last executing test programs:

1m24.570053466s ago: executing program 32 (id=99):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
pipe2(&(0x7f0000000100)={<r1=>0xffffffffffffffff}, 0x4000)
close_range(r1, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4)
connect$inet6(r2, &(0x7f0000000340)={0xa, 0x4e22, 0x0, @loopback, 0x1}, 0x1c)
sendto$inet6(r2, &(0x7f00000002c0)="e8", 0xfffffffffffffd79, 0x2000c850, 0x0, 0x0)
splice(r1, 0x0, r0, 0x0, 0x10020, 0x0)

1m6.256728099s ago: executing program 33 (id=488):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r2}, 0x18)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000500)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

58.093850487s ago: executing program 34 (id=653):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000440)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x8, 0x6, 0x2}]}}]}, 0x38}}, 0x0)

48.506060419s ago: executing program 35 (id=837):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000000c0)='9p_protocol_dump\x00', r2}, 0x10)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r3 = dup(r1)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r3}})

29.143234223s ago: executing program 3 (id=1234):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
dup3(r0, r1, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r2 = gettid()
process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x229, 0x0)
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
madvise(&(0x7f000042f000/0x800000)=nil, 0x80fd00, 0x14)

28.877851458s ago: executing program 3 (id=1245):
syz_open_dev$evdev(&(0x7f00000004c0), 0x8000000000000, 0x4080)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000380)={0x1, 0x0, 0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000040)={0x0, 0x7000, 0x1})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

28.770717895s ago: executing program 3 (id=1248):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001c00)=@base={0xb, 0x5, 0x7, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000008c0)='sys_enter\x00', r1}, 0x10)
r2 = getpgid(0x0)
sched_rr_get_interval(r2, &(0x7f0000000680))

28.747419116s ago: executing program 3 (id=1249):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)

28.726354087s ago: executing program 3 (id=1250):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x408, 0xcd, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)

28.617206843s ago: executing program 3 (id=1254):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x4206, r0)
setuid(0xee00)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000200)={'bridge_slave_1\x00', 0x0})
wait4(r0, 0x0, 0x80000000, 0x0)
wait4(r0, &(0x7f0000000000), 0x0, 0x0)
removexattr(0x0, 0x0)
getuid()

28.566416947s ago: executing program 36 (id=1254):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x4206, r0)
setuid(0xee00)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000200)={'bridge_slave_1\x00', 0x0})
wait4(r0, 0x0, 0x80000000, 0x0)
wait4(r0, &(0x7f0000000000), 0x0, 0x0)
removexattr(0x0, 0x0)
getuid()

24.551912452s ago: executing program 7 (id=1393):
socket(0x11, 0x800000003, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x49, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="500000006800010000000000000000000a00000000000000280008802400010000000000000000000000040000000000fe8000000000000000000000000000aa06000700050000000800", @ANYRES32=r3], 0x50}}, 0x0)

24.538205793s ago: executing program 7 (id=1394):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x0, 0x0, 0x0)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000000400)={0xffffffffffffffff, 0x0, {0x2a00, 0x80010000, 0x0, 0x8000, 0xfffffffc, 0x0, 0x4, 0x0, 0x18, "fee8a294f8a0e9ffff0d9683dda1af1ea89de2b7fb0a01040000000008000003000200000000003f00", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x8})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

24.450266528s ago: executing program 7 (id=1399):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="1e000000000000000100000007"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbac, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f00000002c0)='ext4_fc_track_range\x00', r1, 0x0, 0x1}, 0x18)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001180)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112b0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01ac69398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ef6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b6214912a517810200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d2943e6f5f828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a74c500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a54d9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734837ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a6d072034cecc457776c5fa1f33b0203c07052c6bc314b0ac5c63bc2083c9cda0b7480e0b17854ffcc76176ce266bc698f7921b8afe798a7a5ed33ab0374455ee368fda99a0e681bf9426831b193395cb01a7332a50aac841cb7d48a1768a7640a9820631ba775a"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b702000008000000bfa300000000000007030000ffffffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000000000095000000000000006623848adf1dc9a764ab51a064caff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b81ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6b6981978d51514b00dcc4a2748b376358c33c9753beab62bdf27dc04e4cb4bc598affd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b770009524edd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd88345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1757b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c35af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d9900000011000003971b32fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d677d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc37e5aa23bff8cce0600000000000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68f536a03353a55a8a8e176e5d48887d31c8e0f77f2c1e68ec7c01bd5a2028a8fc107007f5f4c67600a6ade3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d9029f071fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b4492510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2020ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a017ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f6c3652c423ce6ecc1be5d4e8133fc32f68ea86a2df1e7df98a0ae216c405d0ae9eed114ff2d6fe27dfdff1cf9194849c4cc0da9533e5983863e526a7dc0d8728f3b573ca4427bdb44df9341e9b8420e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9467b51d92e0993af4beaf1f3d47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c27c318475802e2c62681bd1a331422a6e47bbd40857d52c4894944fae5c5000000000000000000000000e0c47613e950b6aefeae054fc723f62ac7d13941de11b018f1f48ac50335df91c771729f81929128135b2803562c1171ee00a3f4a31281aa363e087d53d86dd85e3ff979a7e72d16fdd7e1a0f07a1c8e6085d280d760f74975ceb3a5be6cfb4da8e0aeb769b8b75f4aad803ed77d34872eed2711aa40a3b38099dc2752e8ec9b520faf39e416752aa0830206736570f5d41a4df848c9052551cf8dcb1be000000000eb2577188e8e96bd825d462350905d3eb916b397d2a46a64081e85661d7a5a2716cc87cb1976d15d9b6418e94f165911803e43830432226c660f4da67bb7c8ceb3755c07197d8b80b8d16b12c2ec63bebe107aa2350a7ae564bf69a6c52a2da1496016dd66a1c1b112"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000880), 0xfffffffffffffddd, 0x0, 0xffffffffffffffff, 0x28, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xe, 0x0, &(0x7f0000000040)="3d6ee2e04b91ab10143d9abe86dd", 0x0, 0xfffc, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

24.386720602s ago: executing program 7 (id=1401):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file1\x00', 0x50, &(0x7f00000001c0)={[{@jqfmt_vfsv1}, {@stripe={'stripe', 0x3d, 0x4}}, {@dioread_nolock}, {@mblk_io_submit}, {@nogrpid}, {@usrjquota}]}, 0x1, 0x3ed, &(0x7f0000001240)="$eJzs3E9PHGUYAPBnhn9CC4uJB1M9kGgUo0IXRa0xsXr1z6X6AQjQ2khLUzCxlQMaT548GG8e+gU8+AGaxjQx8Sv4BUyTxlAOesPM7MyywLCC7LIt/f2Syb7vzOw+77MzTN532HkDeGxNRMT5iOiLiJmIqBXr02KJ9caS7fdgY21+c2NtPomtrQt/JZEU68rPSorXU0VlMo1Iv414Zn1v3JUbNz+fW1pavF7Up1evXJteuXHz1ctX5i4tXlq8Wn/zXL0+O/NW/fWO5frj8y+d63v//Jmf/qjdmR0cHM7ae7rY1ppHp0zERPM72W2208F6bLDXDQAA4EDSou/fn/f/a9GXlxpqMb3W08YBAAAAHbH1bvEKAAAAnGCJsT8AAACccOXvAB5srM2XSw9/jnDs7r8XEePbzzZvNvPvjyeKfQa6+HzrRERceyGpZUt06TlkAIBWd7L+z9mq/l8aT7fsNxSR94eGOxx/Yld9b/8nvdfhkDtk/b93ImJzT/8vLXcZ7ytqo3lXcSC5eHlp8WxEjEXEZAwMZfV6mxgf/P3zx/tty/K/m4yOlUsW/26Sf3Qhvdc/tPM9C3Orc0fJudX9ryPO9FflnzT7v0lEjBwhRt9Xt97eb1t1/qNjRwh3KFu3Il6sPP7bM/ck7ecnms7Ph+nyrNjrn29++Wi/+L3OPzv+I+3zH09a52taOXyM25/9/mxeqMiqdfxTnX/1+T+YfJKXy3HZl3Orq9frEYPJh3vXz2y/t6yX+2f5Tz5X/fdfXv+SYk6r08U14LC++/7XV9rv0cg/W7L45VjwOGT5Lxzq+LcrXBiu2vTG7d8+3S9+8/gnEeuV+WfHvzEH2GSx5iDXv/9q6f8/mwEAAODRk+b3NZJ0qllO06mpxv2Op2IkXVpeWX354vIXVxca9z/GYyAt73TVWu6H1hv/Rm/WZ3bVX4uIJyPih9pwXp+aX15a6HXyAAAA8Jg4tc/4P/Pnsf0KAQAAAOi68V43AAAAAOg6438AAAA40Q42r5/CzkL2zT0EzVBQ6Fqh11cmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAR9u/AQAA//8mJ7Np")
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mounts\x00')
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x1a158c0, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x84000, 0x0)

24.328963665s ago: executing program 7 (id=1404):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000000), &(0x7f00000003c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r1}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0x5ee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008900000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r3}, 0x57)

24.221006251s ago: executing program 7 (id=1408):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000004200)="d1c244959ae267faf53d7f3e4875f84709555503f03f913bcdc902eb53fe5f4f0ab0fd15aa3c4ec6f9f45ea8d15d542a5ec984f079d2f699f91935804c225f235e94fa9445b1d33c14b4ccb7a19711a0b95e897f77df623ac8a21b0b597b7b004eec12fcfd28a6b684cf071256f3fc6971312cdcf4edd55857bfcd9ba5292ae301f37971cc277e6e5c84dac880445a5fb0f594fb383bca7115046fe0ac3f6d3f3ce1c2b3322a149129c4938d81813d987ab143cadc948e967d0d7ae29ea922e0ba3b444195ef86a36dcb5b6108d30d26ab388a01f4db906e579f016745133b527d062439ce3b0025bb9ac7285d648c7e0dbde44514beb2cc921a4070f0b840fc0247ed37e76504f8ffb3a12a7e6b75c2dab2ef0b4f2d28deba095f9fabb55f8e0e23655400a7cbab57aad141712430cea79ce9845dc5c04e1a03421eca35727ff731434038c3503f02970ed2e74aa4ed6402ae017b5773470702ab4079babf4f38d6ee23870beebe17f893cd2d05f89c9a3966cdda5c17e7e1ce758fe5208cd41ff3dc8a3f5f55372ff1985c8f03b16504425349cd0da33a7418cedeffd278cf05b9d99a939adea933bf94636358bb21757097ed4c9b57271569651d1a1df88f8d0e973b1edbf498f929fd2a7b103b08e7e5de686631e079755a7aeb6350e50472fd13c0d5b5f81ec6b9a9d144a7972b4cfc1f422fb6ae6adaed5d345baad45d98687b63a0772856a781ee7c083f5b73b90a7a2a83ef11056119eed67b8966a69131f71a09e7ad0397184bdfc0460ded1584a61ae94b3f1e6de41d60c59f2530197091d823321fa82b2640f66daa181a0ef18d66cec6d72c96e61e607edc7376b0a89848e3e25268848741f3b57102c9a58edade621847bc8819e3e6cb8c55034c974f1109282310db407746ec394aeb9ea3e3555c36f94f506571e57eef260ffaffd699fba14ab8ee41cf6f751073312e8e395079f6d5a64c4fcaeddedf590a0e886c9416f252dcf71d7bbb1016876ac0baeb8b29f3344b58c6c5a354a6f33dfb6057aa90e59f3cfd4f22fa2fbdb096f906f84cfc9f270d22359a5510b2e7d40d0faf516d4347d72e6d7adfb698424e0edb3257f72e0da56421638d262a2015aefd4b0f190a937ed1bc7bf6aa88af11de1b32ecf5995605a2998091f3fb988bf439bd7455e970fab9350d7ac5521d32edfdb5a697d6feb2c36b9631afada71b62fb2975ccd3bed7df37119dcbf49e4d289fb4e8760bc00c72e326eca915ff10ec0ae2da852ec49e665a5a550bfc5bfd9f361cacd6c9773d141d5e427c5eb9411ce2e41b19ad75fbe65f37583023dc8b12a80052f16fe852ba9a81482a3560ab081cb2c05c68b4ec9fdf1cf7f3d77cf343755547f12dd934ab6cac61db9deaa65d9d442aeb7f2a633cf12255a6050bf87f4faa24b833201454cb2e22cca78db650d3a08ce7da495bccb698feaeccd35c44a4fdfbedc46b5d41948a94fdae27cf5da6175033ecc706cf624cdf9e613307fb8d66b240fa8308d94ba8de478f8c210ef2dc07a2eeb71cbe4b6ac5388b27e587147ced2a03544ae8166a682499afb69a6860561dc02ca533b2e89e710a216025dc26ad64ddd820f1cd0e8c26319a2f7e20b9bed0230f5825bdc3e632b60314949225cc25c44c318383ba20f4302c746d310e3fdef672a2645514cced9579c733a949b2e2f1d90be205bfb535a3998c33aaf0e43543d86dd9fb8e37ba2cfe053ae2fa15d9a3243c0682c6e88449dac98b92865f70143eb57522b3989b2688894a40f2a060e4ce7bc8aed6a144cd1506f755e8a6c602eb0f55243ba4333fd9bc4589231a82bc8195aa96a477dd07d6e2e4b03913ee40a1627abd4f9baa8418e8894831404367381fcd9505a085929e2f685238f697e0368158fc45d89cf7258628073ed8a7c9fbda5158a17b771f5f34f43766e93171da82b862f5200167e8be92ccbf58852b6691c797400ec99120d05d71ec40b7f75ca9dc6cc4b814d643794bb10daf572629b1f1a64fb7e2cb41f84e52067ab696bf056791fd807212631a7223d7a615dda8360efa86c37a94b0dbc35c1e1585a0c8b942f3a28aa9d3f1c22ce89266f0f6504a5100e7384db93ceb101dbc80439d418a9660d8d1e5df467affa73f5d28e75252d3d3652ff65467a46b2e5c0c4dd5e0b5da000607c4215827aef8a8da15ae55a5a9d76d65d993ebe2d8f749808237a82075c78e984e59fb1a583af72a40c8754ccf261e2b38952b7685ce731dbf6ecb7510efebaba6918a1d7e1277f02ab7f58b4d861e12802aae7559c89325b3f024c891ea564f484b7ca4d8f13254ae9ccf1c1643f7f2ce29364664a91df2454c3236f31476de70fd991b5dc4232d3a3b0035f4854b0c47a1f8516c27b8af9d0f42e7fd5c6b884209b0c90cca3f317d0ae1a71cd1f9221a22c8fe82d379f5664282dce9f699f7cd9bf4d6b8e90983f35ec0ba875080c9bc440370e2e5a6628aff4e760714e719ef50ced07d35e9e24590cfc50e5181cd021154b4ab0de71e539b8ab6a7e7a052c5701b9b4eb5e13efd27e0c2ba99b53cab5dae8cd29fdddd1eed1c2ea0380f2791d89826c4d30c2324a673aea33baf12e1292286adde99683e7e7dea6f82bfb951c11f75b7786ed3018ee99423e7912f79bc97827367b93df315c64aaf882b51525ae6f3ff7de316e23486cf5f356134571e2d6054120421944fff49d966dea277e711c08f96ea61597d6bffcbf9b5fc710f2c016d96babb0d70bc58313a5de7036d282058ab00607899ea943f9ed8e2a8a23ea40072b471a3588d990a12f1fb8903e05acb422cff20ccd3497329056289ed6c5248a429c17b4f089d274b09959fffbd4f21ef94fe89b3b1401c57cbc9e430481c2384af9f78049636560cd1f3df662cc7d882b4fcfcfbd198b02eaa1ae6754bdef86cca67dfc6e023b65d245f0f9c20da746506cdd36e376d2f88705ce1cec3a943815350c066310a0f7b0d94f228a3222eed3cc24f91d150bed4b2b60eb9658aa31384bca8e244c3942aee5551d1e4457a1c41ceec48bb70221ded05e53d3cbeea49fe654d8a54fb96edcdb08e5239859a4c3c45ea099bce70f7911738a25e968e02b3a9cf25f27cefb7a55b8dfb2dab14e586e47302fc09df504cdd12b1e382e9ecd1b4509d617b7e96ee202e2446179633c6620e7274a4dc0205c024c0494503e834714c5202c75ee908755f2209ca166cd163fc7c85fc227257513798512a77da9f310ecb9bae9c87e00ed395fa54e762b52daa59acb208502eeb16a764ae9a52781b3e7ed7bb8e492678b6db4c03c802f0bdc5a08067743727e0a3130c03bf1bc890cc22e43f8116a25facaf9e41de2d6498e08f2b3f5b904910a647dd4f30150c8f5dd94778385e2677262954b340845282e489a4fe5d496699b3ff5db6e557f95fbc08775ca931457fdd7e640192f76c220cc139f7374600afdab1d8e66433b47bc467f40a512fb1e2d85717150ffdd5b538b9b9166380e71e17247da112cd227afa394dab920ba19e38f8a5e200cc02b3e8d76cc1b0e0cb453f5b859b299b545bb10dbc4e0abba47ca83681d8dced498eeeb752cec013e579848c247660d127dfd4b9d4b73680595bbe5fb8aad5773a17caf860db4d756a88b01139fac79bd4598637f3b7c4f94bb8eef7022ff0c65198e712c84be493acaf66232d95a8f1c36b0dcd3da7b37dccc7e061622ef3541a51447e6201974de08690f5ccc2c58eccdc9c77c6814b2d842876d20eb5d2e411088b2f72f8a7e2780ced71084c200aec3248c5ac5b5c81a97636d3dad21beb25cccef475a6e41a8e264da027a783e5472c883ecb487345daf2d87ed306d3a0f6040c95b8b2df03e5bf9c3ee2bb2993ba7e977c7c4d4051d538effb6af8bd549c0fc2b5aa70c97f1086dc74b78f2cfe32503e3dd303ae7e91599878e120e866e03e654ddc2d459cd2dc1f06cc0fda909719b4e1344185656e7375b137385be7b69ae2d0c3b407825e6b0da2e2a296a62b8ab52c73de713c9598adf728d02d8efee2cbfbdbcfb9caba7079383c051825379debeada2634ed090cd26fed44017a55c0e792ca601a0bce035f318bda089286281ddf2cff88775bb31c8a4ab4247bbc77364929ced17a199bd0db81a8074aff508663ea0141cd5a2fe73a75d04f10c7b1d3c92c219283624c8943d79aeee37cf2efb334f7bc86793ad6ebe105d5e77d28bcb47d27d9bc558139b5cd031cdf3053de540ef010057a0ce9f0f222407c169e083c7bda97a6eb89384db2504fb6b45917391154a20efeed044076498798213f1177350a49af2d6b0b705e46549ce1a4a659582d5df67fab34371cdb0db046d0d26df797c16c848698f2524a057e61b0d4307c55bfa9219664b285e26f9959146121ed24bf3c82d4f43292516b82eaafef8849e68b5d4662a6fa1019f361b426553eb99a391a678d99f6e64e15285a2a7abc4901e074668d6318db605242a951207dbb7a74f3000cc555851150f9d442ae2a00eec81d330892d30a726f58e3e7634faecf95ee7dc15215cf1dc2127cd47f1071e09e5f4a42adec71caee0834c17051b4cb449c0d0a2fa3aea794a1c31a9f8335c9545ee5cc53476aa0e82de7bb83504cb5d38911687ef13d122c2caf5e63b598d85b411d225d1320ce3b7583834d8de0f56e30344b8e2ce8f92ecfc5a97dddc0a85024a106eade7732e74aa1ee3a5f0b373043b51bea16f2466fc72ede4c4ebb38e897a5748203ea0f9fa28d24657fa045d5cf2ffd0b1b42b1e0a1ea985134259ca250961a4cd6537ab74cc04ffcccb58f835e3a6669720aeba98b7a6807897f3f00a88ddc3fd02e4235cbc33cfa3d7150843fdf742f45ba72077dcd5e7e945c2cb60a8cad04ee26b2a04edba03e8afab9b8828dac40cfd92397a6f6cfd23d76e3bc9efb50303f59d09818d3646749718beb6d62aa7439c7795c753052a19d513d43a05029957958d3235018fa63c95207436ef9b6a7d4f072ebe77e6e1e6d518e832eb8f9a2f3c28c23f4de822890d62a5cbd8da76534ad0eb1b867723681849c7ce86b0b377032bde0abf7825efb049a65a6a5dabbb8e29312179d8043484f1c3cab4f9e0cdc3833c28566361ac82953ded420ddc134533ac653fba55e77d34354d3bd343d8164c94901e1fb0f863f6e4bd0bca18bab1ca71799f067a855f9128503096e9d864e179bef5b4cd6ff2041ab842e25cf921a34c0977c976d779331faa5d54427b427290c61922f806cb81b6939de80e0963f91348bfecb2988708517ffe533a751e8cc844ccd4b0e8bd8b0fd242c9446168e6ff8f2424d20b04b52ff52fac6c24f9919bc06c651cf5c18c63143ac157f1a8ba8ccf893c72463b81a2477768b89b2465fcacfcfe1becd3de67c01ef0a0f7111859f9fc95d939a717589a7003b94d7fe9c16e679d7c4eb4dc83989f29baee518c65fa4c6970593c459f84b72f8222658cac1fad321d08ffe22a64e14cd904aee656071e4caebb3a08594fcf67ef0e1028fb04ad649323e6d4273891f4b60267a93980fab5ed8d02f9092edd6a68002de04f1b9882bc6b48c2a563b1ef38590ccbedecacda89b923709d951f8b128b9a2b9d74ebbe2170ebd680129a2e05f696608cbf6f9e364a5085a6b00532b563311f7ddf5dafb97de17f4e352654fa6b13d9258ffb5d5d48dcad8588b006c647559c33bbc2f3d8b9201cf91dfc72a0b7cc2a196896444e62b88ced0bdf1b103a5cc2cf7a799d1511f1d709db123b75b62d5de06c09ea11f34b0fa857751204a6841a99d720330a704265de2ec5174745b505a1147381a75152890688ab2881506b83b16789f2961579b08c7f2021acd129843b24069f28f221d81515e48b6c052d7125a3ef30d5bc2ddfc4322a35cb29ef0b44717bc0dcbb6dbe92adf9457bc93e35b3f9091095add6a943637c8915e6296f11c8f39cb7315d1c8d6a5da2bd0bdc48f444401e870c5e516def92fbae67bf4690dd3f31959ea51113cbe5ee062c433af0aacf2096aa314542b28a1ded773da2991ce5c835091f19df7edc003d5f5c8d882b34c8bd4f5cf765d87b0cffe7faa195ab8539cb51ec3fb746723eedf33a5cf0229b8e5b09e46f208ae3dd147433601b7f673c259c2a4357082e5cb08432f5a2ad30cad2cf7e5ae1eb10c9837d9d83a9cdfc024e1f25726afddb313c40e740d60d79908768ddb5ad415a031a2a0af8434aa3fc48d1972bf7f3e7e8ccc13726213812227c0cc099a8340695727d2d776b2239c87a7cc3767a3435e3733b03a069bc1ef81f8197e14721d7a433cd45943ff0528979d1e3663dfa830eab8b72c58ebf0b00a5b71387717ea726a75be232401280fed9b104a7a12d477209ce90ba5b3e41c2557c72cc59a5b0abf06dc57ccbeb50bcbd99934a74201ce21e1b578cce21af92238ddbb47d816e14693a2b3a7a3505be81d0bffa8c75638d989a0398168169a6aaa7287c42517488358453c71c5fc0d1d8bb9f9b2f25bd99405593b14f692f10aa171b78887d5d18b7c45d6875ae0a8e13bf7d03d391f1d700d909c14f6cb1d4bb6e3c2e9067608bf9086b00b96c51c7f33ff5cab17c5c6a4d66fcda72ccd7c91e3ab8a0f71a3f5d9eea2f27823b222415c70c78e12d460b4c0697c75e9b554438bce291a54f5b7d292840b4b4ed4db649721a9e79f24a58f4af51070bb9e2e8aef3827fd55e2c3fdfd50fbde9854e23f2d79f389d65fa133bd4cd17d63f4366ab0790d8d9db5312abe8c9d52bc70f2e8db33b057a42fb3c652ea38975d50bf65a8432e6adf0a932d8478a6945c1ce66d3809a592edb341b1035731f7eca539ccad0321dda2f6111f557e0947545b2ff455fb84c38284f8aa488cf5461db80577c1a00e24db943ab008e082cde25316429b920eae7548d8a780451e583ba76b7dd70a6d2ec5eaee1cf0b7aaf7cc4a67d26a79df36502965e7f23556b2344fabcd1e7af2645a55970ee80d70859d9f8fd65487e0fa92566efe1d1efd1d4c305f4f38411fe5401e6d978d98a41855a9da3636e3f4d9f807087ce106916c23e8dc52f1727b7efd3f564730f97a441afb62bca361f8a73cd46e8f1170b30e60ba7ca20c361376ca3fb6c90695c383a1ff7cde37e7e1b1d1fbec64dbf9933914abf1ea015a4823741e72ef9bac2d379c85e75d83dea60e130ff54be4b0d092840c2641df7180bd7c601eb770277b3220fb93d4ddf77e34b21a17ad086023bd2b718087bb82c01f1f8d44ff87a058b4fc2883de11f5475026a9b61b6680ad65e7dc764e1f57dae7c4568e6c4a34ecc2a8978f8988d6b33584fec377bd2a39120e67b51244f23e054e98adbe2d2ea71baf416d3686182de5bf34e99d68232167178faa30470b1068d064e1eb44f3a657fdf5119a46097f58045e8f7b272aad9be472f59019f8ccfa5000c7980391112731406710524d1e9344c4e32cb6fda0a711968d46682d71694a31ad5d3203e9d7c082fcd913d3c5264b2af47632820bac38f54307ac600236a689ce7fe8e645e10df00f880cab42e74819adbce5ab1de9d6cb10d695abdcfcf0d60df39bdf8f69e7674c53bad2fa571c1d94db0441a4df275765434eea851be9e344d53aa5b3e02d1d595cba6cd9644ed25497eabf37b504bb8d2b223f5f265ab9d73a930d150982cd4aae58c5e9c79b050792c47b2bd867e1633c8caab4552b961d18f6c6718e6d3d5b0a0dc9b5c18a4743f64a2275c4d4b4b82ed6953d097af9e5f27debf104bb2dd145c356b985b0a80b6230624be1fe6972e8a4b4374542f37a8033d1227ae54b44600af92f1d24b5e7b9ce59444577dc0d868b45b179e8dcd3cb3927823e46a06de1cd482803c0b92fcb7b2f2135071fd2351b32b90645b8c2820fd69b6056132b7aeba039fa3eaf05af85795268cae94301fb882940269e60ddb660ef37e53988b3378d5218d05e661f634eedef24630a598ace49c596d3e69a71c7c445dea3359c2b309c5716d6481fcecedfc78b1e085ab7028f4d83c1c2ef4318f7d43bec18110ac94d72365004bbeb649f9a16a80f2920d9826628b9bd77b940ae4cd4fbb640340adf66704343257919849dffeec5168dcee8d54ece46ca96a2d771ec5793c9231ee563b330154b732b51d9e1317cf19d9d3e7edc3f1555961d25f4788ef2fbbf58e9bc43056b37aa6ce430e19a5e895248fe7eb5d27414e87575f387e413949fb92a71add2793bef5b8f99cdf1d1b4edddb1f867a1a573be21871e2b19b9193e9a8bbd64d533eaacbc717fd24ca34572b79a8afb0547084197a184a932fa954e1a1b6d040aca17db570700ce727ff0e1a9f79d4a7ebb98224d25ae72203d1d2c50f595ef8b49191d7c74fd3b22abe1fd2d6642e0e455300614b0ecb79ba71505fae9d767317ea89a6001cd9f4bc2aebce7c63d494443a09b7ace860162fccafb1b309f83bc95c1b95e1fd6a33a3e052bba26c84ab5187ecb2cf9b1bb594b7f83663337a7a2653089cd58db2d7a83b6098345401d8a6ba8598834d3a72be0d4b78665d984e4d1d9d1c2f68dd6dbcb7fa673ae1552601e61fe1bfa526e3ca56c52080989c5f9c8be375d3949a84012ea29dcc2a46a93c4f726e0604ac79f36940ba76361a17304d6d60a0386879e025ecd76dfcdb1df5566bccf3657cb17adae3ea2d4bf3fe2bf166185dd1961b6b886daff93034ad7d5043f5d954ea13b544d3909acb757794937c844832dcd44565850e6573a4eb20d59f0b8dccb10669c97813728a4f1e594dba9597c7ad6fa9ca29d2f3a1075c80f34088a98e60727fffa3b0e00969caf63a7ef896af2ea0bbc879845e0c7736a5606897da4fd7ad8d76935c7113c9f92d5e74caaf385d0c3b4028212b4b7f86a92a94880a294c7458b8e8056f67b902245560df8224a7bb65400ae3aec8d92415c8b19800fca888c1cff8a85da1e589686977b82b9fa403353333a3bdd58570cc35e610ece26a03c0a36080e4075d57fdf372277ba417c4390d43249253fa1b6c89af3fbff7b147a99c1b6b63223d31c16ffd3a0ff18f229a100f73d208a91b4f7a78bd67964fe744a583f057041d5c313c560cef7633f73f0412bea021359fced07585062ae46875e94f2dba3bb0f829cba166238af18b4ab0f4e1cc123aa39eed5724bdd26acd090ebbdb89d3f1a40dfea8c0f8b67598618e1a333ac4a14574786f41437dc132729e8d88ddad052bd847483fe7bdf2026bad4969c0af121f4c3dbfbfc97ab2177d9bafc6ce91be876122c0a4a4e41e08af4487546943fc0d4c2e0d1db7e24ad7880501bded9704a280315ea3857b304c69148bab04e25d3711452c3753474538cb3d6996e7285fbbd3c4d2cb9eafba023f313b94d4f5eff402838c0574a616c5c18475b9822a92373909a5de989d557e0f9403564cb8584f27d141bcef26e549895f30800c6e68359722f05c51f22a4115f733502a9dbd59abb3aa6c018bf027607fbe88e4ca3865dd2c3125cd7ea4c48e62b0bd2a9559a65e958894db904c6c662e9b123db0106694f505a50643fdc64576bea51bce717f0451e48215d2ca3add351eb4fea03c45e8e10ca77420521697f7ace2fc828826016742d60c98c46bcbd3b0cbf41fcd7b5d06c3478766da6bd1a76e9377c5fe3f7ab1ab7a2315569df84305776dc30ee237cb1693bcd693069001995fca64cdba12f8c938e36d18bdb2fc70fccededb8a95861fdb7fb0438078f35e84d256aef8d6785cece4eb2412cb1736aafc9df8045973530e2a1c618c15dc6814726b5eb7ffea91b6cb4116174e084c61083231c0a89f997d5c833a1a8cbd02fe6591df247b8d33ed4ecc05eae47678275787f5bb4d1deb160029403934a39450eceed5a4ff8c6bf11d7ec64e60a9ce13ef57d71b165bcf88965ac2d68c65926d2ae6db5fd11db26d4b462b327bd96705b9291ab2ab5a6ec3f859c9f94eefe3bed634300b266e7602d26888c7ffd725672ebd8aa1e1a2cd66510e240f1cb0c58cde2eb35c58a43b8129e223e36a8d72f867697a0c2e2372a420a8adc81c1286303c0f18836aa70c6a118e0905a52d8a770ccf80a5f15b28a0e6e56f745b0c6631abd0ee27b84545d94631c7c11c18ca2d2690de102ba71d01c102e3c367427b9feee89b443266810af074e3f981179a55bb870ddee95e8e2721fb8d7f3bc9a3414365794305d4d6ecb491cbf557e653ea16c55db2f94e48d29d08de451c201b4d1d477bf83ec9135fcc16ef11bdba5d267b7f260eaea55b048e62fcc5e274001acc3796fefc6818aebf7ba44c35bcf5aedb832c6272d16a146f65973129bf2991a37682c67645b6605ff8812a78fd78d8790e9a0d3767843371773d172aa0945ffc7863d9376a479906ad7a8a3db7d3034cfe8548515e5931c517b8795a19328eb6e8d88e5e12a59876fae37afd3ac774d06854f174674e809a6394a10d421086f984e5920d34213549bb413b481bc86a41695c3b3e8b9cdd30209d99787abc31f324c058d1c711401727a0ec166cb9d962fddad30f590a3de1837b73fb2a7754ba893110d7a28771843ab9407bbcc662102ee00ed915b0569d081234f8b67b3640c5be242b562b3dbdb12b996c42cb07eb154bd56b91d74d6c3d9304ee25dedf81da2725f9305c2645a48a3ace2ed5085d0df84f9e85d56531e996210948ab6b40aab797efb6bea8e075508bb7a1e681199921cfd4516bc689a021c5de1d4e55c74ea399899358a1b237c59db0f8c473b7d3937a34f6f2dde3d983f6ffd0250dea184e666603cb9487f05a3442c12efbb7d1ab73e8cce6adf240e4226ae0e99db900737b5ffa7a10e9133b948832a94f448426d744caaa82337dba5dfc1da8968904c5b4df6a0cc6cf64140826fb6323ab6d20fe7c546b31f8b4efccfe9c9ce5e87b81457a1bc31bbbfa9910a1859174244b2f327bf0537e56f3bf144ce1ee6242fe5698442eff068864d93e5db2d3a1c72ee5d9db4857ec30a18482ebd7e2a9f076598e3bfcacc7b25027242c787b9a568fb9007477678e21d323c6046170186dc6410e24757299f6fdeeee175d32c2209e6da0e638994bb1beba6cabc2fef3c895916098f7b127dd78b1ef802b33c9d4ed5d523ee497e714bf0db801b11390ab5ed28fe24da5a2499825b9a3f58ef081168ac147c0283afa1f3183f36c62c2624a9811c9af3d4696736b6d2fd3c952ac431daad2e42dfb98162a66451c82a5c7a86d6e418c63b12fadf7f805df10e5851e5d1703289bd1de87dd6e21598a2a0c73fb8f0111ece22cdc3fecf7c6116d5e3d7cf5bcb89c5d8f509ba662b21c8b0919dd3c669d35ad29982f0730155c3fdb9f398513e0fc2f2725fe41b909f4c6d68777b7a0ec887f13e19daaef95b145a7db4968d7362a8e5b3dd4224e93dd3623979080b30bf8ebc8db13af72cad390475dc52a23d4cc1f921932e79492837387eec288f70166470cdd5816bf66cada19146b0cf260452d55708d90055efab5a3fc0346929b0aed8b9ee9cbd6d6c9609ea3ae7105b7a2e79befc92f025f50cf9b38be7a78067908a04aa", 0x2000, &(0x7f0000000a00)={0x0, &(0x7f0000000140)={0x18, 0xffffffffffffffda, 0x5925354b, {0x7}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
lseek(r2, 0x7fffffffffffffff, 0x4)

