643db6de62f253b1304788b8b1b2d34bf57fbe09a7eb84cae7f000000886871080d1588bb30abcbfecb4e10d4067ac6f46f08914faa037346191241c88e57569256cd58ec82518bc8bac2ef0f6e8bfd9ad94599c3230328ddf749696d54f2781bccc42e6ef592a1fc36a03c9a0328b63ed42db18137f243d01a67ea9fe8e34b25676f9816cdae263897bbb3aaa1148cb80e7aa12869a052b3ea1d442ca964836a6b8afa17ce754e76f57ed0868864d66429bc1d9e8c430deeb6331c152d6377929701ed95880a2f28902b3358519f08f638235a295a63eb1c8f9460ced7b22ceb4c2c5504a2012c2c8f47fd9152910bc908e41e38ba60cbdffefa00000000d8ce577bdb383c2f625067eec438180f282d638ac72b92ec020d66bf22d92ecafe4eb1fb9c6b2b8807005af65c3d0b179a439cf1840dc8466796c04a4baa9f82010eadca28654f6201dfb36a86ea24fa11e7630b3c9e93ba42e431e2725c686cc028c06302d00519f9b22c05160d9edcbc14b77325fdc393105e2385475169221318104992b200000000000000000000000000000000004703ec540a8b544b595a3dc6b4c557e6f8a346f06ff8a95cfe73aeeef83abb65367e6d6b39ed4b31497c4ae8d2575906f3fd731afe08753e6c155895e8c15efda6547608a6f95a34e62d6a08e536fdf15b8e0924a1eefc1c99c8c86f242ad458bd235f55e96e5bed4198eb5d32f1d5a39841ebcce008f2487378d7f57bc2bc0492addd1cf35b96c52a2d6aa88fdb09b2b688400b5addb4d3"], 0x1c2)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r0 = syz_open_procfs(0x0, &(0x7f0000000380)='net/ip_tables_targets\x00')
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x0)
preadv(r0, &(0x7f0000000480)=[{&(0x7f0000000000)=""/123, 0x7b}, {&(0x7f0000000500)=""/80, 0x50}, {&(0x7f0000000200)=""/109, 0x6d}], 0x3, 0x0)
ioctl$BLKSECTGET(r0, 0x1267, 0x0)
ioctl$EVIOCGPHYS(0xffffffffffffffff, 0x80404507, &(0x7f00000008c0)=""/4096)
getresuid(&(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0))
ioctl$UI_SET_PROPBIT(r0, 0x4004556e, 0x4)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='pids.current\x00', 0x275a, 0x0)
unshare(0x40000000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socket(0x10, 0x803, 0x0)

[  272.592674][T10297] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.0'.
[  272.602228][   T28] audit: type=1804 audit(1591742642.901:3): pid=10298 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir388754983/syzkaller.YjSTB7/7/bus" dev="sda1" ino=15789 res=1
[  272.788526][T10306] IPVS: ftp: loaded support on port[0] = 21
22:44:03 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=@newsa={0xf0, 0x12, 0x713, 0x0, 0x0, {{@in=@multicast2, @in=@loopback}, {@in6=@empty}}}, 0xf0}}, 0x0)
recvmsg(r0, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)

22:44:03 executing program 2:
pipe(&(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r2 = accept$alg(r1, 0x0, 0x0)
sendmsg$alg(r2, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
write$binfmt_script(r2, &(0x7f0000000600)=ANY=[], 0xfec8)
splice(r2, 0x0, r0, 0x0, 0x10000, 0x0)

22:44:03 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000140)={0x18, 0x0, {0xffff, @random="6267e2c5cecd", 'macsec0\x00'}}, 0x1e)
sendmmsg(r2, &(0x7f000000d180), 0x4000000000000eb, 0x0)

22:44:03 executing program 4:
mknod(&(0x7f0000000040)='./bus\x00', 0x8409, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setreuid(0x0, r3)
clone(0x81608700, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000340)='./bus\x00', 0x0, 0x0)

[  273.330273][   T28] audit: type=1804 audit(1591742643.641:4): pid=10353 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir388754983/syzkaller.YjSTB7/7/bus" dev="sda1" ino=15789 res=1
22:44:03 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xa4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x14, 0x2, 0x2, 0x101}, 0x14}}, 0x0)

22:44:03 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x2a7)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5)
clone(0x2000000002008100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
setsockopt$inet6_int(r0, 0x29, 0x49, 0x0, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x3)
io_setup(0x3, &(0x7f0000000140)=<r2=>0x0)
io_destroy(r2)

22:44:03 executing program 2:
r0 = socket$inet6(0xa, 0x3, 0x8)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000e86000)="0022040000ffffebfffffffeffffff0700000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab390c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e3845", 0x118)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x4b)
sendmmsg$inet6(r0, &(0x7f00000051c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=[@hoplimit={{0x14, 0x29, 0x3e}}], 0x18}}], 0x1, 0x0)

22:44:03 executing program 0:
pipe(&(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0)
r3 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000100)='batadv0\x00', 0x10)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r5 = dup(r4)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x0, @multicast1}, 0x10)
splice(r0, 0x0, r2, 0x0, 0x1ffeb, 0x0)

22:44:03 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x149301, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff})
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = fcntl$dupfd(r1, 0x0, r4)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f8000003000000300300009802000000e2ffffff00000000000000080000009802000098020000a10200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000c10000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f73653000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002100000000000000000000000000000000000000000000000000000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001300000000000000000000fcffffffffffffff00000000000000000000000003000000070000200000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000000000000000000000000000000000000020004e4f545241434b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400700098000000000000000000000000000000ecff000000002800000000000000000000000000000000000000000000000000000000000000feffffff"], 0x1)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_inet_SIOCSIFADDR(r6, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @local}})
write$tun(r0, &(0x7f0000000540)={@void, @val={0x3}, @mpls={[], @ipv4=@dccp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x84, 0x0, @dev, @local}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "f426e6", 0x4, "c80005"}}}}}, 0x2e)

22:44:03 executing program 2:
setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
ioctl$FITHAW(0xffffffffffffffff, 0xc0045878)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x800000000000803, 0x0)
sendto(r0, &(0x7f0000000000)="120000001600e70d017b00000000008e1584", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000004e00), 0x27b, 0x0, 0x0)
r1 = socket(0x10, 0x0, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, 0x0, &(0x7f0000cab000))
r2 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$setperm(0x5, r2, 0x202002)
keyctl$chown(0x4, r2, 0x0, 0x0)
r3 = socket(0x10, 0x0, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0, <r5=>0x0}, &(0x7f0000cab000)=0xc)
r6 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$setperm(0x5, r6, 0x202002)
keyctl$chown(0x4, r6, r4, r5)
add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, r6)

[  273.530289][T10361] xt_CT: netfilter: NOTRACK target is deprecated, use CT instead or upgrade iptables
[  273.593219][T10370] ptrace attach of "/root/syz-executor.1"[10368] was attempted by "/root/syz-executor.1"[10370]
[  273.617496][T10306] IPVS: ftp: loaded support on port[0] = 21
22:44:04 executing program 2:
setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
ioctl$FITHAW(0xffffffffffffffff, 0xc0045878)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x800000000000803, 0x0)
sendto(r0, &(0x7f0000000000)="120000001600e70d017b00000000008e1584", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000004e00), 0x27b, 0x0, 0x0)
r1 = socket(0x10, 0x0, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, 0x0, &(0x7f0000cab000))
r2 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$setperm(0x5, r2, 0x202002)
keyctl$chown(0x4, r2, 0x0, 0x0)
r3 = socket(0x10, 0x0, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0, <r5=>0x0}, &(0x7f0000cab000)=0xc)
r6 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$setperm(0x5, r6, 0x202002)
keyctl$chown(0x4, r6, r4, r5)
add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, r6)

22:44:04 executing program 5:
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x800, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x21, 0x0, 0x2)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000001c80)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000001000fff64017db9820000000000000d403ffff633b27e5080046175dd106736d173f0fc7ec6e26560000007c92d2e181baf9459c5c953948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdfe80812d274614ae40b8ae4f2a88d2fbea75e16a61fd063f026ed7360627ec60cb274e00dab51f7ee096d74c92fad7e353d5522d45cc36c2442eac2d224609aba9e6000000000000000000000000000000f390d71cc60a61ea6e457ebc93981b20e03b86d4e999bbb53a7b0ee0ce30e80600cff8ca2996e518e3e69051f6d24317f9ebfeb82ee2469fb31bdbb2768d25f196ab6f2dc045421b94d878d0d9c2a5874633a687a135308e49ce118c81517ac7bb2994cc4b1dbc506c1d01008dd3deaafaab51144c1ef00f00001f5e73ff040000000000000000000000000000009a583b79ab00f70d85463c57c5bb1f1084e683b591fc2c8b8a38b7ee57afa01aea88fb413e1ee8ebbdf1fa9155bf6409b065a980528827de08737cf643db6de62f253b1304788b8b1b2d34bf57fbe09a7eb84cae7f000000886871080d1588bb30abcbfecb4e10d4067ac6f46f08914faa037346191241c88e57569256cd58ec82518bc8bac2ef0f6e8bfd9ad94599c3230328ddf749696d54f2781bccc42e6ef592a1fc36a03c9a0328b63ed42db18137f243d01a67ea9fe8e34b25676f9816cdae263897bbb3aaa1148cb80e7aa12869a052b3ea1d442ca964836a6b8afa17ce754e76f57ed0868864d66429bc1d9e8c430deeb6331c152d6377929701ed95880a2f28902b3358519f08f638235a295a63eb1c8f9460ced7b22ceb4c2c5504a2012c2c8f47fd9152910bc908e41e38ba60cbdffefa00000000d8ce577bdb383c2f625067eec438180f282d638ac72b92ec020d66bf22d92ecafe4eb1fb9c6b2b8807005af65c3d0b179a439cf1840dc8466796c04a4baa9f82010eadca28654f6201dfb36a86ea24fa11e7630b3c9e93ba42e431e2725c686cc028c06302d00519f9b22c05160d9edcbc14b77325fdc393105e2385475169221318104992b200000000000000000000000000000000004703ec540a8b544b595a3dc6b4c557e6f8a346f06ff8a95cfe73aeeef83abb65367e6d6b39ed4b31497c4ae8d2575906f3fd731afe08753e6c155895e8c15efda6547608a6f95a34e62d6a08e536fdf15b8e0924a1eefc1c99c8c86f242ad458bd235f55e96e5bed4198eb5d32f1d5a39841ebcce008f2487378d7f57bc2bc0492addd1cf35b96c52a2d6aa88fdb09b2b688400b5addb4d3"], 0x1c2)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r0 = syz_open_procfs(0x0, &(0x7f0000000380)='net/ip_tables_targets\x00')
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x0)
preadv(r0, &(0x7f0000000480)=[{&(0x7f0000000000)=""/123, 0x7b}, {&(0x7f0000000500)=""/80, 0x50}, {&(0x7f0000000200)=""/109, 0x6d}], 0x3, 0x0)
ioctl$BLKSECTGET(r0, 0x1267, 0x0)
ioctl$EVIOCGPHYS(0xffffffffffffffff, 0x80404507, &(0x7f00000008c0)=""/4096)
getresuid(&(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0))
ioctl$UI_SET_PROPBIT(r0, 0x4004556e, 0x4)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='pids.current\x00', 0x275a, 0x0)
unshare(0x40000000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socket(0x10, 0x803, 0x0)

22:44:04 executing program 1:
setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
ioctl$FITHAW(0xffffffffffffffff, 0xc0045878)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x800000000000803, 0x0)
sendto(r0, &(0x7f0000000000)="120000001600e70d017b00000000008e1584", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000004e00), 0x27b, 0x0, 0x0)
r1 = socket(0x10, 0x0, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, 0x0, &(0x7f0000cab000))
r2 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$setperm(0x5, r2, 0x202002)
keyctl$chown(0x4, r2, 0x0, 0x0)
r3 = socket(0x10, 0x0, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0, <r5=>0x0}, &(0x7f0000cab000)=0xc)
r6 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$setperm(0x5, r6, 0x202002)
keyctl$chown(0x4, r6, r4, r5)
add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, r6)

22:44:04 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xa4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x14, 0x2, 0x2, 0x101}, 0x14}}, 0x0)

22:44:04 executing program 2:
setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
ioctl$FITHAW(0xffffffffffffffff, 0xc0045878)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x800000000000803, 0x0)
sendto(r0, &(0x7f0000000000)="120000001600e70d017b00000000008e1584", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000004e00), 0x27b, 0x0, 0x0)
r1 = socket(0x10, 0x0, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, 0x0, &(0x7f0000cab000))
r2 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$setperm(0x5, r2, 0x202002)
keyctl$chown(0x4, r2, 0x0, 0x0)
r3 = socket(0x10, 0x0, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0, <r5=>0x0}, &(0x7f0000cab000)=0xc)
r6 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$setperm(0x5, r6, 0x202002)
keyctl$chown(0x4, r6, r4, r5)
add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, r6)

22:44:04 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000000c0)='tmpfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[{@gid={'gid'}}], [], 0x32})

22:44:04 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xa4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x14, 0x2, 0x2, 0x101}, 0x14}}, 0x0)

22:44:04 executing program 2:
perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x9, 0x9d, 0x100400, 0xc}, 0x40)
setsockopt$inet6_MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd2, &(0x7f0000000200)={{0xa, 0x0, 0x0, @mcast2}, {0xa, 0x0, 0x0, @ipv4={[], [], @multicast2}}}, 0x5c)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000340), 0x400, r0}, 0x38)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000280)={0x0, &(0x7f0000000440)=""/135, &(0x7f00000002c0), &(0x7f0000000140), 0x3, r0}, 0x38)

[  274.017485][T10413] IPVS: ftp: loaded support on port[0] = 21
[  274.079279][   T25] tipc: TX() has been purged, node left!
[  274.199030][T10431] tmpfs: Bad value for 'gid'
22:44:04 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prctl$PR_GET_NAME(0x10, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = creat(&(0x7f0000000240)='./bus\x00', 0x0)
r5 = fcntl$dupfd(r3, 0x0, r4)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
r6 = inotify_init1(0x0)
r7 = dup2(r6, r0)
syz_kvm_setup_cpu$x86(r7, r2, &(0x7f0000fe6000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)

[  274.322892][T10431] tmpfs: Bad value for 'gid'
22:44:04 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x30000000}, [@call={0xf, 0x10}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

[  274.423540][T10453] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
22:44:05 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd})

22:44:05 executing program 1:
pipe(&(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0)
r3 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000100)='batadv0\x00', 0x10)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41be, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffff7ffffffff, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x0, @multicast1}, 0x10)
splice(r0, 0x0, r2, 0x0, 0x1ffeb, 0x0)

22:44:05 executing program 0:
unshare(0x24020400)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = dup(r0)
io_uring_register$IORING_UNREGISTER_BUFFERS(r1, 0x1, 0x0, 0x0)

22:44:05 executing program 5:
socket(0x11, 0x800000003, 0x0)
unshare(0x8000400)
pipe2(&(0x7f00000000c0), 0x0)
mq_open(&(0x7f0000000340)='\v$\x00\x0f\xb5s\xac\x9f\x85\xeapS\xcbF\xed\x9d\xad\x00\xf7\xba~\xa1}PW\x15\x94\xd2W\xb0\xd2\xc2v\xe3\xea\xd5\xea\xd8\x02\x9a+\xc7\x1fX\x1eo\xb6M`\xd6\x9e\xcf\xeb\x1e\xfd\xb5\xe2\xcfl\xbb\x1b\xe0\xc6Ki{\xdc\x04M\xe3d\f#\x0e\xac\xf9$j\x04>\xd6\x97\xd1\xcd\xe3H\xc2\xcb9\xa3P\xcf\xa2\xac@\x8d\xd6C\xe5\xf5\xbe\xb7\x9cg\x88\xb7o8_\xb8\xc7\xf40\xc8\xf9GK\xf4\x87\xddE\x10\xb5\xff\xca\a\x06\xd5\x01\xfbt]\xca\xab\xf7\xd9\xab\xa7\xd8c\xc0\xc6&d\x04\x8a\xd2l\x86\xa3\xa8\xbd&r', 0x6e93ebbbcc0884ee, 0x0, 0x0)
pipe(&(0x7f0000000100)={<r0=>0xffffffffffffffff})
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='oom_score_adj\x00')
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xa3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @rand_addr=0x64010100}, 0x10)
sendfile(r1, r1, 0x0, 0x20000000000000d9)
pselect6(0x40, &(0x7f0000000040), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)
pipe2$9p(&(0x7f0000000140), 0x0)

