864] Code: a2 80 ff 31 ff 89 de e8 a3 a2 80 ff 45 84 f6 75 2a e8 09 a0 80 ff 49 bc 00 00 00 00 00 fc ff df e9 6e f6 ff ff e8 f5 9f 80 ff <0f> 0b e8 ee 9f 80 ff e8 e5 86 0b ff e9 46 c3 ff ff e8 df 9f 80 ff
[  182.131233][  T864] RSP: 0018:ffffc9000e15f000 EFLAGS: 00010293
[  182.137148][  T864] RAX: ffffffff81f502bb RBX: 0000008000000000 RCX: ffff888111480000
[  182.144941][  T864] RDX: 0000000000000000 RSI: 0000008000000000 RDI: 0000000000000000
[  182.152752][  T864] RBP: ffffc9000e15f410 R08: ffffffff81f4ca1b R09: ffffed1023b6800b
[  182.160564][  T864] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888114024000
[  182.168378][  T864] R13: ffff88811db40190 R14: 000000c410000000 R15: ffffc9000e15f2e0
[  182.176191][  T864] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  182.184965][  T864] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  182.191376][  T864] CR2: 0000555556e1a7d0 CR3: 000000011a835000 CR4: 00000000003506b0
[  182.199190][  T864] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  182.206997][  T864] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  182.214811][  T864] Call Trace:
[  182.217936][  T864]  <TASK>
[  182.220714][  T864]  ? __die_body+0x62/0xb0
[  182.224878][  T864]  ? die+0x88/0xb0
[  182.228438][  T864]  ? do_trap+0x103/0x330
[  182.232514][  T864]  ? ext4_writepages+0x3fab/0x3fd0
[  182.237476][  T864]  ? handle_invalid_op+0x95/0xc0
[  182.242253][  T864]  ? ext4_writepages+0x3fab/0x3fd0
[  182.247200][  T864]  ? exc_invalid_op+0x32/0x50
[  182.251698][  T864]  ? asm_exc_invalid_op+0x1b/0x20
[  182.256568][  T864]  ? ext4_writepages+0x70b/0x3fd0
[  182.261425][  T864]  ? ext4_writepages+0x3fab/0x3fd0
[  182.266379][  T864]  ? ext4_writepages+0x3fab/0x3fd0
[  182.271317][  T864]  ? trim_init_extable+0x3d0/0x3d0
[  182.276260][  T864]  ? trim_init_extable+0x3d0/0x3d0
[  182.281209][  T864]  ? strncpy_from_user+0x1e6/0x2b0
[  182.286158][  T864]  ? fixup_exception+0xdce/0x1d30
[  182.291017][  T864]  ? bsearch+0x96/0xc0
[  182.294918][  T864]  ? search_extable+0xf0/0xf0
[  182.299435][  T864]  ? search_extable+0xaf/0xf0
[  182.303949][  T864]  ? trim_init_extable+0x3d0/0x3d0
[  182.309068][  T864]  ? strncpy_from_user+0x1e6/0x2b0
[  182.314038][  T864]  ? ext4_read_folio+0x240/0x240
[  182.318795][  T864]  ? cpudl_cleanup+0x40/0x40
[  182.323218][  T864]  ? xas_load+0x39d/0x3b0
[  182.327382][  T864]  ? __update_load_avg_cfs_rq+0xb1/0x2f0
[  182.332858][  T864]  ? __kasan_check_write+0x14/0x20
[  182.337798][  T864]  ? enqueue_task_fair+0xe57/0x24c0
[  182.342836][  T864]  ? ext4_read_folio+0x240/0x240
[  182.347605][  T864]  do_writepages+0x385/0x620
[  182.352040][  T864]  ? __writepage+0x130/0x130
[  182.356459][  T864]  ? __update_load_avg_cfs_rq+0xb1/0x2f0
[  182.362014][  T864]  ? __kasan_check_write+0x14/0x20
[  182.366960][  T864]  __writeback_single_inode+0xdc/0xb80
[  182.372342][  T864]  writeback_sb_inodes+0xb32/0x1910
[  182.377376][  T864]  ? _raw_spin_lock+0xa4/0x1b0
[  182.381985][  T864]  ? queue_io+0x520/0x520
[  182.386141][  T864]  ? __writeback_inodes_wb+0x3f0/0x3f0
[  182.391445][  T864]  ? queue_io+0x3d0/0x520