24.191962853s ago: executing program 37 (id=1408):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000004200)="d1c244959ae267faf53d7f3e4875f84709555503f03f913bcdc902eb53fe5f4f0ab0fd15aa3c4ec6f9f45ea8d15d542a5ec984f079d2f699f91935804c225f235e94fa9445b1d33c14b4ccb7a19711a0b95e897f77df623ac8a21b0b597b7b004eec12fcfd28a6b684cf071256f3fc6971312cdcf4edd55857bfcd9ba5292ae301f37971cc277e6e5c84dac880445a5fb0f594fb383bca7115046fe0ac3f6d3f3ce1c2b3322a149129c4938d81813d987ab143cadc948e967d0d7ae29ea922e0ba3b444195ef86a36dcb5b6108d30d26ab388a01f4db906e579f016745133b527d062439ce3b0025bb9ac7285d648c7e0dbde44514beb2cc921a4070f0b840fc0247ed37e76504f8ffb3a12a7e6b75c2dab2ef0b4f2d28deba095f9fabb55f8e0e23655400a7cbab57aad141712430cea79ce9845dc5c04e1a03421eca35727ff731434038c3503f02970ed2e74aa4ed6402ae017b5773470702ab4079babf4f38d6ee23870beebe17f893cd2d05f89c9a3966cdda5c17e7e1ce758fe5208cd41ff3dc8a3f5f55372ff1985c8f03b16504425349cd0da33a7418cedeffd278cf05b9d99a939adea933bf94636358bb21757097ed4c9b57271569651d1a1df88f8d0e973b1edbf498f929fd2a7b103b08e7e5de686631e079755a7aeb6350e50472fd13c0d5b5f81ec6b9a9d144a7972b4cfc1f422fb6ae6adaed5d345baad45d98687b63a0772856a781ee7c083f5b73b90a7a2a83ef11056119eed67b8966a69131f71a09e7ad0397184bdfc0460ded1584a61ae94b3f1e6de41d60c59f2530197091d823321fa82b2640f66daa181a0ef18d66cec6d72c96e61e607edc7376b0a89848e3e25268848741f3b57102c9a58edade621847bc8819e3e6cb8c55034c974f1109282310db407746ec394aeb9ea3e3555c36f94f506571e57eef260ffaffd699fba14ab8ee41cf6f751073312e8e395079f6d5a64c4fcaeddedf590a0e886c9416f252dcf71d7bbb1016876ac0baeb8b29f3344b58c6c5a354a6f33dfb6057aa90e59f3cfd4f22fa2fbdb096f906f84cfc9f270d22359a5510b2e7d40d0faf516d4347d72e6d7adfb698424e0edb3257f72e0da56421638d262a2015aefd4b0f190a937ed1bc7bf6aa88af11de1b32ecf5995605a2998091f3fb988bf439bd7455e970fab9350d7ac5521d32edfdb5a697d6feb2c36b9631afada71b62fb2975ccd3bed7df37119dcbf49e4d289fb4e8760bc00c72e326eca915ff10ec0ae2da852ec49e665a5a550bfc5bfd9f361cacd6c9773d141d5e427c5eb9411ce2e41b19ad75fbe65f37583023dc8b12a80052f16fe852ba9a81482a3560ab081cb2c05c68b4ec9fdf1cf7f3d77cf343755547f12dd934ab6cac61db9deaa65d9d442aeb7f2a633cf12255a6050bf87f4faa24b833201454cb2e22cca78db650d3a08ce7da495bccb698feaeccd35c44a4fdfbedc46b5d41948a94fdae27cf5da6175033ecc706cf624cdf9e613307fb8d66b240fa8308d94ba8de478f8c210ef2dc07a2eeb71cbe4b6ac5388b27e587147ced2a03544ae8166a682499afb69a6860561dc02ca533b2e89e710a216025dc26ad64ddd820f1cd0e8c26319a2f7e20b9bed0230f5825bdc3e632b60314949225cc25c44c318383ba20f4302c746d310e3fdef672a2645514cced9579c733a949b2e2f1d90be205bfb535a3998c33aaf0e43543d86dd9fb8e37ba2cfe053ae2fa15d9a3243c0682c6e88449dac98b92865f70143eb57522b3989b2688894a40f2a060e4ce7bc8aed6a144cd1506f755e8a6c602eb0f55243ba4333fd9bc4589231a82bc8195aa96a477dd07d6e2e4b03913ee40a1627abd4f9baa8418e8894831404367381fcd9505a085929e2f685238f697e0368158fc45d89cf7258628073ed8a7c9fbda5158a17b771f5f34f43766e93171da82b862f5200167e8be92ccbf58852b6691c797400ec99120d05d71ec40b7f75ca9dc6cc4b814d643794bb10daf572629b1f1a64fb7e2cb41f84e52067ab696bf056791fd807212631a7223d7a615dda8360efa86c37a94b0dbc35c1e1585a0c8b942f3a28aa9d3f1c22ce89266f0f6504a5100e7384db93ceb101dbc80439d418a9660d8d1e5df467affa73f5d28e75252d3d3652ff65467a46b2e5c0c4dd5e0b5da000607c4215827aef8a8da15ae55a5a9d76d65d993ebe2d8f749808237a82075c78e984e59fb1a583af72a40c8754ccf261e2b38952b7685ce731dbf6ecb7510efebaba6918a1d7e1277f02ab7f58b4d861e12802aae7559c89325b3f024c891ea564f484b7ca4d8f13254ae9ccf1c1643f7f2ce29364664a91df2454c3236f31476de70fd991b5dc4232d3a3b0035f4854b0c47a1f8516c27b8af9d0f42e7fd5c6b884209b0c90cca3f317d0ae1a71cd1f9221a22c8fe82d379f5664282dce9f699f7cd9bf4d6b8e90983f35ec0ba875080c9bc440370e2e5a6628aff4e760714e719ef50ced07d35e9e24590cfc50e5181cd021154b4ab0de71e539b8ab6a7e7a052c5701b9b4eb5e13efd27e0c2ba99b53cab5dae8cd29fdddd1eed1c2ea0380f2791d89826c4d30c2324a673aea33baf12e1292286adde99683e7e7dea6f82bfb951c11f75b7786ed3018ee99423e7912f79bc97827367b93df315c64aaf882b51525ae6f3ff7de316e23486cf5f356134571e2d6054120421944fff49d966dea277e711c08f96ea61597d6bffcbf9b5fc710f2c016d96babb0d70bc58313a5de7036d282058ab00607899ea943f9ed8e2a8a23ea40072b471a3588d990a12f1fb8903e05acb422cff20ccd3497329056289ed6c5248a429c17b4f089d274b09959fffbd4f21ef94fe89b3b1401c57cbc9e430481c2384af9f78049636560cd1f3df662cc7d882b4fcfcfbd198b02eaa1ae6754bdef86cca67dfc6e023b65d245f0f9c20da746506cdd36e376d2f88705ce1cec3a943815350c066310a0f7b0d94f228a3222eed3cc24f91d150bed4b2b60eb9658aa31384bca8e244c3942aee5551d1e4457a1c41ceec48bb70221ded05e53d3cbeea49fe654d8a54fb96edcdb08e5239859a4c3c45ea099bce70f7911738a25e968e02b3a9cf25f27cefb7a55b8dfb2dab14e586e47302fc09df504cdd12b1e382e9ecd1b4509d617b7e96ee202e2446179633c6620e7274a4dc0205c024c0494503e834714c5202c75ee908755f2209ca166cd163fc7c85fc227257513798512a77da9f310ecb9bae9c87e00ed395fa54e762b52daa59acb208502eeb16a764ae9a52781b3e7ed7bb8e492678b6db4c03c802f0bdc5a08067743727e0a3130c03bf1bc890cc22e43f8116a25facaf9e41de2d6498e08f2b3f5b904910a647dd4f30150c8f5dd94778385e2677262954b340845282e489a4fe5d496699b3ff5db6e557f95fbc08775ca931457fdd7e640192f76c220cc139f7374600afdab1d8e66433b47bc467f40a512fb1e2d85717150ffdd5b538b9b9166380e71e17247da112cd227afa394dab920ba19e38f8a5e200cc02b3e8d76cc1b0e0cb453f5b859b299b545bb10dbc4e0abba47ca83681d8dced498eeeb752cec013e579848c247660d127dfd4b9d4b73680595bbe5fb8aad5773a17caf860db4d756a88b01139fac79bd4598637f3b7c4f94bb8eef7022ff0c65198e712c84be493acaf66232d95a8f1c36b0dcd3da7b37dccc7e061622ef3541a51447e6201974de08690f5ccc2c58eccdc9c77c6814b2d842876d20eb5d2e411088b2f72f8a7e2780ced71084c200aec3248c5ac5b5c81a97636d3dad21beb25cccef475a6e41a8e264da027a783e5472c883ecb487345daf2d87ed306d3a0f6040c95b8b2df03e5bf9c3ee2bb2993ba7e977c7c4d4051d538effb6af8bd549c0fc2b5aa70c97f1086dc74b78f2cfe32503e3dd303ae7e91599878e120e866e03e654ddc2d459cd2dc1f06cc0fda909719b4e1344185656e7375b137385be7b69ae2d0c3b407825e6b0da2e2a296a62b8ab52c73de713c9598adf728d02d8efee2cbfbdbcfb9caba7079383c051825379debeada2634ed090cd26fed44017a55c0e792ca601a0bce035f318bda089286281ddf2cff88775bb31c8a4ab4247bbc77364929ced17a199bd0db81a8074aff508663ea0141cd5a2fe73a75d04f10c7b1d3c92c219283624c8943d79aeee37cf2efb334f7bc86793ad6ebe105d5e77d28bcb47d27d9bc558139b5cd031cdf3053de540ef010057a0ce9f0f222407c169e083c7bda97a6eb89384db2504fb6b45917391154a20efeed044076498798213f1177350a49af2d6b0b705e46549ce1a4a659582d5df67fab34371cdb0db046d0d26df797c16c848698f2524a057e61b0d4307c55bfa9219664b285e26f9959146121ed24bf3c82d4f43292516b82eaafef8849e68b5d4662a6fa1019f361b426553eb99a391a678d99f6e64e15285a2a7abc4901e074668d6318db605242a951207dbb7a74f3000cc555851150f9d442ae2a00eec81d330892d30a726f58e3e7634faecf95ee7dc15215cf1dc2127cd47f1071e09e5f4a42adec71caee0834c17051b4cb449c0d0a2fa3aea794a1c31a9f8335c9545ee5cc53476aa0e82de7bb83504cb5d38911687ef13d122c2caf5e63b598d85b411d225d1320ce3b7583834d8de0f56e30344b8e2ce8f92ecfc5a97dddc0a85024a106eade7732e74aa1ee3a5f0b373043b51bea16f2466fc72ede4c4ebb38e897a5748203ea0f9fa28d24657fa045d5cf2ffd0b1b42b1e0a1ea985134259ca250961a4cd6537ab74cc04ffcccb58f835e3a6669720aeba98b7a6807897f3f00a88ddc3fd02e4235cbc33cfa3d7150843fdf742f45ba72077dcd5e7e945c2cb60a8cad04ee26b2a04edba03e8afab9b8828dac40cfd92397a6f6cfd23d76e3bc9efb50303f59d09818d3646749718beb6d62aa7439c7795c753052a19d513d43a05029957958d3235018fa63c95207436ef9b6a7d4f072ebe77e6e1e6d518e832eb8f9a2f3c28c23f4de822890d62a5cbd8da76534ad0eb1b867723681849c7ce86b0b377032bde0abf7825efb049a65a6a5dabbb8e29312179d8043484f1c3cab4f9e0cdc3833c28566361ac82953ded420ddc134533ac653fba55e77d34354d3bd343d8164c94901e1fb0f863f6e4bd0bca18bab1ca71799f067a855f9128503096e9d864e179bef5b4cd6ff2041ab842e25cf921a34c0977c976d779331faa5d54427b427290c61922f806cb81b6939de80e0963f91348bfecb2988708517ffe533a751e8cc844ccd4b0e8bd8b0fd242c9446168e6ff8f2424d20b04b52ff52fac6c24f9919bc06c651cf5c18c63143ac157f1a8ba8ccf893c72463b81a2477768b89b2465fcacfcfe1becd3de67c01ef0a0f7111859f9fc95d939a717589a7003b94d7fe9c16e679d7c4eb4dc83989f29baee518c65fa4c6970593c459f84b72f8222658cac1fad321d08ffe22a64e14cd904aee656071e4caebb3a08594fcf67ef0e1028fb04ad649323e6d4273891f4b60267a93980fab5ed8d02f9092edd6a68002de04f1b9882bc6b48c2a563b1ef38590ccbedecacda89b923709d951f8b128b9a2b9d74ebbe2170ebd680129a2e05f696608cbf6f9e364a5085a6b00532b563311f7ddf5dafb97de17f4e352654fa6b13d9258ffb5d5d48dcad8588b006c647559c33bbc2f3d8b9201cf91dfc72a0b7cc2a196896444e62b88ced0bdf1b103a5cc2cf7a799d1511f1d709db123b75b62d5de06c09ea11f34b0fa857751204a6841a99d720330a704265de2ec5174745b505a1147381a75152890688ab2881506b83b16789f2961579b08c7f2021acd129843b24069f28f221d81515e48b6c052d7125a3ef30d5bc2ddfc4322a35cb29ef0b44717bc0dcbb6dbe92adf9457bc93e35b3f9091095add6a943637c8915e6296f11c8f39cb7315d1c8d6a5da2bd0bdc48f444401e870c5e516def92fbae67bf4690dd3f31959ea51113cbe5ee062c433af0aacf2096aa314542b28a1ded773da2991ce5c835091f19df7edc003d5f5c8d882b34c8bd4f5cf765d87b0cffe7faa195ab8539cb51ec3fb746723eedf33a5cf0229b8e5b09e46f208ae3dd147433601b7f673c259c2a4357082e5cb08432f5a2ad30cad2cf7e5ae1eb10c9837d9d83a9cdfc024e1f25726afddb313c40e740d60d79908768ddb5ad415a031a2a0af8434aa3fc48d1972bf7f3e7e8ccc13726213812227c0cc099a8340695727d2d776b2239c87a7cc3767a3435e3733b03a069bc1ef81f8197e14721d7a433cd45943ff0528979d1e3663dfa830eab8b72c58ebf0b00a5b71387717ea726a75be232401280fed9b104a7a12d477209ce90ba5b3e41c2557c72cc59a5b0abf06dc57ccbeb50bcbd99934a74201ce21e1b578cce21af92238ddbb47d816e14693a2b3a7a3505be81d0bffa8c75638d989a0398168169a6aaa7287c42517488358453c71c5fc0d1d8bb9f9b2f25bd99405593b14f692f10aa171b78887d5d18b7c45d6875ae0a8e13bf7d03d391f1d700d909c14f6cb1d4bb6e3c2e9067608bf9086b00b96c51c7f33ff5cab17c5c6a4d66fcda72ccd7c91e3ab8a0f71a3f5d9eea2f27823b222415c70c78e12d460b4c0697c75e9b554438bce291a54f5b7d292840b4b4ed4db649721a9e79f24a58f4af51070bb9e2e8aef3827fd55e2c3fdfd50fbde9854e23f2d79f389d65fa133bd4cd17d63f4366ab0790d8d9db5312abe8c9d52bc70f2e8db33b057a42fb3c652ea38975d50bf65a8432e6adf0a932d8478a6945c1ce66d3809a592edb341b1035731f7eca539ccad0321dda2f6111f557e0947545b2ff455fb84c38284f8aa488cf5461db80577c1a00e24db943ab008e082cde25316429b920eae7548d8a780451e583ba76b7dd70a6d2ec5eaee1cf0b7aaf7cc4a67d26a79df36502965e7f23556b2344fabcd1e7af2645a55970ee80d70859d9f8fd65487e0fa92566efe1d1efd1d4c305f4f38411fe5401e6d978d98a41855a9da3636e3f4d9f807087ce106916c23e8dc52f1727b7efd3f564730f97a441afb62bca361f8a73cd46e8f1170b30e60ba7ca20c361376ca3fb6c90695c383a1ff7cde37e7e1b1d1fbec64dbf9933914abf1ea015a4823741e72ef9bac2d379c85e75d83dea60e130ff54be4b0d092840c2641df7180bd7c601eb770277b3220fb93d4ddf77e34b21a17ad086023bd2b718087bb82c01f1f8d44ff87a058b4fc2883de11f5475026a9b61b6680ad65e7dc764e1f57dae7c4568e6c4a34ecc2a8978f8988d6b33584fec377bd2a39120e67b51244f23e054e98adbe2d2ea71baf416d3686182de5bf34e99d68232167178faa30470b1068d064e1eb44f3a657fdf5119a46097f58045e8f7b272aad9be472f59019f8ccfa5000c7980391112731406710524d1e9344c4e32cb6fda0a711968d46682d71694a31ad5d3203e9d7c082fcd913d3c5264b2af47632820bac38f54307ac600236a689ce7fe8e645e10df00f880cab42e74819adbce5ab1de9d6cb10d695abdcfcf0d60df39bdf8f69e7674c53bad2fa571c1d94db0441a4df275765434eea851be9e344d53aa5b3e02d1d595cba6cd9644ed25497eabf37b504bb8d2b223f5f265ab9d73a930d150982cd4aae58c5e9c79b050792c47b2bd867e1633c8caab4552b961d18f6c6718e6d3d5b0a0dc9b5c18a4743f64a2275c4d4b4b82ed6953d097af9e5f27debf104bb2dd145c356b985b0a80b6230624be1fe6972e8a4b4374542f37a8033d1227ae54b44600af92f1d24b5e7b9ce59444577dc0d868b45b179e8dcd3cb3927823e46a06de1cd482803c0b92fcb7b2f2135071fd2351b32b90645b8c2820fd69b6056132b7aeba039fa3eaf05af85795268cae94301fb882940269e60ddb660ef37e53988b3378d5218d05e661f634eedef24630a598ace49c596d3e69a71c7c445dea3359c2b309c5716d6481fcecedfc78b1e085ab7028f4d83c1c2ef4318f7d43bec18110ac94d72365004bbeb649f9a16a80f2920d9826628b9bd77b940ae4cd4fbb640340adf66704343257919849dffeec5168dcee8d54ece46ca96a2d771ec5793c9231ee563b330154b732b51d9e1317cf19d9d3e7edc3f1555961d25f4788ef2fbbf58e9bc43056b37aa6ce430e19a5e895248fe7eb5d27414e87575f387e413949fb92a71add2793bef5b8f99cdf1d1b4edddb1f867a1a573be21871e2b19b9193e9a8bbd64d533eaacbc717fd24ca34572b79a8afb0547084197a184a932fa954e1a1b6d040aca17db570700ce727ff0e1a9f79d4a7ebb98224d25ae72203d1d2c50f595ef8b49191d7c74fd3b22abe1fd2d6642e0e455300614b0ecb79ba71505fae9d767317ea89a6001cd9f4bc2aebce7c63d494443a09b7ace860162fccafb1b309f83bc95c1b95e1fd6a33a3e052bba26c84ab5187ecb2cf9b1bb594b7f83663337a7a2653089cd58db2d7a83b6098345401d8a6ba8598834d3a72be0d4b78665d984e4d1d9d1c2f68dd6dbcb7fa673ae1552601e61fe1bfa526e3ca56c52080989c5f9c8be375d3949a84012ea29dcc2a46a93c4f726e0604ac79f36940ba76361a17304d6d60a0386879e025ecd76dfcdb1df5566bccf3657cb17adae3ea2d4bf3fe2bf166185dd1961b6b886daff93034ad7d5043f5d954ea13b544d3909acb757794937c844832dcd44565850e6573a4eb20d59f0b8dccb10669c97813728a4f1e594dba9597c7ad6fa9ca29d2f3a1075c80f34088a98e60727fffa3b0e00969caf63a7ef896af2ea0bbc879845e0c7736a5606897da4fd7ad8d76935c7113c9f92d5e74caaf385d0c3b4028212b4b7f86a92a94880a294c7458b8e8056f67b902245560df8224a7bb65400ae3aec8d92415c8b19800fca888c1cff8a85da1e589686977b82b9fa403353333a3bdd58570cc35e610ece26a03c0a36080e4075d57fdf372277ba417c4390d43249253fa1b6c89af3fbff7b147a99c1b6b63223d31c16ffd3a0ff18f229a100f73d208a91b4f7a78bd67964fe744a583f057041d5c313c560cef7633f73f0412bea021359fced07585062ae46875e94f2dba3bb0f829cba166238af18b4ab0f4e1cc123aa39eed5724bdd26acd090ebbdb89d3f1a40dfea8c0f8b67598618e1a333ac4a14574786f41437dc132729e8d88ddad052bd847483fe7bdf2026bad4969c0af121f4c3dbfbfc97ab2177d9bafc6ce91be876122c0a4a4e41e08af4487546943fc0d4c2e0d1db7e24ad7880501bded9704a280315ea3857b304c69148bab04e25d3711452c3753474538cb3d6996e7285fbbd3c4d2cb9eafba023f313b94d4f5eff402838c0574a616c5c18475b9822a92373909a5de989d557e0f9403564cb8584f27d141bcef26e549895f30800c6e68359722f05c51f22a4115f733502a9dbd59abb3aa6c018bf027607fbe88e4ca3865dd2c3125cd7ea4c48e62b0bd2a9559a65e958894db904c6c662e9b123db0106694f505a50643fdc64576bea51bce717f0451e48215d2ca3add351eb4fea03c45e8e10ca77420521697f7ace2fc828826016742d60c98c46bcbd3b0cbf41fcd7b5d06c3478766da6bd1a76e9377c5fe3f7ab1ab7a2315569df84305776dc30ee237cb1693bcd693069001995fca64cdba12f8c938e36d18bdb2fc70fccededb8a95861fdb7fb0438078f35e84d256aef8d6785cece4eb2412cb1736aafc9df8045973530e2a1c618c15dc6814726b5eb7ffea91b6cb4116174e084c61083231c0a89f997d5c833a1a8cbd02fe6591df247b8d33ed4ecc05eae47678275787f5bb4d1deb160029403934a39450eceed5a4ff8c6bf11d7ec64e60a9ce13ef57d71b165bcf88965ac2d68c65926d2ae6db5fd11db26d4b462b327bd96705b9291ab2ab5a6ec3f859c9f94eefe3bed634300b266e7602d26888c7ffd725672ebd8aa1e1a2cd66510e240f1cb0c58cde2eb35c58a43b8129e223e36a8d72f867697a0c2e2372a420a8adc81c1286303c0f18836aa70c6a118e0905a52d8a770ccf80a5f15b28a0e6e56f745b0c6631abd0ee27b84545d94631c7c11c18ca2d2690de102ba71d01c102e3c367427b9feee89b443266810af074e3f981179a55bb870ddee95e8e2721fb8d7f3bc9a3414365794305d4d6ecb491cbf557e653ea16c55db2f94e48d29d08de451c201b4d1d477bf83ec9135fcc16ef11bdba5d267b7f260eaea55b048e62fcc5e274001acc3796fefc6818aebf7ba44c35bcf5aedb832c6272d16a146f65973129bf2991a37682c67645b6605ff8812a78fd78d8790e9a0d3767843371773d172aa0945ffc7863d9376a479906ad7a8a3db7d3034cfe8548515e5931c517b8795a19328eb6e8d88e5e12a59876fae37afd3ac774d06854f174674e809a6394a10d421086f984e5920d34213549bb413b481bc86a41695c3b3e8b9cdd30209d99787abc31f324c058d1c711401727a0ec166cb9d962fddad30f590a3de1837b73fb2a7754ba893110d7a28771843ab9407bbcc662102ee00ed915b0569d081234f8b67b3640c5be242b562b3dbdb12b996c42cb07eb154bd56b91d74d6c3d9304ee25dedf81da2725f9305c2645a48a3ace2ed5085d0df84f9e85d56531e996210948ab6b40aab797efb6bea8e075508bb7a1e681199921cfd4516bc689a021c5de1d4e55c74ea399899358a1b237c59db0f8c473b7d3937a34f6f2dde3d983f6ffd0250dea184e666603cb9487f05a3442c12efbb7d1ab73e8cce6adf240e4226ae0e99db900737b5ffa7a10e9133b948832a94f448426d744caaa82337dba5dfc1da8968904c5b4df6a0cc6cf64140826fb6323ab6d20fe7c546b31f8b4efccfe9c9ce5e87b81457a1bc31bbbfa9910a1859174244b2f327bf0537e56f3bf144ce1ee6242fe5698442eff068864d93e5db2d3a1c72ee5d9db4857ec30a18482ebd7e2a9f076598e3bfcacc7b25027242c787b9a568fb9007477678e21d323c6046170186dc6410e24757299f6fdeeee175d32c2209e6da0e638994bb1beba6cabc2fef3c895916098f7b127dd78b1ef802b33c9d4ed5d523ee497e714bf0db801b11390ab5ed28fe24da5a2499825b9a3f58ef081168ac147c0283afa1f3183f36c62c2624a9811c9af3d4696736b6d2fd3c952ac431daad2e42dfb98162a66451c82a5c7a86d6e418c63b12fadf7f805df10e5851e5d1703289bd1de87dd6e21598a2a0c73fb8f0111ece22cdc3fecf7c6116d5e3d7cf5bcb89c5d8f509ba662b21c8b0919dd3c669d35ad29982f0730155c3fdb9f398513e0fc2f2725fe41b909f4c6d68777b7a0ec887f13e19daaef95b145a7db4968d7362a8e5b3dd4224e93dd3623979080b30bf8ebc8db13af72cad390475dc52a23d4cc1f921932e79492837387eec288f70166470cdd5816bf66cada19146b0cf260452d55708d90055efab5a3fc0346929b0aed8b9ee9cbd6d6c9609ea3ae7105b7a2e79befc92f025f50cf9b38be7a78067908a04aa", 0x2000, &(0x7f0000000a00)={0x0, &(0x7f0000000140)={0x18, 0xffffffffffffffda, 0x5925354b, {0x7}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
lseek(r2, 0x7fffffffffffffff, 0x4)