22:44:05 executing program 2:
perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x9, 0x9d, 0x100400, 0xc}, 0x40)
setsockopt$inet6_MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd2, &(0x7f0000000200)={{0xa, 0x0, 0x0, @mcast2}, {0xa, 0x0, 0x0, @ipv4={[], [], @multicast2}}}, 0x5c)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000340), 0x400, r0}, 0x38)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000280)={0x0, &(0x7f0000000440)=""/135, &(0x7f00000002c0), &(0x7f0000000140), 0x3, r0}, 0x38)

22:44:05 executing program 3:
syz_mount_image$jfs(&(0x7f0000000400)='jfs\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=ANY=[@ANYBLOB='grpquota'])

22:44:05 executing program 0:
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x0)
open(0x0, 0x0, 0x0)
pwritev(r0, &(0x7f0000001380)=[{&(0x7f0000003040)="02", 0xffff0000}], 0x1, 0xffff)

22:44:05 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000280)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f8000003000000300300009802000000000000000000000000000000000000980200009802000098070000980200009802000003008000000000000000000000000000e00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000800000000000002726f7365300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000fb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff0000000000000000000000000300000007000000000000000000000000000000480043540000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000100000000000000000000000000000000ee00000000000000000000000000000000000000000000000000000000000000000000000000200000000000000500000000000400000000000000000000000000000070009000000000000000000000000000000000000000010020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000001000000990000000000002800000000000000000000000000000000000000000000000000000000000000feffffff"], 0x1)
pipe(&(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
fcntl$setpipe(r4, 0x407, 0x0)
write$binfmt_misc(r4, &(0x7f0000000140)=ANY=[], 0x4240a2a0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10)
perf_event_open(&(0x7f00000012c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
splice(r3, 0x0, r5, 0x0, 0x30005, 0x0)

22:44:05 executing program 3:

22:44:05 executing program 2:

22:44:05 executing program 3:

22:44:05 executing program 2:

22:44:05 executing program 3:

22:44:06 executing program 1:
pipe(&(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0)
r3 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000100)='batadv0\x00', 0x10)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41be, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffff7ffffffff, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x0, @multicast1}, 0x10)
splice(r0, 0x0, r2, 0x0, 0x1ffeb, 0x0)

22:44:06 executing program 2:

22:44:06 executing program 5:
socket(0x11, 0x800000003, 0x0)
unshare(0x8000400)
pipe2(&(0x7f00000000c0), 0x0)
mq_open(&(0x7f0000000340)='\v$\x00\x0f\xb5s\xac\x9f\x85\xeapS\xcbF\xed\x9d\xad\x00\xf7\xba~\xa1}PW\x15\x94\xd2W\xb0\xd2\xc2v\xe3\xea\xd5\xea\xd8\x02\x9a+\xc7\x1fX\x1eo\xb6M`\xd6\x9e\xcf\xeb\x1e\xfd\xb5\xe2\xcfl\xbb\x1b\xe0\xc6Ki{\xdc\x04M\xe3d\f#\x0e\xac\xf9$j\x04>\xd6\x97\xd1\xcd\xe3H\xc2\xcb9\xa3P\xcf\xa2\xac@\x8d\xd6C\xe5\xf5\xbe\xb7\x9cg\x88\xb7o8_\xb8\xc7\xf40\xc8\xf9GK\xf4\x87\xddE\x10\xb5\xff\xca\a\x06\xd5\x01\xfbt]\xca\xab\xf7\xd9\xab\xa7\xd8c\xc0\xc6&d\x04\x8a\xd2l\x86\xa3\xa8\xbd&r', 0x6e93ebbbcc0884ee, 0x0, 0x0)
pipe(&(0x7f0000000100)={<r0=>0xffffffffffffffff})
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='oom_score_adj\x00')
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xa3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @rand_addr=0x64010100}, 0x10)
sendfile(r1, r1, 0x0, 0x20000000000000d9)
pselect6(0x40, &(0x7f0000000040), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)
pipe2$9p(&(0x7f0000000140), 0x0)

22:44:06 executing program 3:

22:44:06 executing program 2:
pipe(&(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0)
r3 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000100)='batadv0\x00', 0x10)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41be, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffff7ffffffff, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x0, @multicast1}, 0x10)
splice(r0, 0x0, r2, 0x0, 0x1ffeb, 0x0)

22:44:06 executing program 0:

22:44:06 executing program 3:

22:44:06 executing program 4:

22:44:06 executing program 3:

22:44:06 executing program 4:

22:44:06 executing program 0:

22:44:06 executing program 3:

22:44:07 executing program 1:

22:44:07 executing program 4:

[  276.688774][    T7] tipc: TX() has been purged, node left!
[  276.848718][    T7] tipc: TX() has been purged, node left!
22:44:07 executing program 5:
socket(0x11, 0x800000003, 0x0)
unshare(0x8000400)
pipe2(&(0x7f00000000c0), 0x0)
mq_open(&(0x7f0000000340)='\v$\x00\x0f\xb5s\xac\x9f\x85\xeapS\xcbF\xed\x9d\xad\x00\xf7\xba~\xa1}PW\x15\x94\xd2W\xb0\xd2\xc2v\xe3\xea\xd5\xea\xd8\x02\x9a+\xc7\x1fX\x1eo\xb6M`\xd6\x9e\xcf\xeb\x1e\xfd\xb5\xe2\xcfl\xbb\x1b\xe0\xc6Ki{\xdc\x04M\xe3d\f#\x0e\xac\xf9$j\x04>\xd6\x97\xd1\xcd\xe3H\xc2\xcb9\xa3P\xcf\xa2\xac@\x8d\xd6C\xe5\xf5\xbe\xb7\x9cg\x88\xb7o8_\xb8\xc7\xf40\xc8\xf9GK\xf4\x87\xddE\x10\xb5\xff\xca\a\x06\xd5\x01\xfbt]\xca\xab\xf7\xd9\xab\xa7\xd8c\xc0\xc6&d\x04\x8a\xd2l\x86\xa3\xa8\xbd&r', 0x6e93ebbbcc0884ee, 0x0, 0x0)
pipe(&(0x7f0000000100)={<r0=>0xffffffffffffffff})
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='oom_score_adj\x00')
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xa3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @rand_addr=0x64010100}, 0x10)
sendfile(r1, r1, 0x0, 0x20000000000000d9)
pselect6(0x40, &(0x7f0000000040), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)
pipe2$9p(&(0x7f0000000140), 0x0)

22:44:07 executing program 0:

22:44:07 executing program 2:

22:44:07 executing program 3:

22:44:07 executing program 4:

22:44:07 executing program 1:

22:44:07 executing program 0:

22:44:07 executing program 2:

22:44:07 executing program 3:

22:44:07 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="bf07003eff17"])
ioctl$KVM_RUN(r2, 0xae80, 0x0)

22:44:07 executing program 1:
add_key$user(0x0, 0x0, 0x0, 0x0, 0x0)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, &(0x7f0000000040), 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0)
ioctl$BLKRAGET(0xffffffffffffffff, 0x1263, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x9, 0x20011, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, &(0x7f0000000140)='#$^{}$\x00', &(0x7f00000001c0)="27bb2bd4a4231097b2c69636faa863c4c85743a395893c64f07ea39f39f7d0aea8b33aff5d11d513c2705e7f6843ad6ec3e049b7d3faacb90732d593e3da", 0x3e)

22:44:07 executing program 0:

22:44:08 executing program 5:
socket(0x11, 0x800000003, 0x0)
unshare(0x8000400)
pipe2(&(0x7f00000000c0), 0x0)
mq_open(&(0x7f0000000340)='\v$\x00\x0f\xb5s\xac\x9f\x85\xeapS\xcbF\xed\x9d\xad\x00\xf7\xba~\xa1}PW\x15\x94\xd2W\xb0\xd2\xc2v\xe3\xea\xd5\xea\xd8\x02\x9a+\xc7\x1fX\x1eo\xb6M`\xd6\x9e\xcf\xeb\x1e\xfd\xb5\xe2\xcfl\xbb\x1b\xe0\xc6Ki{\xdc\x04M\xe3d\f#\x0e\xac\xf9$j\x04>\xd6\x97\xd1\xcd\xe3H\xc2\xcb9\xa3P\xcf\xa2\xac@\x8d\xd6C\xe5\xf5\xbe\xb7\x9cg\x88\xb7o8_\xb8\xc7\xf40\xc8\xf9GK\xf4\x87\xddE\x10\xb5\xff\xca\a\x06\xd5\x01\xfbt]\xca\xab\xf7\xd9\xab\xa7\xd8c\xc0\xc6&d\x04\x8a\xd2l\x86\xa3\xa8\xbd&r', 0x6e93ebbbcc0884ee, 0x0, 0x0)
pipe(&(0x7f0000000100)={<r0=>0xffffffffffffffff})
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='oom_score_adj\x00')
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xa3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @rand_addr=0x64010100}, 0x10)
sendfile(r1, r1, 0x0, 0x20000000000000d9)
pselect6(0x40, &(0x7f0000000040), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)
pipe2$9p(&(0x7f0000000140), 0x0)

22:44:08 executing program 2:

22:44:08 executing program 1:

22:44:08 executing program 0:

22:44:08 executing program 3:
mkdir(0x0, 0x0)
mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x10000, 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @perf_bp={&(0x7f0000000200), 0x4}, 0x910, 0x100000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xa, 0xe4, 0x400000000004, 0x100, 0x10, 0xffffffffffffffff, 0x1}, 0x59)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000000)={r2, &(0x7f0000000080)}, 0x20)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={<r3=>0xffffffffffffffff})
r4 = eventfd2(0x901, 0x0)
read$eventfd(r4, 0x0, 0x0)
ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f0000000140)={{r4}, 0x7ff, 0x9})
dup(r3)
ioctl$FIONCLEX(r3, 0x5450)
sendfile(r0, r2, &(0x7f0000000000)=0x2, 0x5)
bind$inet(r1, &(0x7f00000002c0)={0x2, 0x4e21, @loopback}, 0x10)
connect$inet(r1, &(0x7f0000000240)={0x2, 0x4e21, @empty}, 0x10)

22:44:08 executing program 4:
write$cgroup_type(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPVS_CMD_GET_CONFIG(0xffffffffffffffff, 0x0, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
socket(0x0, 0x0, 0x0)
poll(0x0, 0x0, 0x204)
ioctl$RTC_WIE_ON(0xffffffffffffffff, 0x700f)
futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0)

22:44:08 executing program 1:
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1031fe, 0x0)
write$FUSE_NOTIFY_DELETE(r0, &(0x7f0000000200)=ANY=[@ANYRESOCT], 0x1f)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
sendfile(r0, r0, &(0x7f00000001c0), 0x8080fffffffe)
r2 = socket(0x2, 0x803, 0xff)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @dev}, 0x10)
r3 = dup(r2)
r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8000fffffffe)

22:44:08 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:08 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x99, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x1070c5, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600)

22:44:08 executing program 3:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$sock_inet_SIOCGIFNETMASK(0xffffffffffffffff, 0x891b, 0x0)
unshare(0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000280)={'bond_slave_0\x00'})
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00', {0x2, 0x0, @loopback}})
sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, 0x0, 0x20000000)

[  278.234838][T10611] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  278.243771][T10611] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  278.253972][T10611] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  278.264277][T10611] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  278.278530][T10611] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  278.306025][T10611] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  278.315466][   T28] audit: type=1804 audit(1591742648.612:5): pid=10619 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir432885801/syzkaller.Vcm8cx/22/bus" dev="sda1" ino=15838 res=1
22:44:08 executing program 3:
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
epoll_create1(0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)

[  278.434141][T10611] EXT4-fs (loop0): re-mounted. Opts: (null)
22:44:08 executing program 2:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x2}, 0x1c)
setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000040)=0x5, 0x4)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