[  182.395600][  T864]  ? memset+0x35/0x40
[  182.399421][  T864]  wb_writeback+0x3b9/0x9f0
[  182.403768][  T864]  ? inode_cgwb_move_to_attached+0x3c0/0x3c0
[  182.409578][  T864]  ? set_worker_desc+0x158/0x1c0
[  182.414349][  T864]  ? cpudl_cleanup+0x40/0x40
[  182.418782][  T864]  ? __kasan_check_write+0x14/0x20
[  182.423728][  T864]  wb_workfn+0x399/0x1030
[  182.427981][  T864]  ? inode_wait_for_writeback+0x280/0x280
[  182.433530][  T864]  ? native_set_ldt+0x130/0x130
[  182.438217][  T864]  ? kthread_data+0x53/0xc0
[  182.442559][  T864]  ? _raw_spin_unlock+0x4c/0x70
[  182.447243][  T864]  ? finish_task_switch+0x167/0x7b0
[  182.452281][  T864]  ? __kasan_check_read+0x11/0x20
[  182.457138][  T864]  ? read_word_at_a_time+0x12/0x20
[  182.462092][  T864]  ? strscpy+0x9c/0x260
[  182.466078][  T864]  process_one_work+0x73d/0xcb0
[  182.470770][  T864]  worker_thread+0xa60/0x1260
[  182.475282][  T864]  kthread+0x26d/0x300
[  182.479270][  T864]  ? worker_clr_flags+0x1a0/0x1a0
[  182.484130][  T864]  ? kthread_blkcg+0xd0/0xd0
[  182.488560][  T864]  ret_from_fork+0x1f/0x30
[  182.492813][  T864]  </TASK>
[  182.495673][  T864] Modules linked in:
[  182.504435][  T864] ---[ end trace 0000000000000000 ]---
[  182.511935][  T864] RIP: 0010:ext4_writepages+0x3fab/0x3fd0
[  182.517786][ T3864] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  182.526276][ T3864] EXT4-fs (loop3): orphan cleanup on readonly fs
[  182.532840][  T864] Code: a2 80 ff 31 ff 89 de e8 a3 a2 80 ff 45 84 f6 75 2a e8 09 a0 80 ff 49 bc 00 00 00 00 00 fc ff df e9 6e f6 ff ff e8 f5 9f 80 ff <0f> 0b e8 ee 9f 80 ff e8 e5 86 0b ff e9 46 c3 ff ff e8 df 9f 80 ff
[  182.538335][ T3864] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #16: comm syz.3.1066: casefold flag without casefold feature
[  182.552708][  T864] RSP: 0018:ffffc9000e15f000 EFLAGS: 00010293
[  182.567662][ T3864] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #16: comm syz.3.1066: unexpected EA_INODE flag
[  182.571737][  T864] RAX: ffffffff81f502bb RBX: 0000008000000000 RCX: ffff888111480000
[  182.590596][  T864] RDX: 0000000000000000 RSI: 0000008000000000 RDI: 0000000000000000
[  182.598514][  T864] RBP: ffffc9000e15f410 R08: ffffffff81f4ca1b R09: ffffed1023b6800b
[  182.606639][  T864] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888114024000
[  182.614637][  T864] R13: ffff88811db40190 R14: 000000c410000000 R15: ffffc9000e15f2e0
[  182.622544][ T3864] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.1066: couldn't read orphan inode 16 (err -117)
[  182.634495][  T864] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  182.639916][ T3864] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  182.643806][  T864] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  182.658629][  T864] CR2: 00007f72a88e8178 CR3: 000000012d200000 CR4: 00000000003506b0
[  182.666337][  T864] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  182.674422][  T864] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  182.682284][  T864] Kernel panic - not syncing: Fatal exception
[  182.688237][  T864] Kernel Offset: disabled
[  182.692285][  T864] Rebooting in 86400 seconds..