13.412447074s ago: executing program 8 (id=1758):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r2, &(0x7f00000002c0)=""/200, 0x39)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r3, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000001000)={&(0x7f0000000240)=ANY=[@ANYBLOB="d8010000", @ANYRES16=r4, @ANYBLOB="010000000000fbdbdf25010000000800050001000000060006004e220000140002007767320000000000000000000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5427c010880"], 0x1d8}}, 0x0)

12.533546886s ago: executing program 8 (id=1768):
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = dup(r1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r4}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [], 0x6b}})

12.415015412s ago: executing program 8 (id=1769):
pselect6(0x40, &(0x7f0000000080)={0xe, 0x3, 0x1, 0x1, 0xc, 0x5, 0x72a5, 0x7fffffffffffffff}, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x80000001, 0x0, 0x0, 0x200, 0x2004c8, 0x8000000, 0x7, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x96, 0x0, 0x100000000]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x400000000002002, 0x5, 0x3, 0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x3, 0x3, 0x13ae], 0x0, 0x41901})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

12.249635832s ago: executing program 8 (id=1771):
r0 = open_tree(0xffffffffffffff9c, 0x0, 0x1101)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x8b)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
sendmsg$nl_route(r0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000003c0)='./bus\x00', 0xe, &(0x7f0000000540)={[{@resuid}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@nolazytime}, {@noblock_validity}]}, 0x3, 0x453, &(0x7f00000005c0)="$eJzs3MtvG8UfAPDvruP0119bEkp59AEECiLikTRtgR44AAKJQ5GQ4ADHKEmrUrdBTZBoVUGLUDkhhMQdceRf4AQXhDghcYU7qlShXNpyMlp7ndiO7SaOXUP8+UjbzOyjM9/Mjj07YyeAoTWR/ZNE7I6I3yNiLCLS5hMmqj9urVyeu71yeS6Jcvntv5Lssri5cnmudmqS/9yVZybTiPSzJA62KHfp4qWzs6XSwoU8P7187oPppYuXnjtzbvb0wumF80dPnDh+bObFF44+35M4szrdPPDx4qH9b7z31Zsnv2iIvymOHpnodPDJcrnHxQ3Wnrp0MjLAirAphYjImqtY6f9jUYi1xhuL1z8daOWAviqXy+Vd7Q9fKQPbWBKNeV0ehkXtjT57/q1tzYOAl/s3/Bi4G69UH4CyuG/lW/XIyOo8SLHp+baXJiLi3St/f5Nt0Z95CACABj9k459nW43/0nig7rx78rWh8Yi4NyL2RsR9EbEvIu6PqJz7YEQ8tMnymxdJ1o9/0utdBbZB2fjvpXxtq3H8t7oKNl7Ic3sq8ReTU2dKC0fy38lkFHdk+ZkOZfz42m9ftjtWP/7Ltqz82lgwr8f1kR2N18zPLs9uJeZ6N65GHBhpFX+yuhKQRMT+iDjQZRlnnv7uULtjd46/gx6sM5W/jXiq2v5Xoin+mqTz+uT0/6K0cGS6dles98uv195qV/6W4u+BrP3/3/L+X41/PKlfr13afBnX/vi87TNNt/f/aPJOJT2a7/todnn5wkzEaHKyWun6/UfXrq3la+dn8U8ebt3/98bab+JgRGQ38cMR8UhEPJrX/bGIeDwiDneI/+dXn3i/+/j7K4t/flPtv5YYjeY9rROFsz9931Do+Lr4b3du/+OV1GS+ZyOvfxupV3d3MwAAAPz3pBGxO5J0ajWdplNT1c/L74tIS4tLy8+cWvzw/Hz1OwLjUUxrM11jdfOhM/ljfTV/NSKqHy2oHT+Wzxt/XdhZyU/NLZbmBx08DLldbfp/5s/CoGsH9J3va8Hw0v9heOn/MLz0fxheLfr/zkHUA7j7Wr3/fzKAegB3X1P/t+wHQ2TEcB+GVtv5v+38l3+ACvP/MJSWdsadvyTfMVH7n7q8fNsmovivqMbWE+WkZeNGOuiKSfQzMdjXJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF75JwAA//+QOeBZ")
syz_mount_image$ext4(&(0x7f00000000c0)='ext3\x00', &(0x7f0000000380)='./file0\x00', 0x10e, &(0x7f0000000140)={[{@inlinecrypt}, {@nodelalloc}, {@jqfmt_vfsold}, {@bh}, {@block_validity}, {@quota}]}, 0xb, 0x460, &(0x7f0000001380)="$eJzs289vFFUcAPDvzLZg+WEr4g9+qFU0Nv5oaUHl4EGNJh40MfGCx9oWgizU0JoIIYrG4NGQeDceTfwLPOnFqCcTr3o3JMRwEU1M1szuDLs77C4U2i5lP59k4L2d17733Tdv9715nQAG1nj2TxKxLSJ+j4jRRra9wHjjvyuXz879c/nsXBK12tt/JfVyf18+O1cULX5ua56ZSCPSz5LY06HepdNnjs9Wqwun8vzU8on3p5ZOn3n22InZowtHF07OHDp08MD0C8/PPHeDkfxX63X2nqytuz9a3Lvr9XcuvDl3+MK7P3+bFPGX4lgl471OPlHr2dwNZ3tLOhnqY0NYkUpEZN01XB//o1GJZueNxmuf9rVxwJqq5bqcPlcD7mBJ9LsFQH8UX/TZ+rc41m/20X+XXm4sgLK4r+RH48xQpNFYGA2X1reraTwiDp/796vsiLW5DwEA0Ob7bP7zTKf5Xxr3t5S7O98bGsv3UnZExL0RsTMi7ouol30gIh5cYf3lTZJr5z/pxZsK7AZl878X872t9vlfWhQZq+S57fXMcHLkWHVhf/6eTMTw5iw/3aOOH1797Ytu51rnf9mR1V/MBfN2XBza3P4z87PLs7cSc6tLn0TsHuoUf3J1JyCJiF0Rsfsm6zj21Dd7u50rxT/SvvlY9lJ7dhX2mWpfRzzZ6P9zUYq/kPTen5y6K6oL+6eKq+Jav/x6/q1u9V+//9dW1v9bOl7/V+MfS1r3a5dWXsf5Pz7vuqaZXPH1vyk65T6cXV4+NR2xKXmj0ejW12ea5Yt8UT6Lf2Jf5/G/I5rvxJ6IyC7ihyLi4Yh4JO+7RyPisYjYVw4sbSZ/euXx95q59gv8duj/+VL/j7UXKfV/M7Epyq90TlSO//hd+29sJm/s8+9gPTWRv5J9/l1v97y1FUmPBt7auwcAAAAbQxoR2yJJJ6+m03RysvE3/DtjS1pdXFp++sjiByfnG88IjMVwWtzpatwPbtwPnc6X9UV+ppQ/kN83/rIyUs9Pzi1W5/sdPAy4rV3Gf+bPSr9bB6w5z2vB4DL+YXAZ/zC4jH8YXB3G/0g/2gGsv07f/x83k7XR9WwMsK5K49+2HwwQ638YXMY/DK7W8d/z+XvgTrI0Er0f3h+ARHp7NGODJSLtW+3pqv/mZI1Hwbb+99dKE/3+ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFgd/wcAAP//nHbk3g==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount(0x0, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x1304825, &(0x7f0000000140)='usrjquota=')

11.926166822s ago: executing program 8 (id=1772):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x26, &(0x7f0000000340)={0x1, 0x0, 0xb, 0x2000})
fcntl$lock(r0, 0x25, &(0x7f0000000580)={0x2, 0x1, 0x0, 0x281})
r1 = socket$netlink(0x10, 0x3, 0xa)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r1)
r2 = socket(0x10, 0x80003, 0x0)
write(r2, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd000000", 0x85)
r3 = socket(0x10, 0x80003, 0x0)
write(r3, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd000000", 0x85)
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, 0x0)

11.709357474s ago: executing program 8 (id=1774):
r0 = socket(0x11, 0x800000003, 0x0)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x2003}, 0x4)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x4, &(0x7f0000000140)=@framed={{}, [@ldst={0x3, 0x0, 0x3, 0x1}]}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x101, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000040)=ANY=[@ANYRES32=r3])
ioctl$KVM_RUN(r4, 0xae80, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)=ANY=[@ANYBLOB="50000000100001042dd57000af90000000000000", @ANYRES32=0x0, @ANYBLOB="5d580000000000001c001a8018000a80140007000000000000000000000000000000000014000300626f6e645f736c6176655f3000000000"], 0x50}}, 0x0)

11.674861966s ago: executing program 38 (id=1774):
r0 = socket(0x11, 0x800000003, 0x0)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x2003}, 0x4)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x4, &(0x7f0000000140)=@framed={{}, [@ldst={0x3, 0x0, 0x3, 0x1}]}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x101, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000040)=ANY=[@ANYRES32=r3])
ioctl$KVM_RUN(r4, 0xae80, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)=ANY=[@ANYBLOB="50000000100001042dd57000af90000000000000", @ANYRES32=0x0, @ANYBLOB="5d580000000000001c001a8018000a80140007000000000000000000000000000000000014000300626f6e645f736c6176655f3000000000"], 0x50}}, 0x0)

10.75650197s ago: executing program 1 (id=1797):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
mount$binderfs(0x0, 0x0, 0x0, 0x200000, &(0x7f0000000140)=ANY=[@ANYBLOB="73febc6d11f5deda2762616c2c73746174733d676c6f62616c2c636f6e746578743d756e636f6e66696e65645f752c6d6173"])
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000049c000/0x18000)=nil, &(0x7f0000000400)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000640)=0x1)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000080)=@arm64={0x1, 0xff, 0x9, '\x00', 0x200000000004})
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x8080000)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

10.558609202s ago: executing program 1 (id=1801):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xca02})
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r3, 0xf, 0x0, 0x0, 0x0, 0x0, 0x3f00, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3}, 0x50)
pread64(r0, &(0x7f0000000140)=""/125, 0x7d, 0x9)

10.374317443s ago: executing program 1 (id=1804):
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
rename(0x0, 0x0)
sendmsg$TIPC_NL_PEER_REMOVE(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x400, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x6, 0x0, 0xd, 0x9, 0x0, 0x0, 0x1e84c}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x2}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {0x7, 0x1, 0xb, 0x4, 0x9}, {}, {0x4, 0x0, 0x6}, {0x18, 0x2, 0x2, 0x0, r1}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

10.07199385s ago: executing program 1 (id=1806):
r0 = open_tree(0xffffffffffffff9c, 0x0, 0x1101)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x8b)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
sendmsg$nl_route(r0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000003c0)='./bus\x00', 0xe, &(0x7f0000000540)={[{@resuid}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@nolazytime}, {@noblock_validity}]}, 0x3, 0x453, &(0x7f00000005c0)="$eJzs3MtvG8UfAPDvruP0119bEkp59AEECiLikTRtgR44AAKJQ5GQ4ADHKEmrUrdBTZBoVUGLUDkhhMQdceRf4AQXhDghcYU7qlShXNpyMlp7ndiO7SaOXUP8+UjbzOyjM9/Mjj07YyeAoTWR/ZNE7I6I3yNiLCLS5hMmqj9urVyeu71yeS6Jcvntv5Lssri5cnmudmqS/9yVZybTiPSzJA62KHfp4qWzs6XSwoU8P7187oPppYuXnjtzbvb0wumF80dPnDh+bObFF44+35M4szrdPPDx4qH9b7z31Zsnv2iIvymOHpnodPDJcrnHxQ3Wnrp0MjLAirAphYjImqtY6f9jUYi1xhuL1z8daOWAviqXy+Vd7Q9fKQPbWBKNeV0ehkXtjT57/q1tzYOAl/s3/Bi4G69UH4CyuG/lW/XIyOo8SLHp+baXJiLi3St/f5Nt0Z95CACABj9k459nW43/0nig7rx78rWh8Yi4NyL2RsR9EbEvIu6PqJz7YEQ8tMnymxdJ1o9/0utdBbZB2fjvpXxtq3H8t7oKNl7Ic3sq8ReTU2dKC0fy38lkFHdk+ZkOZfz42m9ftjtWP/7Ltqz82lgwr8f1kR2N18zPLs9uJeZ6N65GHBhpFX+yuhKQRMT+iDjQZRlnnv7uULtjd46/gx6sM5W/jXiq2v5Xoin+mqTz+uT0/6K0cGS6dles98uv195qV/6W4u+BrP3/3/L+X41/PKlfr13afBnX/vi87TNNt/f/aPJOJT2a7/todnn5wkzEaHKyWun6/UfXrq3la+dn8U8ebt3/98bab+JgRGQ38cMR8UhEPJrX/bGIeDwiDneI/+dXn3i/+/j7K4t/flPtv5YYjeY9rROFsz9931Do+Lr4b3du/+OV1GS+ZyOvfxupV3d3MwAAAPz3pBGxO5J0ajWdplNT1c/L74tIS4tLy8+cWvzw/Hz1OwLjUUxrM11jdfOhM/ljfTV/NSKqHy2oHT+Wzxt/XdhZyU/NLZbmBx08DLldbfp/5s/CoGsH9J3va8Hw0v9heOn/MLz0fxheLfr/zkHUA7j7Wr3/fzKAegB3X1P/t+wHQ2TEcB+GVtv5v+38l3+ACvP/MJSWdsadvyTfMVH7n7q8fNsmovivqMbWE+WkZeNGOuiKSfQzMdjXJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF75JwAA//+QOeBZ")
syz_mount_image$ext4(&(0x7f00000000c0)='ext3\x00', &(0x7f0000000380)='./file0\x00', 0x10e, &(0x7f0000000140)={[{@inlinecrypt}, {@nodelalloc}, {@jqfmt_vfsold}, {@bh}, {@block_validity}, {@quota}]}, 0xb, 0x460, &(0x7f0000001380)="$eJzs289vFFUcAPDvzLZg+WEr4g9+qFU0Nv5oaUHl4EGNJh40MfGCx9oWgizU0JoIIYrG4NGQeDceTfwLPOnFqCcTr3o3JMRwEU1M1szuDLs77C4U2i5lP59k4L2d17733Tdv9715nQAG1nj2TxKxLSJ+j4jRRra9wHjjvyuXz879c/nsXBK12tt/JfVyf18+O1cULX5ua56ZSCPSz5LY06HepdNnjs9Wqwun8vzU8on3p5ZOn3n22InZowtHF07OHDp08MD0C8/PPHeDkfxX63X2nqytuz9a3Lvr9XcuvDl3+MK7P3+bFPGX4lgl471OPlHr2dwNZ3tLOhnqY0NYkUpEZN01XB//o1GJZueNxmuf9rVxwJqq5bqcPlcD7mBJ9LsFQH8UX/TZ+rc41m/20X+XXm4sgLK4r+RH48xQpNFYGA2X1reraTwiDp/796vsiLW5DwEA0Ob7bP7zTKf5Xxr3t5S7O98bGsv3UnZExL0RsTMi7ouol30gIh5cYf3lTZJr5z/pxZsK7AZl878X872t9vlfWhQZq+S57fXMcHLkWHVhf/6eTMTw5iw/3aOOH1797Ytu51rnf9mR1V/MBfN2XBza3P4z87PLs7cSc6tLn0TsHuoUf3J1JyCJiF0Rsfsm6zj21Dd7u50rxT/SvvlY9lJ7dhX2mWpfRzzZ6P9zUYq/kPTen5y6K6oL+6eKq+Jav/x6/q1u9V+//9dW1v9bOl7/V+MfS1r3a5dWXsf5Pz7vuqaZXPH1vyk65T6cXV4+NR2xKXmj0ejW12ea5Yt8UT6Lf2Jf5/G/I5rvxJ6IyC7ihyLi4Yh4JO+7RyPisYjYVw4sbSZ/euXx95q59gv8duj/+VL/j7UXKfV/M7Epyq90TlSO//hd+29sJm/s8+9gPTWRv5J9/l1v97y1FUmPBt7auwcAAAAbQxoR2yJJJ6+m03RysvE3/DtjS1pdXFp++sjiByfnG88IjMVwWtzpatwPbtwPnc6X9UV+ppQ/kN83/rIyUs9Pzi1W5/sdPAy4rV3Gf+bPSr9bB6w5z2vB4DL+YXAZ/zC4jH8YXB3G/0g/2gGsv07f/x83k7XR9WwMsK5K49+2HwwQ638YXMY/DK7W8d/z+XvgTrI0Er0f3h+ARHp7NGODJSLtW+3pqv/mZI1Hwbb+99dKE/3+ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFgd/wcAAP//nHbk3g==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount(0x0, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x1304825, &(0x7f0000000140)='usrjquota=')

9.905252s ago: executing program 1 (id=1807):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800800040000000000050017"], 0x44}}, 0x0)

9.777283717s ago: executing program 1 (id=1809):
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000edff7fff00180100002020702500000000002020207b1af8ff00000000bfa100000000d80000000000f8ffffffb702000000000000b703000000000000850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa10000000000000701"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='inet_sock_set_state\x00', r0}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat2(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, 0x0, 0x0)
bind$inet(r1, &(0x7f00000000c0)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r1, 0x0, 0xffffffffffffff7c, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
close(r1)

9.744519279s ago: executing program 39 (id=1809):
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000edff7fff00180100002020702500000000002020207b1af8ff00000000bfa100000000d80000000000f8ffffffb702000000000000b703000000000000850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa10000000000000701"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='inet_sock_set_state\x00', r0}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat2(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, 0x0, 0x0)
bind$inet(r1, &(0x7f00000000c0)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r1, 0x0, 0xffffffffffffff7c, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
close(r1)

6.458967101s ago: executing program 9 (id=1876):
syz_emit_ethernet(0x42, &(0x7f0000000400)=ANY=[], 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote, 0x0, 0x2}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)=@dellink={0x20, 0x11, 0x101, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r4}}, 0x20}}, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

6.418097084s ago: executing program 9 (id=1877):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000280)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x23}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x4)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
setxattr$trusted_overlay_redirect(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x1)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000300)='./file0/../file0\x00')

6.365582817s ago: executing program 9 (id=1879):
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x1)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x38, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x9801}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @dev}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x8000)
socket$packet(0x11, 0x3, 0x300)
sendto$packet(r0, &(0x7f0000000000)='1', 0x1, 0x0, &(0x7f00000001c0)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @local}, 0x14)

6.330510219s ago: executing program 9 (id=1881):
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000001c0), 0xfe, 0x25e, &(0x7f0000001000)="$eJzs3T9o3FYcB/Cf7k9d16a47VIo/QOllNZg3KFQ6NIuLRhKMaUU2oJLKZ2CHXBssvkyZcmQzEnwlMWEbHEyhiwmSyCrk3hwlgwxGWIyJMMFne7C+Xwmjs93CtbnA7L09J70nkDfZ3mQHEBhjUXEDxFRjojxiKhGRNLe4LNsGWsWl4fXZiLq9d8eJ412WTnTOm4kImoR8V1EpVW3uPrX5tP1n788s1D94tLqn8ODur52W5sbv2xf/PX01alvFkvNfaPNdft1HKaky75KEvF+Pzp7QySVvEfAfkyfvHI3zf0HEfF5I//VKDUje3b+rZvV+PrCXseee3Tno0GOFTh89Xo1/R1YqwOFU2o8AyeliYjItkuliYnsGf5eOYljc/Mnxv+fW5j9L++ZCjgESS37u3fjp+tD10Y68v+wnOV/X77t80iBvkjz//v0yv10e7uc92iAgfg4W6X5H/9n6auQfygc+Yfikn8oLvmHI+CA2ZV/KC75h+KSfzjCqq2NWtdq+Yfikn8oro785/I+LpCP9vwDAMVSH8r7DWQgL3nPPwAAAAAAAAAAAAAAAAAAwG7Lw2szrWVQfd46H7H1Y0RUdvY/1KgtN/4fccTbjZ/vPEnSZi8l2WE9+fvTHk/Qo8s5v3397oN8+7/9SX/Oe2pncc9v2y3NRtTSxpOVyu77P2nefwf33ivqq//22MFrSjrK3/8x2P47PV/Jt/+p9Ygb6fwz2W3+K8WHjXX3+We0/RPLB3T8WY8nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYGBeBAAA//9hymrI")
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x83)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
link(&(0x7f0000001240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000007c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
creat(&(0x7f0000000000)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x171c, 0x0, 0x0, 0x0, 0x8, "ef359f413bb93852f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a4b78c660e677df701908b9aaa3f6a00400", "036c47c6780820d1cbf7896de1fdcf335263bdbcef549ba197fce47ddfdd753abd9501ce721b6ae9b49600002a00", "b7326736181c208220000000b9000010000000000000f0ffefffff5aff000001"})
link(&(0x7f0000000a40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

6.166941969s ago: executing program 9 (id=1884):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r2, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r3}, 0x18)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)

6.057230695s ago: executing program 9 (id=1885):
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
setxattr$trusted_overlay_redirect(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x1)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000300)='./file0/../file0\x00')