[  278.509569][T10621] EXT4-fs (loop0): re-mounted. Opts: (null)
[  278.628982][T10621] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  278.673000][T10621] EXT4-fs (loop0): re-mounted. Opts: (null)
[  278.698625][T10632] EXT4-fs (loop0): re-mounted. Opts: (null)
22:44:09 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000001080)=ANY=[@ANYBLOB="bf07003eff00005cc600a39d6e24fdc34f0cdf638edd53602a6f740dc96d902155d6c714279746c3bb068d4bf95303a6622da6071c874be983d4774e392c4b4908c69a6e8984ae5c9f629c45635e9f0c1c3f413c298e4f9ab71a537bb803f4"])
ioctl$KVM_RUN(r2, 0xae80, 0x0)
write(0xffffffffffffffff, &(0x7f0000000600)="bb8f9f640903127a53527c6fbfe65d43b0e0586f2d40c7e7df58cac83420e83662d6e39bb6d5430622431454eedeeaee423d8f210bc3525fa7927c18d5fbc91ab13c2041136047d8da9375934d00f325499bfe7712208d387d41c31821c2a22d1325b556528e9b790b74053d1ed631c6ec8126d37c87216173138c00cef396868029af5b76bebac5e38b74d8bbc6ae66b6e202b6d505710377710ea7d43edf00e1a4c1c670bb4c263ce777da81abdd5ba5a5c82f67232f9b4d6f21b2e6afa8b38e4642b0daa2acbc0478d89b88e8b2094d4248855e5e81992e60be3afff0f3c3799350615489a901a659abdeca0c615a622ebf64175f990320e0356d4a11ed62eff72b709c23dd65942e8b534d7d775d370c1e435654a2634e6ee3649c4c3bcbe39e866f1eb9972af1a9cef42e701798a53dc92a242aadbac343e1765cf8ea5665e22deda69777e52b1e9e5d3edc022256939e1eee013448294911139d5b9c6241049fecdf9b31f4cdf6cff65d71b5071ef70e1798347c8846aa5b905e83050e3e606986ed3f603d18c5cdeb11cda1ce3abddea9376231af130e19fc7601ec1ab8cb5a7de9e2174547f18225b09a54fc8720dbb91eb69c1be88e601c3c9df4f2758f39a5151951b9c6dbb419ffd783a34c9fad10f201b8724d31865e2fc1fcf48db2be713053b43a0e3943c1e2b08e8a26e946c439d891db2a80b5ffa054bc8d0177d3214056250c61a537d2ec7630fb90395df2cd6aa9c5e573365db580520bdc3f1c6b2be992e1516a4b810a11935dc780699e461d9715f70c6d103ff49bf168f3cff4c0d0d6ba5671fcd2975450b0e1a3474139cb0f2d3476fcd87a8bccbeb2f5f8a821017b879aa5b9d1fafa9f4c429a74cd2da782114d97bf031746a817dd0293c4eddc3a9ecb5afe496f4971474ccd827449409f07cf94dda2e7dbe8520b5afff10a7e3b0b4289a167fc692635b5b7426d9e771b95860b09a3e752c867213c772e48ba30a78feecc7ff26e63e1749c62b52d377ac5cc52db830c965e04ccfcfb24ceacc69cfdc2094124dd27b2d68f699476a2562bab1de117ffc2b0702ee8b0b77f85fecec3a25b37ab7eb06232c9a73b4470f1727c82581d81942abf42d3ea37957927ad3dbd0ebe46678a9f4d25c47acaac83c14210a54b71fed40df017e2be27f01e3e6ea3ea381ca14efd202858e6535ad4f79a8cdf47e385b740a70c14e3651731a45cc0ca4a56f2e903cad0384efcc364caf67e09551d35c682ebc90a9286c4d274ba1b8ced742ede4e55a62db7ef9a96fde2add05b41599fd72a79ba280cc125cb266ef21b7eeafe3ee6aa78eef33fc66454549c3ec298cb683a55a32208cf6ce88b560166159d59e65f30540f62c5437652ea7f2a02f87ca242dd2250f58e75938a9a3ded51ae6598c2aba53287ff5cdaab17be7f4310f8e07e310d52778de79e1c2e4391b254be38910aa1cf6e1ca0e75d24be97d59f7025f16c6fbd549529b74e319c58f50438765ef0e3dc394eeb75dec41b3d80435b17520c97f5cd7ee692fb86d188fb0089fbf737dc1b96b9cc49be23a38a8cd92e5075f349993d7866369dd25eccbe1481477a05fee14e0edd1617921d7fcaa8fdc642e63b64388fa5b63442ff1466b1938d02546750b01ed9c980282ccbe10f204741249aed88c555ed6fdf7f68af9209807a71bbf4f31bef5a4223466da74ba8b034df529aef6ec6610a0d25973961e50e02af22d0ca8be1b9804a5918acbdb536e8f2f441ec9d640ed15133ee747440c86fc4526c9195954528673d25c8390170f3c19cb0b0c30b9e634c7ebae96946ae97c19eabca92226da925d22be37abbe0740938ea899ec42fd529a3b1063981e4c154219df5cf5af60a29b5a8ee530905725a14b28900eae937e705401ba8f632a7bca00d9724a992afdc9ed14aac71b8e3a7ee5ca095888feb195b4e083c3b611a1c2f8d092febe3b9f5f0df61e8d3c31a643c935b76bc1ad4265164e755484beb06610510bc51e8c6da8d71123bbe83a5e4128f41cf5c486d6a60496c300c406f990bee485cbdef794f2663ee66d2b18d8e55210c25c04b1a0c6d9c5f904e72806d2d4f5e5439bcdf146343cdffe4d0d70d42a9959cff9bd50c37cd478b0b0add16aae4dc839b46bca2ac7547144b6a422aed5e2db661bcb31a82bc0fc678e71a6cb090ef772860f3008b4152b5d281033be4a77b367baec3ab8ce7c83c601b11c8199bafcd15161a5454a6a982dbc3c2e3a5172b6a63e4904817075754eccbb0188c9cb2e5da9600f567485014887463b40f189b7ec3c5c0f36d502509e402c285765c78417ce6b3aab130ee79622dcd8ada842233e73a14554ee5e4995e32b3fe4075e247eb9bdeef64d1a7436c9b5782fb2f84f74e4c6e976289729c37b5bb8200a9480d181a6b11f5ec229b818134b8334967ae935ac1d81be4776fae4cb68b6fa330e93bd8de388b38455d569159bcd166df030a6dfedf28caf4608de7243f5df2c76f6680c301d819dc67d24d2f780432a931700a253b0a5b075195c6dbfd1fe17a1c11a3dffa872a07b877adc66d069fffb6d8326e1998c5a337c3d530250cae335ceffcf81dc438a47e73490d050a053813dbe6674e42c91ae94b4a88144f36adc1b08b4bcd6ddf4058c4e08d4dc83d5fbd843ee27eaf50b297c220350260d9abbeeb6deb921e50cae0ea590cfb6f00fb3c71520f565bb769705e2481ef27cf537d29f163c9fe3d39ed9fd18dc8b0c976cd302283e430807a9d751357f89092532d89fe280c69ad36e3541b5da9dea13fd19d0434c760fe295dfd9b9e63453c7853914c50b1b77ccd4b33c8b1f31fcb1aec040ffe2f9d728d8ea84297bac2e22230ebd1488c503b05b2e433cc37ce9fc123b7d3eb244b4549e9a841e73b664c8f6621ea5a4c9ff9c1da032255311f2c063a682baf4c97e7ba552bf71af4bd64f43872b846d15c65c487089be272cfa24a33f8c50930ea0bc4b089505fb8e9e688d35a978813c38add66548d7575727ded0e7e64a5ce897da6b940df4c3dddb8b4871d773f6ebf02058518c55c19aadb0f266caf18777ae68d2bfcfb2225961fcd10538ba664fd053a443320072707533ab761b9397bd0559126b84fe9196463ae50633017ea2d80940311d9c867102b1017f34af1965d8eb61be616a0d40656e2bbb750aee6f74f788c8acb2578e8686f5f8da6a19e979c152b7ee7c7f16902120588e2ff630144b5f929ffc593e946d9717c5968aa16c2d73d689fb5cce117acda3e23e5e0116de1cb6bddfa1a84cefb22c1e2c3753017696f27b9aec5d44f15411247643b84dd4410e784b4eb5b9c68fea671976f9b51c6526e2ddb40659611b0b3bcc7e249c77396fdb8c864ea9318f9de7fd3936fcbdc732c2f8b9556ec9afeb15d5e2df890351d66074d53dddc6e8dba8c91d733623ac95a49eb69c7de37ff2364ccddb01f6500750a012c2acf32a9f6bbd9e92d17ef858fbc34575db414ea42ad87a65b11ae5506469db256c421328f45aec73bdf18562447dc2840bbe9fc84dedd0fe6276fa174f21210d40193530ec7a70a9e60bfd6b00cba4d483be59950f16fa0dbd089b5fd0bb078badfcf42270cc62fe37be22b0d81f755263d74636fa466d2574ca62b58c649936d21e949de73ea45df3acade6609413f56fc218d6f11947bf1fd629d38d8acce90ee3c1a51117601ae126bec537e3e76ce7ecc53", 0xa56)

22:44:09 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x0, 0x0)
dup2(r0, r1)

22:44:09 executing program 4:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f00000075c0)=[{{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000300)="f6", 0x1}], 0x1, &(0x7f0000001540)=ANY=[], 0x210}}], 0x1, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/arp\x00')
preadv(r0, &(0x7f00000017c0), 0x315, 0x800000)

22:44:09 executing program 2:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x2}, 0x1c)
setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000040)=0x5, 0x4)
sendmmsg(r0, &(0x7f0000002cc0), 0x1a3, 0x0)

22:44:09 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x0, 0x0)
dup2(r0, r1)

[  279.085020][   T28] audit: type=1804 audit(1591742649.392:6): pid=10645 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir432885801/syzkaller.Vcm8cx/22/bus" dev="sda1" ino=15838 res=1
22:44:09 executing program 1:
setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000080)={{0x0, @rand_addr, 0x0, 0x0, 'sh\x00', 0x0, 0x9d4d}, {@empty}}, 0x44)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)
open$dir(&(0x7f00000000c0)='./file0\x00', 0xc200, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x1000000, 0x1, &(0x7f0000000000)=[{&(0x7f0000000080)="eb3c906d6b66732e6661740002042f2502000270fff8", 0x268}], 0x0, 0x0)

22:44:09 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000001000)=[{{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=""/77, 0x4d}, 0x9}, {{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000880)=""/176, 0xb0}, {&(0x7f0000000940)=""/166, 0xa6}, {&(0x7f0000000f40)=""/159, 0x9f}], 0x3}, 0xfff}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000001500)=""/4096, 0x1000}, {&(0x7f0000000440)}, {&(0x7f0000000c40)=""/111, 0x6f}, {&(0x7f0000000cc0)=""/112, 0x70}], 0x4, &(0x7f0000000540)=""/48, 0x30}, 0x5}], 0x4, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000340)={@rand_addr=' \x01\x00', 0x0, 0x2}, 0x0)
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000100))
syz_genetlink_get_family_id$nl80211(&(0x7f0000003240)='nl80211\x00')
sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24004001}, 0x0)
sched_setattr(0x0, &(0x7f00000002c0)={0x38, 0x1, 0x0, 0x0, 0x3}, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
lseek(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)
bind$inet(r4, &(0x7f0000000280)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000600)=0xda6, 0x4)
writev(r4, &(0x7f0000000780)=[{&(0x7f0000000100)="dff548771d77ce8786aca76dda6fb054ab8ea73799d7293eda90ba41a2db81fab55b5415692300a8e64bca2f60e1717f85f06a6bbca90f392b04f34940db7ffccc33ed6ea82296de9683c9e360cd1c477304bd8f9bd74d44a4c7d1c7e625a86cd54b72c5745f475a772b84977a6b05381dbe6259bc510f0f70c3e9946a78c7b5a19e97447799d930f9623b", 0x8b}, {&(0x7f00000001c0)="96431fb1cb119741590ad657dc5e5ce3e5fe9f1f639e6a18bc7b6c1d0b424eb306f34cf2429c62c0fdefbae36740a7169721af852826d7f14b6cae8af86507ff78a1dda991aea5952f43e7e0146a3c035f0113d617240e8940c60cdf3400193bbe3a0c0b1eae5799db27b4ee9c13475210defa4dac9d784e0c89135b82b321f8e43d7a5db9ab1bfd319f472a94", 0x8d}, {&(0x7f0000001340)="f15c93cb35c215fe339d1e9060c5b23e77cb58a87329a00288504db389cc6e395885fa906ac30eeae99fa388c31b5717e641e1586a90961b5f99b26c939d944f6cb1cf6817b7e51402a8459f9db642e97d3c05db56250a665d3ff188eb47e5b036d508aa5a5796fb8806b6a41487e0bfc3df087c18269bd7d2f477104c5d5db497ceaf3e1b11a5d63a2b7035dc69fa701f3b46fe701880800a7d38dccd4b3e8014aa15c96968359533ce2c5ffdd5f0d3297018bd7c025150940cdead92eb1e6bc6ba45eecf067b32425b6000b2f376ef9172426ae7fa97e5a84ef4dc540bbf5dd458ffcb75724135bd32fa04db6d6a75aedda7ab6e8501fc94e209dc3b2525ae24c954255d3247ca9c1b9525ce68179a52a87333aa2b0a8c1baa6ba6160c6d2018e67bac5402d0d89c5f798b8d1a87b0dc3306f546c61724530d9f4b6f0ee68677c7b261de5afa02d708a8ec979791de8f4831cc354ba453bc253e2435207f25494a594d4e5be39902358d362cb318ad965b7e7480a5ca5b6fe74e101c400c77392ee4419ad788f494230487811046f21f0f9665dfbaa9e94ed305a02e3fa47039e67dde19f89c8f1741aad752cdfe458ddf54e8fc10ff79b5", 0x1b9}], 0x3)
sendto$inet(r4, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78600453f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf9071a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27)

[  279.472874][   T28] audit: type=1800 audit(1591742649.782:7): pid=10666 uid=0 auid=0 ses=4 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=15833 res=0
[  279.510230][   T28] audit: type=1804 audit(1591742649.802:8): pid=10666 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir432885801/syzkaller.Vcm8cx/23/file0" dev="sda1" ino=15833 res=1
[  279.537571][T10666] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1)
[  279.546887][T10666] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  279.596789][   T28] audit: type=1800 audit(1591742649.802:9): pid=10666 uid=0 auid=0 ses=4 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=15833 res=0
[  279.710155][T10673] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1)
[  279.725701][T10673] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  279.735527][   T28] audit: type=1800 audit(1591742649.962:10): pid=10666 uid=0 auid=0 ses=4 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=15833 res=0
22:44:10 executing program 3:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="38010000100001050000000000000001048800000000000000000000000000017f00000100000000000000ac5d00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000006c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000000000000000480003006465666c617465"], 0x138}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x80000010008, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup2(r4, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)

22:44:10 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8c}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000001000)=[{{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=""/77, 0x4d}, 0x9}, {{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000880)=""/176, 0xb0}, {&(0x7f0000000940)=""/166, 0xa6}, {&(0x7f0000000f40)=""/159, 0x9f}], 0x3}, 0xfff}, {{&(0x7f0000000ac0)=@ax25={{0x3, @rose}, [@netrom, @netrom, @bcast, @bcast, @null, @default, @remote, @bcast]}, 0x80, &(0x7f0000000dc0)=[{&(0x7f0000001500)=""/4096, 0x1000}, {&(0x7f0000000440)}, {&(0x7f0000000c40)=""/111, 0x6f}, {&(0x7f0000000cc0)=""/112, 0x70}, {&(0x7f0000000d40)=""/85, 0x55}], 0x5, &(0x7f0000000540)=""/48, 0x30}, 0x5}], 0x4, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000100)={0x0, 0x5})
syz_genetlink_get_family_id$nl80211(&(0x7f0000003240)='nl80211\x00')
sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000300), 0xc, &(0x7f0000000380)={&(0x7f0000000e40)=ANY=[@ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="000000000000000000001b000000", @ANYBLOB="d5e4060636d829791ad4b221a38510fb0cb3299783bfdc2a273327b6b66a3efaf6acf4e9e80a04dfbd9dde56ba4f8ffaed0ab327215967a74233f5e5f73b294f94cf8121b56f219ab391e769b318f39434211c9107b08fe2c1776c2f13bb8444c761a0971747c96c3972627ac3c3d114d777dfc11a67a0c55da96e3f14ed47c67f8e95cb7e8b54700e05d4ba948fd77eac86fedd4af0a28fba74badf5ef9d3"]}, 0x1, 0x0, 0x0, 0x24004001}, 0x24048055)
sched_setattr(0x0, &(0x7f00000002c0)={0x38, 0x1, 0x0, 0x0, 0x3}, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
lseek(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)
bind$inet(r4, &(0x7f0000000280)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000600)=0xda6, 0x4)
writev(r4, &(0x7f0000000780)=[{&(0x7f0000000100)="dff548771d77ce8786aca76dda6fb054ab8ea73799d7293eda90ba41a2db81fab55b5415692300a8e64bca2f60e1717f85f06a6bbca90f392b04f34940db7ffccc33ed6ea82296de9683c9e360cd1c477304bd8f9bd74d44a4c7d1c7e625a86cd54b72c5745f475a772b84977a6b05381dbe6259bc510f0f70c3e9946a78c7b5a19e97447799d930f9623b", 0x8b}, {&(0x7f00000001c0)="96431fb1cb119741590ad657dc5e5ce3e5fe9f1f639e6a18bc7b6c1d0b424eb306f34cf2429c62c0fdefbae36740a7169721af852826d7f14b6cae8af86507ff78a1dda991aea5952f43e7e0146a3c035f0113d617240e8940c60cdf3400193bbe3a0c0b1eae5799db27b4ee9c13475210defa4dac9d784e0c89135b82b321f8e43d7a5db9ab1bfd319f472a94", 0x8d}, {&(0x7f0000001340)="f15c93cb35c215fe339d1e9060c5b23e77cb58a87329a00288504db389cc6e395885fa906ac30eeae99fa388c31b5717e641e1586a90961b5f99b26c939d944f6cb1cf6817b7e51402a8459f9db642e97d3c05db56250a665d3ff188eb47e5b036d508aa5a5796fb8806b6a41487e0bfc3df087c18269bd7d2f477104c5d5db497ceaf3e1b11a5d63a2b7035dc69fa701f3b46fe701880800a7d38dccd4b3e8014aa15c96968359533ce2c5ffdd5f0d3297018bd7c025150940cdead92eb1e6bc6ba45eecf067b32425b6000b2f376ef9172426ae7fa97e5a84ef4dc540bbf5dd458ffcb75724135bd32fa04db6d6a75aedda7ab6e8501fc94e209dc3b2525ae24c954255d3247ca9c1b9525ce68179a52a87333aa2b0a8c1baa6ba6160c6d2018e67bac5402d0d89c5f798b8d1a87b0dc3306f546c61724530d9f4b6f0ee68677c7b261de5afa02d708a8ec979791de8f4831cc354ba453bc253e2435207f25494a594d4e5be39902358d362cb318ad965b7e7480a5ca5b6fe74e101c400c77392ee4419ad788f494230487811046f21f0f9665dfbaa9e94ed305a02e3fa47039e67dde19f89c8f1741aad752cdfe458ddf54e8fc10ff79b5", 0x1b9}], 0x3)
sendto$inet(r4, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78600453f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27)

22:44:10 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:10 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000001080)=ANY=[@ANYBLOB="bf07003eff00005cc600a39d6e24fdc34f0cdf638edd53602a6f740dc96d902155d6c714279746c3bb068d4bf95303a6622da6071c874be983d4774e392c4b4908c69a6e8984ae5c9f629c45635e9f0c1c3f413c298e4f9ab71a537bb803f4"])
ioctl$KVM_RUN(r2, 0xae80, 0x0)
write(0xffffffffffffffff, &(0x7f0000000600)="bb8f9f640903127a53527c6fbfe65d43b0e0586f2d40c7e7df58cac83420e83662d6e39bb6d5430622431454eedeeaee423d8f210bc3525fa7927c18d5fbc91ab13c2041136047d8da9375934d00f325499bfe7712208d387d41c31821c2a22d1325b556528e9b790b74053d1ed631c6ec8126d37c87216173138c00cef396868029af5b76bebac5e38b74d8bbc6ae66b6e202b6d505710377710ea7d43edf00e1a4c1c670bb4c263ce777da81abdd5ba5a5c82f67232f9b4d6f21b2e6afa8b38e4642b0daa2acbc0478d89b88e8b2094d4248855e5e81992e60be3afff0f3c3799350615489a901a659abdeca0c615a622ebf64175f990320e0356d4a11ed62eff72b709c23dd65942e8b534d7d775d370c1e435654a2634e6ee3649c4c3bcbe39e866f1eb9972af1a9cef42e701798a53dc92a242aadbac343e1765cf8ea5665e22deda69777e52b1e9e5d3edc022256939e1eee013448294911139d5b9c6241049fecdf9b31f4cdf6cff65d71b5071ef70e1798347c8846aa5b905e83050e3e606986ed3f603d18c5cdeb11cda1ce3abddea9376231af130e19fc7601ec1ab8cb5a7de9e2174547f18225b09a54fc8720dbb91eb69c1be88e601c3c9df4f2758f39a5151951b9c6dbb419ffd783a34c9fad10f201b8724d31865e2fc1fcf48db2be713053b43a0e3943c1e2b08e8a26e946c439d891db2a80b5ffa054bc8d0177d3214056250c61a537d2ec7630fb90395df2cd6aa9c5e573365db580520bdc3f1c6b2be992e1516a4b810a11935dc780699e461d9715f70c6d103ff49bf168f3cff4c0d0d6ba5671fcd2975450b0e1a3474139cb0f2d3476fcd87a8bccbeb2f5f8a821017b879aa5b9d1fafa9f4c429a74cd2da782114d97bf031746a817dd0293c4eddc3a9ecb5afe496f4971474ccd827449409f07cf94dda2e7dbe8520b5afff10a7e3b0b4289a167fc692635b5b7426d9e771b95860b09a3e752c867213c772e48ba30a78feecc7ff26e63e1749c62b52d377ac5cc52db830c965e04ccfcfb24ceacc69cfdc2094124dd27b2d68f699476a2562bab1de117ffc2b0702ee8b0b77f85fecec3a25b37ab7eb06232c9a73b4470f1727c82581d81942abf42d3ea37957927ad3dbd0ebe46678a9f4d25c47acaac83c14210a54b71fed40df017e2be27f01e3e6ea3ea381ca14efd202858e6535ad4f79a8cdf47e385b740a70c14e3651731a45cc0ca4a56f2e903cad0384efcc364caf67e09551d35c682ebc90a9286c4d274ba1b8ced742ede4e55a62db7ef9a96fde2add05b41599fd72a79ba280cc125cb266ef21b7eeafe3ee6aa78eef33fc66454549c3ec298cb683a55a32208cf6ce88b560166159d59e65f30540f62c5437652ea7f2a02f87ca242dd2250f58e75938a9a3ded51ae6598c2aba53287ff5cdaab17be7f4310f8e07e310d52778de79e1c2e4391b254be38910aa1cf6e1ca0e75d24be97d59f7025f16c6fbd549529b74e319c58f50438765ef0e3dc394eeb75dec41b3d80435b17520c97f5cd7ee692fb86d188fb0089fbf737dc1b96b9cc49be23a38a8cd92e5075f349993d7866369dd25eccbe1481477a05fee14e0edd1617921d7fcaa8fdc642e63b64388fa5b63442ff1466b1938d02546750b01ed9c980282ccbe10f204741249aed88c555ed6fdf7f68af9209807a71bbf4f31bef5a4223466da74ba8b034df529aef6ec6610a0d25973961e50e02af22d0ca8be1b9804a5918acbdb536e8f2f441ec9d640ed15133ee747440c86fc4526c9195954528673d25c8390170f3c19cb0b0c30b9e634c7ebae96946ae97c19eabca92226da925d22be37abbe0740938ea899ec42fd529a3b1063981e4c154219df5cf5af60a29b5a8ee530905725a14b28900eae937e705401ba8f632a7bca00d9724a992afdc9ed14aac71b8e3a7ee5ca095888feb195b4e083c3b611a1c2f8d092febe3b9f5f0df61e8d3c31a643c935b76bc1ad4265164e755484beb06610510bc51e8c6da8d71123bbe83a5e4128f41cf5c486d6a60496c300c406f990bee485cbdef794f2663ee66d2b18d8e55210c25c04b1a0c6d9c5f904e72806d2d4f5e5439bcdf146343cdffe4d0d70d42a9959cff9bd50c37cd478b0b0add16aae4dc839b46bca2ac7547144b6a422aed5e2db661bcb31a82bc0fc678e71a6cb090ef772860f3008b4152b5d281033be4a77b367baec3ab8ce7c83c601b11c8199bafcd15161a5454a6a982dbc3c2e3a5172b6a63e4904817075754eccbb0188c9cb2e5da9600f567485014887463b40f189b7ec3c5c0f36d502509e402c285765c78417ce6b3aab130ee79622dcd8ada842233e73a14554ee5e4995e32b3fe4075e247eb9bdeef64d1a7436c9b5782fb2f84f74e4c6e976289729c37b5bb8200a9480d181a6b11f5ec229b818134b8334967ae935ac1d81be4776fae4cb68b6fa330e93bd8de388b38455d569159bcd166df030a6dfedf28caf4608de7243f5df2c76f6680c301d819dc67d24d2f780432a931700a253b0a5b075195c6dbfd1fe17a1c11a3dffa872a07b877adc66d069fffb6d8326e1998c5a337c3d530250cae335ceffcf81dc438a47e73490d050a053813dbe6674e42c91ae94b4a88144f36adc1b08b4bcd6ddf4058c4e08d4dc83d5fbd843ee27eaf50b297c220350260d9abbeeb6deb921e50cae0ea590cfb6f00fb3c71520f565bb769705e2481ef27cf537d29f163c9fe3d39ed9fd18dc8b0c976cd302283e430807a9d751357f89092532d89fe280c69ad36e3541b5da9dea13fd19d0434c760fe295dfd9b9e63453c7853914c50b1b77ccd4b33c8b1f31fcb1aec040ffe2f9d728d8ea84297bac2e22230ebd1488c503b05b2e433cc37ce9fc123b7d3eb244b4549e9a841e73b664c8f6621ea5a4c9ff9c1da032255311f2c063a682baf4c97e7ba552bf71af4bd64f43872b846d15c65c487089be272cfa24a33f8c50930ea0bc4b089505fb8e9e688d35a978813c38add66548d7575727ded0e7e64a5ce897da6b940df4c3dddb8b4871d773f6ebf02058518c55c19aadb0f266caf18777ae68d2bfcfb2225961fcd10538ba664fd053a443320072707533ab761b9397bd0559126b84fe9196463ae50633017ea2d80940311d9c867102b1017f34af1965d8eb61be616a0d40656e2bbb750aee6f74f788c8acb2578e8686f5f8da6a19e979c152b7ee7c7f16902120588e2ff630144b5f929ffc593e946d9717c5968aa16c2d73d689fb5cce117acda3e23e5e0116de1cb6bddfa1a84cefb22c1e2c3753017696f27b9aec5d44f15411247643b84dd4410e784b4eb5b9c68fea671976f9b51c6526e2ddb40659611b0b3bcc7e249c77396fdb8c864ea9318f9de7fd3936fcbdc732c2f8b9556ec9afeb15d5e2df890351d66074d53dddc6e8dba8c91d733623ac95a49eb69c7de37ff2364ccddb01f6500750a012c2acf32a9f6bbd9e92d17ef858fbc34575db414ea42ad87a65b11ae5506469db256c421328f45aec73bdf18562447dc2840bbe9fc84dedd0fe6276fa174f21210d40193530ec7a70a9e60bfd6b00cba4d483be59950f16fa0dbd089b5fd0bb078badfcf42270cc62fe37be22b0d81f755263d74636fa466d2574ca62b58c649936d21e949de73ea45df3acade6609413f56fc218d6f11947bf1fd629d38d8acce90ee3c1a51117601ae126bec537e3e76ce7ecc53", 0xa56)

22:44:10 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1, &(0x7f0000000140)=[{&(0x7f00000002c0)="25bca274769e620a2734fa0095e0612687ecb86a548802a902000000000000004e2f98b579a782d270146d0e0206e73ba8c63cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000040)={[{@debug_want_extra_isize={'debug_want_extra_isize'}}]})

22:44:10 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:10 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000001000)=[{{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=""/77, 0x4d}, 0x9}, {{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000880)=""/176, 0xb0}, {&(0x7f0000000940)=""/166, 0xa6}, {&(0x7f0000000f40)=""/159, 0x9f}], 0x3}, 0xfff}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000001500)=""/4096, 0x1000}, {&(0x7f0000000440)}, {&(0x7f0000000c40)=""/111, 0x6f}, {&(0x7f0000000cc0)=""/112, 0x70}], 0x4, &(0x7f0000000540)=""/48, 0x30}, 0x5}], 0x4, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000340)={@rand_addr=' \x01\x00', 0x0, 0x2}, 0x0)
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000100))
syz_genetlink_get_family_id$nl80211(&(0x7f0000003240)='nl80211\x00')
sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24004001}, 0x0)
sched_setattr(0x0, &(0x7f00000002c0)={0x38, 0x1, 0x0, 0x0, 0x3}, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
lseek(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)
bind$inet(r4, &(0x7f0000000280)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000600)=0xda6, 0x4)
writev(r4, &(0x7f0000000780)=[{&(0x7f0000000100)="dff548771d77ce8786aca76dda6fb054ab8ea73799d7293eda90ba41a2db81fab55b5415692300a8e64bca2f60e1717f85f06a6bbca90f392b04f34940db7ffccc33ed6ea82296de9683c9e360cd1c477304bd8f9bd74d44a4c7d1c7e625a86cd54b72c5745f475a772b84977a6b05381dbe6259bc510f0f70c3e9946a78c7b5a19e97447799d930f9623b", 0x8b}, {&(0x7f00000001c0)="96431fb1cb119741590ad657dc5e5ce3e5fe9f1f639e6a18bc7b6c1d0b424eb306f34cf2429c62c0fdefbae36740a7169721af852826d7f14b6cae8af86507ff78a1dda991aea5952f43e7e0146a3c035f0113d617240e8940c60cdf3400193bbe3a0c0b1eae5799db27b4ee9c13475210defa4dac9d784e0c89135b82b321f8e43d7a5db9ab1bfd319f472a94", 0x8d}, {&(0x7f0000001340)="f15c93cb35c215fe339d1e9060c5b23e77cb58a87329a00288504db389cc6e395885fa906ac30eeae99fa388c31b5717e641e1586a90961b5f99b26c939d944f6cb1cf6817b7e51402a8459f9db642e97d3c05db56250a665d3ff188eb47e5b036d508aa5a5796fb8806b6a41487e0bfc3df087c18269bd7d2f477104c5d5db497ceaf3e1b11a5d63a2b7035dc69fa701f3b46fe701880800a7d38dccd4b3e8014aa15c96968359533ce2c5ffdd5f0d3297018bd7c025150940cdead92eb1e6bc6ba45eecf067b32425b6000b2f376ef9172426ae7fa97e5a84ef4dc540bbf5dd458ffcb75724135bd32fa04db6d6a75aedda7ab6e8501fc94e209dc3b2525ae24c954255d3247ca9c1b9525ce68179a52a87333aa2b0a8c1baa6ba6160c6d2018e67bac5402d0d89c5f798b8d1a87b0dc3306f546c61724530d9f4b6f0ee68677c7b261de5afa02d708a8ec979791de8f4831cc354ba453bc253e2435207f25494a594d4e5be39902358d362cb318ad965b7e7480a5ca5b6fe74e101c400c77392ee4419ad788f494230487811046f21f0f9665dfbaa9e94ed305a02e3fa47039e67dde19f89c8f1741aad752cdfe458ddf54e8fc10ff79b5", 0x1b9}], 0x3)
sendto$inet(r4, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78600453f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf9071a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27)

[  280.238848][T10685] EXT4-fs (loop1): Invalid want_extra_isize 0
[  280.454431][T10696] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  280.498882][T10696] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  280.511358][T10696] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  280.522158][T10696] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  280.535749][T10706] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  280.544361][T10706] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  280.555965][T10706] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  280.566532][T10696] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  280.601205][T10706] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  280.618698][T10706] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
22:44:11 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:11 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:11 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:11 executing program 3:
r0 = open(0x0, 0x0, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[], 0x80}}, 0x20004010)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
fcntl$setpipe(r2, 0x407, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS3\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000180)={0x0, <r3=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x8030000}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0)

[  281.048530][T10719] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
22:44:11 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
r4 = fcntl$dupfd(r0, 0x0, r1)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000280)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f8000003000000300300009802000000000000000000000000000000000000980200009802000098070000980200009802000003008000000000000000000000000000e00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000800000000000002726f7365300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000fb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff0000000000000000000000000300000007000000000000000000000000000000480043540000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000100000000000000000000000000000000ee00000000000000000000000000000000000000000000000000000000000000000000000000200000000000000500000000000400000000000000000000000000000070009000000000000000000000000000000000000000010020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000001000000990000000000002800000000000000000000000000000000000000000000000000000000000000feffffff"], 0x1)
syz_emit_ethernet(0x2a, &(0x7f00000000c0)={@local, @random="8dcf15df87c6", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @dev, @dev}, {0x0, 0x0, 0x8}}}}}, 0x0)

[  281.165062][T10719] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  281.216430][T10719] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  281.237638][T10719] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:44:11 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  281.269129][T10727] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  281.277866][T10727] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  281.288206][T10727] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  281.298436][T10727] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  281.314772][T10719] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  281.325323][T10727] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  281.382508][T10740] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  281.392993][T10740] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  281.403622][T10740] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  281.413847][T10740] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  281.438733][T10740] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[  281.467389][T10740] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended
[  281.478890][T10740] EXT4-fs (loop1): re-mounted. Opts: (null)
22:44:11 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')

22:44:11 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:12 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000001000)=[{{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=""/77, 0x4d}, 0x9}, {{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000880)=""/176, 0xb0}, {&(0x7f0000000940)=""/166, 0xa6}, {&(0x7f0000000f40)=""/159, 0x9f}], 0x3}, 0xfff}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000001500)=""/4096, 0x1000}, {&(0x7f0000000440)}, {&(0x7f0000000c40)=""/111, 0x6f}, {&(0x7f0000000cc0)=""/112, 0x70}], 0x4, &(0x7f0000000540)=""/48, 0x30}, 0x5}], 0x4, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000340)={@rand_addr=' \x01\x00', 0x0, 0x2}, 0x0)
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000100))
syz_genetlink_get_family_id$nl80211(&(0x7f0000003240)='nl80211\x00')
sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24004001}, 0x0)
sched_setattr(0x0, &(0x7f00000002c0)={0x38, 0x1, 0x0, 0x0, 0x3}, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
lseek(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)
bind$inet(r4, &(0x7f0000000280)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000600)=0xda6, 0x4)
writev(r4, &(0x7f0000000780)=[{&(0x7f0000000100)="dff548771d77ce8786aca76dda6fb054ab8ea73799d7293eda90ba41a2db81fab55b5415692300a8e64bca2f60e1717f85f06a6bbca90f392b04f34940db7ffccc33ed6ea82296de9683c9e360cd1c477304bd8f9bd74d44a4c7d1c7e625a86cd54b72c5745f475a772b84977a6b05381dbe6259bc510f0f70c3e9946a78c7b5a19e97447799d930f9623b", 0x8b}, {&(0x7f00000001c0)="96431fb1cb119741590ad657dc5e5ce3e5fe9f1f639e6a18bc7b6c1d0b424eb306f34cf2429c62c0fdefbae36740a7169721af852826d7f14b6cae8af86507ff78a1dda991aea5952f43e7e0146a3c035f0113d617240e8940c60cdf3400193bbe3a0c0b1eae5799db27b4ee9c13475210defa4dac9d784e0c89135b82b321f8e43d7a5db9ab1bfd319f472a94", 0x8d}, {&(0x7f0000001340)="f15c93cb35c215fe339d1e9060c5b23e77cb58a87329a00288504db389cc6e395885fa906ac30eeae99fa388c31b5717e641e1586a90961b5f99b26c939d944f6cb1cf6817b7e51402a8459f9db642e97d3c05db56250a665d3ff188eb47e5b036d508aa5a5796fb8806b6a41487e0bfc3df087c18269bd7d2f477104c5d5db497ceaf3e1b11a5d63a2b7035dc69fa701f3b46fe701880800a7d38dccd4b3e8014aa15c96968359533ce2c5ffdd5f0d3297018bd7c025150940cdead92eb1e6bc6ba45eecf067b32425b6000b2f376ef9172426ae7fa97e5a84ef4dc540bbf5dd458ffcb75724135bd32fa04db6d6a75aedda7ab6e8501fc94e209dc3b2525ae24c954255d3247ca9c1b9525ce68179a52a87333aa2b0a8c1baa6ba6160c6d2018e67bac5402d0d89c5f798b8d1a87b0dc3306f546c61724530d9f4b6f0ee68677c7b261de5afa02d708a8ec979791de8f4831cc354ba453bc253e2435207f25494a594d4e5be39902358d362cb318ad965b7e7480a5ca5b6fe74e101c400c77392ee4419ad788f494230487811046f21f0f9665dfbaa9e94ed305a02e3fa47039e67dde19f89c8f1741aad752cdfe458ddf54e8fc10ff79b5", 0x1b9}], 0x3)
sendto$inet(r4, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78600453f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf9071a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27)