6.057045925s ago: executing program 40 (id=1885):
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
setxattr$trusted_overlay_redirect(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x1)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000300)='./file0/../file0\x00')

3.23867549s ago: executing program 4 (id=1944):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd22, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff}, {0x0, 0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x840}, 0x1)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x2, 0x4, 0x388, 0xffffffff, 0x1e8, 0x0, 0x1e8, 0xfeffffff, 0xffffffff, 0x2b8, 0x2b8, 0x2b8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@remote, @mcast1, [], [0xff000000], 'macsec0\x00', 'bond_slave_0\x00', {}, {}, 0x0, 0x0, 0x2}, 0x2f2, 0xa8, 0xd0}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x6}}}, {{@uncond, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "ddabf53d9b1435965491f6531877000001e770b667f10900000000000000e3121114449fd20ba2be6e45cae72a972f25170163232ed996b4789b9d00"}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE3={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3e8)

3.23826145s ago: executing program 4 (id=1946):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000002000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r0}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000001280)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24490a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e63e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1fcff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969cc1595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074ebff322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff8a5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2eaa6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000100000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed90868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e104b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40bc96fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373eaea36546791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000be52f93972fb7fadb8dca6dad81a737764ed53c24ae3ade56738b75c393e9a5e80429400904bd31cb243432c098469e29ffb000000000000000000000000004bfd671bf6f4cb7d3f18bb6ceafba78ff55268fb1e4d28f9b4f25125757689bc0889a3a37f48bde3f2c96c8f93f567861d92811b16507da6fc37ca7856b5d159403d62a8b3f993277d5df6238a4287eef4c1f09bc92855ce5de0a48f8b2a842ff43a81d7cf02a967257809"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='signal_generate\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r3}, 0x10)

3.182043023s ago: executing program 4 (id=1949):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
setitimer(0x2, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x4)
ioctl$sock_bt_hci(r0, 0x400448e1, &(0x7f0000000300))

1.928132037s ago: executing program 6 (id=1980):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000000300))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = inotify_init()
readv(r3, &(0x7f0000000200)=[{&(0x7f0000000040)=""/25, 0x19}], 0x1)

1.084612367s ago: executing program 4 (id=1986):
r0 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000000)={0xa0000001})
epoll_wait(r3, &(0x7f0000000380)=[{}], 0x2, 0x1000)

1.069515607s ago: executing program 6 (id=1987):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000086"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000008b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r3}, 0x10)
socketpair(0x11, 0x3, 0x300, &(0x7f0000000000))

1.051888359s ago: executing program 6 (id=1988):
r0 = epoll_create1(0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = socket$unix(0x1, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f0000000240)={0x20000000})
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r3, &(0x7f0000f2cff4)={0x775409470d9a1685})

998.666592ms ago: executing program 6 (id=1991):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r0}, 0x18)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8)
close(r2)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0x13, 0x10, 0x8, 0x0, 0x0, 0x1, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000a80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000005000000b70000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0x1c, &(0x7f00000003c0)={r4, 0x0, 0x0}, 0x10)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r3, &(0x7f0000000040), 0x0}, 0x20)

918.123226ms ago: executing program 6 (id=1993):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d0000000400000007"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f00000000c0)={0x10, 0x0, 0x1, 0x8822d55593a2179}, 0xc)
r1 = socket$inet6(0xa, 0x3, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000280)={{{@in=@multicast1, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x4, 0x0, 0x7, 0x0, 0x9, 0xffffffffffffffff}, {0x0, 0x1000000000, 0x53e5, 0xfff}, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1}, {{@in6=@loopback, 0x0, 0x32}, 0x2, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x1502, 0x1, 0x0, 0x0, 0x0, 0xfffffffd}}, 0xe8)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)

659.525141ms ago: executing program 6 (id=1998):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
setitimer(0x2, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x4)
ioctl$sock_bt_hci(r0, 0x400448e1, &(0x7f0000000300))

450.272033ms ago: executing program 0 (id=2006):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = dup(r1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
close(0x3)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r3}, 0x0, &(0x7f0000000040)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

417.691875ms ago: executing program 0 (id=2009):
mkdir(&(0x7f0000000200)='./file0\x00', 0x60)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10)
r3 = dup(r1)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r3}})
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x101400, 0x0)

392.015037ms ago: executing program 5 (id=2010):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket(0x8000000010, 0x2, 0x0)
write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)
r1 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r1, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x4000095, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r2, 0x8955, &(0x7f0000000180)={{0x2, 0x0, @empty}, {0x20000010304, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2c}}, 0x4, {0x2, 0x4e20, @multicast1=0xe000cc02}})

383.444918ms ago: executing program 0 (id=2011):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000740)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r0}, 0x10)
r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8)
close(r2)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="150000001000000002"], 0x48)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000c80)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {0x7, 0x0, 0xb, 0x2}, {0x85, 0x0, 0x0, 0x51}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_GET_PROG_INFO(0x1c, &(0x7f00000003c0)={r4, 0x0, 0x0}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000700)={{r3}, &(0x7f0000000180), &(0x7f00000006c0)}, 0x20)

337.74353ms ago: executing program 0 (id=2012):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xe, 0x4, 0x8, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000000000000600850000009e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af0ff00000000bfa20000000000000702"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00007fd000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000ffe000/0x2000)=nil)
madvise(&(0x7f00003c1000/0x1000)=nil, 0xdfc3efff, 0x15)

201.314128ms ago: executing program 0 (id=2013):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
epoll_create1(0x0)
r0 = socket(0x1e, 0x1, 0x0)
connect$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r0, &(0x7f0000000080), 0x2000011a)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r2, 0x201, 0x400000, 0x0, {{}, {}, {0x8, 0x11, 0x4}}}, 0x24}}, 0x0)

190.220919ms ago: executing program 5 (id=2014):
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001300)=@newtfilter={0x8c, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xb, 0xfff3}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x58, 0x2, [@TCA_MATCHALL_ACT={0x54, 0x2, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x2}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0xb380, 0x4, 0x0, 0xd87, 0x6}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x10}, 0x0)

185.400839ms ago: executing program 2 (id=2015):
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x25c, &(0x7f0000000440)=@framed={{0x18, 0x2}, [@printk={@ld}, @call={0x85, 0x0, 0x0, 0x7}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x5, 0x4, 0x408, 0xcd, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r0}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f00000007c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002c00000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r3, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

160.138721ms ago: executing program 2 (id=2016):
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000800)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0x7}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x12a35}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x800)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r5, 0xffffffffffffffff, 0x0)

133.911312ms ago: executing program 5 (id=2017):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

133.644262ms ago: executing program 2 (id=2018):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x1000048, 0x0, 0x0, 0x0, &(0x7f0000000340))
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018400110800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000080)={0x18, 0x0, 0x0, {0xfefffffffffffffc}}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100001f00702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESOCT=r2])
fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x0)

77.150416ms ago: executing program 5 (id=2019):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x6, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xffffffff}}, 0x0, 0x9, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r0=>0x0, <r1=>0x0})
close(r0)
setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r2=>0x0, <r3=>0x0})
close(r2)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r4=>0x0, <r5=>0x0})
close(r4)
setsockopt$sock_attach_bpf(r5, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)
setsockopt$sock_attach_bpf(r3, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)

76.981706ms ago: executing program 2 (id=2020):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e000000080000000000180003801400038010"], 0x44}}, 0x0)

70.503156ms ago: executing program 0 (id=2021):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
r1 = gettid()
r2 = eventfd2(0x0, 0x0)
r3 = dup(r2)
read$FUSE(r3, &(0x7f0000000a40)={0x2020}, 0x2020)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xce56fe61a68fc369, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)

56.233717ms ago: executing program 2 (id=2022):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x10)
socket$key(0xf, 0x3, 0x2)
socket$netlink(0x10, 0x3, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000740))
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000004000000"], 0x50)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000006b113e000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r1, &(0x7f0000000000), &(0x7f0000000380)=""/76}, 0x20)

46.163827ms ago: executing program 4 (id=2023):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c8000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
bind$packet(r1, &(0x7f0000000180)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
getsockname$packet(r1, &(0x7f00000015c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="38000000540001000000000000c4000007008209", @ANYRES32=r3, @ANYBLOB="20000100", @ANYRES32], 0x38}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

41.326228ms ago: executing program 5 (id=2024):
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018400110800395032303030"], 0x15)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = dup(r1)
write$FUSE_BMAP(r3, &(0x7f0000000080)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)

28.793038ms ago: executing program 2 (id=2025):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x54, r4, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @loopback}}, {0x14, 0x2, @in={0x2, 0x0, @multicast2}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x60, r4, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x4c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee7719890000000000000000"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x9}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x408c4}, 0x4000004)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r1, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0)

23.885079ms ago: executing program 5 (id=2026):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x4)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0, 0xeeef0000})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000740)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000940))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x20000)

0s ago: executing program 4 (id=2027):
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r3, 0x0, r5, 0x0, 0xf3a, 0x6)
tee(r4, r0, 0x8, 0x2)

kernel console output (not intermixed with test programs):