[  281.507384][T10740] EXT4-fs (loop1): re-mounted. Opts: (null)
[  281.550657][T10727] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  281.590135][T10727] EXT4-fs (loop0): re-mounted. Opts: (null)
[  281.661742][T10727] EXT4-fs (loop0): re-mounted. Opts: (null)
[  281.693539][T10750] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  281.745039][T10752] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  281.762499][T10750] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  281.804184][T10752] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  281.823314][T10750] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  281.824857][T10752] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  281.833282][T10750] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:44:12 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  281.854011][T10750] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
22:44:12 executing program 4:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000040)='proc\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
renameat2(r0, &(0x7f00000000c0)='./bus\x00', r1, &(0x7f0000000080)='./bus\x00', 0x0)

[  281.993885][T10752] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  282.014394][T10752] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
22:44:12 executing program 4:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
mount$fuse(0x20000000, &(0x7f0000000080)='./file0\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000500)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000002c0)='cgroup.procs\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$cgroup_pid(r1, &(0x7f0000000600), 0x12)

22:44:12 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')

22:44:12 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:12 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:12 executing program 3:
r0 = open(0x0, 0x0, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[], 0x80}}, 0x20004010)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
fcntl$setpipe(r2, 0x407, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS3\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000180)={0x0, <r3=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x8030000}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0)

[  282.377300][T10776] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  282.393445][T10777] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  282.399805][T10786] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  282.410353][T10786] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  282.420952][T10786] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  282.434014][T10786] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  282.445914][T10776] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  282.453335][T10777] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  282.456058][T10776] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  282.475517][T10776] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  282.498690][T10786] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  282.516489][T10776] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
22:44:12 executing program 4:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
mount$fuse(0x20000000, &(0x7f0000000080)='./file0\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000500)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000002c0)='cgroup.procs\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$cgroup_pid(r1, &(0x7f0000000600), 0x12)

22:44:12 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  282.526584][T10777] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  282.561147][T10786] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended
[  282.580720][T10777] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  282.603661][T10786] EXT4-fs (loop5): re-mounted. Opts: (null)
[  282.625273][T10795] EXT4-fs (loop5): re-mounted. Opts: (null)
22:44:13 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')

22:44:13 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000001000)=[{{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=""/77, 0x4d}, 0x9}, {{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000880)=""/176, 0xb0}, {&(0x7f0000000940)=""/166, 0xa6}, {&(0x7f0000000f40)=""/159, 0x9f}], 0x3}, 0xfff}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000001500)=""/4096, 0x1000}, {&(0x7f0000000440)}, {&(0x7f0000000c40)=""/111, 0x6f}, {&(0x7f0000000cc0)=""/112, 0x70}], 0x4, &(0x7f0000000540)=""/48, 0x30}, 0x5}], 0x4, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000340)={@rand_addr=' \x01\x00', 0x0, 0x2}, 0x0)
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000100))
syz_genetlink_get_family_id$nl80211(&(0x7f0000003240)='nl80211\x00')
sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24004001}, 0x0)
sched_setattr(0x0, &(0x7f00000002c0)={0x38, 0x1, 0x0, 0x0, 0x3}, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
lseek(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)
bind$inet(r4, &(0x7f0000000280)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000600)=0xda6, 0x4)
writev(r4, &(0x7f0000000780)=[{&(0x7f0000000100)="dff548771d77ce8786aca76dda6fb054ab8ea73799d7293eda90ba41a2db81fab55b5415692300a8e64bca2f60e1717f85f06a6bbca90f392b04f34940db7ffccc33ed6ea82296de9683c9e360cd1c477304bd8f9bd74d44a4c7d1c7e625a86cd54b72c5745f475a772b84977a6b05381dbe6259bc510f0f70c3e9946a78c7b5a19e97447799d930f9623b", 0x8b}, {&(0x7f00000001c0)="96431fb1cb119741590ad657dc5e5ce3e5fe9f1f639e6a18bc7b6c1d0b424eb306f34cf2429c62c0fdefbae36740a7169721af852826d7f14b6cae8af86507ff78a1dda991aea5952f43e7e0146a3c035f0113d617240e8940c60cdf3400193bbe3a0c0b1eae5799db27b4ee9c13475210defa4dac9d784e0c89135b82b321f8e43d7a5db9ab1bfd319f472a94", 0x8d}, {&(0x7f0000001340)="f15c93cb35c215fe339d1e9060c5b23e77cb58a87329a00288504db389cc6e395885fa906ac30eeae99fa388c31b5717e641e1586a90961b5f99b26c939d944f6cb1cf6817b7e51402a8459f9db642e97d3c05db56250a665d3ff188eb47e5b036d508aa5a5796fb8806b6a41487e0bfc3df087c18269bd7d2f477104c5d5db497ceaf3e1b11a5d63a2b7035dc69fa701f3b46fe701880800a7d38dccd4b3e8014aa15c96968359533ce2c5ffdd5f0d3297018bd7c025150940cdead92eb1e6bc6ba45eecf067b32425b6000b2f376ef9172426ae7fa97e5a84ef4dc540bbf5dd458ffcb75724135bd32fa04db6d6a75aedda7ab6e8501fc94e209dc3b2525ae24c954255d3247ca9c1b9525ce68179a52a87333aa2b0a8c1baa6ba6160c6d2018e67bac5402d0d89c5f798b8d1a87b0dc3306f546c61724530d9f4b6f0ee68677c7b261de5afa02d708a8ec979791de8f4831cc354ba453bc253e2435207f25494a594d4e5be39902358d362cb318ad965b7e7480a5ca5b6fe74e101c400c77392ee4419ad788f494230487811046f21f0f9665dfbaa9e94ed305a02e3fa47039e67dde19f89c8f1741aad752cdfe458ddf54e8fc10ff79b5", 0x1b9}], 0x3)
sendto$inet(r4, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78600453f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf9071a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27)

[  282.695243][T10777] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
22:44:13 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')

[  282.820400][T10803] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  282.842047][T10803] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:44:13 executing program 4:
perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)

22:44:13 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')

[  282.862585][T10803] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  282.877850][T10803] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  282.893214][T10803] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
22:44:13 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  283.110081][T10822] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  283.119076][T10822] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  283.120775][T10818] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  283.129138][T10822] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  283.147117][T10822] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:44:13 executing program 3:
r0 = open(0x0, 0x0, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[], 0x80}}, 0x20004010)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
fcntl$setpipe(r2, 0x407, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS3\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000180)={0x0, <r3=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x8030000}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0)

[  283.157945][T10822] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  283.199134][T10822] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended
[  283.218174][T10818] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  283.264992][T10822] EXT4-fs (loop5): re-mounted. Opts: (null)
[  283.273289][T10818] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  283.312506][T10818] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:44:13 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)

[  283.357029][T10835] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
22:44:13 executing program 4:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
sendmmsg(r0, &(0x7f0000000b80)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc008088)
syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
add_key(0x0, &(0x7f00000000c0)={'syz', 0x3}, &(0x7f0000000680), 0x0, 0x0)

[  283.406456][T10818] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[  283.438455][T10835] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:44:13 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  283.492892][T10835] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  283.502992][T10835] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  283.522701][T10844] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[  283.541671][T10835] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
22:44:13 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  283.593204][T10849] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  283.601966][T10849] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  283.612112][T10849] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:44:14 executing program 4:
r0 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00000001c0), 0xfa)
sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x18, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
sendmsg$key(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0)

[  283.646701][T10849] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  283.675774][T10849] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
22:44:14 executing program 2:
syz_emit_ethernet(0x2a, &(0x7f0000000380)={@multicast, @local, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @rand_addr, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x0, 0x0, 0x0, @multicast1}}}}}, 0x0)

22:44:14 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)

[  283.820807][T10859] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  283.843513][T10859] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  283.887390][T10859] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  283.901476][T10866] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  283.911069][T10866] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:44:14 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000040)={0x79})

[  283.930177][T10859] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  283.935063][T10866] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  283.960907][T10859] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[  283.966591][T10866] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  283.983274][T10875] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  283.992472][T10866] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  284.006353][T10875] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:44:14 executing program 3:
pipe(&(0x7f0000000140))
r0 = syz_open_dev$sg(&(0x7f0000000340)='/dev/sg#\x00', 0x0, 0x20402)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000140)="ae88bff824f400005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8b38c43b460e462924fbe031bf818413dee5413a6dfc1350afd91f137cbf87e3646d79b0b7c7b4c30fe1b0474aabceb9c87b4b7ce21c0fc8fafe4f6a1c7065c80838a0e60d2e69e5e397a223314aad036", 0x76}], 0x1)
pipe(&(0x7f00000000c0))
perf_event_open(&(0x7f00000002c0)={0x2, 0x70, 0xa4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)

[  284.043839][T10875] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  284.054204][T10875] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  284.068126][T10875] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
22:44:14 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:14 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:14 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:14 executing program 4:
perf_event_open(&(0x7f00000002c0)={0x2, 0x70, 0xa4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = epoll_create1(0x0)
r1 = timerfd_create(0x0, 0x0)
dup3(r1, r0, 0x0)

[  284.133733][T10875] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended
[  284.141987][T10887] sg_write: data in/out 62464/72 bytes for SCSI command 0x2a-- guessing data in;
[  284.141987][T10887]    program syz-executor.3 not setting count and/or reply_len properly
[  284.174032][T10875] EXT4-fs (loop5): re-mounted. Opts: (null)
22:44:14 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  284.211225][T10892] sg_write: data in/out 62464/72 bytes for SCSI command 0x2a-- guessing data in;
[  284.211225][T10892]    program syz-executor.3 not setting count and/or reply_len properly
22:44:14 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000340)='/dev/sg#\x00', 0x0, 0x20402)
writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000140)="ae88bff824f400005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8b38c43b460e462924fbe031bf818413dee5413a6dfc1350afd91f137cbf87e3646d79b0b7c7b4c30fe1b0474aabceb9c", 0x56}, {&(0x7f0000000000)="2fb5853826e1df12d49f6b63d3e0245c22dab3c1ef2332da82484568aa94984ffa90db965cc0587fb0a3", 0x2a}], 0x2)

[  284.404764][T10901] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  284.422026][T10901] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  284.432865][T10901] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  284.447780][T10908] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  284.450611][T10901] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  284.470158][T10914] sg_write: data in/out 62464/40 bytes for SCSI command 0x2a-- guessing data in;
[  284.470158][T10914]    program syz-executor.3 not setting count and/or reply_len properly
[  284.491045][T10908] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:44:14 executing program 4:
pipe(&(0x7f0000000140))
syz_open_dev$sg(&(0x7f0000000340)='/dev/sg#\x00', 0x0, 0x0)
pipe(&(0x7f00000000c0))
perf_event_open(&(0x7f00000002c0)={0x2, 0x70, 0xa4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)

[  284.504636][T10908] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  284.521549][T10917] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  284.534107][T10917] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  284.551572][T10901] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  284.567274][T10908] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:44:14 executing program 3:

[  284.615277][T10917] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  284.641051][T10908] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
22:44:15 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  284.673599][T10917] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:44:15 executing program 3:

22:44:15 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:15 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  284.747352][T10917] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
22:44:15 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:15 executing program 3:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

[  284.882728][T10936] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  284.916524][T10942] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
22:44:15 executing program 4:
pipe(&(0x7f0000000140))
syz_open_dev$sg(&(0x7f0000000340)='/dev/sg#\x00', 0x0, 0x0)
pipe(&(0x7f00000000c0))
perf_event_open(&(0x7f00000002c0)={0x2, 0x70, 0xa4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)

[  284.926063][T10942] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  284.926445][T10936] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  284.936227][T10942] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  284.956558][T10942] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  284.967822][T10936] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:44:15 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r0)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  284.978257][T10936] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  284.997364][T10936] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  285.011287][T10942] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  285.130431][T10956] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  285.151936][T10956] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:44:15 executing program 4:

22:44:15 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  285.176194][T10956] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  285.197493][T10956] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  285.210168][T10956] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
22:44:15 executing program 3:

22:44:15 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r0)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  285.280941][T10956] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended
[  285.305720][T10956] EXT4-fs (loop1): re-mounted. Opts: (null)
22:44:15 executing program 4:

[  285.337021][T10956] EXT4-fs (loop1): re-mounted. Opts: (null)
22:44:15 executing program 4:

[  285.437964][T10965] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  285.473827][T10965] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  285.531544][T10977] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  285.540991][T10965] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  285.556853][T10977] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  285.567458][T10977] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  285.577888][T10977] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  285.583393][T10965] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  285.596152][T10977] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  285.629700][T10985] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended
[  285.638335][T10983] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  285.648283][T10983] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  285.659550][T10983] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  285.681015][T10983] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  285.730090][T10985] EXT4-fs (loop5): re-mounted. Opts: (null)
[  285.743420][T10965] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  285.774844][T10983] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
22:44:16 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:16 executing program 4:

22:44:16 executing program 3:

22:44:16 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r0)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:16 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r0)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:16 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r0)

22:44:16 executing program 3:

22:44:16 executing program 4:

22:44:16 executing program 4:

22:44:16 executing program 3:

[  286.155549][T11001] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  286.206371][T11001] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  286.252538][T11008] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  286.280873][T11012] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  286.297912][T11001] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:44:16 executing program 3:

[  286.335171][T11008] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  286.366143][T11012] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:44:16 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

[  286.386204][T11001] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  286.399835][T11008] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  286.410314][T11008] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:44:16 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r0)

22:44:16 executing program 4:

[  286.433491][T11008] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  286.434890][T11012] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:44:16 executing program 3:

[  286.476726][T11001] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  286.482841][T11012] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  286.500338][T11012] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
22:44:16 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r0)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:16 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r0)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:17 executing program 4:

22:44:17 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)

22:44:17 executing program 3:

[  286.783941][T11031] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
22:44:17 executing program 4:

[  286.884558][T11031] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  286.903139][T11041] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  286.966764][T11031] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  286.987840][T11041] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:44:17 executing program 3:

[  287.027289][T11031] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  287.042807][T11053] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  287.052054][T11041] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  287.094793][T11053] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  287.111446][T11031] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  287.128624][T11041] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:44:17 executing program 4:

22:44:17 executing program 3:

[  287.160953][T11053] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:44:17 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r0)

22:44:17 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)

[  287.202463][T11041] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  287.236826][T11053] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:44:17 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  287.324525][T11053] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
22:44:17 executing program 4:

22:44:17 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:17 executing program 3:

[  287.518272][T11070] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  287.527021][T11070] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  287.551123][T11070] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:44:17 executing program 4:

[  287.566518][T11075] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  287.572038][T11070] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  287.603375][T11070] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
22:44:17 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)

[  287.618128][T11075] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:44:18 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0x16)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
r1 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000100)={{{@in=@local, @in=@private, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x3c}, 0x0, @in=@local, 0x0, 0x0, 0x0, 0x89}}, 0xe8)
sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

22:44:18 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  287.676483][T11075] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:44:18 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x70, 0x7e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)

[  287.728962][T11086] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  287.738009][T11086] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  287.748202][T11086] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  287.758382][T11086] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  287.762428][T11075] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  287.780766][T11086] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[  287.845692][T11075] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
22:44:18 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:18 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:18 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x16}, &(0x7f0000000100)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000100)={'\x00', 0x2})
preadv(r1, &(0x7f0000000000)=[{&(0x7f0000000ec0)=""/202, 0x20031ec0}], 0x1, 0x0)
dup2(0xffffffffffffffff, r1)