1[1711] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.382119][ T1711] syz.5.541[1711] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.404361][ T1711] device bridge_slave_1 left promiscuous mode
[   54.406956][   T24] usb-storage 5-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[   54.415632][ T1711] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.436330][   T24] scsi host1: usb-storage 5-1:1.0
[   54.443007][ T1711] device bridge_slave_0 left promiscuous mode
[   54.448957][ T1711] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.540727][ T1726] device bond_slave_1 entered promiscuous mode
[   54.547059][ T1726] netlink: 4 bytes leftover after parsing attributes in process `syz.3.550'.
[   54.556794][ T1726] device bond_slave_1 left promiscuous mode
[   54.767303][ T1749] loop3: detected capacity change from 0 to 512
[   54.779676][ T1749] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   54.791159][ T1749] EXT4-fs (loop3): 1 truncate cleaned up
[   54.796791][ T1749] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   54.871689][ T1757] syz.6.562[1757] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.871765][ T1757] syz.6.562[1757] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.903202][ T1757] device bridge_slave_1 left promiscuous mode
[   54.941293][ T1761] loop4: detected capacity change from 0 to 2048
[   54.967865][ T1757] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.975379][ T1757] device bridge_slave_0 left promiscuous mode
[   54.981774][ T1757] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.064088][ T1761] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   55.275872][   T28] audit: type=1400 audit(1739920210.426:307): avc:  denied  { mounton } for  pid=1772 comm="syz.6.566" path="/21/file0" dev="tmpfs" ino=126 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[   55.375537][ T1779] loop6: detected capacity change from 0 to 128
[   55.645954][  T297] EXT4-fs (loop3): unmounting filesystem.
[   55.671139][ T1798] overlayfs: "xino" feature enabled using 2 upper inode bits.
[   55.689560][   T28] audit: type=1400 audit(1739920210.836:308): avc:  denied  { bind } for  pid=1799 comm="syz.5.578" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   55.709200][  T319] usb 5-1: USB disconnect, device number 3
[   55.756782][ T1806] loop3: detected capacity change from 0 to 128
[   55.850713][ T1812] loop3: detected capacity change from 0 to 128
[   55.857592][ T1812] FAT-fs (loop3): invalid media value (0x00)
[   55.864271][ T1812] FAT-fs (loop3): This doesn't look like a DOS 1.x volume; no bootstrapping code
[   55.873502][ T1812] FAT-fs (loop3): Can't find a valid FAT filesystem
[   55.932889][  T350] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   56.266697][  T296] EXT4-fs (loop4): unmounting filesystem.
[   56.342096][ T1822] loop6: detected capacity change from 0 to 2048
[   56.363085][ T1820] syz.4.584[1820] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   56.364873][ T1820] syz.4.584[1820] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   56.381891][ T1822] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[   56.402257][ T1825] device bridge_slave_1 left promiscuous mode
[   56.408450][ T1825] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.446235][ T1825] device bridge_slave_0 left promiscuous mode
[   56.454214][ T1825] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.572846][ T1832] syz.2.588[1832] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   56.572918][ T1832] syz.2.588[1832] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   56.589012][ T1832] syz.2.588[1832] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   56.603281][ T1832] syz.2.588[1832] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   56.650763][ T1834] netlink: 12 bytes leftover after parsing attributes in process `syz.4.589'.
[   56.674592][ T1834] tipc: Started in network mode
[   56.679438][ T1834] tipc: Node identity @emory.en, cluster identity 8
[   56.690263][ T1838] netlink: 4 bytes leftover after parsing attributes in process `syz.3.591'.
[   56.741073][ T1838] netlink: 12 bytes leftover after parsing attributes in process `syz.3.591'.
[   56.794757][ T1577] EXT4-fs (loop6): unmounting filesystem.
[   56.824534][ T1848] overlayfs: failed to verify origin (/file1, ino=675, err=-116)
[   56.859764][ T1857] device bond_slave_1 entered promiscuous mode
[   56.880420][ T1857] netlink: 4 bytes leftover after parsing attributes in process `syz.6.604'.
[   56.893565][ T1857] device bond_slave_1 left promiscuous mode
[   56.974618][ T1868] netlink: 4 bytes leftover after parsing attributes in process `syz.6.605'.
[   57.019731][ T1868] netlink: 12 bytes leftover after parsing attributes in process `syz.6.605'.
[   57.033390][ T1875] loop3: detected capacity change from 0 to 128
[   57.064177][ T1875] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   57.125858][ T1875] ext4 filesystem being mounted at /122/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   57.159248][ T1887] tipc: Failed to remove unknown binding: 66,1,1/0:4284420238/4284420240
[   57.217394][ T1887] tipc: Failed to remove unknown binding: 66,1,1/0:4284420238/4284420240
[   57.226237][ T1875] fscrypt: Adiantum using implementation "adiantum(xchacha12-simd,aes-aesni,nhpoly1305-generic)"
[   57.270640][  T297] EXT4-fs (loop3): unmounting filesystem.
[   57.402613][ T1906] tipc: Started in network mode
[   57.407339][ T1906] tipc: Node identity ac14140f, cluster identity 4711
[   57.440787][ T1906] tipc: New replicast peer: 255.255.255.255
[   57.446759][ T1906] tipc: Enabled bearer <udp:syz2>, priority 10
[   57.456081][ T1916] tipc: Started in network mode
[   57.466928][ T1916] tipc: Node identity 7, cluster identity 4711
[   57.473302][ T1916] tipc: Node number set to 7
[   57.567079][ T1932] netlink: 4 bytes leftover after parsing attributes in process `syz.3.632'.
[   57.588946][ T1932] netlink: 12 bytes leftover after parsing attributes in process `syz.3.632'.
[   57.739603][   T28] audit: type=1400 audit(1739920212.886:309): avc:  denied  { read } for  pid=1942 comm="syz.3.636" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   57.920932][ T1958] netlink: 96 bytes leftover after parsing attributes in process `syz.5.643'.
[   58.039150][  T625] tipc: Left network mode
[   58.306587][ T2009] overlayfs: failed to clone upperpath
[   58.307469][ T1994] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.324651][ T1994] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.332776][ T1994] device bridge_slave_0 entered promiscuous mode
[   58.350280][ T1994] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.357201][ T1994] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.364918][ T1994] device bridge_slave_1 entered promiscuous mode
[   58.430611][ T1994] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.437520][ T1994] bridge0: port 2(bridge_slave_1) entered forwarding state
[   58.444618][ T1994] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.451470][ T1994] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.458821][   T24] tipc: Node number set to 2886997007
[   58.483684][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   58.492415][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.499619][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.522440][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   58.530872][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.537771][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.545494][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   58.555365][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.562242][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[   58.569764][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   58.577681][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   58.697281][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   58.707943][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   58.715913][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   58.723236][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   58.731451][ T1994] device veth0_vlan entered promiscuous mode
[   58.742729][ T1994] device veth1_macvtap entered promiscuous mode
[   58.750086][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   58.761349][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   58.771315][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   58.786943][   T28] audit: type=1400 audit(1739920213.936:310): avc:  denied  { unmount } for  pid=1994 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   58.901280][ T2026] SELinux:  Context system_u:object_r:syslog_conf_t:s0 is not valid (left unmapped).
[   58.909983][   T28] audit: type=1400 audit(1739920214.056:311): avc:  denied  { relabelfrom } for  pid=2024 comm="syz.3.680" name="NETLINK" dev="sockfs" ino=22494 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   58.969239][   T28] audit: type=1400 audit(1739920214.066:312): avc:  denied  { relabelto } for  pid=2024 comm="syz.3.680" name="NETLINK" dev="sockfs" ino=22494 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=netlink_netfilter_socket permissive=1 trawcon="system_u:object_r:syslog_conf_t:s0"
[   59.230969][ T2056] loop7: detected capacity change from 0 to 128
[   59.237496][ T2056] journal_path: Lookup failure for './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
[   59.260071][   T24] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   59.266830][ T2056] EXT4-fs: error: could not find journal device path
[   59.358481][ T2064] loop7: detected capacity change from 0 to 8192
[   59.368713][ T2064] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   59.439917][   T24] usb 4-1: Using ep0 maxpacket: 32
[   59.446174][   T24] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   59.457486][   T24] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   59.469080][   T24] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   59.478343][   T24] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[   59.487151][   T24] usb 4-1: Product: syz
[   59.491479][   T24] usb 4-1: Manufacturer: syz
[   59.497447][ T2064] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 1044)
[   59.501231][   T24] hub 4-1:4.0: USB hub found
[   59.506264][ T2064] FAT-fs (loop7): Filesystem has been set read-only
[   59.517098][ T2064] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 1044)
[   59.525768][ T2064] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 1044)
[   59.534820][ T2069] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 1044)
[   59.588932][ T1994] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 1044)
[   59.701650][   T24] hub 4-1:4.0: 2 ports detected
[   59.712302][ T2082] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   59.728800][ T2083] ªªªªªª: renamed from vlan0
[   60.346346][ T2110] loop6: detected capacity change from 0 to 40427
[   60.354490][ T2110] F2FS-fs (loop6): invalid crc value
[   60.361798][ T2110] F2FS-fs (loop6): Found nat_bits in checkpoint
[   60.398932][ T2110] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   60.406664][   T28] audit: type=1400 audit(1739920215.556:313): avc:  denied  { mount } for  pid=2109 comm="syz.6.703" name="/" dev="loop6" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   60.444262][   T28] audit: type=1326 audit(1739920215.596:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2131 comm="syz.5.710" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f016bb8cde9 code=0x0
[   60.513912][   T24] usb 4-1: USB disconnect, device number 3
[   60.955532][ T2142] overlayfs: failed to clone upperpath
[   60.980010][  T532] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   61.171048][  T532] usb 7-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[   61.180408][  T532] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   61.188895][  T532] usb 7-1: config 0 descriptor??
[   61.603739][  T532] hid-generic 0003:04F3:0755.0002: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.6-1/input0
[   61.804398][   T19] usb 7-1: USB disconnect, device number 2
[   62.405799][ T2191] bpf_get_probe_write_proto: 12 callbacks suppressed
[   62.405821][ T2191] syz.5.732[2191] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   62.412823][ T2191] syz.5.732[2191] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   62.922573][ T2207] loop5: detected capacity change from 0 to 512
[   62.947614][ T2207] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   62.959047][ T2207] EXT4-fs (loop5): 1 truncate cleaned up
[   62.964718][ T2207] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   63.758610][  T589] EXT4-fs (loop5): unmounting filesystem.
[   64.814128][   T28] audit: type=1400 audit(1739920219.966:315): avc:  denied  { watch watch_reads } for  pid=2272 comm="syz.5.764" path="/126" dev="tmpfs" ino=694 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   64.907436][ T2281] loop6: detected capacity change from 0 to 2048
[   64.958872][ T2281] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[   64.970001][ T2281] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.009540][ T2281] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.767: bg 0: block 345: padding at end of block bitmap is not set
[   65.032284][  T318] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 32777 with max blocks 1 with error 28
[   65.045371][  T318] EXT4-fs (loop6): This should not happen!! Data will be lost
[   65.045371][  T318] 
[   65.055082][  T318] EXT4-fs (loop6): Total free blocks count 0
[   65.061004][  T318] EXT4-fs (loop6): Free/Dirty block details
[   65.066796][  T318] EXT4-fs (loop6): free_blocks=0
[   65.071659][  T318] EXT4-fs (loop6): dirty_blocks=16
[   65.076661][  T318] EXT4-fs (loop6): Block reservation details
[   65.082522][  T318] EXT4-fs (loop6): i_reserved_data_blocks=1
[   65.088996][ T1577] EXT4-fs (loop6): unmounting filesystem.
[   65.296653][ T2307] netlink: 24 bytes leftover after parsing attributes in process `syz.7.778'.
[   65.318071][   T28] audit: type=1400 audit(1739920220.466:316): avc:  denied  { create } for  pid=2308 comm="syz.7.779" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[   65.353686][   T28] audit: type=1400 audit(1739920220.506:317): avc:  denied  { mount } for  pid=2312 comm="syz.2.780" name="/" dev="ramfs" ino=22995 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   65.562126][ T2345] loop3: detected capacity change from 0 to 256
[   65.581733][ T2345] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[   65.606930][   T28] audit: type=1400 audit(1739920220.756:318): avc:  denied  { write } for  pid=2344 comm="syz.3.794" name="file1" dev="loop3" ino=1048635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   65.630055][ T2345] exFAT-fs (loop3): hint_cluster is invalid (17)
[   65.643914][   T28] audit: type=1400 audit(1739920220.756:319): avc:  denied  { open } for  pid=2344 comm="syz.3.794" name="file1" dev="loop3" ino=1048635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   65.668482][   T28] audit: type=1400 audit(1739920220.796:320): avc:  denied  { read } for  pid=2344 comm="syz.3.794" name="file1" dev="loop3" ino=1048635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   65.720324][ T2353] binder: 2352:2353 unknown command 0
[   65.721159][   T28] audit: type=1400 audit(1739920220.866:321): avc:  denied  { read } for  pid=2352 comm="syz.3.797" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   65.729961][ T2353] binder: 2352:2353 ioctl c0306201 400000000300 returned -22
[   65.775162][   T28] audit: type=1400 audit(1739920220.866:322): avc:  denied  { open } for  pid=2352 comm="syz.3.797" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   65.807266][   T28] audit: type=1400 audit(1739920220.866:323): avc:  denied  { ioctl } for  pid=2352 comm="syz.3.797" path="/dev/binderfs/binder0" dev="binder" ino=4 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   65.834242][   T28] audit: type=1400 audit(1739920220.866:324): avc:  denied  { set_context_mgr } for  pid=2352 comm="syz.3.797" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   65.885745][ T2363] syz.6.802[2363] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   65.885819][ T2363] syz.6.802[2363] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   65.923285][ T2367] loop6: detected capacity change from 0 to 512
[   65.979045][ T2375] syz.3.808[2375] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   65.979118][ T2375] syz.3.808[2375] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   65.995823][ T2367] EXT4-fs (loop6): 1 orphan inode deleted
[   66.009561][ T2379] loop3: detected capacity change from 0 to 512
[   66.013445][    T8] EXT4-fs error (device loop6): ext4_release_dquot:6804: comm kworker/u4:0: Failed to release dquot type 1
[   66.029944][ T2367] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   66.039182][ T2367] ext4 filesystem being mounted at /70/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.084596][ T2379] EXT4-fs error (device loop3): ext4_acquire_dquot:6781: comm syz.3.809: Failed to acquire dquot type 0
[   66.100270][ T1577] EXT4-fs (loop6): unmounting filesystem.
[   66.106184][ T2379] EXT4-fs (loop3): Remounting filesystem read-only
[   66.120005][ T2379] EXT4-fs error (device loop3): ext4_acquire_dquot:6781: comm syz.3.809: Failed to acquire dquot type 0
[   66.137876][ T2379] EXT4-fs (loop3): Remounting filesystem read-only
[   66.144937][ T2379] EXT4-fs error (device loop3): ext4_acquire_dquot:6781: comm syz.3.809: Failed to acquire dquot type 0
[   66.156654][ T2379] EXT4-fs (loop3): Remounting filesystem read-only
[   66.163459][ T2379] EXT4-fs (loop3): 1 orphan inode deleted
[   66.169078][ T2379] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   66.187044][ T2379] ext4 filesystem being mounted at /157/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.212820][  T297] EXT4-fs (loop3): unmounting filesystem.
[   66.313205][ T2400] netlink: 96 bytes leftover after parsing attributes in process `syz.3.816'.
[   66.462717][ T2422] netlink: 76 bytes leftover after parsing attributes in process `syz.7.826'.
[   66.521621][ T2408] loop6: detected capacity change from 0 to 40427
[   66.525218][ T2424] loop7: detected capacity change from 0 to 8192
[   66.534903][ T2408] F2FS-fs (loop6): fault_injection options not supported
[   66.543092][ T2408] F2FS-fs (loop6): invalid crc value
[   66.549645][ T2408] F2FS-fs (loop6): Found nat_bits in checkpoint
[   66.570431][ T2424]  loop7: p1 p2 p3
[   66.578833][ T2408] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   66.664377][  T740] udevd[740]: inotify_add_watch(7, /dev/loop7p2, 10) failed: No such file or directory
[   66.676593][  T315] udevd[315]: inotify_add_watch(7, /dev/loop7p3, 10) failed: No such file or directory
[   66.677835][  T350] udevd[350]: inotify_add_watch(7, /dev/loop7p1, 10) failed: No such file or directory
[   66.689201][ T1577] F2FS-fs (loop6): access invalid blkaddr:2816
[   66.704425][ T1577] CPU: 1 PID: 1577 Comm: syz-executor Not tainted 6.1.124-syzkaller-00016-ga5f88b652947 #0
[   66.714231][ T1577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   66.724126][ T1577] Call Trace:
[   66.727251][ T1577]  <TASK>
[   66.730029][ T1577]  dump_stack_lvl+0x151/0x1b7
[   66.734544][ T1577]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[   66.739833][ T1577]  ? f2fs_get_next_page_offset+0x770/0x770
[   66.745478][ T1577]  dump_stack+0x15/0x18
[   66.749470][ T1577]  __f2fs_is_valid_blkaddr+0xda6/0x1450
[   66.754852][ T1577]  f2fs_is_valid_blkaddr+0x25/0x30
[   66.759879][ T1577]  f2fs_map_blocks+0xd10/0x4510
[   66.764574][ T1577]  ? f2fs_map_lock+0x260/0x260
[   66.769344][ T1577]  ? xa_load+0x1a1/0x210
[   66.773417][ T1577]  ? xas_find_conflict+0x8c0/0x8c0
[   66.778463][ T1577]  f2fs_mpage_readpages+0xc65/0x20f0
[   66.783581][ T1577]  ? get_page_from_freelist+0x3a98/0x3b10
[   66.789134][ T1577]  ? dquot_release_reservation_block+0xa0/0xa0
[   66.795944][ T1577]  ? __this_cpu_preempt_check+0x13/0x20
[   66.801289][ T1577]  ? memcg_rstat_updated+0x57/0x120
[   66.806409][ T1577]  f2fs_readahead+0xfd/0x250
[   66.810826][ T1577]  ? blk_start_plug+0x9c/0x130
[   66.815428][ T1577]  read_pages+0x1be/0xd40
[   66.819671][ T1577]  ? workingset_activation+0x430/0x430
[   66.824892][ T1577]  ? folio_add_lru+0x280/0x3f0
[   66.829490][ T1577]  ? page_cache_ra_unbounded+0x800/0x800
[   66.834965][ T1577]  ? filemap_add_folio+0x18f/0x200
[   66.839901][ T1577]  ? __filemap_add_folio+0xdb0/0xdb0
[   66.845037][ T1577]  page_cache_ra_unbounded+0x61f/0x800
[   66.850350][ T1577]  ? readahead_gfp_mask+0x190/0x190
[   66.855351][ T1577]  ? __kernel_text_address+0xd/0x40
[   66.860393][ T1577]  ? unwind_get_return_address+0x4d/0x90
[   66.865856][ T1577]  page_cache_ra_order+0x987/0xc40
[   66.870806][ T1577]  ? do_page_cache_ra+0x110/0x110
[   66.875665][ T1577]  ? __stack_depot_save+0x36/0x480
[   66.880694][ T1577]  ? sysvec_irq_work+0x61/0xc0
[   66.885296][ T1577]  ? putname+0xfa/0x150
[   66.889375][ T1577]  ondemand_readahead+0x925/0xef0
[   66.894247][ T1577]  ? kasan_set_track+0x4b/0x70
[   66.898835][ T1577]  ? kasan_save_free_info+0x2b/0x40
[   66.903870][ T1577]  ? ____kasan_slab_free+0x131/0x180
[   66.909021][ T1577]  ? do_syscall_64+0x3b/0xb0
[   66.913425][ T1577]  ? page_cache_sync_ra+0x450/0x450
[   66.918467][ T1577]  ? blk_cgroup_congested+0x132/0x150
[   66.923668][ T1577]  page_cache_sync_ra+0x3d6/0x450
[   66.928519][ T1577]  f2fs_readdir+0x599/0xc10
[   66.932947][ T1577]  ? f2fs_fill_dentries+0xd00/0xd00
[   66.937978][ T1577]  ? __this_cpu_preempt_check+0x13/0x20
[   66.943371][ T1577]  ? memcg_rstat_updated+0x57/0x120
[   66.948394][ T1577]  ? security_file_permission+0x86/0xb0
[   66.953775][ T1577]  iterate_dir+0x265/0x600
[   66.958029][ T1577]  ? f2fs_fill_dentries+0xd00/0xd00
[   66.963082][ T1577]  __se_sys_getdents64+0x1c1/0x460
[   66.968542][ T1577]  ? __x64_sys_getdents64+0x90/0x90
[   66.973565][ T1577]  ? filldir+0x670/0x670
[   66.977646][ T1577]  ? debug_smp_processor_id+0x17/0x20
[   66.982871][ T1577]  ? fpregs_assert_state_consistent+0xb6/0xe0
[   66.988754][ T1577]  ? exit_to_user_mode_prepare+0x39/0xa0
[   66.994653][ T1577]  __x64_sys_getdents64+0x7b/0x90
[   66.999516][ T1577]  x64_sys_call+0x5ae/0x9a0
[   67.003852][ T1577]  do_syscall_64+0x3b/0xb0
[   67.008105][ T1577]  ? clear_bhb_loop+0x55/0xb0
[   67.012628][ T1577]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   67.018382][ T1577] RIP: 0033:0x7fac4f9bf753
[   67.022605][ T1577] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 52 3e f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[   67.042044][ T1577] RSP: 002b:00007ffc0013ad88 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[   67.050286][ T1577] RAX: ffffffffffffffda RBX: 000055558923f4e0 RCX: 00007fac4f9bf753
[   67.058099][ T1577] RDX: 0000000000008000 RSI: 000055558923f4e0 RDI: 0000000000000005
[   67.065909][ T1577] RBP: 000055558923f4b4 R08: 0000000000000000 R09: 0000000000000000
[   67.073722][ T1577] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[   67.081620][ T1577] R13: 0000000000000010 R14: 000055558923f4b0 R15: 00007ffc0013d040
[   67.089437][ T1577]  </TASK>
[   67.093163][ T1577] F2FS-fs (loop6): access invalid blkaddr:2816
[   67.099615][ T1577] CPU: 0 PID: 1577 Comm: syz-executor Not tainted 6.1.124-syzkaller-00016-ga5f88b652947 #0
[   67.109417][ T1577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   67.119477][ T1577] Call Trace:
[   67.122603][ T1577]  <TASK>
[   67.125380][ T1577]  dump_stack_lvl+0x151/0x1b7
[   67.129884][ T1577]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[   67.135176][ T1577]  ? f2fs_get_next_page_offset+0x770/0x770
[   67.140818][ T1577]  dump_stack+0x15/0x18
[   67.144831][ T1577]  __f2fs_is_valid_blkaddr+0xda6/0x1450
[   67.150192][ T1577]  f2fs_is_valid_blkaddr+0x25/0x30
[   67.155148][ T1577]  f2fs_map_blocks+0xd10/0x4510
[   67.159833][ T1577]  ? f2fs_map_lock+0x260/0x260
[   67.164425][ T1577]  ? xa_load+0x1a1/0x210
[   67.168532][ T1577]  ? xas_find_conflict+0x8c0/0x8c0
[   67.173454][ T1577]  ? folio_unlock+0x5c/0x70
[   67.177793][ T1577]  f2fs_mpage_readpages+0xc65/0x20f0
[   67.182922][ T1577]  ? get_page_from_freelist+0x3a98/0x3b10
[   67.188470][ T1577]  ? dquot_release_reservation_block+0xa0/0xa0
[   67.194457][ T1577]  ? __this_cpu_preempt_check+0x13/0x20
[   67.199837][ T1577]  ? memcg_rstat_updated+0x57/0x120
[   67.204886][ T1577]  f2fs_readahead+0xfd/0x250
[   67.209303][ T1577]  ? blk_start_plug+0x9c/0x130
[   67.213897][ T1577]  read_pages+0x1be/0xd40
[   67.218063][ T1577]  ? workingset_activation+0x430/0x430
[   67.223359][ T1577]  ? folio_add_lru+0x280/0x3f0
[   67.227959][ T1577]  ? page_cache_ra_unbounded+0x800/0x800
[   67.233436][ T1577]  ? filemap_add_folio+0x18f/0x200
[   67.238373][ T1577]  ? __filemap_add_folio+0xdb0/0xdb0
[   67.243496][ T1577]  page_cache_ra_unbounded+0x61f/0x800
[   67.248891][ T1577]  ? readahead_gfp_mask+0x190/0x190
[   67.253908][ T1577]  ? __kernel_text_address+0xd/0x40
[   67.258952][ T1577]  ? unwind_get_return_address+0x4d/0x90
[   67.264501][ T1577]  page_cache_ra_order+0x987/0xc40
[   67.269450][ T1577]  ? do_page_cache_ra+0x110/0x110
[   67.274400][ T1577]  ? __stack_depot_save+0x36/0x480
[   67.279340][ T1577]  ? sysvec_irq_work+0x61/0xc0
[   67.283938][ T1577]  ? putname+0xfa/0x150
[   67.287931][ T1577]  ondemand_readahead+0x925/0xef0
[   67.292804][ T1577]  ? kasan_set_track+0x4b/0x70
[   67.297654][ T1577]  ? kasan_save_free_info+0x2b/0x40
[   67.302685][ T1577]  ? ____kasan_slab_free+0x131/0x180
[   67.307810][ T1577]  ? do_syscall_64+0x3b/0xb0
[   67.312242][ T1577]  ? page_cache_sync_ra+0x450/0x450
[   67.317274][ T1577]  ? blk_cgroup_congested+0x132/0x150
[   67.322479][ T1577]  page_cache_sync_ra+0x3d6/0x450
[   67.327342][ T1577]  f2fs_readdir+0x599/0xc10
[   67.331703][ T1577]  ? f2fs_fill_dentries+0xd00/0xd00
[   67.336719][ T1577]  ? __this_cpu_preempt_check+0x13/0x20
[   67.342091][ T1577]  ? memcg_rstat_updated+0x57/0x120
[   67.347128][ T1577]  ? security_file_permission+0x86/0xb0
[   67.352507][ T1577]  iterate_dir+0x265/0x600
[   67.356762][ T1577]  ? f2fs_fill_dentries+0xd00/0xd00
[   67.361795][ T1577]  __se_sys_getdents64+0x1c1/0x460
[   67.366743][ T1577]  ? __x64_sys_getdents64+0x90/0x90
[   67.371771][ T1577]  ? filldir+0x670/0x670
[   67.375853][ T1577]  ? debug_smp_processor_id+0x17/0x20
[   67.381061][ T1577]  ? fpregs_assert_state_consistent+0xb6/0xe0
[   67.386963][ T1577]  ? exit_to_user_mode_prepare+0x39/0xa0
[   67.392517][ T1577]  __x64_sys_getdents64+0x7b/0x90
[   67.397379][ T1577]  x64_sys_call+0x5ae/0x9a0
[   67.401716][ T1577]  do_syscall_64+0x3b/0xb0
[   67.405972][ T1577]  ? clear_bhb_loop+0x55/0xb0
[   67.410482][ T1577]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   67.416210][ T1577] RIP: 0033:0x7fac4f9bf753
[   67.420464][ T1577] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 52 3e f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[   67.439905][ T1577] RSP: 002b:00007ffc0013ad88 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[   67.448152][ T1577] RAX: ffffffffffffffda RBX: 000055558923f4e0 RCX: 00007fac4f9bf753
[   67.455961][ T1577] RDX: 0000000000008000 RSI: 000055558923f4e0 RDI: 0000000000000005
[   67.463774][ T1577] RBP: 000055558923f4b4 R08: 0000000000000000 R09: 0000000000000000
[   67.471583][ T1577] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[   67.479396][ T1577] R13: 0000000000000010 R14: 000055558923f4b0 R15: 00007ffc0013d040
[   67.487213][ T1577]  </TASK>
[   67.491134][ T1577] syz-executor: attempt to access beyond end of device
[   67.491134][ T1577] loop6: rw=0, sector=45064, nr_sectors = 8 limit=40427
[   67.528227][    T8] kworker/u4:0: attempt to access beyond end of device
[   67.528227][    T8] loop6: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[   67.559957][   T24] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   67.593011][    T8] tipc: Left network mode
[   67.749973][   T24] usb 4-1: Using ep0 maxpacket: 32
[   67.757707][   T24] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   67.770609][   T24] usb 4-1: config 0 has no interfaces?
[   67.776014][   T24] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   67.795100][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   67.806580][   T24] usb 4-1: config 0 descriptor??
[   67.832767][ T2462] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.839678][ T2462] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.847001][ T2462] device bridge_slave_0 entered promiscuous mode
[   67.854297][ T2470] netlink: 24 bytes leftover after parsing attributes in process `syz.2.845'.
[   67.865521][ T2462] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.872444][ T2462] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.879577][ T2462] device bridge_slave_1 entered promiscuous mode
[   67.938178][ T2462] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.945067][ T2462] bridge0: port 2(bridge_slave_1) entered forwarding state
[   67.952163][ T2462] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.958914][ T2462] bridge0: port 1(bridge_slave_0) entered forwarding state
[   67.985955][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   67.993661][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.001546][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.013996][   T39] usb 4-1: USB disconnect, device number 4
[   68.037261][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   68.045684][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.052573][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[   68.061266][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   68.069351][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.076231][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[   68.091627][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   68.099724][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   68.115507][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   68.156407][ T2462] device veth0_vlan entered promiscuous mode
[   68.167319][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   68.179372][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   68.186908][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   68.203769][ T2462] device veth1_macvtap entered promiscuous mode
[   68.211084][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   68.219632][ T2485] netlink: 96 bytes leftover after parsing attributes in process `syz.2.861'.
[   68.235836][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   68.244991][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   68.312981][ T2495] netlink: 4 bytes leftover after parsing attributes in process `syz.7.855'.
[   68.322724][ T2495] netlink: 12 bytes leftover after parsing attributes in process `syz.7.855'.
[   68.355974][ T2495] netlink: 16 bytes leftover after parsing attributes in process `syz.7.855'.
[   68.555256][ T2516] loop7: detected capacity change from 0 to 512
[   68.588673][ T2516] EXT4-fs error (device loop7): ext4_do_update_inode:5226: inode #16: comm syz.7.863: corrupted inode contents
[   68.614744][ T2516] EXT4-fs error (device loop7): ext4_dirty_inode:6091: inode #16: comm syz.7.863: mark_inode_dirty error
[   68.631970][ T2516] EXT4-fs error (device loop7): ext4_do_update_inode:5226: inode #16: comm syz.7.863: corrupted inode contents
[   68.650727][ T2516] EXT4-fs error (device loop7): __ext4_ext_dirty:202: inode #16: comm syz.7.863: mark_inode_dirty error
[   68.662366][ T2516] EXT4-fs error (device loop7): ext4_do_update_inode:5226: inode #16: comm syz.7.863: corrupted inode contents
[   68.684146][ T2516] EXT4-fs error (device loop7) in ext4_orphan_del:305: Corrupt filesystem
[   68.700284][ T2516] EXT4-fs error (device loop7): ext4_do_update_inode:5226: inode #16: comm syz.7.863: corrupted inode contents
[   68.739591][ T2516] EXT4-fs error (device loop7): ext4_truncate:4313: inode #16: comm syz.7.863: mark_inode_dirty error
[   68.781036][ T2516] EXT4-fs error (device loop7) in ext4_process_orphan:347: Corrupt filesystem
[   68.805426][ T2537] syz.2.872[2537] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   68.805506][ T2537] syz.2.872[2537] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   68.823068][ T2516] EXT4-fs (loop7): 1 truncate cleaned up
[   68.840517][   T43] EXT4-fs error (device loop7): ext4_release_dquot:6804: comm kworker/u4:2: Failed to release dquot type 1
[   68.885701][ T2516] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[   68.917627][ T2516] ext4 filesystem being mounted at /41/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   69.230010][  T301] usb 8-1: new full-speed USB device number 2 using dummy_hcd
[   69.431002][  T301] usb 8-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   69.452669][  T301] usb 8-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[   69.477529][  T301] usb 8-1: config 0 interface 0 has no altsetting 0
[   69.490586][  T301] usb 8-1: New USB device found, idVendor=06a3, idProduct=0621, bcdDevice= 0.00
[   69.509238][  T301] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   69.530069][  T301] usb 8-1: config 0 descriptor??
[   69.581959][ T2548] loop3: detected capacity change from 0 to 1024
[   69.620205][  T740] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   69.679381][ T2550] device veth3 entered promiscuous mode
[   69.941007][  T301] saitek 0003:06A3:0621.0003: unbalanced collection at end of report description
[   69.953627][  T301] saitek 0003:06A3:0621.0003: parse failed
[   69.965862][  T301] saitek: probe of 0003:06A3:0621.0003 failed with error -22
[   70.071369][ T2562] loop5: detected capacity change from 0 to 40427
[   70.092147][ T2562] F2FS-fs (loop5): Invalid log blocks per segment (4278190089)
[   70.105439][ T2562] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[   70.120220][ T2562] F2FS-fs (loop5): invalid crc value