[  288.016989][T11106] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  288.027951][T11106] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  288.038319][T11106] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  288.048761][T11106] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  288.063623][T11106] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
22:44:18 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

[  288.109212][T11110] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended
[  288.192701][T11110] EXT4-fs (loop5): re-mounted. Opts: (null)
[  288.224806][T11115] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
22:44:18 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  288.262100][T11115] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  288.272439][T11115] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  288.282932][T11115] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  288.294281][T11115] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  288.311513][T11115] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
22:44:18 executing program 3:
perf_event_open(&(0x7f0000000340)={0x2, 0x70, 0x7e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgctl$MSG_INFO(0x0, 0xc, &(0x7f0000000100)=""/171)

[  288.374974][T11115] EXT4-fs (loop0): re-mounted. Opts: (null)
[  288.414350][T11128] EXT4-fs (loop0): re-mounted. Opts: (null)
22:44:18 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  288.475360][T11126] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  288.504926][T11126] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  288.533508][T11126] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  288.552590][T11126] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  288.574062][T11135] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  288.576637][T11126] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
22:44:19 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  288.624297][T11135] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  288.634458][T11135] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  288.644631][T11135] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  288.656365][T11135] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
22:44:19 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:19 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x0, 0x0}, 0x10)
r1 = socket$inet6(0xa, 0x3, 0x7)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_DISALLOCATE(r2, 0x5608)
r3 = syz_open_procfs(0x0, 0x0)
preadv(r3, 0x0, 0x0, 0xfffffffc)
r4 = syz_open_dev$vcsn(0x0, 0x7, 0x401)
setsockopt$inet6_IPV6_ADDRFORM(r4, 0x29, 0x1, &(0x7f00000000c0), 0x4)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x24, &(0x7f0000000280), 0x4)
shutdown(0xffffffffffffffff, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)

[  288.846109][T11146] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  288.864267][T11146] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  288.902587][T11146] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  288.903245][T11155] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  288.922218][T11155] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  288.932346][T11155] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  288.942739][T11155] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  288.954066][T11155] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  288.957722][T11146] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  288.966984][T11158] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  288.991928][T11146] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  289.021560][T11158] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:44:19 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x0, 0x0}, 0x10)
r1 = socket$inet6(0xa, 0x3, 0x7)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_DISALLOCATE(r2, 0x5608)
r3 = syz_open_procfs(0x0, 0x0)
preadv(r3, 0x0, 0x0, 0xfffffffc)
r4 = syz_open_dev$vcsn(0x0, 0x7, 0x401)
setsockopt$inet6_IPV6_ADDRFORM(r4, 0x29, 0x1, &(0x7f00000000c0), 0x4)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x24, &(0x7f0000000280), 0x4)
shutdown(0xffffffffffffffff, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)

22:44:19 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

22:44:19 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  289.086332][T11158] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:44:19 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x16}, &(0x7f0000000100)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000100)={'\x00', 0x2})
preadv(r1, &(0x7f0000000000)=[{&(0x7f0000000ec0)=""/202, 0x20031ec0}], 0x1, 0x0)
dup2(0xffffffffffffffff, r1)

[  289.149337][T11158] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  289.203820][T11158] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
22:44:19 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:19 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  289.372722][T11187] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
22:44:19 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x0, 0x0}, 0x10)
r1 = socket$inet6(0xa, 0x3, 0x7)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_DISALLOCATE(r2, 0x5608)
r3 = syz_open_procfs(0x0, 0x0)
preadv(r3, 0x0, 0x0, 0xfffffffc)
r4 = syz_open_dev$vcsn(0x0, 0x7, 0x401)
setsockopt$inet6_IPV6_ADDRFORM(r4, 0x29, 0x1, &(0x7f00000000c0), 0x4)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x24, &(0x7f0000000280), 0x4)
shutdown(0xffffffffffffffff, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)

[  289.420478][T11187] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  289.439410][T11192] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  289.454763][T11187] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  289.478038][T11192] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  289.495766][T11187] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  289.511890][T11192] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  289.529805][T11187] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  289.558382][T11202] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  289.570505][T11192] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:44:19 executing program 3:
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x7e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtfilter={0x24, 0x2a, 0xd27}, 0x24}}, 0x8084)

22:44:19 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

[  289.573503][T11202] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  289.609395][T11202] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:44:20 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  289.623545][T11202] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  289.643733][T11192] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  289.644984][T11202] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
22:44:20 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  289.846917][T11220] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  289.860946][T11221] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  289.871210][T11220] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  289.882911][T11221] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  289.894101][T11220] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  289.904956][T11220] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  289.913108][T11221] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  289.927484][T11220] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
22:44:20 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x800000003, 0x0)
bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
getsockname$packet(r1, &(0x7f00000003c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x300}, {}, {0xfff1}}, [@filter_kind_options=@f_route={{0xa, 0x1, 'route\x00'}, {0x4}}]}, 0x34}}, 0x0)

22:44:20 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

[  289.942728][T11229] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  289.951755][T11229] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  289.970521][T11229] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  289.991562][T11221] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  290.021227][T11229] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  290.052942][T11221] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[  290.073660][T11229] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
22:44:20 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x800000003, 0x0)
bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
getsockname$packet(r1, &(0x7f00000003c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xfff1}}, [@filter_kind_options=@f_route={{0xa, 0x1, 'route\x00'}, {0xc, 0x2, [@TCA_ROUTE4_CLASSID={0x8}]}}]}, 0x3c}}, 0x0)

22:44:20 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x800000003, 0x0)
bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
getsockname$packet(r1, &(0x7f00000003c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xfff1}}, [@filter_kind_options=@f_basic={{0xa, 0x1, 'basic\x00'}, {0xc, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0x1200}}]}}]}, 0x3c}}, 0x0)

22:44:20 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  290.235923][T11246] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  290.263623][T11246] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  290.281749][T11246] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  290.291658][T11246] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  290.307775][T11246] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
22:44:20 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:20 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:20 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:20 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x800000003, 0x0)
bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
getsockname$packet(r1, &(0x7f00000003c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000012e40)=@newtfilter={0x4c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xfff1}}, [@filter_kind_options=@f_matchall={{0xd, 0x1, 'matchall\x00'}, {0x18, 0x2, [@TCA_MATCHALL_FLAGS={0x8}, @TCA_MATCHALL_CLASSID={0x8}, @TCA_MATCHALL_ACT={0x4}]}}]}, 0x4c}}, 0x0)

22:44:20 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="00f0000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="280000001000250800"/20, @ANYRES32=r3, @ANYBLOB="000000000000000008000a0010"], 0x28}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000002a00)=0x14)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000002c0)={<r6=>0xffffffffffffffff})
ioctl$sock_inet_SIOCGIFNETMASK(r6, 0x891b, &(0x7f0000000300)={'batadv_slave_1\x00', {0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}})
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x20, 0x10, 0x825, 0x0, 0x0, {0xa, 0x0, 0x0, r5, 0x2}}, 0x20}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0xffffffc3, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, r9}}, 0x20}}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, 0x0, 0x0)

[  290.489208][T11261] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  290.538924][T11261] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  290.553176][T11269] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  290.561286][T11261] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  290.561551][T11274] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  290.581200][T11261] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  290.594167][T11269] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  290.597733][T11280] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  290.604660][T11269] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  290.624994][T11269] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:44:20 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x800000003, 0x0)
bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
getsockname$packet(r1, &(0x7f00000003c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newtfilter={0x40, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xfff1}}, [@filter_kind_options=@f_rsvp={{0x9, 0x1, 'rsvp\x00'}, {0x10, 0x2, [@TCA_RSVP_DST={0x8, 0x2, @empty}, @TCA_RSVP_ACT={0x4}]}}]}, 0x40}}, 0x0)

[  290.644139][T11261] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  290.656397][T11269] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[  290.656971][T11274] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  290.721457][T11285] team0: Port device veth3 added
22:44:21 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:21 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:21 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0x8164, 0x0, 0x0, 0x800e00547)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0xa09, 0x0, 0x0, 0x800e003c6)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000002280)=""/4105, 0x1009}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x8}, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r3, 0x0, 0xccf3, 0x0, 0x0, 0x800e0053d)
shutdown(r2, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
r5 = dup(r4)
recvmsg(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f00000000c0)=""/9, 0x9}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x10}, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r6, 0x0, 0x73a0b1b, 0x0, 0x0, 0x800e00549)
shutdown(r5, 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
shutdown(r6, 0x0)
shutdown(r3, 0x0)

[  290.813254][T11274] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  290.913296][T11280] team0: Port device veth3 removed
[  290.931515][T11274] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  290.973842][T11274] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  290.997140][T11299] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  291.011572][T11309] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  291.021363][T11299] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  291.037502][T11309] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  291.058477][T11309] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:44:21 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="00f0000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="280000001000250800"/20, @ANYRES32=r3, @ANYBLOB="000000000000000008000a0010"], 0x28}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000002a00)=0x14)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000002c0)={<r6=>0xffffffffffffffff})
ioctl$sock_inet_SIOCGIFNETMASK(r6, 0x891b, &(0x7f0000000300)={'batadv_slave_1\x00', {0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}})
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x20, 0x10, 0x825, 0x0, 0x0, {0xa, 0x0, 0x0, r5, 0x2}}, 0x20}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0xffffffc3, &(0x7f0000000280)={&(0x7f0000000500)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, r9}}, 0x20}}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, 0x0, 0x0)

22:44:21 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  291.072534][T11309] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  291.083220][T11299] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  291.095152][T11309] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  291.104934][T11299] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:44:21 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  291.132009][T11299] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[  291.224088][T11322] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  291.252535][T11322] team0: Port device veth3 added
[  291.298756][T11322] team0: Port device veth3 removed
22:44:21 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, 0xffffffffffffffff, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:21 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:21 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0x8164, 0x0, 0x0, 0x800e00547)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0xa09, 0x0, 0x0, 0x800e003c6)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000002280)=""/4105, 0x1009}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6}, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r3, 0x0, 0xccf3, 0x0, 0x0, 0x800e0053d)
shutdown(r2, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
r5 = dup(r4)
recvmsg(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000000c0)=""/9, 0x9}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0xb}, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r6, 0x0, 0x73a0b1b, 0x0, 0x0, 0x800e00549)
shutdown(r5, 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
shutdown(r6, 0x0)
shutdown(r3, 0x0)

[  291.389998][T11338] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  291.414548][T11339] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  291.425999][T11338] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  291.440545][T11339] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  291.456891][T11339] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  291.466753][T11339] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  291.492655][T11338] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  291.494440][T11348] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  291.512703][T11348] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  291.523228][T11348] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  291.533619][T11348] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  291.544114][T11338] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  291.544730][T11348] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
22:44:21 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  291.583705][T11339] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  291.594383][T11338] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
22:44:22 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:22 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, 0xffffffffffffffff, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:22 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:22 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0x8164, 0x0, 0x0, 0x800e00547)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0xa09, 0x0, 0x0, 0x800e003c6)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000002280)=""/4105, 0x1009}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x8}, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r3, 0x0, 0xccf3, 0x0, 0x0, 0x800e0053d)
shutdown(r2, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
r5 = dup(r4)
recvmsg(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f00000000c0)=""/9, 0x9}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x10}, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r6, 0x0, 0x73a0b1b, 0x0, 0x0, 0x800e00549)
shutdown(r5, 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
shutdown(r6, 0x0)
shutdown(r3, 0x0)

[  291.829694][T11369] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  291.839985][T11369] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  291.850571][T11369] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  291.862303][T11369] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  291.914812][T11369] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[  291.943696][T11379] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
22:44:22 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, 0xffffffffffffffff, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

[  291.968450][T11379] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  291.979053][T11379] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  291.991115][T11379] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  292.012514][T11383] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  292.023847][T11379] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  292.042754][T11383] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  292.052646][T11383] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:44:22 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:22 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  292.062540][T11383] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:44:22 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  292.093707][T11383] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  292.221390][T11399] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  292.236674][T11399] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  292.254408][T11399] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:44:22 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(0xffffffffffffffff, r1, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:22 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  292.265388][T11399] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  292.277030][T11399] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[  292.297723][T11407] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  292.335124][T11407] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  292.361766][T11407] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  292.372956][T11407] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:44:22 executing program 4:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
recvfrom$unix(r0, &(0x7f0000001700)=""/102400, 0x19000, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000780)={<r1=>0xffffffffffffffff})
recvfrom$unix(r1, &(0x7f000001a700)=""/102400, 0x19000, 0x0, 0x0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000280)=""/69, 0x45}, {0x0}, {0x0}], 0x3}, 0x0)
r4 = open(&(0x7f0000000040)='./file0\x00', 0x712, 0x0)
recvfrom$inet(r3, 0x0, 0x1e51de7a2ef3af5, 0x0, 0x0, 0x800e00776)
shutdown(r2, 0x0)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
flock(r5, 0x40000003)
shutdown(r3, 0x0)
dup2(r3, r4)

[  292.397984][T11415] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  292.420812][T11415] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  292.433924][T11407] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
22:44:22 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  292.482375][T11415] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  292.510242][T11415] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  292.511351][T11428] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  292.538448][T11428] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  292.549512][T11428] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  292.562867][T11428] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:44:22 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:23 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  292.737681][T11441] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  292.776969][T11441] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:44:23 executing program 3:
clone(0x26100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet6(0xa, 0x80003, 0x6b)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000180)=ANY=[@ANYBLOB="7261770000000000000000160000000000000000000000000000000000000000c1030055853c4600200400000000000080020000000000000000000000000000500300005003000050030000500300005003000003000000000000007b2a98052e8746e50000000000000000000b78acf82e8ff1ce8d1c0000bbff020000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000076656574706369300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500280020000000001"], 0x1)
r1 = memfd_create(&(0x7f00000000c0)='$\xbbeth0nodev*\x00', 0x0)
mmap(&(0x7f0000000000/0xaa2000)=nil, 0xaa2000, 0x5, 0x11, r1, 0x0)
rt_sigaction(0x7, &(0x7f0000b4a000)={0xfffffffffffffffd, 0x80000002, 0x0}, 0x0, 0x8, &(0x7f0000000000))
syz_open_procfs(0x0, &(0x7f0000000140)='net/igmp\x00')
prctl$PR_SET_DUMPABLE(0x4, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='uid_map\x00')

[  292.829065][T11441] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:44:23 executing program 3:
clone(0x26100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet6(0xa, 0x80003, 0x6b)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000180)=ANY=[@ANYBLOB="7261770000000000000000160000000000000000000000000000000000000000c1030055853c4600200400000000000080020000000000000000000000000000500300005003000050030000500300005003000003000000000000007b2a98052e8746e50000000000000000000b78acf82e8ff1ce8d1c0000bbff020000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000076656574706369300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500280020000000001"], 0x1)
r1 = memfd_create(&(0x7f00000000c0)='$\xbbeth0nodev*\x00', 0x0)
mmap(&(0x7f0000000000/0xaa2000)=nil, 0xaa2000, 0x5, 0x11, r1, 0x0)
rt_sigaction(0x7, &(0x7f0000b4a000)={0xfffffffffffffffd, 0x80000002, 0x0}, 0x0, 0x8, &(0x7f0000000000))
syz_open_procfs(0x0, &(0x7f0000000140)='net/igmp\x00')
prctl$PR_SET_DUMPABLE(0x4, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='uid_map\x00')

[  292.883766][T11441] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  292.921335][T11451] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  292.951183][T11451] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:44:23 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:23 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  293.036067][T11451] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:44:23 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x44, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x44}}, 0x0)

[  293.092369][T11451] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  293.175277][T11473] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  293.177488][T11469] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  293.193700][T11473] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  293.206865][T11473] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:44:23 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  293.225638][T11473] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  293.239960][T11469] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  293.250012][T11469] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:44:23 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(0xffffffffffffffff, r1, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:23 executing program 3:
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x4c, 0x2, 0x6, 0x105, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0)
r0 = socket(0x10, 0x80002, 0xc)
sendmmsg$alg(r0, &(0x7f0000000140), 0xffffffffffffff68, 0x0)
socketpair$unix(0x1, 0x40000000000001, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(r1, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

[  293.270074][T11469] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  293.402699][T11488] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  293.411550][T11488] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  293.426249][T11488] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  293.437654][T11488] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:44:23 executing program 4:

22:44:23 executing program 1:
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:23 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  293.517224][T11497] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended
[  293.583419][T11497] EXT4-fs (loop5): re-mounted. Opts: (null)
22:44:23 executing program 3:
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x4c, 0x2, 0x6, 0x105, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0)
r0 = socket(0x10, 0x80002, 0xc)
sendmmsg$alg(r0, &(0x7f0000000140), 0xffffffffffffff68, 0x0)
socketpair$unix(0x1, 0x40000000000001, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(r1, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

22:44:24 executing program 4:

22:44:24 executing program 5:
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:24 executing program 1:
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  293.646880][T11506] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  293.682652][T11506] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  293.710271][T11506] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  293.768342][T11506] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:44:24 executing program 4:

22:44:24 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:24 executing program 5:
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  294.141425][T11528] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  294.163948][T11528] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  294.186114][T11528] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  294.205422][T11528] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  294.223628][T11528] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  294.234131][T11528] EXT4-fs (loop0): re-mounted. Opts: (null)
22:44:24 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(0xffffffffffffffff, r1, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:24 executing program 1:
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:24 executing program 3:

22:44:24 executing program 4:
r0 = socket(0x2, 0xc003, 0x0)
connect$unix(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="7902adf5ffffffff"], 0x10)
writev(r0, &(0x7f0000000100)=[{&(0x7f00000000c0)="066953110548000000007244cc", 0xd}, {&(0x7f00000004c0)="3708c45eed3570c3a5330f254b1988c5d43c840000000000000a9bca86dbb8124a763a012a0f459133f7dcc75aa23a81cd60f46a16c4a5d8ded247df35c9a56a79e5e2aaadda50795cb44aa89bd6c7521f44ca5cf19d3785a7e95738ca2efbbe3c1b17994f09421ec37c9348b62e45cd16bf33d55d831f48e82313e72bd96ec804359f79e3af9e7e2d6b63d78e76de666579ef69aa0a49a6ff8a71ad000000004e2398c6bee967c490c4c79ccd5aa1054c273e45e0ace578abe4d177d57071efbec6368bd57be8acddc30fd514d45654d6834fdac68037af2af3fc0f01b03c1ca2200000000000000003625162767c8c57eecd4e02a69adf30b6b74597220a19d46b0fec7f528da340b0119892e83f063ccaf3d75d67e600cc69156ac21195ee3c496ec531b40f985d013de235a45caa91abae7863a825491f9da422550f2baf9bb17b562bf142d5ad32f293018cbad7d8dc870fc3b30771dc8740bc03f99e8604e46ae288ce23a6570032c1de08caf765e447fda061f0e49d4dfa344b3a4af3f171ec2207ee870fe1341143e243d7083e747fe777ad26f55fa500e0eed7f39f78a5834166e2430f8eaf6144651b2392c7f3e8c3d2881eb401067bc8046d5e39a8d18ca4b445ab454a48364456b0b92400a2aef3e9368f6e14ce76a9804a1e1e", 0x1e0}], 0x2)

22:44:24 executing program 5:
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  294.257942][T11528] EXT4-fs (loop0): re-mounted. Opts: (null)
22:44:24 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:24 executing program 5:
syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:24 executing program 3:
r0 = socket(0x2, 0xc003, 0x0)
close(r0)
r1 = socket(0x2, 0x2, 0x0)
connect$unix(r1, &(0x7f0000000000)=@file={0xbd5699bc1ec0282, './file0\x00'}, 0x10)
connect$unix(r0, &(0x7f0000000000)=@file={0xbd5699bc1ec0282, './file0\x00'}, 0x10)

22:44:24 executing program 1:
syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:24 executing program 4:

22:44:25 executing program 3:

22:44:25 executing program 4:

[  294.659364][T11549] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  294.677062][T11549] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  294.726641][T11549] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  294.737114][T11549] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:44:25 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200))
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r0, r1, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:25 executing program 5:
syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:25 executing program 1:
syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:25 executing program 3:

22:44:25 executing program 0:
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:25 executing program 4:

22:44:26 executing program 1:
syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:26 executing program 4:

22:44:26 executing program 3:

22:44:26 executing program 5:
syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:26 executing program 0:
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:26 executing program 4:

22:44:27 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200))
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r0, r1, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:27 executing program 0:
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:27 executing program 3:

22:44:27 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', 0x0, 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:27 executing program 4:

22:44:27 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', 0x0, 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:27 executing program 4:

22:44:27 executing program 3:

22:44:27 executing program 4:

22:44:27 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:27 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', 0x0, 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:27 executing program 4:

22:44:28 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200))
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r0, r1, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:28 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', 0x0, 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:28 executing program 4:

22:44:28 executing program 3:

22:44:28 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:28 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', 0x0, 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:28 executing program 3:

22:44:28 executing program 4:

22:44:28 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:28 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:28 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', 0x0, 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:28 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000380))
r1 = syz_open_procfs(0x0, &(0x7f0000001300)='net/igmp\x00')
socket(0x0, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETSW(r2, 0x5403, &(0x7f0000000040)={0x0, 0xffffffff, 0x0, 0x0, 0x0, "00000100"})
ioctl$TCSETS(r2, 0x40045431, &(0x7f00003b9fdc))
r3 = syz_open_pts(r2, 0x2)
sendfile(r3, r1, 0x0, 0x6f0a77bd)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
gettid()
sendmsg$nl_netfilter(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[], 0x1c}}, 0x0)

[  298.241328][T11694] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  298.251201][T11694] EXT4-fs (loop5): bad geometry: block count 1080 exceeds size of device (1 blocks)
22:44:29 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:29 executing program 3:
syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x1, 0x2)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_open_dev$video(0x0, 0x40000003, 0x0)
splice(r1, 0x0, r0, 0x0, 0x1000000008, 0x0)

22:44:29 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', 0x0, 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:29 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:29 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:29 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000380))
r1 = syz_open_procfs(0x0, &(0x7f0000001300)='net/igmp\x00')
socket(0x0, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETSW(r2, 0x5403, &(0x7f0000000040)={0x0, 0xffffffff, 0x0, 0x0, 0x0, "00000100"})
ioctl$TCSETS(r2, 0x40045431, &(0x7f00003b9fdc))
r3 = syz_open_pts(r2, 0x2)
sendfile(r3, r1, 0x0, 0x6f0a77bd)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
gettid()
sendmsg$nl_netfilter(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[], 0x1c}}, 0x0)

[  299.161228][T11727] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
22:44:29 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  299.205465][T11727] EXT4-fs (loop5): bad geometry: block count 1080 exceeds size of device (1 blocks)
[  299.208905][T11731] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
22:44:29 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', 0x0, 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  299.276044][T11731] EXT4-fs (loop1): bad geometry: block count 1080 exceeds size of device (1 blocks)
22:44:29 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000380))
r1 = syz_open_procfs(0x0, &(0x7f0000001300)='net/igmp\x00')
socket(0x0, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETSW(r2, 0x5403, &(0x7f0000000040)={0x0, 0xffffffff, 0x0, 0x0, 0x0, "00000100"})
ioctl$TCSETS(r2, 0x40045431, &(0x7f00003b9fdc))
r3 = syz_open_pts(r2, 0x2)
sendfile(r3, r1, 0x0, 0x6f0a77bd)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
gettid()
sendmsg$nl_netfilter(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[], 0x1c}}, 0x0)

22:44:29 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:29 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', 0x0, 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  299.389330][T11750] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  299.398316][T11750] EXT4-fs (loop5): bad geometry: block count 1080 exceeds size of device (1 blocks)
22:44:29 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x0, 0x0, 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  299.570987][T11766] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  299.624439][T11766] EXT4-fs (loop1): bad geometry: block count 1080 exceeds size of device (1 blocks)
22:44:30 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:30 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:30 executing program 4:
socket$can_raw(0x1d, 0x3, 0x1)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(0xffffffffffffffff, 0x8982, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x0, 0x6}, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x92fd, 0x0, @perf_bp={0x0, 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unshare(0x40000000)
close(0xffffffffffffffff)
shmget(0xffffffffffffffff, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil)
close(0xffffffffffffffff)
syz_open_dev$binderN(0x0, 0x0, 0x0)
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
ioctl$EVIOCGSND(r0, 0x8040451a, &(0x7f0000000140)=""/181)
ioctl$DRM_IOCTL_MODE_RMFB(r0, 0xc00464af, &(0x7f0000000040)=0x81)
mknod$loop(0x0, 0x4, 0x1)
syz_mount_image$afs(&(0x7f00000000c0)='afs\x00', &(0x7f0000000100)='./file0\x00', 0x2d4fc948, 0x0, 0x0, 0x88000, &(0x7f00000003c0)=ANY=[@ANYBLOB="666c6f636b3d7374726963742c736f757263653dc55c7b24297b2c736f757263653d282c736f757263653d287b2d7d282c666c6f636b3d77726974652c66736d616769633d3078303030303030303030303030303030312c736d61636b66737472616e736d7574653d2c65756964", @ANYBLOB=',smackfsdef\x00\x00\x00\x00\x00\x00\x00'])
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)

22:44:30 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:30 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x0, 0x0, 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:30 executing program 3:
perf_event_open(&(0x7f000025c000)={0x2, 0xbb, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$tipc(r0, &(0x7f00000004c0)={&(0x7f0000000340), 0x10, 0x0}, 0x0)

[  300.231858][T11794] IPVS: ftp: loaded support on port[0] = 21
[  300.378369][T11795] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  300.445798][T11795] EXT4-fs (loop1): bad geometry: block count 1080 exceeds size of device (1 blocks)
[  300.476209][T11798] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  300.487863][T11798] EXT4-fs (loop0): bad geometry: block count 1080 exceeds size of device (1 blocks)
22:44:30 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
kexec_load(0x0, 0x0, 0x0, 0x0)

[  300.511402][T11794] IPVS: ftp: loaded support on port[0] = 21
22:44:30 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x0, 0x0, 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:31 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:31 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:31 executing program 4:
socket$can_raw(0x1d, 0x3, 0x1)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(0xffffffffffffffff, 0x8982, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x0, 0x6}, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x92fd, 0x0, @perf_bp={0x0, 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unshare(0x40000000)
close(0xffffffffffffffff)
shmget(0xffffffffffffffff, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil)
close(0xffffffffffffffff)
syz_open_dev$binderN(0x0, 0x0, 0x0)
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
ioctl$EVIOCGSND(r0, 0x8040451a, &(0x7f0000000140)=""/181)
ioctl$DRM_IOCTL_MODE_RMFB(r0, 0xc00464af, &(0x7f0000000040)=0x81)
mknod$loop(0x0, 0x4, 0x1)
syz_mount_image$afs(&(0x7f00000000c0)='afs\x00', &(0x7f0000000100)='./file0\x00', 0x2d4fc948, 0x0, 0x0, 0x88000, &(0x7f00000003c0)=ANY=[@ANYBLOB="666c6f636b3d7374726963742c736f757263653dc55c7b24297b2c736f757263653d282c736f757263653d287b2d7d282c666c6f636b3d77726974652c66736d616769633d3078303030303030303030303030303030312c736d61636b66737472616e736d7574653d2c65756964", @ANYBLOB=',smackfsdef\x00\x00\x00\x00\x00\x00\x00'])
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)

22:44:31 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x0, 0x0, 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:31 executing program 3:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f00000001c0))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfbffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa10000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3b}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={0x0, 0x0, 0x7}, 0x20)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f00000001c0))

22:44:31 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x1, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  300.865831][    T7] tipc: TX() has been purged, node left!
[  300.901853][T11876] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  300.927926][T11876] EXT4-fs (loop0): bad geometry: block count 1080 exceeds size of device (1 blocks)
[  301.048755][T11887] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  301.144436][T11887] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:44:31 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x0, 0x0, 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:31 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  301.231796][T11887] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  301.297887][T11887] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  301.349025][T11887] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
[  301.415354][T11887] EXT4-fs (loop5): get root inode failed
[  301.454105][T11887] EXT4-fs (loop5): mount failed
[  301.464602][T11910] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  301.474079][T11910] EXT4-fs (loop0): bad geometry: block count 1080 exceeds size of device (1 blocks)
22:44:31 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x1, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:31 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x0, 0x0, 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:31 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x0, 0x0, 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:32 executing program 3:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f00000001c0))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfbffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa10000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3b}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={0x0, 0x0, 0x7}, 0x20)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f00000001c0))

22:44:32 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

[  301.786924][T11927] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  301.819020][T11927] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:44:32 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x0, 0x0, 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  301.891364][T11927] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  301.972660][T11927] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  302.029425][T11927] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
[  302.064733][T11927] EXT4-fs (loop5): get root inode failed
[  302.079407][T11927] EXT4-fs (loop5): mount failed
22:44:33 executing program 4:
r0 = socket$inet(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000b9aff0)={0x2, 0x4e20}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x2, 0x4e20}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
recvmmsg(r0, &(0x7f0000002280)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff2f}}], 0x300, 0x0, 0x0)

22:44:33 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x1, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:33 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x0, 0x0, 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:33 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:33 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x1, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  302.842848][T11964] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  302.869337][T11964] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  302.879756][T11964] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  302.889888][T11964] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  302.907643][T11965] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  302.916169][    T7] tipc: TX() has been purged, node left!
[  302.922453][T11965] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:44:33 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x1, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  302.935667][T11965] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  302.945907][T11965] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  302.968350][T11964] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
[  302.980497][T11965] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
22:44:33 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

[  303.064225][T11964] EXT4-fs (loop1): get root inode failed
[  303.073268][T11965] EXT4-fs (loop5): get root inode failed
[  303.099840][T11965] EXT4-fs (loop5): mount failed
[  303.110673][T11964] EXT4-fs (loop1): mount failed
22:44:33 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {0x0, 0x0, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:33 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x1, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:33 executing program 3:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f00000001c0))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfbffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa10000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3b}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={0x0, 0x0, 0x7}, 0x20)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f00000001c0))

[  303.268128][T11985] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  303.285948][T11985] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  303.296986][T11985] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  303.317267][T11985] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  303.350657][T11985] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
[  303.375062][T11998] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  303.380922][T11985] EXT4-fs (loop0): get root inode failed
[  303.395269][T11998] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  303.405694][T11998] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:44:33 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

[  303.416293][T11998] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  303.428579][T12001] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  303.436973][T11998] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
[  303.440253][T11985] EXT4-fs (loop0): mount failed
[  303.460249][T11998] EXT4-fs (loop1): get root inode failed
[  303.476624][T11998] EXT4-fs (loop1): mount failed
[  303.486565][T12001] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  303.511388][T12001] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  303.545863][T12001] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  303.569519][T12001] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
22:44:34 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x1, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  303.641382][T12001] EXT4-fs (loop5): get root inode failed
[  303.707970][T12001] EXT4-fs (loop5): mount failed
22:44:34 executing program 4:
r0 = syz_open_dev$usbfs(&(0x7f0000000840)='/dev/bus/usb/00#/00#\x00', 0x908, 0x1)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, 0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

22:44:34 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x1, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:34 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {0x0, 0x0, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  303.906406][T12022] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  303.972793][T12028] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  304.010810][T12022] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  304.031440][T12028] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  304.095477][T12022] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  304.105336][T12022] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  304.116693][T12028] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  304.128785][T12037] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
22:44:34 executing program 4:
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000000000000000004dd6000000000a20000000000a01000000000000000000000000000900010073797a300000000070000000120a0100001f34010400000000000000040004800900020073797a30002e37000900010073797a3000000000080003400000000022000200b717fa41a1c9ef49ca7d80"], 0xb8}}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETCHAIN(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x8}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(r2, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

[  304.137462][T12037] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  304.143530][T12028] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  304.147491][T12037] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  304.166873][T12037] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  304.183890][T12022] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
[  304.196855][T12037] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
[  304.218219][T12022] EXT4-fs (loop1): get root inode failed
[  304.224171][T12022] EXT4-fs (loop1): mount failed
[  304.232193][T12037] EXT4-fs (loop5): get root inode failed
[  304.237968][T12028] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
[  304.261820][T12037] EXT4-fs (loop5): mount failed
[  304.272976][T12028] EXT4-fs (loop0): get root inode failed
[  304.284871][T12028] EXT4-fs (loop0): mount failed
22:44:34 executing program 3:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f00000001c0))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfbffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa10000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3b}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={0x0, 0x0, 0x7}, 0x20)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f00000001c0))