[   70.144340][  T301] usb 8-1: USB disconnect, device number 2
[   70.170806][ T2562] F2FS-fs (loop5): Found nat_bits in checkpoint
[   70.251931][ T2562] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[   70.262185][ T2562] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   70.351640][ T2562] syz.5.881: attempt to access beyond end of device
[   70.351640][ T2562] loop5: rw=2049, sector=53248, nr_sectors = 544 limit=40427
[   70.390211][ T2562] syz.5.881: attempt to access beyond end of device
[   70.390211][ T2562] loop5: rw=2049, sector=53248, nr_sectors = 544 limit=40427
[   70.452318][  T589] syz-executor: attempt to access beyond end of device
[   70.452318][  T589] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   70.547404][   T28] kauditd_printk_skb: 27 callbacks suppressed
[   70.547419][   T28] audit: type=1400 audit(1739920225.696:344): avc:  denied  { bind } for  pid=2579 comm="syz.3.887" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   70.588436][   T28] audit: type=1400 audit(1739920225.726:345): avc:  denied  { read write } for  pid=2579 comm="syz.3.887" name="ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   70.613791][   T28] audit: type=1400 audit(1739920225.726:346): avc:  denied  { open } for  pid=2579 comm="syz.3.887" path="/dev/ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   70.643857][   T28] audit: type=1400 audit(1739920225.726:347): avc:  denied  { ioctl } for  pid=2579 comm="syz.3.887" path="/dev/ppp" dev="devtmpfs" ino=154 ioctlcmd=0x7438 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   70.680345][ T1994] EXT4-fs (loop7): unmounting filesystem.
[   70.933075][ T2616] netlink: 24 bytes leftover after parsing attributes in process `syz.5.903'.
[   70.940005][   T28] audit: type=1400 audit(1739920226.086:348): avc:  denied  { nlmsg_read } for  pid=2615 comm="syz.5.903" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   71.060199][ T2627] netlink: 'syz.2.908': attribute type 1 has an invalid length.
[   71.068112][ T2627] netlink: 16 bytes leftover after parsing attributes in process `syz.2.908'.
[   71.081186][ T2627] Zero length message leads to an empty skb
[   71.128165][ T2637] loop3: detected capacity change from 0 to 256
[   71.151951][ T2637] exfat: Deprecated parameter 'utf8'
[   71.165509][ T2637] exfat: Deprecated parameter 'namecase'
[   71.172620][ T2637] exfat: Deprecated parameter 'utf8'
[   71.180596][   T28] audit: type=1400 audit(1739920226.336:349): avc:  denied  { create } for  pid=2638 comm="syz.5.915" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   71.206474][ T2637] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[   71.261619][   T28] audit: type=1400 audit(1739920226.416:350): avc:  denied  { mounton } for  pid=2638 comm="syz.5.915" path="/153/file0" dev="tmpfs" ino=839 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   71.313580][   T28] audit: type=1400 audit(1739920226.466:351): avc:  denied  { unlink } for  pid=589 comm="syz-executor" name="file0" dev="tmpfs" ino=839 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   71.710128][   T28] audit: type=1400 audit(1739920226.856:352): avc:  denied  { create } for  pid=2696 comm="syz.7.938" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   71.765112][ T2706] bridge: RTM_NEWNEIGH with invalid ether address
[   72.205337][ T2724] loop8: detected capacity change from 0 to 128
[   72.240623][  T350] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   72.476710][ T2728] loop5: detected capacity change from 0 to 512
[   72.483255][ T2728] EXT4-fs: Ignoring removed oldalloc option
[   72.490514][ T2728] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[   72.504234][ T2728] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended
[   72.513419][ T2728] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=b846c01c, mo2=0102]
[   72.522180][ T2728] System zones: 0-2, 18-18, 34-34
[   72.528372][ T2728] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -117
[   72.543439][ T2728] EXT4-fs error (device loop5): ext4_orphan_get:1426: comm syz.5.950: bad orphan inode 15
[   72.555056][ T2728] ext4_test_bit(bit=14, block=18) = 1
[   72.560587][ T2728] is_bad_inode(inode)=0
[   72.564555][ T2728] NEXT_ORPHAN(inode)=2264924160
[   72.569245][ T2728] max_ino=32
[   72.572869][ T2728] i_nlink=0
[   72.575838][ T2728] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1087: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   72.590560][ T2728] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.950: bg 0: block 80: padding at end of block bitmap is not set
[   72.604911][ T2728] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6170: Corrupt filesystem
[   72.630318][ T2728] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   72.669012][   T28] audit: type=1400 audit(1739920227.816:353): avc:  denied  { name_bind } for  pid=2727 comm="syz.5.950" src=744 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hi_reserved_port_t tclass=udp_socket permissive=1
[   72.699036][  T589] EXT4-fs (loop5): unmounting filesystem.
[   72.735811][ T2740] netlink: 12 bytes leftover after parsing attributes in process `syz.2.956'.
[   72.778680][ T2748] overlayfs: failed to clone upperpath
[   72.948747][ T2772] loop8: detected capacity change from 0 to 256
[   73.079984][ T2701] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[   73.289941][ T2701] usb 4-1: Using ep0 maxpacket: 16
[   73.295952][ T2701] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[   73.304505][ T2701] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   73.314816][ T2701] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[   73.325052][ T2701] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   73.334318][ T2701] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   73.342134][ T2701] usb 4-1: Product: syz
[   73.346103][ T2701] usb 4-1: Manufacturer: syz
[   73.350546][ T2701] usb 4-1: SerialNumber: syz
[   73.757625][ T2701] usb 4-1: 0:2 : does not exist
[   75.164210][ T2701] usb 4-1: USB disconnect, device number 5
[   75.998727][ T2783] loop7: detected capacity change from 0 to 40427
[   76.030127][ T2783] F2FS-fs (loop7): Invalid log blocks per segment (4278190089)
[   76.037807][ T2783] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[   76.047367][ T2813] netlink: 96 bytes leftover after parsing attributes in process `syz.3.985'.
[   76.060497][ T2783] F2FS-fs (loop7): invalid crc value
[   76.085141][ T2819] netlink: 12 bytes leftover after parsing attributes in process `syz.3.988'.
[   76.095070][ T2783] F2FS-fs (loop7): Found nat_bits in checkpoint
[   76.156653][ T2783] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[   76.167752][ T2783] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[   76.283996][ T2783] syz.7.971: attempt to access beyond end of device
[   76.283996][ T2783] loop7: rw=2049, sector=53248, nr_sectors = 544 limit=40427
[   76.326938][ T2783] syz.7.971: attempt to access beyond end of device
[   76.326938][ T2783] loop7: rw=2049, sector=53248, nr_sectors = 544 limit=40427
[   76.370847][ T1994] syz-executor: attempt to access beyond end of device
[   76.370847][ T1994] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   77.252252][   T28] kauditd_printk_skb: 18 callbacks suppressed
[   77.252267][   T28] audit: type=1400 audit(1739920232.406:372): avc:  denied  { create } for  pid=2888 comm="syz.2.1015" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[   77.316587][ T2898] device bridge0 entered promiscuous mode
[   77.324913][ T2898] bridge0: port 1(macsec1) entered blocking state
[   77.331441][ T2898] bridge0: port 1(macsec1) entered disabled state
[   77.345502][ T2898] device bridge0 left promiscuous mode
[   77.427511][   T28] audit: type=1400 audit(1739920232.576:373): avc:  denied  { listen } for  pid=2902 comm="syz.2.1022" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   77.448464][   T28] audit: type=1400 audit(1739920232.576:374): avc:  denied  { connect } for  pid=2902 comm="syz.2.1022" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   77.480825][   T28] audit: type=1400 audit(1739920232.636:375): avc:  denied  { mounton } for  pid=2907 comm="syz.8.1024" path="/14/file0" dev="incremental-fs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   78.039581][   T28] audit: type=1400 audit(1739920233.186:376): avc:  denied  { create } for  pid=2929 comm="syz.3.1029" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[   78.059947][  T319] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   78.249930][  T319] usb 8-1: Using ep0 maxpacket: 32
[   78.256097][  T319] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   78.279893][  T319] usb 8-1: config 0 has no interfaces?
[   78.297072][  T319] usb 8-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   78.316277][  T319] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   78.332953][  T319] usb 8-1: config 0 descriptor??
[   78.522574][ T2948] syz.2.1037[2948] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   78.522645][ T2948] syz.2.1037[2948] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   78.544302][  T532] usb 8-1: USB disconnect, device number 3
[   79.085055][ T2997] loop7: detected capacity change from 0 to 512
[   79.097279][ T2997] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[   79.110595][   T28] audit: type=1400 audit(1739920234.266:377): avc:  denied  { read } for  pid=2994 comm="syz.5.1059" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   79.135300][ T2997] EXT4-fs (loop7): 1 truncate cleaned up
[   79.143622][ T2997] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[   79.155134][   T28] audit: type=1400 audit(1739920234.306:378): avc:  denied  { setopt } for  pid=3004 comm="syz.5.1061" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   79.315583][   T28] audit: type=1400 audit(1739920234.466:379): avc:  denied  { lock } for  pid=3014 comm="syz.5.1065" path="socket:[25565]" dev="sockfs" ino=25565 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[   79.839913][ T2701] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[   79.900007][ T1994] EXT4-fs (loop7): unmounting filesystem.
[   79.963379][ T3037] loop3: detected capacity change from 0 to 2048
[   79.981578][ T3037] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   80.010209][   T28] audit: type=1400 audit(1739920235.156:380): avc:  denied  { name_bind 0x1000000 } for  pid=3043 comm="syz.7.1076" path="socket:[26040]" dev="sockfs" ino=26040 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[   80.010733][ T3037] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   80.035501][ T2701] usb 9-1: Using ep0 maxpacket: 32
[   80.050476][ T3037] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 33 with error 28
[   80.060726][ T2701] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   80.069064][ T3037] EXT4-fs (loop3): This should not happen!! Data will be lost
[   80.069064][ T3037] 
[   80.078315][ T2701] usb 9-1: config 0 has no interfaces?
[   80.093798][ T2701] usb 9-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   80.101739][ T3037] EXT4-fs (loop3): Total free blocks count 0
[   80.107904][ T2701] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.109737][ T3037] EXT4-fs (loop3): Free/Dirty block details
[   80.120171][ T2701] usb 9-1: config 0 descriptor??
[   80.127695][ T3037] EXT4-fs (loop3): free_blocks=2415919104
[   80.143102][ T3037] EXT4-fs (loop3): dirty_blocks=48
[   80.148163][ T3037] EXT4-fs (loop3): Block reservation details
[   80.157375][ T3037] EXT4-fs (loop3): i_reserved_data_blocks=3
[   80.179219][ T3052] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1079'.
[   80.275087][ T3052] loop5: detected capacity change from 0 to 256
[   80.291694][ T3052] FAT-fs (loop5): Directory bread(block 64) failed
[   80.300320][  T297] EXT4-fs (loop3): unmounting filesystem.
[   80.304634][ T3052] FAT-fs (loop5): Directory bread(block 65) failed
[   80.312460][ T3052] FAT-fs (loop5): Directory bread(block 66) failed
[   80.319089][ T3052] FAT-fs (loop5): Directory bread(block 67) failed
[   80.332618][ T3052] FAT-fs (loop5): Directory bread(block 68) failed
[   80.339900][ T3052] FAT-fs (loop5): Directory bread(block 69) failed
[   80.346406][ T3052] FAT-fs (loop5): Directory bread(block 70) failed
[   80.369811][ T3052] FAT-fs (loop5): Directory bread(block 71) failed
[   80.380849][ T3052] FAT-fs (loop5): Directory bread(block 72) failed
[   80.387500][   T39] usb 9-1: USB disconnect, device number 2
[   80.392929][ T3052] FAT-fs (loop5): Directory bread(block 73) failed
[   80.425180][ T3052] HTB: quantum of class 8012000C is big. Consider r2q change.
[   80.530457][ T3068] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1085'.
[   80.539813][ T3068] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1085'.
[   80.644190][ T3080] overlayfs: failed to clone lowerpath
[   80.668269][ T3080] overlayfs: failed to clone upperpath
[   80.699767][ T3085] tipc: Failed to remove unknown binding: 66,1,1/0:321287216/321287218
[   80.801961][ T3098] device bridge0 entered promiscuous mode
[   80.808384][ T3098] bridge0: port 1(macsec1) entered blocking state
[   80.815629][ T3098] bridge0: port 1(macsec1) entered disabled state
[   80.827170][ T3098] device bridge0 left promiscuous mode
[   80.884649][ T3111] loop5: detected capacity change from 0 to 512
[   80.909154][ T3111] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   80.919974][ T3111] ext4 filesystem being mounted at /200/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.163735][   T28] audit: type=1400 audit(1739920492.310:381): avc:  denied  { rename } for  pid=3110 comm="syz.5.1105" name="file0" dev="loop5" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   81.194140][ T3111] EXT4-fs error (device loop5): ext4_get_first_dir_block:3591: inode #12: block 32: comm syz.5.1105: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   81.234699][ T3111] EXT4-fs error (device loop5): ext4_get_first_dir_block:3594: inode #12: comm syz.5.1105: directory missing '.'
[   81.278374][  T589] EXT4-fs (loop5): unmounting filesystem.
[   81.626584][ T3136] loop5: detected capacity change from 0 to 40427
[   81.677763][ T3136] F2FS-fs (loop5): Found nat_bits in checkpoint
[   81.765686][ T3136] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   81.856688][ T3139] f2fs_ckpt-7:5: attempt to access beyond end of device
[   81.856688][ T3139] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[   82.025235][ T3149] device bridge0 entered promiscuous mode
[   82.050931][ T3149] bridge0: port 1(macsec1) entered blocking state
[   82.064034][ T3149] bridge0: port 1(macsec1) entered disabled state
[   82.083928][ T3149] device bridge0 left promiscuous mode
[   82.247302][ T3159] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '#! 
[   82.247302][ T3159] cct.usage_percpu_sys'
[   82.300847][   T28] audit: type=1326 audit(1739920493.450:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3165 comm="syz.8.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd462f8cde9 code=0x7ffc0000
[   82.321621][   T39] kernel read not supported for file [fscontext] (pid: 39 comm: kworker/1:1)
[   82.324399][   T28] audit: type=1326 audit(1739920493.450:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3165 comm="syz.8.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fd462f8cde9 code=0x7ffc0000
[   82.355944][   T28] audit: type=1326 audit(1739920493.450:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3165 comm="syz.8.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd462f8cde9 code=0x7ffc0000
[   82.379335][   T28] audit: type=1326 audit(1739920493.450:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3165 comm="syz.8.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fd462f8cde9 code=0x7ffc0000
[   82.402474][   T28] audit: type=1326 audit(1739920493.450:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3165 comm="syz.8.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd462f8cde9 code=0x7ffc0000
[   82.425556][   T28] audit: type=1326 audit(1739920493.450:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3165 comm="syz.8.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd462f8cde9 code=0x7ffc0000
[   82.448635][   T28] audit: type=1326 audit(1739920493.450:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3165 comm="syz.8.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd462f8cde9 code=0x7ffc0000
[   82.472011][   T28] audit: type=1326 audit(1739920493.450:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3165 comm="syz.8.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7fd462f8cde9 code=0x7ffc0000
[   82.496097][   T28] audit: type=1326 audit(1739920493.450:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3154 comm="syz.3.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57b8d8cde9 code=0x7fc00000
[   82.519413][   T28] audit: type=1326 audit(1739920493.510:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3165 comm="syz.8.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd462f83da7 code=0x7ffc0000
[   82.756377][ T3192] SELinux:  Context system_u:object_r:mouse_device_t:s0 is not valid (left unmapped).
[   82.835068][ T3202] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1139'.
[   83.030467][ T3210] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1142'.
[   83.081540][ T3210] loop3: detected capacity change from 0 to 256
[   83.126134][ T3210] FAT-fs (loop3): Directory bread(block 64) failed
[   83.139920][ T3210] FAT-fs (loop3): Directory bread(block 65) failed
[   83.159938][ T3210] FAT-fs (loop3): Directory bread(block 66) failed
[   83.166309][ T3210] FAT-fs (loop3): Directory bread(block 67) failed
[   83.207395][ T3210] FAT-fs (loop3): Directory bread(block 68) failed
[   83.224741][ T3210] FAT-fs (loop3): Directory bread(block 69) failed
[   83.240072][ T3210] FAT-fs (loop3): Directory bread(block 70) failed
[   83.246695][ T3210] FAT-fs (loop3): Directory bread(block 71) failed
[   83.261223][ T3210] FAT-fs (loop3): Directory bread(block 72) failed
[   83.284279][ T3210] FAT-fs (loop3): Directory bread(block 73) failed
[   83.294834][ T3223] loop8: detected capacity change from 0 to 256
[   83.336629][ T3210] HTB: quantum of class 8014000C is big. Consider r2q change.
[   83.362297][ T3223] FAT-fs (loop8): Directory bread(block 64) failed
[   83.392245][ T3223] FAT-fs (loop8): Directory bread(block 65) failed
[   83.409975][ T3223] FAT-fs (loop8): Directory bread(block 66) failed
[   83.440431][ T3223] FAT-fs (loop8): Directory bread(block 67) failed
[   83.452853][ T3227] loop7: detected capacity change from 0 to 1024
[   83.459166][ T3223] FAT-fs (loop8): Directory bread(block 68) failed
[   83.478950][ T3223] FAT-fs (loop8): Directory bread(block 69) failed
[   83.485633][ T3223] FAT-fs (loop8): Directory bread(block 70) failed
[   83.492296][ T3223] FAT-fs (loop8): Directory bread(block 71) failed
[   83.498737][ T3223] FAT-fs (loop8): Directory bread(block 72) failed
[   83.505389][ T3223] FAT-fs (loop8): Directory bread(block 73) failed
[   83.826660][ T3252] syz.8.1163[3252] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   83.826735][ T3252] syz.8.1163[3252] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   83.860859][ T3252] syz.8.1163[3252] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   83.884290][ T3252] syz.8.1163[3252] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   83.995205][ T3264] loop3: detected capacity change from 0 to 2048
[   84.016167][ T3266] loop5: detected capacity change from 0 to 2048
[   84.081404][ T3264] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   84.086181][ T3266] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   84.119530][ T3278] loop8: detected capacity change from 0 to 512
[   84.196418][ T3266] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   84.220706][ T3278] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[   84.237700][ T3278] ext4 filesystem being mounted at /44/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   84.249971][ T3266] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 33 with error 28
[   84.292724][ T3266] EXT4-fs (loop5): This should not happen!! Data will be lost
[   84.292724][ T3266] 
[   84.320750][ T3266] EXT4-fs (loop5): Total free blocks count 0
[   84.338344][ T3266] EXT4-fs (loop5): Free/Dirty block details
[   84.348994][ T3266] EXT4-fs (loop5): free_blocks=2415919104
[   84.370830][ T3266] EXT4-fs (loop5): dirty_blocks=48
[   84.376272][ T3266] EXT4-fs (loop5): Block reservation details
[   84.400040][ T3266] EXT4-fs (loop5): i_reserved_data_blocks=3
[   84.440368][  T589] EXT4-fs (loop5): unmounting filesystem.
[   84.446834][  T297] EXT4-fs (loop3): unmounting filesystem.
[   84.502804][ T3288] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1174'.
[   84.673535][ T3307] syz.5.1182 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   84.737715][ T3312] loop5: detected capacity change from 0 to 2048
[   84.825118][ T3312] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   84.864642][ T3278] EXT4-fs error (device loop8): ext4_get_first_dir_block:3591: inode #12: block 32: comm syz.8.1172: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   84.978993][ T3278] EXT4-fs error (device loop8): ext4_get_first_dir_block:3594: inode #12: comm syz.8.1172: directory missing '.'
[   85.080807][ T2462] EXT4-fs (loop8): unmounting filesystem.
[   85.120258][ T3322] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1187'.
[   85.204109][  T589] EXT4-fs (loop5): unmounting filesystem.
[   85.450157][ T3349] loop3: detected capacity change from 0 to 512
[   85.523619][ T3349] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   85.550273][ T3349] ext4 filesystem being mounted at /233/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.680689][ T3359] loop8: detected capacity change from 0 to 2048
[   85.741927][ T3359] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[   85.747470][ T3310] loop7: detected capacity change from 0 to 131072
[   85.790527][ T3310] F2FS-fs (loop7): QUOTA feature is enabled, so ignore jquota_fmt
[   85.808960][ T3310] F2FS-fs (loop7): invalid crc value
[   85.865302][ T3310] F2FS-fs (loop7): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387)
[   85.989953][ T3310] F2FS-fs (loop7): Mounted with checkpoint version = 753bd00b
[   86.001813][ T3349] EXT4-fs error (device loop3): ext4_get_first_dir_block:3591: inode #12: block 32: comm syz.3.1197: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   86.050111][ T3349] EXT4-fs error (device loop3): ext4_get_first_dir_block:3594: inode #12: comm syz.3.1197: directory missing '.'
[   86.078726][  T297] EXT4-fs (loop3): unmounting filesystem.
[   86.115403][ T2462] EXT4-fs (loop8): unmounting filesystem.
[   86.123598][ T3387] loop3: detected capacity change from 0 to 256
[   86.151106][ T3387] FAT-fs (loop3): Directory bread(block 64) failed
[   86.153295][ T3388] netem: change failed
[   86.159111][ T3387] FAT-fs (loop3): Directory bread(block 65) failed
[   86.169050][ T3387] FAT-fs (loop3): Directory bread(block 66) failed
[   86.182645][ T3387] FAT-fs (loop3): Directory bread(block 67) failed
[   86.189109][ T3387] FAT-fs (loop3): Directory bread(block 68) failed
[   86.200015][ T3387] FAT-fs (loop3): Directory bread(block 69) failed
[   86.209577][ T3387] FAT-fs (loop3): Directory bread(block 70) failed
[   86.220040][ T3387] FAT-fs (loop3): Directory bread(block 71) failed
[   86.229783][ T3387] FAT-fs (loop3): Directory bread(block 72) failed
[   86.240095][ T3387] FAT-fs (loop3): Directory bread(block 73) failed
[   86.811576][ T3423] loop3: detected capacity change from 0 to 40427
[   86.914388][ T3423] F2FS-fs (loop3): Found nat_bits in checkpoint
[   86.960028][ T3423] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   87.011205][ T3443] f2fs_ckpt-7:3: attempt to access beyond end of device
[   87.011205][ T3443] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[   87.566109][ T3493] loop7: detected capacity change from 0 to 256
[   87.593824][   T28] kauditd_printk_skb: 238 callbacks suppressed
[   87.593838][   T28] audit: type=1400 audit(1739920498.740:630): avc:  denied  { map } for  pid=3492 comm="syz.7.1253" path="/97/file0/file1" dev="loop7" ino=1048640 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   87.789172][   T28] audit: type=1400 audit(1739920498.930:631): avc:  denied  { mounton } for  pid=3506 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   87.867377][ T3506] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.879299][ T3506] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.888569][ T3506] device bridge_slave_0 entered promiscuous mode
[   87.896870][ T3506] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.904141][ T3506] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.911712][ T3506] device bridge_slave_1 entered promiscuous mode
[   87.946759][ T3519] loop5: detected capacity change from 0 to 1024
[   87.999191][ T3506] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.006082][ T3506] bridge0: port 2(bridge_slave_1) entered forwarding state
[   88.013195][ T3506] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.019958][ T3506] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.118616][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   88.127168][  T332] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.138608][  T332] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.314830][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   88.328355][  T332] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.335269][  T332] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.349635][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   88.357844][  T332] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.364732][  T332] bridge0: port 2(bridge_slave_1) entered forwarding state
[   88.415003][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   88.426189][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   88.441833][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   88.453734][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   88.484164][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   88.504337][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   88.528081][ T3506] device veth0_vlan entered promiscuous mode
[   88.546896][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   88.556562][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   88.572008][ T3506] device veth1_macvtap entered promiscuous mode
[   88.579264][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   88.586906][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   88.594722][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   88.602886][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   88.612561][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   88.633530][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   88.642227][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   88.651188][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   88.659383][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   88.885279][ T3570] I/O error, dev loop19, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   88.899982][ T3570] FAT-fs (loop19): unable to read boot sector
[   89.520590][ T3623] netlink: 96 bytes leftover after parsing attributes in process `syz.8.1306'.
[   89.548626][   T28] audit: type=1326 audit(1739920500.690:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3616 comm="syz.2.1303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195fd8cde9 code=0x7fc00000
[   89.578000][ T3628] device pim6reg1 entered promiscuous mode
[   89.584997][   T28] audit: type=1326 audit(1739920500.690:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3616 comm="syz.2.1303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f195fd8cde9 code=0x7fc00000
[   89.618963][   T28] audit: type=1326 audit(1739920500.720:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3616 comm="syz.2.1303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195fd8cde9 code=0x7fc00000
[   89.644657][   T28] audit: type=1326 audit(1739920500.720:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3616 comm="syz.2.1303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195fd8cde9 code=0x7fc00000
[   89.676663][   T28] audit: type=1326 audit(1739920500.720:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3616 comm="syz.2.1303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195fd8cde9 code=0x7fc00000
[   89.718704][   T28] audit: type=1326 audit(1739920500.720:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3616 comm="syz.2.1303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195fd8cde9 code=0x7fc00000
[   89.770482][   T28] audit: type=1326 audit(1739920500.720:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3616 comm="syz.2.1303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195fd8cde9 code=0x7fc00000
[   89.816431][   T28] audit: type=1326 audit(1739920500.720:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3616 comm="syz.2.1303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195fd8cde9 code=0x7fc00000
[   90.002478][ T3659] loop5: detected capacity change from 0 to 1024
[   90.017600][ T3659] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[   90.046444][ T3664] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1323'.
[   90.061668][ T3664] device vlan2 entered promiscuous mode
[   90.068837][ T3664] device veth0 entered promiscuous mode
[   90.097779][ T3664] device veth0 left promiscuous mode
[   90.195063][ T3668] tipc: Started in network mode
[   90.213536][ T3668] tipc: Node identity 1ed0c2f15fff, cluster identity 4711
[   90.224257][ T3668] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   90.235275][ T3668] +
: renamed from syzkaller0
[   90.241044][ T3668] tipc: Disabling bearer <eth:syzkaller0>
[   90.287770][ T3662] loop9: detected capacity change from 0 to 40427
[   90.297331][ T3662] F2FS-fs (loop9): Found nat_bits in checkpoint
[   90.338416][ T3662] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[   90.374569][ T3680] f2fs_ckpt-7:9: attempt to access beyond end of device
[   90.374569][ T3680] loop9: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[   90.411874][ T3693] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1335'.
[   90.421264][ T3693] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1335'.
[   90.443171][ T3693] netlink: 32 bytes leftover after parsing attributes in process `syz.7.1335'.
[   90.570350][ T3700] device syzkaller0 entered promiscuous mode
[   90.930285][ T3757] loop5: detected capacity change from 0 to 128
[   90.953573][  T332] kworker/u4:4: attempt to access beyond end of device
[   90.953573][  T332] loop5: rw=1, sector=145, nr_sectors = 896 limit=128
[   91.047940][ T3769] loop7: detected capacity change from 0 to 256
[   91.054898][ T3769] FAT-fs (loop7): Unrecognized mount option "ÿÿÿÿÿÿÿ" or missing value
[   91.113478][ T3775] loop5: detected capacity change from 0 to 256
[   91.135448][ T3775] exFAT-fs (loop5): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[   91.170185][   T24] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[   91.360100][   T24] usb 10-1: Using ep0 maxpacket: 16
[   91.366949][   T24] usb 10-1: unable to get BOS descriptor or descriptor too short
[   91.395891][   T24] usb 10-1: config 9 has an invalid interface number: 34 but max is 0
[   91.429094][   T24] usb 10-1: config 9 has no interface number 0
[   91.438495][   T24] usb 10-1: config 9 interface 34 has no altsetting 0
[   91.472726][   T24] usb 10-1: New USB device found, idVendor=06d0, idProduct=0622, bcdDevice=49.1e
[   91.486854][   T24] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   91.504987][   T24] usb 10-1: Product: syz
[   91.509074][   T24] usb 10-1: Manufacturer: syz
[   91.519318][   T24] usb 10-1: SerialNumber: syz
[   91.576195][ T3821] netlink: 'syz.5.1390': attribute type 4 has an invalid length.
[   91.596196][ T3821] netlink: 'syz.5.1390': attribute type 4 has an invalid length.
[   91.620425][ T3821] device veth3 left promiscuous mode
[   91.632052][ T3815] x_tables: unsorted underflow at hook 2
[   91.639499][ T3821] syz.5.1390 (3821) used greatest stack depth: 19656 bytes left
[   91.689972][  T319] usb 9-1: new full-speed USB device number 3 using dummy_hcd
[   91.734550][   T24] net1080: probe of 10-1:9.34 failed with error -22
[   91.742106][   T24] usb 10-1: USB disconnect, device number 2
[   91.847341][ T3849] loop7: detected capacity change from 0 to 512
[   91.859811][ T3849] EXT4-fs: Ignoring removed mblk_io_submit option
[   91.868052][ T3849] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[   91.887109][  T319] usb 9-1: config 0 has an invalid interface number: 41 but max is 0
[   91.895665][  T319] usb 9-1: config 0 has no interface number 0
[   91.902473][  T319] usb 9-1: config 0 interface 41 has no altsetting 0
[   91.918351][  T319] usb 9-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[   91.930771][  T319] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   91.939399][  T319] usb 9-1: Product: syz
[   91.943474][  T319] usb 9-1: Manufacturer: syz
[   91.947865][  T319] usb 9-1: SerialNumber: syz
[   91.953222][  T319] usb 9-1: config 0 descriptor??
[   91.962300][ T1994] EXT4-fs (loop7): unmounting filesystem.
[   91.963041][ T3858] hub 2-0:1.0: USB hub found
[   91.972564][ T3858] hub 2-0:1.0: 1 port detected
[   92.237397][ T3880] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.249128][ T3880] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.258894][ T3880] device bridge_slave_0 entered promiscuous mode
[   92.269236][ T3880] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.276422][ T3880] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.283769][ T3880] device bridge_slave_1 entered promiscuous mode
[   92.394122][    T8] tipc: Left network mode
[   92.458948][ T3880] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.465948][ T3880] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.473069][ T3880] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.479929][ T3880] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.550388][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   92.564043][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.590273][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.603729][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   92.623414][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.630320][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.681721][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   92.694737][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.701609][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.720980][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   92.735881][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   92.758631][ T3880] device veth0_vlan entered promiscuous mode
[   92.761695][  T319] CoreChips 9-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0
[   92.779163][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   92.805761][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   92.822485][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   92.837686][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   92.859522][ T3880] device veth1_macvtap entered promiscuous mode
[   92.875731][ T3924] kvm: pic: non byte write
[   92.881093][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   92.893599][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   92.910502][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   92.935205][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   92.950289][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   92.965025][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   92.978986][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   93.055795][ T3929] device pim6reg1 entered promiscuous mode
[   93.201370][    T8] device bridge_slave_1 left promiscuous mode
[   93.207355][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.230410][    T8] device bridge_slave_0 left promiscuous mode
[   93.242292][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.270133][    T8] device veth1_macvtap left promiscuous mode
[   93.281118][    T8] device veth0_vlan left promiscuous mode
[   93.479958][  T301] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   93.526532][ T3973] overlayfs: failed to clone upperpath
[   93.660849][ T3980] xt_bpf: check failed: parse error
[   93.661030][  T301] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   93.676951][  T301] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   93.686555][  T301] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[   93.697375][  T301] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.717692][  T301] usb 6-1: config 0 descriptor??
[   93.722442][ T3986] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1457'.
[   93.723095][ T3986] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1457'.
[   93.775142][   T28] kauditd_printk_skb: 90 callbacks suppressed
[   93.775157][   T28] audit: type=1400 audit(1739920504.920:730): avc:  denied  { create } for  pid=3994 comm="syz.1.1460" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   93.853331][   T28] audit: type=1400 audit(1739920505.000:731): avc:  denied  { append } for  pid=3994 comm="syz.1.1460" name="file0" dev="tmpfs" ino=81 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   93.875668][   T28] audit: type=1400 audit(1739920505.000:732): avc:  denied  { open } for  pid=3994 comm="syz.1.1460" path="/11/file0" dev="tmpfs" ino=81 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   94.014922][  T319] CoreChips 9-1:0.41 (unnamed net_device) (uninitialized): Failed to send software reset:ffffffb9
[   94.029159][  T319] CoreChips 9-1:0.41 (unnamed net_device) (uninitialized): Failed to reset PHY: -71
[   94.038880][  T319] CoreChips: probe of 9-1:0.41 failed with error -71
[   94.047007][  T319] usb 9-1: USB disconnect, device number 3
[   94.351923][  T301] pyra 0003:1E7D:2CF6.0004: item fetching failed at offset 4/7
[   94.359786][  T301] pyra 0003:1E7D:2CF6.0004: parse failed
[   94.365549][  T301] pyra: probe of 0003:1E7D:2CF6.0004 failed with error -22
[   94.578247][  T320] usb 6-1: USB disconnect, device number 2
[   94.771946][ T4061] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.778969][ T4061] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.813839][ T4061] device bridge_slave_0 left promiscuous mode
[   94.835882][ T4061] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.871272][ T4061] device bridge_slave_1 left promiscuous mode
[   94.880158][ T4061] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.038018][ T4084] loop8: detected capacity change from 0 to 2048
[   95.048680][ T4084] EXT4-fs: Ignoring removed bh option
[   95.063520][ T4091] syz.2.1497[4091] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   95.063590][ T4091] syz.2.1497[4091] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   95.075894][ T4093] tipc: Failed to remove unknown binding: 66,1,1/0:975746302/975746304
[   95.075941][ T4091] syz.2.1497[4091] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   95.087576][ T4093] tipc: Failed to remove unknown binding: 66,1,1/0:975746302/975746304
[   95.096567][ T4091] syz.2.1497[4091] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   95.145436][ T4084] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[   95.171208][ T4102] loop9: detected capacity change from 0 to 256
[   95.213259][ T4102] FAT-fs (loop9): Unrecognized mount option "ÿÿÿÿÿÿÿ" or missing value
[   95.301948][ T4109] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1504'.
[   95.318416][ T2462] EXT4-fs (loop8): unmounting filesystem.
[   95.397559][ T4117] syz.5.1508[4117] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   95.397632][ T4117] syz.5.1508[4117] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   95.961999][ T4191] device veth0_vlan left promiscuous mode
[   95.996126][ T4191] device veth0_vlan entered promiscuous mode
[   96.081969][ T4203] syz.8.1546[4203] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   96.082053][ T4203] syz.8.1546[4203] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   96.183138][ T4211] loop8: detected capacity change from 0 to 128
[   96.630079][  T532] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[   96.701463][ T4256] fuse: Unknown parameter 'f'
[   96.716426][   T28] audit: type=1400 audit(1739920507.860:733): avc:  denied  { rename } for  pid=4244 comm="syz.9.1564" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[   96.860740][  T532] usb 9-1: Using ep0 maxpacket: 16
[   96.866930][  T532] usb 9-1: config 0 has an invalid interface number: 105 but max is 0
[   96.875589][  T532] usb 9-1: config 0 has no interface number 0
[   96.884465][  T532] usb 9-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[   96.893739][  T532] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   96.901604][  T532] usb 9-1: Product: syz
[   96.905551][  T532] usb 9-1: Manufacturer: syz
[   96.910000][  T532] usb 9-1: SerialNumber: syz
[   96.915465][  T532] usb 9-1: config 0 descriptor??
[   97.018374][ T4289] loop1: detected capacity change from 0 to 512
[   97.061672][ T4289] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   97.070884][ T4289] ext4 filesystem being mounted at /17/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.123486][  T301] usb 9-1: USB disconnect, device number 4
[   97.316885][ T4289] EXT4-fs error (device loop1): ext4_get_first_dir_block:3591: inode #12: block 32: comm syz.1.1580: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   97.337329][ T4289] EXT4-fs error (device loop1): ext4_get_first_dir_block:3594: inode #12: comm syz.1.1580: directory missing '.'
[   97.357339][ T3880] EXT4-fs (loop1): unmounting filesystem.
[   97.390285][ T4310] loop1: detected capacity change from 0 to 1024
[   97.462300][ T4318] loop5: detected capacity change from 0 to 128
[   98.043616][ T4361] netlink: 'syz.8.1613': attribute type 4 has an invalid length.
[   98.061649][ T4361] netlink: 'syz.8.1613': attribute type 4 has an invalid length.
[   98.187342][ T4378] loop5: detected capacity change from 0 to 128
[   98.360915][ T4393] bridge0: port 1(syz_tun) entered blocking state
[   98.370283][ T4393] bridge0: port 1(syz_tun) entered disabled state
[   98.383647][ T4393] device syz_tun entered promiscuous mode
[   98.394307][ T4378] xt_bpf: check failed: parse error
[   98.432325][ T4397] loop1: detected capacity change from 0 to 512
[   98.495232][ T4397] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   98.504210][ T4397] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.564808][ T3880] EXT4-fs (loop1): unmounting filesystem.
[   98.695586][   T28] audit: type=1326 audit(1739920509.840:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4424 comm="syz.1.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4861b8cde9 code=0x7ffc0000
[   98.719268][   T28] audit: type=1326 audit(1739920509.840:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4424 comm="syz.1.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7f4861b8cde9 code=0x7ffc0000
[   98.744057][   T28] audit: type=1326 audit(1739920509.840:736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4424 comm="syz.1.1641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4861b8cde9 code=0x7ffc0000
[   98.836261][ T4443] loop1: detected capacity change from 0 to 256
[   98.849440][ T4443] FAT-fs (loop1): Unrecognized mount option "shortname=wi" or missing value
[   98.934657][ T4443] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1647'.
[   99.243381][ T4476] loop9: detected capacity change from 0 to 128
[   99.329787][   T28] audit: type=1400 audit(1739920510.470:737): avc:  denied  { map } for  pid=4479 comm="syz.8.1663" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   99.386464][   T28] audit: type=1400 audit(1739920510.500:738): avc:  denied  { call } for  pid=4479 comm="syz.8.1663" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   99.426425][   T28] audit: type=1400 audit(1739920510.500:739): avc:  denied  { transfer } for  pid=4479 comm="syz.8.1663" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   99.471179][ T4476] xt_bpf: check failed: parse error
[   99.581051][ T4491] device wireguard0 entered promiscuous mode
[   99.696732][ T4508] xt_hashlimit: size too large, truncated to 1048576
[  100.282259][ T4543] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1683'.
[  100.411036][ T4553] device veth0_vlan left promiscuous mode
[  100.440195][ T4553] device veth0_vlan entered promiscuous mode
[  100.451052][   T28] audit: type=1326 audit(1739920511.600:740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4561 comm="syz.1.1691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4861b8cde9 code=0x7ffc0000
[  100.500238][ T4565] device wg2 entered promiscuous mode
[  100.514351][   T28] audit: type=1326 audit(1739920511.600:741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4561 comm="syz.1.1691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4861b8cde9 code=0x7ffc0000
[  100.600276][   T28] audit: type=1326 audit(1739920511.620:742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4561 comm="syz.1.1691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4861b8cde9 code=0x7ffc0000
[  100.679914][   T28] audit: type=1326 audit(1739920511.620:743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4561 comm="syz.1.1691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4861b8cde9 code=0x7ffc0000
[  100.749602][   T28] audit: type=1326 audit(1739920511.620:744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4561 comm="syz.1.1691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4861b8cde9 code=0x7ffc0000
[  100.793846][ T4583] incfs: Can't find or create .index dir in ./file0
[  100.814779][ T4583] incfs: mount failed -14
[  100.820117][   T28] audit: type=1326 audit(1739920511.630:745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4561 comm="syz.1.1691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f4861b8cde9 code=0x7ffc0000
[  100.889901][   T28] audit: type=1400 audit(1739920511.630:746): avc:  denied  { getopt } for  pid=4561 comm="syz.1.1691" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  100.951846][ T4571] loop8: detected capacity change from 0 to 40427
[  100.969893][ T4571] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12
[  100.977462][ T4571] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  101.000627][ T4571] F2FS-fs (loop8): invalid crc value
[  101.008232][ T4573] loop1: detected capacity change from 0 to 40427
[  101.019310][ T4573] F2FS-fs (loop1): fault_injection options not supported
[  101.027061][ T4571] F2FS-fs (loop8): Found nat_bits in checkpoint
[  101.040185][ T4573] F2FS-fs (loop1): invalid crc value
[  101.060843][ T4573] F2FS-fs (loop1): Found nat_bits in checkpoint
[  101.100313][ T4571] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  101.107188][ T4571] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  101.139962][ T4573] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  101.157452][ T4573] syz.1.1696: attempt to access beyond end of device
[  101.157452][ T4573] loop1: rw=2049, sector=45096, nr_sectors = 96 limit=40427
[  101.172972][ T4573] syz.1.1696: attempt to access beyond end of device
[  101.172972][ T4573] loop1: rw=2049, sector=45192, nr_sectors = 128 limit=40427
[  101.208036][ T3880] syz-executor: attempt to access beyond end of device
[  101.208036][ T3880] loop1: rw=2049, sector=45320, nr_sectors = 16 limit=40427
[  101.251048][ T4595] device veth0_vlan left promiscuous mode
[  101.269392][ T4595] device veth0_vlan entered promiscuous mode
[  101.288942][   T43] F2FS-fs (loop8): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  101.297740][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  101.322393][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  101.350448][   T43] F2FS-fs (loop8): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  101.350561][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  101.396826][ T4603] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1708'.
[  101.435063][ T4607] device syz_tun left promiscuous mode
[  101.440836][ T4607] bridge0: port 1(syz_tun) entered disabled state
[  101.456770][ T4609] loop1: detected capacity change from 0 to 128
[  101.635287][ T4609] xt_bpf: check failed: parse error
[  101.684492][ T4619] netlink: 'syz.9.1712': attribute type 4 has an invalid length.
[  101.719364][ T4619] netlink: 'syz.9.1712': attribute type 4 has an invalid length.
[  101.859090][ T4632] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.866137][ T4632] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.901618][ T4632] device bridge_slave_0 left promiscuous mode
[  101.915209][ T4632] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.968172][ T4632] device bridge_slave_1 left promiscuous mode
[  101.980036][ T4632] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.232021][ T4073] kernel write not supported for file bpf-prog (pid: 4073 comm: kworker/0:7)
[  102.241706][ T4674] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1734'.
[  102.276412][ T4678] netlink: 76 bytes leftover after parsing attributes in process `syz.9.1736'.
[  102.310608][ T4682] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1738'.
[  102.312453][ T4680] loop9: detected capacity change from 0 to 2048
[  102.327263][ T4676] tipc: Started in network mode
[  102.332452][ T4676] tipc: Node identity 4a22f254ab87, cluster identity 4711
[  102.341773][ T4676] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  102.354754][ T4675] tipc: Resetting bearer <eth:syzkaller0>
[  102.369094][ T4675] tipc: Disabling bearer <eth:syzkaller0>
[  102.375169][ T4680]  loop9: p2 < > p3 p4 < >
[  102.381647][ T4680] loop9: p3 start 4278191616 is beyond EOD, truncated
[  102.430533][ T4680] bridge0: port 1(syz_tun) entered blocking state
[  102.442215][ T4680] bridge0: port 1(syz_tun) entered disabled state
[  102.449064][ T4680] device syz_tun entered promiscuous mode
[  102.648079][ T4715] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  102.714209][ T4721] loop8: detected capacity change from 0 to 2048
[  102.741173][ T4721]  loop8: p2 < > p3 p4 < >
[  102.747029][ T4721] loop8: p3 start 4278191616 is beyond EOD, truncated
[  102.773340][ T4721] bridge0: port 1(syz_tun) entered blocking state
[  102.779816][ T4721] bridge0: port 1(syz_tun) entered disabled state
[  102.790074][ T4721] device syz_tun entered promiscuous mode
[  102.925319][ T4736] incfs_lookup_dentry err:-5
[  102.929755][ T4736] incfs: Can't find or create .index dir in ./file0
[  102.936604][ T4736] incfs: mount failed -5
[  102.989919][   T39] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  103.181171][   T39] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  103.191953][   T39] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  103.202249][   T39] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  103.214887][   T39] usb 6-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  103.223805][   T39] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.232215][   T39] usb 6-1: config 0 descriptor??
[  103.645137][   T39] hid-led 0003:27B8:01ED.0005: item fetching failed at offset 3/5
[  103.674206][   T39] hid-led: probe of 0003:27B8:01ED.0005 failed with error -22
[  103.739929][   T60] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  103.855118][ T4649] usb 6-1: USB disconnect, device number 3
[  103.929964][   T60] usb 10-1: Using ep0 maxpacket: 32
[  103.937991][   T60] usb 10-1: config 0 has an invalid interface number: 184 but max is 0
[  103.957924][   T60] usb 10-1: config 0 has no interface number 0
[  103.994730][   T60] usb 10-1: config 0 interface 184 has no altsetting 0
[  104.009158][   T60] usb 10-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  104.020201][   T60] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  104.028812][   T60] usb 10-1: Product: syz
[  104.034032][   T60] usb 10-1: Manufacturer: syz
[  104.038658][   T60] usb 10-1: SerialNumber: syz
[  104.065630][ T4766] loop8: detected capacity change from 0 to 512
[  104.073164][   T60] usb 10-1: config 0 descriptor??
[  104.087961][   T60] smsc75xx v1.0.0
[  104.117375][ T4766] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  104.142937][ T4766] EXT4-fs (loop8): 1 truncate cleaned up
[  104.148661][ T4766] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  104.258193][ T4766] EXT4-fs: Ignoring removed bh option
[  104.313238][ T2462] EXT4-fs (loop8): unmounting filesystem.
[  104.327872][ T2462] device syz_tun left promiscuous mode
[  104.333689][ T2462] bridge0: port 1(syz_tun) entered disabled state
[  104.342304][ T4764] loop1: detected capacity change from 0 to 40427
[  104.351354][ T4764] F2FS-fs (loop1): heap/no_heap options were deprecated
[  104.362015][ T4764] F2FS-fs (loop1): invalid crc value
[  104.370912][ T4764] F2FS-fs (loop1): Found nat_bits in checkpoint
[  104.529240][ T4764] F2FS-fs (loop1): Start checkpoint disabled!
[  104.535911][ T4764] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  104.597166][ T4783] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1780'.
[  104.682953][   T60] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  104.703792][   T60] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  104.759045][ T4791] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.772889][ T4791] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.779778][   T28] kauditd_printk_skb: 28 callbacks suppressed
[  104.779797][   T28] audit: type=1400 audit(1739920515.920:775): avc:  denied  { lock } for  pid=4763 comm="syz.1.1770" path="/57/bus/bus" dev="loop1" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  104.789259][ T4791] device bridge_slave_0 entered promiscuous mode
[  104.831021][ T2335] kworker/u4:6: attempt to access beyond end of device
[  104.831021][ T2335] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  104.847971][ T4791] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.861510][ T4791] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.870986][ T4791] device bridge_slave_1 entered promiscuous mode
[  105.039548][ T4791] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.047496][ T4791] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.055046][ T4791] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.061816][ T4791] bridge0: port 1(bridge_slave_0) entered forwarding state
[  105.101794][   T10] device veth0_vlan left promiscuous mode
[  105.225393][ T4828] loop1: detected capacity change from 0 to 256
[  105.239697][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  105.254760][ T2335] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.263101][   T28] audit: type=1400 audit(1739920516.400:776): avc:  denied  { mounton } for  pid=4827 comm="syz.1.1792" path="/60/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0" dev="loop1" ino=1048656 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=file permissive=1
[  105.312325][ T2335] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.332240][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  105.340827][ T2335] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.347687][ T2335] bridge0: port 1(bridge_slave_0) entered forwarding state
[  105.355203][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  105.363950][ T2335] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.370832][ T2335] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.379739][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  105.387927][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  105.409161][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  105.421095][ T4791] device veth0_vlan entered promiscuous mode
[  105.427460][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  105.437038][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  105.451960][ T4791] device veth1_macvtap entered promiscuous mode
[  105.458781][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  105.471393][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  105.478877][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  105.487411][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  105.498521][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  105.522523][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  105.531510][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  105.541011][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  105.549329][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  105.664889][ T4848] loop0: detected capacity change from 0 to 16
[  105.684439][ T4848] erofs: (device loop0): mounted with root inode @ nid 36.
[  105.718874][ T4852] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1802'.
[  105.770510][ T4854] loop5: detected capacity change from 0 to 1024
[  105.783612][ T4854] EXT4-fs: Ignoring removed i_version option
[  105.793432][ T4854] EXT4-fs (loop5): Test dummy encryption mode enabled
[  105.804731][ T4854] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  105.828438][ T4854] fscrypt: AES-256-XTS using blk-crypto-fallback
[  105.882278][  T589] EXT4-fs (loop5): unmounting filesystem.
[  105.928518][   T60] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  105.941514][   T60] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  105.951659][   T60] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  105.961038][   T60] smsc75xx: probe of 10-1:0.184 failed with error -71
[  105.977077][   T60] usb 10-1: USB disconnect, device number 3
[  106.021281][   T28] audit: type=1400 audit(1739920517.160:777): avc:  denied  { ioctl } for  pid=4864 comm="syz.5.1805" path="/dev/uinput" dev="devtmpfs" ino=258 ioctlcmd=0x5501 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  106.050314][ T4868] input: syz0 as /devices/virtual/input/input4
[  106.070292][   T28] audit: type=1400 audit(1739920517.200:778): avc:  denied  { read } for  pid=88 comm="acpid" name="event3" dev="devtmpfs" ino=737 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  106.106478][   T28] audit: type=1400 audit(1739920517.200:779): avc:  denied  { open } for  pid=88 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=737 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  106.145772][   T28] audit: type=1400 audit(1739920517.200:780): avc:  denied  { ioctl } for  pid=88 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=737 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  106.192293][ T4872] loop1: detected capacity change from 0 to 512
[  106.220579][ T4872] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  106.240396][ T4872] EXT4-fs (loop1): 1 truncate cleaned up
[  106.248257][ T4872] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  106.290539][ T4872] EXT4-fs: Ignoring removed bh option
[  106.329102][ T4713] EXT4-fs (loop1): unmounting filesystem.
[  106.495420][ T4880] loop0: detected capacity change from 0 to 1024
[  106.526540][ T4880] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  106.541853][   T28] audit: type=1400 audit(1739920517.690:781): avc:  denied  { unmount } for  pid=3506 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  106.547298][ T4880] ext4 filesystem being mounted at /1/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  106.595909][ T4887] serio: Serial port ptm0
[  106.701988][ T4791] EXT4-fs (loop0): unmounting filesystem.
[  106.806926][ T4889] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.819925][ T4889] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.861619][ T4889] device bridge_slave_0 entered promiscuous mode
[  106.869415][ T4889] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.876856][ T4889] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.884925][ T4889] device bridge_slave_1 entered promiscuous mode
[  107.017069][ T4889] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.023976][ T4889] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.031067][ T4889] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.037879][ T4889] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.076579][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  107.087085][  T332] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.100089][  T332] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.123962][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  107.161199][  T332] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.168189][  T332] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.176941][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  107.185654][  T332] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.192538][  T332] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.211655][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  107.220212][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  107.237923][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  107.252159][ T4889] device veth0_vlan entered promiscuous mode
[  107.258863][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  107.280673][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  107.293665][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  107.315559][ T4889] device veth1_macvtap entered promiscuous mode
[  107.319603][ T4919] syz.2.1828[4919] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  107.321746][ T4919] syz.2.1828[4919] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  107.336323][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  107.338299][ T4921] loop0: detected capacity change from 0 to 256
[  107.370424][ T4921] FAT-fs (loop0): Unrecognized mount option "shortname=winnô" or missing value
[  107.371416][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  107.414568][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  107.473638][ T4927] incfs: Can't find or create .index dir in ./file0
[  107.480799][ T4927] incfs: mount failed -14
[  107.620196][ T4921] loop0: detected capacity change from 0 to 40427
[  107.645325][ T4921] F2FS-fs (loop0): invalid crc value
[  107.687381][ T4921] F2FS-fs (loop0): Found nat_bits in checkpoint
[  107.730306][ T4921] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  107.788442][ T4921] syz.0.1829: attempt to access beyond end of device
[  107.788442][ T4921] loop0: rw=2049, sector=53248, nr_sectors = 968 limit=40427
[  107.816503][ T4791] syz-executor: attempt to access beyond end of device
[  107.816503][ T4791] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  107.848493][ T4791] syz-executor: attempt to access beyond end of device
[  107.848493][ T4791] loop0: rw=2051, sector=36912, nr_sectors = 8152 limit=40427
[  107.863103][ T4791] syz-executor: attempt to access beyond end of device
[  107.863103][ T4791] loop0: rw=2051, sector=54216, nr_sectors = 76856 limit=40427
[  107.887400][ T4791] syz-executor: attempt to access beyond end of device
[  107.887400][ T4791] loop0: rw=2051, sector=45104, nr_sectors = 8144 limit=40427
[  107.906322][ T4791] F2FS-fs (loop0): Issue discard(4614, 4614, 1019) failed, ret: -5
[  107.906357][ T4791] F2FS-fs (loop0): Issue discard(6777, 6777, 9607) failed, ret: -5
[  107.914692][ T4961] loop9: detected capacity change from 0 to 1024
[  107.921799][ T4791] F2FS-fs (loop0): Issue discard(5638, 5638, 1018) failed, ret: -5
[  107.933758][ T4961] EXT4-fs: Ignoring removed i_version option
[  107.958723][ T4961] EXT4-fs (loop9): Test dummy encryption mode enabled
[  107.983392][ T4961] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  108.010822][ T4966] syz.0.1839[4966] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  108.010892][ T4966] syz.0.1839[4966] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  108.041679][ T3506] EXT4-fs (loop9): unmounting filesystem.
[  108.127276][   T28] audit: type=1400 audit(1739920519.270:782): avc:  denied  { setopt } for  pid=4969 comm="syz.9.1846" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  108.156305][   T28] audit: type=1400 audit(1739920519.290:783): avc:  denied  { getattr } for  pid=4971 comm="syz.0.1847" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  108.192935][ T4975] tipc: Failed to remove unknown binding: 66,1,1/0:2362485753/2362485755
[  108.201396][ T4975] tipc: Failed to remove unknown binding: 66,1,1/0:2362485753/2362485755
[  108.253020][ T4976] tipc: Started in network mode
[  108.255146][ T4980] tipc: Failed to remove unknown binding: 66,1,1/0:3181014482/3181014484
[  108.258539][ T4976] tipc: Node identity 2e1df3cca9c7, cluster identity 4711
[  108.280742][ T4976] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  108.306507][ T4973] tipc: Resetting bearer <eth:syzkaller0>
[  108.320958][ T4973] tipc: Disabling bearer <eth:syzkaller0>
[  108.504405][ T4991] loop0: detected capacity change from 0 to 40427
[  108.511577][ T4991] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  108.519336][ T4991] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  108.528362][ T4991] F2FS-fs (loop0): invalid crc value
[  108.534930][ T4991] F2FS-fs (loop0): Found nat_bits in checkpoint
[  108.561210][ T4991] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  108.568106][ T4991] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  108.625271][   T10] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  108.638378][   T10] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  108.819995][   T60] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  109.019937][   T60] usb 5-1: Using ep0 maxpacket: 16
[  109.026198][   T60] usb 5-1: config 0 has an invalid interface number: 105 but max is 0
[  109.034310][   T60] usb 5-1: config 0 has no interface number 0
[  109.041837][   T60] usb 5-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  109.050947][   T60] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.058821][   T60] usb 5-1: Product: syz
[  109.062825][   T60] usb 5-1: Manufacturer: syz
[  109.067276][   T60] usb 5-1: SerialNumber: syz
[  109.072871][   T60] usb 5-1: config 0 descriptor??
[  109.102188][ T5005] loop9: detected capacity change from 0 to 1024
[  109.103637][ T5007] loop0: detected capacity change from 0 to 512
[  109.122042][ T5007] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  109.122666][ T5005] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  109.140054][ T5007] ext4 filesystem being mounted at /12/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  109.140234][ T5005] ext4 filesystem being mounted at /88/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  109.209185][ T4791] EXT4-fs (loop0): unmounting filesystem.
[  109.220874][   T28] audit: type=1400 audit(1739920520.370:784): avc:  denied  { unlink } for  pid=85 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  109.265020][ T3506] EXT4-fs (loop9): unmounting filesystem.
[  109.284366][   T60] usb 5-1: USB disconnect, device number 4
[  109.303098][ T5021] tipc: Failed to remove unknown binding: 66,1,1/0:3639678620/3639678622
[  109.619589][ T5040] device pim6reg1 entered promiscuous mode
[  109.729966][ T4945] Bluetooth: hci0: Opcode 0x080f failed: -110
[  109.749541][ T2335] Bluetooth: hci0: Frame reassembly failed (-84)
[  109.764690][ T5047] device syz_tun left promiscuous mode
[  109.770079][ T5047] bridge0: port 1(syz_tun) entered disabled state
[  109.802455][   T28] kauditd_printk_skb: 2 callbacks suppressed
[  109.802471][   T28] audit: type=1400 audit(1739920520.950:787): avc:  denied  { mounton } for  pid=5048 comm="syz.9.1877" path="/" dev="configfs" ino=14496 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  109.803512][ T5049] overlayfs: invalid redirect ((null))
[  109.850498][   T28] audit: type=1400 audit(1739920521.000:788): avc:  denied  { unmount } for  pid=3506 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  109.894517][ T5055] loop9: detected capacity change from 0 to 128
[  109.912784][ T5057] loop4: detected capacity change from 0 to 4096
[  109.921953][ T5055] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  109.930762][ T5055] ext4 filesystem being mounted at /98/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  109.963101][  T350] I/O error, dev loop4, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  109.974458][ T5055] EXT4-fs error (device loop9): dx_make_map:1328: inode #2: block 20: comm syz.9.1881: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1
[  109.993279][ T5055] EXT4-fs error (device loop9) in do_split:2095: Corrupt filesystem
[  110.020391][ T5055] loop9: detected capacity change from 128 to 11
[  110.029982][ T5055] EXT4-fs warning (device loop9): ext4_dx_add_entry:2555: inode #2: lblock 1: comm syz.9.1881: error -12 reading directory block
[  110.048049][ T3506] EXT4-fs warning (device loop9): htree_dirblock_to_tree:1083: inode #2: lblock 1: comm syz-executor: error -12 reading directory block
[  110.064038][ T3506] EXT4-fs error (device loop9) in ext4_reserve_inode_write:5887: Out of memory
[  110.073310][ T3506] EXT4-fs error (device loop9): ext4_dirty_inode:6091: inode #2: comm syz-executor: mark_inode_dirty error
[  110.098529][ T3562] EXT4-fs (loop9): unmounting filesystem.
[  110.302403][ T5073] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.310265][ T5073] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.317667][ T5073] device bridge_slave_0 entered promiscuous mode
[  110.325133][ T5073] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.332205][ T5073] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.339503][ T5073] device bridge_slave_1 entered promiscuous mode
[  110.409954][ T5073] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.416814][ T5073] bridge0: port 2(bridge_slave_1) entered forwarding state
[  110.423975][ T5073] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.430826][ T5073] bridge0: port 1(bridge_slave_0) entered forwarding state
[  110.467827][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  110.475599][ T2335] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.483045][ T2335] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.494528][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  110.503130][ T2335] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.510001][ T2335] bridge0: port 1(bridge_slave_0) entered forwarding state
[  110.519185][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  110.527464][ T2335] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.535753][ T2335] bridge0: port 2(bridge_slave_1) entered forwarding state
[  110.558631][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  110.568567][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  110.591977][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  110.734385][ T5073] device veth0_vlan entered promiscuous mode
[  110.741656][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  110.749812][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  110.757842][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  110.769047][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  110.777452][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  110.788010][ T5073] device veth1_macvtap entered promiscuous mode
[  110.797261][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  110.804937][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  110.813138][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  110.822582][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  110.831262][ T2335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  110.914613][ T5085] loop6: detected capacity change from 0 to 2048
[  110.958061][ T5085] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  111.027187][   T28] audit: type=1400 audit(1739920522.170:789): avc:  denied  { ioctl } for  pid=5084 comm="syz.6.1891" path="/dev/ptp0" dev="devtmpfs" ino=260 ioctlcmd=0x3d0c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  111.066448][ T5073] EXT4-fs (loop6): unmounting filesystem.
[  111.121613][ T5098] kvm: emulating exchange as write
[  111.170359][   T39] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  111.198263][ T5103] syz.2.1896 uses obsolete (PF_INET,SOCK_PACKET)
[  111.293332][   T28] audit: type=1400 audit(1739920522.440:790): avc:  denied  { nlmsg_read } for  pid=5114 comm="syz.2.1903" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  111.369919][   T39] usb 1-1: Using ep0 maxpacket: 16
[  111.376096][   T39] usb 1-1: config 0 has an invalid interface number: 105 but max is 0
[  111.384339][   T39] usb 1-1: config 0 has no interface number 0
[  111.392295][   T39] usb 1-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  111.401454][   T39] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  111.409406][   T39] usb 1-1: Product: syz
[  111.413818][   T39] usb 1-1: Manufacturer: syz
[  111.418388][   T39] usb 1-1: SerialNumber: syz
[  111.424494][   T39] usb 1-1: config 0 descriptor??
[  111.633793][ T4073] usb 1-1: USB disconnect, device number 2
[  111.810751][ T4946] Bluetooth: hci0: command 0x1003 tx timeout
[  111.820729][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  112.077524][ T5142] loop5: detected capacity change from 0 to 1024
[  112.104713][ T5142] EXT4-fs: Ignoring removed bh option
[  112.110478][ T5142] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  112.137746][ T5145] device wireguard0 entered promiscuous mode
[  112.149732][ T5142] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  112.174976][   T28] audit: type=1400 audit(1739920523.320:791): avc:  denied  { map } for  pid=5141 comm="syz.5.1915" path="/373/file1/file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  112.177928][ T5136] loop4: detected capacity change from 0 to 40427
[  112.199000][ T5142] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:3841: comm syz.5.1915: Allocating blocks 385-513 which overlap fs metadata
[  112.218709][   T28] audit: type=1400 audit(1739920523.350:792): avc:  denied  { execute } for  pid=5141 comm="syz.5.1915" path="/373/file1/file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  112.243452][ T5136] F2FS-fs (loop4): heap/no_heap options were deprecated
[  112.253396][   T28] audit: type=1400 audit(1739920523.400:793): avc:  denied  { append } for  pid=5141 comm="syz.5.1915" name="file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  112.264840][ T5142] EXT4-fs (loop5): pa ffff88811846c0a8: logic 16, phys. 129, len 24
[  112.275585][ T5136] F2FS-fs (loop4): invalid crc value
[  112.283302][ T5142] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 8
[  112.304423][ T5136] F2FS-fs (loop4): Found nat_bits in checkpoint
[  112.344331][ T5136] F2FS-fs (loop4): Start checkpoint disabled!
[  112.357385][ T5160] loop6: detected capacity change from 0 to 256
[  112.369103][ T5136] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  112.376645][ T5160] exfat: Unknown parameter 'keep_lastdots'
[  112.449384][  T589] EXT4-fs (loop5): unmounting filesystem.
[  112.511214][ T5171] loop5: detected capacity change from 0 to 128
[  112.526267][ T2335] kworker/u4:6: attempt to access beyond end of device
[  112.526267][ T2335] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  112.542838][ T5171] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  112.555470][   T28] audit: type=1400 audit(1739920523.700:794): avc:  denied  { ioctl } for  pid=5176 comm="syz.2.1928" path="socket:[35663]" dev="sockfs" ino=35663 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  112.582343][ T5171] ext4 filesystem being mounted at /374/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  112.668055][  T589] EXT4-fs (loop5): unmounting filesystem.
[  112.887031][   T28] audit: type=1400 audit(1739920524.030:795): avc:  denied  { append } for  pid=5202 comm="syz.4.1939" name="ptp0" dev="devtmpfs" ino=260 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  113.016416][ T5220] loop5: detected capacity change from 0 to 512
[  113.034883][ T5220] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  113.045434][ T5222] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1948'.
[  113.048772][ T5220] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  113.054617][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  113.064106][ T5220] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  113.079991][ T5220] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  113.087920][ T5220] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c040e018, mo2=0000]
[  113.098549][ T5220] EXT4-fs (loop5): orphan cleanup on readonly fs
[  113.105681][ T5220] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.1947: bg 0: block 34: padding at end of block bitmap is not set
[  113.120216][ T5220] Quota error (device loop5): write_blk: dquota write failed
[  113.127544][ T5220] EXT4-fs error (device loop5): ext4_acquire_dquot:6781: comm syz.5.1947: Failed to acquire dquot type 1
[  113.139352][ T5220] EXT4-fs (loop5): 1 truncate cleaned up
[  113.145242][ T5220] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  113.184345][  T589] EXT4-fs (loop5): unmounting filesystem.
[  113.350758][ T5243] device wg2 entered promiscuous mode
[  113.395367][ T5249] device pim6reg1 entered promiscuous mode
[  113.660724][ T5278] tmpfs: Unknown parameter 'nolazytimeÿÿ'
[  114.649929][  T532] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  114.851096][  T532] usb 6-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config
[  114.861184][  T532] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  114.871257][  T532] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  114.880164][  T532] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  114.887921][  T532] usb 6-1: Product: syz
[  114.891947][  T532] usb 6-1: Manufacturer: syz
[  114.896325][  T532] usb 6-1: SerialNumber: syz
[  115.099908][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  115.099927][ T4947] Bluetooth: hci0: command 0x1003 tx timeout
[  115.110564][  T532] usb 6-1: 0:2 : does not exist
[  115.112727][ T5224] Bluetooth: hci0: Opcode 0x080f failed: -22
[  115.120959][  T532] usb 6-1: 5:0: failed to get current value for ch 0 (-22)
[  115.169081][  T532] usb 6-1: 5:0: cannot get min/max values for control 2 (id 5)
[  115.189673][ T5313] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  115.200136][  T532] usb 6-1: 5:0: cannot get min/max values for control 3 (id 5)
[  115.232728][  T532] usb 6-1: 5:0: cannot get min/max values for control 4 (id 5)
[  115.250723][  T532] usb 6-1: 5:0: cannot get min/max values for control 4 (id 5)
[  115.284902][ T5328] syz.2.1992[5328] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  115.285052][ T5328] syz.2.1992[5328] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  115.302999][  T532] usb 6-1: 5:0: failed to get current value for ch 1 (-22)
[  115.338529][  T532] usb 6-1: 5:0: failed to get current value for ch 0 (-22)
[  115.353640][  T532] usb 6-1: USB disconnect, device number 4
[  115.404162][ T5332] loop0: detected capacity change from 0 to 512
[  115.420261][ T5332] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  115.439742][ T5332] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  115.461671][ T5332] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  115.488023][ T5332] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  115.498886][ T5332] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c040e018, mo2=0000]
[  115.507703][ T5332] EXT4-fs (loop0): orphan cleanup on readonly fs
[  115.514759][ T5332] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1994: bg 0: block 34: padding at end of block bitmap is not set
[  115.529115][ T5332] __quota_error: 5 callbacks suppressed
[  115.529131][ T5332] Quota error (device loop0): write_blk: dquota write failed
[  115.541904][ T5332] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[  115.551658][ T5332] EXT4-fs error (device loop0): ext4_acquire_dquot:6781: comm syz.0.1994: Failed to acquire dquot type 1
[  115.563938][ T5332] EXT4-fs (loop0): 1 truncate cleaned up
[  115.571216][ T5332] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  115.595046][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  115.642464][ T4791] EXT4-fs (loop0): unmounting filesystem.
[  115.705990][ T5344] xt_NFQUEUE: number of queues (65535) out of range (got 65541)
[  115.838462][ T5365] netlink: 'syz.5.2010': attribute type 12 has an invalid length.
[  116.057429][ T5379] tipc: Cannot configure node identity twice
[  116.193363][ T5399] tipc: Started in network mode
[  116.199781][ T5399] tipc: Node identity 7f000001, cluster identity 4711
[  116.208218][ T5399] tipc: Enabled bearer <udp:syz2>, priority 10
[  116.220510][ T5399] tipc: Enabling of bearer <eth:team0> rejected, failed to enable media
[  116.229951][    C0] ==================================================================
[  116.237844][    C0] BUG: KASAN: use-after-free in enqueue_timer+0xa6/0x480
[  116.244701][    C0] Write of size 8 at addr ffff888147b08a00 by task syz.2.2025/5399
[  116.252425][    C0] 
[  116.254591][    C0] CPU: 0 PID: 5399 Comm: syz.2.2025 Not tainted 6.1.124-syzkaller-00016-ga5f88b652947 #0
[  116.264251][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  116.274121][    C0] Call Trace:
[  116.277241][    C0]  <IRQ>
[  116.279934][    C0]  dump_stack_lvl+0x151/0x1b7
[  116.284459][    C0]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  116.289902][    C0]  ? _printk+0xd1/0x111
[  116.293891][    C0]  ? __virt_addr_valid+0x242/0x2f0
[  116.298837][    C0]  print_report+0x158/0x4e0
[  116.303179][    C0]  ? __virt_addr_valid+0x242/0x2f0
[  116.308125][    C0]  ? kasan_complete_mode_report_info+0x90/0x1b0
[  116.314201][    C0]  ? enqueue_timer+0xa6/0x480
[  116.318715][    C0]  kasan_report+0x13c/0x170
[  116.323053][    C0]  ? enqueue_timer+0xa6/0x480
[  116.328553][    C0]  __asan_report_store8_noabort+0x17/0x20
[  116.334172][    C0]  enqueue_timer+0xa6/0x480
[  116.338534][    C0]  __mod_timer+0x8d3/0xcf0
[  116.343627][    C0]  ? mod_timer_pending+0x30/0x30
[  116.348400][    C0]  ? _raw_spin_lock_bh+0xa4/0x1b0
[  116.353277][    C0]  ? igmpv3_send_report+0x2e0/0x2e0
[  116.358291][    C0]  mod_timer+0x1f/0x30
[  116.362207][    C0]  igmp_ifc_timer_expire+0xc4b/0xdd0
[  116.367319][    C0]  ? __kasan_check_write+0x14/0x20
[  116.372267][    C0]  ? _raw_spin_lock_irq+0xa5/0x1b0
[  116.377226][    C0]  ? _raw_spin_lock_irqsave+0x210/0x210
[  116.382599][    C0]  ? igmp_gq_timer_expire+0xd0/0xd0
[  116.387805][    C0]  call_timer_fn+0x3b/0x2d0
[  116.392140][    C0]  ? igmp_gq_timer_expire+0xd0/0xd0
[  116.397271][    C0]  __run_timers+0x72a/0xa10
[  116.401604][    C0]  ? calc_index+0x270/0x270
[  116.406046][    C0]  ? sched_clock+0x9/0x10
[  116.410213][    C0]  ? sched_clock_cpu+0x71/0x2b0
[  116.414900][    C0]  run_timer_softirq+0x69/0xf0
[  116.419509][    C0]  handle_softirqs+0x1db/0x650
[  116.424101][    C0]  ? irqtime_account_irq+0xdc/0x260
[  116.429131][    C0]  __irq_exit_rcu+0x52/0xf0
[  116.433479][    C0]  irq_exit_rcu+0x9/0x10
[  116.437560][    C0]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  116.443030][    C0]  </IRQ>
[  116.445837][    C0]  <TASK>
[  116.448585][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  116.454391][    C0] RIP: 0010:__sanitizer_cov_trace_pc+0x1/0x60
[  116.460378][    C0] Code: 00 00 00 00 00 0f 1f 40 00 55 48 89 e5 53 48 89 fb e8 13 00 00 00 48 8b 3d f4 43 1d 06 48 89 de e8 64 e0 46 00 5b 5d c3 cc 55 <48> 89 e5 48 8b 45 08 65 48 8b 0d f0 d8 8c 7e 65 8b 15 f1 d8 8c 7e
[  116.480044][    C0] RSP: 0018:ffffc90002adf2f0 EFLAGS: 00000246
[  116.485945][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff8881299ad100
[  116.493735][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  116.501684][    C0] RBP: ffffc90002adf570 R08: ffffffff81b0afa9 R09: ffffed1025335a21
[  116.509495][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffea0004b8b308
[  116.517304][    C0] R13: ffffea0004b8b300 R14: 0000000000000000 R15: 1ffffd4000971661
[  116.525128][    C0]  ? unmap_page_range+0x1629/0x2620
[  116.530152][    C0]  ? unmap_page_range+0x163b/0x2620
[  116.535197][    C0]  ? uncharge_batch+0x510/0x510
[  116.540499][    C0]  ? copy_page_range+0x2ed0/0x2ed0
[  116.546926][    C0]  ? mas_next_slot+0xac5/0xb00
[  116.551789][    C0]  ? uprobe_munmap+0x18d/0x450
[  116.556384][    C0]  unmap_vmas+0x4e4/0x660
[  116.561688][    C0]  ? unmap_page_range+0x2620/0x2620
[  116.566719][    C0]  ? folio_add_lru_vma+0x80/0x80
[  116.571738][    C0]  ? __kasan_check_write+0x14/0x20
[  116.576622][    C0]  ? tlb_gather_mmu_fullmm+0x165/0x210
[  116.581999][    C0]  exit_mmap+0x2e5/0xbb0
[  116.586071][    C0]  ? vm_brk+0x30/0x30
[  116.589892][    C0]  ? kiocb_set_cancel_fn+0x230/0x230
[  116.595009][    C0]  ? uprobe_clear_state+0x2cd/0x320
[  116.600041][    C0]  __mmput+0x95/0x310
[  116.603867][    C0]  mmput+0x56/0x170
[  116.607513][    C0]  do_exit+0xb24/0x2b80
[  116.611538][    C0]  ? preempt_schedule_thunk+0x16/0x18
[  116.616710][    C0]  ? put_task_struct+0x80/0x80
[  116.621318][    C0]  ? cpu_curr_snapshot+0x200/0x200
[  116.626257][    C0]  ? plist_del+0x40e/0x420
[  116.630517][    C0]  ? __kasan_check_write+0x14/0x20
[  116.635609][    C0]  ? _raw_spin_lock_irq+0xa5/0x1b0
[  116.640513][    C0]  do_group_exit+0x21a/0x2d0
[  116.647706][    C0]  ? __kasan_check_write+0x14/0x20
[  116.653529][    C0]  get_signal+0x169d/0x1820
[  116.657889][    C0]  ? __kasan_check_write+0x14/0x20
[  116.663062][    C0]  ? ptrace_notify+0x350/0x350
[  116.667643][    C0]  ? __sys_sendmsg+0x31d/0x390
[  116.672247][    C0]  arch_do_signal_or_restart+0xb0/0x16f0
[  116.678148][    C0]  ? do_futex+0x501/0x9a0
[  116.682313][    C0]  ? __ia32_sys_get_robust_list+0x90/0x90
[  116.687879][    C0]  ? get_sigframe_size+0x10/0x10
[  116.692654][    C0]  ? __se_sys_futex+0x35e/0x3c0
[  116.697330][    C0]  exit_to_user_mode_loop+0x74/0xa0
[  116.702364][    C0]  exit_to_user_mode_prepare+0x5a/0xa0
[  116.707770][    C0]  syscall_exit_to_user_mode+0x26/0x130
[  116.713121][    C0]  do_syscall_64+0x47/0xb0
[  116.717376][    C0]  ? clear_bhb_loop+0x55/0xb0
[  116.721895][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  116.728075][    C0] RIP: 0033:0x7f195fd8cde9
[  116.732305][    C0] Code: Unable to access opcode bytes at 0x7f195fd8cdbf.
[  116.739164][    C0] RSP: 002b:00007f1960cbd0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  116.747841][    C0] RAX: 0000000000000001 RBX: 00007f195ffa5fa8 RCX: 00007f195fd8cde9
[  116.755653][    C0] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f195ffa5fac
[  116.764162][    C0] RBP: 00007f195ffa5fa0 R08: 00007ffe063b90b0 R09: 0000000000000000
[  116.772091][    C0] R10: 0000000000000034 R11: 0000000000000246 R12: 00007f195ffa5fac
[  116.779896][    C0] R13: 0000000000000000 R14: 00007ffe0634fe80 R15: 00007ffe0634ff68
[  116.787715][    C0]  </TASK>
[  116.790572][    C0] 
[  116.792742][    C0] Allocated by task 5224:
[  116.796910][    C0]  kasan_set_track+0x4b/0x70
[  116.801334][    C0]  kasan_save_alloc_info+0x1f/0x30
[  116.806279][    C0]  __kasan_kmalloc+0x9c/0xb0
[  116.810718][    C0]  __kmalloc+0xb4/0x1e0
[  116.814707][    C0]  hci_alloc_dev_priv+0x27/0x1c00
[  116.819570][    C0]  hci_uart_tty_ioctl+0x401/0xa70
[  116.824454][    C0]  tty_ioctl+0x903/0xc50
[  116.828502][    C0]  __se_sys_ioctl+0x114/0x190
[  116.833014][    C0]  __x64_sys_ioctl+0x7b/0x90
[  116.837441][    C0]  x64_sys_call+0x98/0x9a0
[  116.841694][    C0]  do_syscall_64+0x3b/0xb0
[  116.845946][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  116.851684][    C0] 
[  116.853841][    C0] Freed by task 5224:
[  116.857671][    C0]  kasan_set_track+0x4b/0x70
[  116.862089][    C0]  kasan_save_free_info+0x2b/0x40
[  116.866957][    C0]  ____kasan_slab_free+0x131/0x180
[  116.871896][    C0]  __kasan_slab_free+0x11/0x20
[  116.876498][    C0]  __kmem_cache_free+0x21d/0x410
[  116.881270][    C0]  kfree+0x7a/0xf0
[  116.884836][    C0]  hci_release_dev+0x14d3/0x1640
[  116.889600][    C0]  bt_host_release+0x83/0xa0
[  116.894028][    C0]  device_release+0x95/0x1c0
[  116.898667][    C0]  kobject_put+0x178/0x260
[  116.902919][    C0]  put_device+0x1f/0x30
[  116.906910][    C0]  hci_dev_cmd+0x2be/0x9b0
[  116.911162][    C0]  hci_sock_ioctl+0x415/0x7f0
[  116.915681][    C0]  sock_do_ioctl+0x152/0x450
[  116.920109][    C0]  sock_ioctl+0x455/0x740
[  116.924444][    C0]  __se_sys_ioctl+0x114/0x190
[  116.928958][    C0]  __x64_sys_ioctl+0x7b/0x90
[  116.933658][    C0]  x64_sys_call+0x98/0x9a0
[  116.937894][    C0]  do_syscall_64+0x3b/0xb0
[  116.942146][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  116.947875][    C0] 
[  116.950064][    C0] Last potentially related work creation:
[  116.955601][    C0]  kasan_save_stack+0x3b/0x60
[  116.960113][    C0]  __kasan_record_aux_stack+0xb4/0xc0
[  116.965328][    C0]  kasan_record_aux_stack_noalloc+0xb/0x10
[  116.970963][    C0]  insert_work+0x56/0x310
[  116.975131][    C0]  __queue_work+0x9b6/0xd70
[  116.979469][    C0]  queue_work_on+0x105/0x170
[  116.983918][    C0]  __hci_cmd_sync_sk+0xc2a/0xf70
[  116.988670][    C0]  hci_cmd_sync_status+0x52/0x130
[  116.993531][    C0]  hci_dev_cmd+0x771/0x9b0
[  116.997785][    C0]  hci_sock_ioctl+0x415/0x7f0
[  117.002295][    C0]  sock_do_ioctl+0x152/0x450
[  117.006722][    C0]  sock_ioctl+0x455/0x740
[  117.010973][    C0]  __se_sys_ioctl+0x114/0x190
[  117.015490][    C0]  __x64_sys_ioctl+0x7b/0x90
[  117.019914][    C0]  x64_sys_call+0x98/0x9a0
[  117.024167][    C0]  do_syscall_64+0x3b/0xb0
[  117.028434][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  117.034150][    C0] 
[  117.036317][    C0] Second to last potentially related work creation:
[  117.042743][    C0]  kasan_save_stack+0x3b/0x60
[  117.047255][    C0]  __kasan_record_aux_stack+0xb4/0xc0
[  117.052461][    C0]  kasan_record_aux_stack_noalloc+0xb/0x10
[  117.058144][    C0]  insert_work+0x56/0x310
[  117.062274][    C0]  __queue_work+0x9b6/0xd70
[  117.066610][    C0]  queue_work_on+0x105/0x170
[  117.071033][    C0]  hci_cmd_timeout+0x199/0x200
[  117.075636][    C0]  process_one_work+0x73d/0xcb0
[  117.080322][    C0]  worker_thread+0xa60/0x1260
[  117.084836][    C0]  kthread+0x26d/0x300
[  117.088890][    C0]  ret_from_fork+0x1f/0x30
[  117.093190][    C0] 
[  117.095341][    C0] The buggy address belongs to the object at ffff888147b08000
[  117.095341][    C0]  which belongs to the cache kmalloc-8k of size 8192
[  117.109226][    C0] The buggy address is located 2560 bytes inside of
[  117.109226][    C0]  8192-byte region [ffff888147b08000, ffff888147b0a000)
[  117.122507][    C0] 
[  117.124674][    C0] The buggy address belongs to the physical page:
[  117.131458][    C0] page:ffffea00051ec200 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x147b08
[  117.141625][    C0] head:ffffea00051ec200 order:3 compound_mapcount:0 compound_pincount:0
[  117.149759][    C0] flags: 0x4000000000010200(slab|head|zone=1)
[  117.155668][    C0] raw: 4000000000010200 ffffea0004595400 dead000000000005 ffff888100043500
[  117.164115][    C0] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000
[  117.172498][    C0] page dumped because: kasan: bad access detected
[  117.178760][    C0] page_owner tracks the page as allocated
[  117.184473][    C0] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 4019, tgid 4018 (syz.2.1470), ts 94132143233, free_ts 93442581592
[  117.206868][    C0]  post_alloc_hook+0x213/0x220
[  117.211465][    C0]  prep_new_page+0x1b/0x110
[  117.215805][    C0]  get_page_from_freelist+0x3a98/0x3b10
[  117.221187][    C0]  __alloc_pages+0x234/0x610
[  117.225613][    C0]  alloc_slab_page+0x6c/0xf0
[  117.230135][    C0]  new_slab+0x90/0x3e0
[  117.234040][    C0]  ___slab_alloc+0x6f9/0xb80
[  117.238470][    C0]  __slab_alloc+0x5d/0xa0
[  117.242634][    C0]  __kmem_cache_alloc_node+0x207/0x2a0
[  117.247931][    C0]  __kmalloc_node_track_caller+0xa2/0x1e0
[  117.253492][    C0]  kmemdup+0x29/0x60
[  117.257222][    C0]  ipv4_sysctl_init_net+0x43/0x280
[  117.262162][    C0]  ops_init+0x1cd/0x480
[  117.266162][    C0]  setup_net+0x4ca/0xd60
[  117.270232][    C0]  copy_net_ns+0x35f/0x5b0
[  117.274487][    C0]  create_new_namespaces+0x416/0x670
[  117.279608][    C0] page last free stack trace:
[  117.284122][    C0]  free_unref_page_prepare+0x9f1/0xa00
[  117.289428][    C0]  free_unref_page+0xb2/0x5c0
[  117.293926][    C0]  __free_pages+0x61/0xf0
[  117.298200][    C0]  __free_slab+0xce/0x1a0
[  117.302369][    C0]  __unfreeze_partials+0x165/0x1a0
[  117.307316][    C0]  put_cpu_partial+0xa9/0x100
[  117.311827][    C0]  __slab_free+0x1c8/0x280
[  117.316081][    C0]  ___cache_free+0xc6/0xd0
[  117.320333][    C0]  qlist_free_all+0xc5/0x140
[  117.324758][    C0]  kasan_quarantine_reduce+0x15a/0x180
[  117.330053][    C0]  __kasan_slab_alloc+0x24/0x80
[  117.334916][    C0]  slab_post_alloc_hook+0x53/0x2c0
[  117.339862][    C0]  kmem_cache_alloc_node+0x188/0x330
[  117.344985][    C0]  __alloc_skb+0xcc/0x2d0
[  117.349183][    C0]  rtmsg_ifa+0x1e7/0x3a0
[  117.353231][    C0]  __inet_del_ifa+0x7eb/0xdb0
[  117.357744][    C0] 
[  117.359909][    C0] Memory state around the buggy address:
[  117.365384][    C0]  ffff888147b08900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  117.373282][    C0]  ffff888147b08980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  117.381180][    C0] >ffff888147b08a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  117.389162][    C0]                    ^
[  117.393071][    C0]  ffff888147b08a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  117.400972][    C0]  ffff888147b08b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  117.408868][    C0] ==================================================================
[  117.416764][    C0] Disabling lock debugging due to kernel taint
[  117.423709][    C0] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  117.436203][    C0] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  117.444446][    C0] CPU: 0 PID: 5399 Comm: syz.2.2025 Tainted: G    B              6.1.124-syzkaller-00016-ga5f88b652947 #0
[  117.455548][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  117.465970][    C0] RIP: 0010:__queue_work+0x4f1/0xd70
[  117.471084][    C0] Code: 39 03 0f 84 40 01 00 00 e8 5c 6c 2a 00 4c 89 e7 e8 64 69 d7 03 49 bd 00 00 00 00 00 fc ff df 4c 8b 65 d0 4c 89 f0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 f7 e8 70 09 72 00 49 8b 3e e8 18 62 d7
[  117.490528][    C0] RSP: 0018:ffffc90000007c78 EFLAGS: 00010046
[  117.496428][    C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff8881299ad100
[  117.504238][    C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  117.512053][    C0] RBP: ffffc90000007d00 R08: ffffffff814b261b R09: 0000000000000007
[  117.519867][    C0] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff888147b089c8
[  117.527674][    C0] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff888147b089e0
[  117.535572][    C0] FS:  0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  117.544340][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  117.550759][    C0] CR2: 0000001b2e312ff8 CR3: 00000001244d9000 CR4: 00000000003506b0
[  117.558576][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  117.566383][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  117.574193][    C0] Call Trace:
[  117.577319][    C0]  <IRQ>
[  117.580011][    C0]  ? __die_body+0x62/0xb0
[  117.584177][    C0]  ? die_addr+0x9f/0xd0
[  117.588175][    C0]  ? exc_general_protection+0x317/0x4c0
[  117.593554][    C0]  ? asm_exc_general_protection+0x27/0x30
[  117.599103][    C0]  ? __queue_work+0x28b/0xd70
[  117.603616][    C0]  ? __queue_work+0x4f1/0xd70
[  117.608133][    C0]  ? __queue_work+0x29c/0xd70
[  117.612648][    C0]  delayed_work_timer_fn+0x61/0x80
[  117.617590][    C0]  ? queue_work_node+0x1d0/0x1d0
[  117.622377][    C0]  call_timer_fn+0x3b/0x2d0
[  117.626705][    C0]  ? queue_work_node+0x1d0/0x1d0
[  117.631475][    C0]  __run_timers+0x756/0xa10
[  117.635821][    C0]  ? calc_index+0x270/0x270
[  117.640157][    C0]  ? sched_clock+0x9/0x10
[  117.644327][    C0]  ? sched_clock_cpu+0x71/0x2b0
[  117.649014][    C0]  run_timer_softirq+0x69/0xf0
[  117.653610][    C0]  handle_softirqs+0x1db/0x650
[  117.658213][    C0]  ? irqtime_account_irq+0xdc/0x260
[  117.663300][    C0]  __irq_exit_rcu+0x52/0xf0
[  117.667585][    C0]  irq_exit_rcu+0x9/0x10
[  117.671662][    C0]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  117.677133][    C0]  </IRQ>
[  117.679908][    C0]  <TASK>
[  117.682684][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  117.688500][    C0] RIP: 0010:__sanitizer_cov_trace_pc+0x1/0x60
[  117.694401][    C0] Code: 00 00 00 00 00 0f 1f 40 00 55 48 89 e5 53 48 89 fb e8 13 00 00 00 48 8b 3d f4 43 1d 06 48 89 de e8 64 e0 46 00 5b 5d c3 cc 55 <48> 89 e5 48 8b 45 08 65 48 8b 0d f0 d8 8c 7e 65 8b 15 f1 d8 8c 7e
[  117.713849][    C0] RSP: 0018:ffffc90002adf2f0 EFLAGS: 00000246
[  117.719744][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff8881299ad100
[  117.727559][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  117.735371][    C0] RBP: ffffc90002adf570 R08: ffffffff81b0afa9 R09: ffffed1025335a21
[  117.743180][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffea0004b8b308
[  117.750993][    C0] R13: ffffea0004b8b300 R14: 0000000000000000 R15: 1ffffd4000971661
[  117.758804][    C0]  ? unmap_page_range+0x1629/0x2620
[  117.763842][    C0]  ? unmap_page_range+0x163b/0x2620
[  117.768874][    C0]  ? uncharge_batch+0x510/0x510
[  117.773568][    C0]  ? copy_page_range+0x2ed0/0x2ed0
[  117.778506][    C0]  ? mas_next_slot+0xac5/0xb00
[  117.783110][    C0]  ? uprobe_munmap+0x18d/0x450
[  117.787968][    C0]  unmap_vmas+0x4e4/0x660
[  117.792142][    C0]  ? unmap_page_range+0x2620/0x2620
[  117.797171][    C0]  ? folio_add_lru_vma+0x80/0x80
[  117.801941][    C0]  ? __kasan_check_write+0x14/0x20
[  117.806888][    C0]  ? tlb_gather_mmu_fullmm+0x165/0x210
[  117.812181][    C0]  exit_mmap+0x2e5/0xbb0
[  117.816261][    C0]  ? vm_brk+0x30/0x30
[  117.820096][    C0]  ? kiocb_set_cancel_fn+0x230/0x230
[  117.825201][    C0]  ? uprobe_clear_state+0x2cd/0x320
[  117.830236][    C0]  __mmput+0x95/0x310
[  117.834054][    C0]  mmput+0x56/0x170
[  117.837699][    C0]  do_exit+0xb24/0x2b80
[  117.841689][    C0]  ? preempt_schedule_thunk+0x16/0x18
[  117.846901][    C0]  ? put_task_struct+0x80/0x80
[  117.851499][    C0]  ? cpu_curr_snapshot+0x200/0x200
[  117.856446][    C0]  ? plist_del+0x40e/0x420
[  117.860700][    C0]  ? __kasan_check_write+0x14/0x20
[  117.865645][    C0]  ? _raw_spin_lock_irq+0xa5/0x1b0
[  117.870596][    C0]  do_group_exit+0x21a/0x2d0
[  117.875020][    C0]  ? __kasan_check_write+0x14/0x20
[  117.879966][    C0]  get_signal+0x169d/0x1820
[  117.884308][    C0]  ? __kasan_check_write+0x14/0x20
[  117.889255][    C0]  ? ptrace_notify+0x350/0x350
[  117.893853][    C0]  ? __sys_sendmsg+0x31d/0x390
[  117.898456][    C0]  arch_do_signal_or_restart+0xb0/0x16f0
[  117.903921][    C0]  ? do_futex+0x501/0x9a0
[  117.908088][    C0]  ? __ia32_sys_get_robust_list+0x90/0x90
[  117.913642][    C0]  ? get_sigframe_size+0x10/0x10
[  117.918416][    C0]  ? __se_sys_futex+0x35e/0x3c0
[  117.923111][    C0]  exit_to_user_mode_loop+0x74/0xa0
[  117.928526][    C0]  exit_to_user_mode_prepare+0x5a/0xa0
[  117.933777][    C0]  syscall_exit_to_user_mode+0x26/0x130
[  117.939159][    C0]  do_syscall_64+0x47/0xb0
[  117.943417][    C0]  ? clear_bhb_loop+0x55/0xb0
[  117.947926][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  117.953652][    C0] RIP: 0033:0x7f195fd8cde9
[  117.957906][    C0] Code: Unable to access opcode bytes at 0x7f195fd8cdbf.
[  117.964759][    C0] RSP: 002b:00007f1960cbd0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  117.973007][    C0] RAX: 0000000000000001 RBX: 00007f195ffa5fa8 RCX: 00007f195fd8cde9
[  117.980817][    C0] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f195ffa5fac
[  117.988629][    C0] RBP: 00007f195ffa5fa0 R08: 00007ffe063b90b0 R09: 0000000000000000
[  117.996444][    C0] R10: 0000000000000034 R11: 0000000000000246 R12: 00007f195ffa5fac
[  118.004255][    C0] R13: 0000000000000000 R14: 00007ffe0634fe80 R15: 00007ffe0634ff68
[  118.012077][    C0]  </TASK>
[  118.014935][    C0] Modules linked in:
[  118.018752][    C0] ---[ end trace 0000000000000000 ]---
[  118.024042][    C0] RIP: 0010:__queue_work+0x4f1/0xd70
[  118.029211][    C0] Code: 39 03 0f 84 40 01 00 00 e8 5c 6c 2a 00 4c 89 e7 e8 64 69 d7 03 49 bd 00 00 00 00 00 fc ff df 4c 8b 65 d0 4c 89 f0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 f7 e8 70 09 72 00 49 8b 3e e8 18 62 d7
[  118.048618][    C0] RSP: 0018:ffffc90000007c78 EFLAGS: 00010046
[  118.054503][    C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff8881299ad100
[  118.062316][    C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  118.070126][    C0] RBP: ffffc90000007d00 R08: ffffffff814b261b R09: 0000000000000007
[  118.077937][    C0] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff888147b089c8
[  118.085749][    C0] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff888147b089e0
[  118.093561][    C0] FS:  0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  118.102332][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  118.108757][    C0] CR2: 0000001b2e312ff8 CR3: 00000001244d9000 CR4: 00000000003506b0
[  118.116566][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  118.124376][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  118.132189][    C0] Kernel panic - not syncing: Fatal exception in interrupt
[  118.139462][    C0] Kernel Offset: disabled
[  118.143591][    C0] Rebooting in 86400 seconds..