[  304.294949][T12046] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  304.390140][T12046] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  304.467651][T12049] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
22:44:34 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x1, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:34 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {0x0, 0x0, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:34 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {0x0, 0x0, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:34 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:34 executing program 4:
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000000000000000004dd6000000000a20000000000a01000000000000000000000000000900010073797a300000000070000000120a0100001f34010400000000000000040004800900020073797a30002e37000900010073797a3000000000080003400000000022000200b717fa41a1c9ef49ca7d80"], 0xb8}}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETCHAIN(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x8}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(r2, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

[  304.700327][T12062] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  304.722414][T12062] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  304.743867][T12066] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  304.749686][T12062] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  304.764528][T12067] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  304.787427][T12076] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  304.798219][T12062] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  304.809691][T12066] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  304.821260][T12067] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  304.854639][T12066] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  304.866437][T12062] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
[  304.879078][T12067] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  304.942221][T12076] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  304.959626][T12062] EXT4-fs (loop1): get root inode failed
[  304.974253][T12066] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  304.988625][T12067] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  305.015459][T12062] EXT4-fs (loop1): mount failed
[  305.058105][T12066] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
[  305.124270][T12067] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
22:44:35 executing program 4:
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000440)='proc\x00', 0x0, 0x0)
r0 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$cec(0x0, 0xffffffffffffffff, 0x2)
getdents(r0, &(0x7f0000000480)=""/4096, 0x1000)

22:44:35 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {0x0, 0x0, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  305.184145][T12066] EXT4-fs (loop0): get root inode failed
[  305.245436][T12067] EXT4-fs (loop5): get root inode failed
[  305.251703][T12067] EXT4-fs (loop5): mount failed
[  305.259423][T12066] EXT4-fs (loop0): mount failed
22:44:35 executing program 4:
mkdir(&(0x7f00000001c0)='./file1\x00', 0x0)
mkdir(&(0x7f00000002c0)='./bus\x00', 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./bus/file0\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0'])
mkdir(0x0, 0x0)
lsetxattr(&(0x7f00000000c0)='./bus/file0\x00', &(0x7f0000000200)=@random={'trusted.', 'overlay\x00'}, 0x0, 0x0, 0x0)

22:44:35 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140), 0x0, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:35 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {0x0, 0x0, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  305.480442][T12096] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  305.491831][T12096] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  305.502823][T12096] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  305.515416][T12096] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  305.532888][T12096] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
[  305.550751][T12096] EXT4-fs (loop1): get root inode failed
[  305.556801][T12096] EXT4-fs (loop1): mount failed
22:44:35 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  305.596893][T12107] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  305.681572][T12106] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  305.692781][T12105] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  305.755406][T12106] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  305.783791][T12105] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  305.871186][T12106] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  305.896607][T12105] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  305.949174][T12106] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  305.962237][T12105] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  306.010133][T12106] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
[  306.030305][T12105] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
[  306.059703][T12106] EXT4-fs (loop5): get root inode failed
[  306.074964][T12105] EXT4-fs (loop0): get root inode failed
[  306.158085][T12106] EXT4-fs (loop5): mount failed
[  306.173195][T12105] EXT4-fs (loop0): mount failed
22:44:36 executing program 3:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0xa, 0x922000000003, 0x11)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
r1 = socket$kcm(0xa, 0x5, 0x0)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x8910, &(0x7f0000000000))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={0x0, &(0x7f0000000040)=""/219, 0x2e, 0xdb, 0x8}, 0x20)

22:44:36 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {0x0, 0x0, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:36 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:36 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140), 0x0, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:36 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {0x0, 0x0, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  306.590076][T12135] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  306.604895][T12136] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  306.613795][T12136] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  306.632824][T12136] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  306.644936][T12139] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  306.658336][T12136] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  306.666361][T12135] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:44:37 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

[  306.682777][T12139] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  306.702442][T12135] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  306.714365][T12136] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
[  306.714615][T12139] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  306.736954][T12139] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  306.747283][T12139] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
[  306.759108][T12136] EXT4-fs (loop5): get root inode failed
[  306.762988][T12139] EXT4-fs (loop0): get root inode failed
[  306.767965][T12135] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  306.770657][T12139] EXT4-fs (loop0): mount failed
22:44:37 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {0x0, 0x0, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  306.786360][T12135] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
[  306.786788][T12136] EXT4-fs (loop5): mount failed
[  306.808251][T12135] EXT4-fs (loop1): get root inode failed
[  306.813939][T12135] EXT4-fs (loop1): mount failed
22:44:37 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140), 0x0, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:37 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140), 0x0, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:37 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

22:44:37 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  307.075400][T12166] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  307.097771][T12168] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  307.111788][T12166] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  307.132130][T12168] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  307.133242][T12175] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  307.154108][T12175] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  307.164702][T12175] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  307.176213][T12166] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  307.183648][T12175] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  307.196959][T12168] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  307.218895][T12175] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
22:44:37 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf50", 0x4c, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  307.231403][T12175] EXT4-fs (loop5): get root inode failed
[  307.237219][T12175] EXT4-fs (loop5): mount failed
[  307.248307][T12166] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  307.268048][T12168] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:44:37 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

[  307.297854][T12166] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
[  307.313481][T12168] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
[  307.337200][T12166] EXT4-fs (loop0): get root inode failed
[  307.349316][T12193] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  307.357761][T12166] EXT4-fs (loop0): mount failed
[  307.363591][T12168] EXT4-fs (loop1): get root inode failed
[  307.369394][T12168] EXT4-fs (loop1): mount failed
[  307.385496][T12193] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:44:37 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140), 0x0, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  307.413296][T12193] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  307.424185][T12193] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  307.437857][T12193] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
[  307.452007][T12193] EXT4-fs (loop5): get root inode failed
[  307.470545][T12193] EXT4-fs (loop5): mount failed
22:44:37 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r0, r1, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:37 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140), 0x0, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:37 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf50", 0x4c, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  307.549188][T12205] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  307.567721][T12205] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  307.588429][T12205] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:44:38 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

[  307.645417][T12205] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  307.684901][T12211] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  307.707367][T12205] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
[  307.719643][T12211] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  307.732666][T12205] EXT4-fs (loop0): get root inode failed
[  307.742050][T12211] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  307.742123][T12205] EXT4-fs (loop0): mount failed
[  307.767369][T12211] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  307.768194][T12219] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  307.794306][T12211] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
[  307.807449][T12219] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  307.818362][T12219] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  307.829287][T12219] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  307.829294][T12211] EXT4-fs (loop1): get root inode failed
[  307.829311][T12211] EXT4-fs (loop1): mount failed
22:44:38 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140), 0x0, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  307.860869][T12219] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
22:44:38 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
close(0xffffffffffffffff)

[  307.897254][T12219] EXT4-fs (loop5): get root inode failed
[  307.907604][T12219] EXT4-fs (loop5): mount failed
22:44:38 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140), 0x0, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:38 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  308.024595][T12234] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
22:44:38 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf50", 0x4c, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  308.065467][T12234] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  308.096306][T12234] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  308.161149][T12234] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  308.186956][T12244] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  308.195652][T12244] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:44:38 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
close(0xffffffffffffffff)

[  308.205491][T12244] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  308.216382][T12244] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  308.234836][T12234] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
22:44:38 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf50", 0x4c, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  308.255248][T12244] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
[  308.273220][T12244] EXT4-fs (loop1): get root inode failed
[  308.285880][T12244] EXT4-fs (loop1): mount failed
[  308.294651][T12234] EXT4-fs (loop0): get root inode failed
[  308.303128][T12234] EXT4-fs (loop0): mount failed
22:44:38 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
close(0xffffffffffffffff)

[  308.395204][T12254] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  308.424113][T12254] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  308.478768][T12254] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  308.493259][T12267] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  308.503536][T12254] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  308.516041][T12267] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  308.528031][T12267] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  308.528072][T12254] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
[  308.538601][T12267] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:44:38 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r0, r1, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:38 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

22:44:38 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140), 0x0, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  308.570491][T12267] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
[  308.585585][T12254] EXT4-fs (loop5): get root inode failed
[  308.591630][T12254] EXT4-fs (loop5): mount failed
[  308.591663][T12267] EXT4-fs (loop1): get root inode failed
[  308.604639][T12267] EXT4-fs (loop1): mount failed
22:44:39 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5f", 0x72, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  308.722444][T12277] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
22:44:39 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf50", 0x4c, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  308.763297][T12285] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  308.772073][T12285] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  308.783542][T12285] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  308.789740][T12277] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  308.793941][T12285] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:44:39 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

[  308.843404][T12292] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  308.847899][T12277] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  308.861851][T12292] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  308.869351][T12285] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
[  308.871762][T12292] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  308.905368][T12277] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  308.910922][T12292] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  308.918544][T12285] EXT4-fs (loop5): get root inode failed
[  308.929344][T12292] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
[  308.944743][T12285] EXT4-fs (loop5): mount failed
22:44:39 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

[  308.950289][T12292] EXT4-fs (loop1): get root inode failed
[  308.955223][T12277] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
[  308.956221][T12292] EXT4-fs (loop1): mount failed
[  308.989622][T12277] EXT4-fs (loop0): get root inode failed
22:44:39 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:44:39 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf50", 0x4c, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  309.001366][T12277] EXT4-fs (loop0): mount failed
22:44:39 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5f", 0x72, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:39 executing program 3:
socket$kcm(0x2b, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r0 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r0)

22:44:39 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf50", 0x4c, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  309.229309][T12314] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  309.262848][T12322] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  309.272949][T12314] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  309.286125][T12319] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  309.296897][T12322] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  309.305619][T12319] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  309.313441][T12314] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  309.325158][T12319] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  309.335552][T12322] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  309.341449][T12319] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  309.356930][T12319] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
[  309.369380][T12319] EXT4-fs (loop5): get root inode failed
[  309.375185][T12319] EXT4-fs (loop5): mount failed
[  309.395064][T12322] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  309.407444][T12314] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  309.426559][T12322] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
[  309.445844][T12314] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
[  309.460954][T12322] EXT4-fs (loop0): get root inode failed
[  309.468872][T12322] EXT4-fs (loop0): mount failed
[  309.474279][T12314] EXT4-fs (loop1): get root inode failed
[  309.492944][T12314] EXT4-fs (loop1): mount failed
22:44:40 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r0, r1, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:40 executing program 3:
socket$kcm(0x2b, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r0 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r0)

22:44:40 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5f", 0x72, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:40 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf50", 0x4c, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:40 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5f", 0x72, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  309.760154][T12346] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  309.760163][T12345] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  309.772153][T12345] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  309.776963][T12350] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  309.787237][T12345] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  309.815307][T12350] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  309.818144][T12345] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  309.838970][T12350] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  309.849128][T12350] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:44:40 executing program 3:
socket$kcm(0x2b, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r0 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r0)

[  309.850481][T12346] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  309.862594][T12350] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
[  309.882629][T12350] EXT4-fs (loop1): get root inode failed
[  309.884800][T12345] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
[  309.889021][T12350] EXT4-fs (loop1): mount failed
[  309.908910][T12346] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  309.932569][T12345] EXT4-fs (loop0): get root inode failed
[  309.942659][T12346] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  309.953207][T12345] EXT4-fs (loop0): mount failed
22:44:40 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5f", 0x72, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:40 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  309.958902][T12346] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
[  309.971901][T12346] EXT4-fs (loop5): get root inode failed
[  309.978695][T12346] EXT4-fs (loop5): mount failed
22:44:40 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf50", 0x4c, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:40 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310e", 0x85, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  310.176412][T12374] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  310.196177][T12374] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  310.207366][T12374] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:44:40 executing program 3:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r0 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r0)

[  310.219625][T12374] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  310.238276][T12374] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
[  310.251631][T12374] EXT4-fs (loop1): get root inode failed
[  310.261407][T12374] EXT4-fs (loop1): mount failed
[  310.307598][T12385] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  310.325083][T12384] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
22:44:40 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5f", 0x72, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  310.366371][T12385] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  310.398285][T12385] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  310.419448][T12384] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  310.446073][T12385] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  310.467683][T12384] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  310.476593][T12385] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
[  310.490132][T12385] EXT4-fs (loop5): get root inode failed
[  310.496296][T12385] EXT4-fs (loop5): mount failed
[  310.500690][T12384] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  310.534916][T12384] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
[  310.557601][T12384] EXT4-fs (loop0): get root inode failed
[  310.563546][T12384] EXT4-fs (loop0): mount failed
22:44:41 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:41 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310e", 0x85, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:41 executing program 3:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r0 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r0)

22:44:41 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310e", 0x85, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:41 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5f", 0x72, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  310.786299][T12408] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  310.811371][T12412] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  310.822614][T12409] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  310.834284][T12408] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  310.848965][T12412] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  310.859313][T12409] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  310.871993][T12408] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  310.888313][T12412] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  310.898686][T12409] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  310.910498][T12408] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  310.921542][T12412] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:44:41 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:44:41 executing program 3:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r0 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r0)

[  310.933521][T12409] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  310.950938][T12408] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
[  310.974704][T12408] EXT4-fs (loop1): get root inode failed
22:44:41 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310e", 0x85, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  310.983785][T12412] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
[  310.987961][T12408] EXT4-fs (loop1): mount failed
[  311.000572][T12409] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
[  311.006950][T12412] EXT4-fs (loop0): get root inode failed
[  311.019239][T12412] EXT4-fs (loop0): mount failed
[  311.066408][T12409] EXT4-fs (loop5): get root inode failed
[  311.090083][T12409] EXT4-fs (loop5): mount failed
22:44:41 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310e", 0x85, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:41 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5f", 0x72, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:41 executing program 3:
r0 = socket$kcm(0x2b, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

[  311.189467][T12441] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  311.217294][T12441] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  311.257351][T12441] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  311.301548][T12441] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  311.324929][T12447] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  311.338199][T12441] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
22:44:41 executing program 3:
r0 = socket$kcm(0x2b, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

[  311.345576][T12450] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  311.351276][T12441] EXT4-fs (loop1): get root inode failed
[  311.364413][T12441] EXT4-fs (loop1): mount failed
[  311.376869][T12447] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  311.411973][T12450] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  311.423014][T12450] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  311.433113][T12450] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  311.443157][T12447] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  311.453211][T12450] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
[  311.465784][T12450] EXT4-fs (loop5): get root inode failed
[  311.471464][T12450] EXT4-fs (loop5): mount failed
[  311.477762][T12447] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  311.491917][T12447] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
[  311.508385][T12447] EXT4-fs (loop0): get root inode failed
[  311.514094][T12447] EXT4-fs (loop0): mount failed
22:44:44 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:44 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310e", 0x85, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:44 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1", 0x8e, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:44 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5f", 0x72, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:44 executing program 3:
r0 = socket$kcm(0x2b, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

22:44:44 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  313.948465][T12483] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  313.963729][T12484] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  313.989018][T12483] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  313.989821][T12491] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  314.002445][T12484] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  314.017779][T12491] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  314.028252][T12491] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:44:44 executing program 3:
socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r0 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r0)

[  314.038527][T12491] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  314.061422][T12483] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  314.065955][T12491] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
[  314.083563][T12491] EXT4-fs (loop0): get root inode failed
[  314.089349][T12491] EXT4-fs (loop0): mount failed
22:44:44 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310e", 0x85, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  314.111447][T12484] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  314.124048][T12483] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  314.140680][T12484] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  314.159066][T12483] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
[  314.184034][T12484] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
[  314.198890][T12483] EXT4-fs (loop5): get root inode failed
22:44:44 executing program 3:
socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r0 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r0)

[  314.206527][T12508] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  314.210313][T12483] EXT4-fs (loop5): mount failed
[  314.220222][T12508] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  314.223246][T12484] EXT4-fs (loop1): get root inode failed
[  314.240191][T12508] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  314.254041][T12484] EXT4-fs (loop1): mount failed
[  314.266611][T12508] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  314.280786][T12508] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
[  314.307502][T12508] EXT4-fs (loop0): get root inode failed
[  314.315637][T12508] EXT4-fs (loop0): mount failed
22:44:44 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310e", 0x85, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:44 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1", 0x8e, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:44 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1", 0x8e, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  314.557977][T12518] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  314.569605][T12518] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  314.584929][T12518] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  314.594900][T12518] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  314.599282][T12526] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  314.606871][T12518] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
[  314.613018][T12525] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  314.626701][T12518] EXT4-fs (loop0): get root inode failed
[  314.639394][T12518] EXT4-fs (loop0): mount failed
[  314.641288][T12526] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  314.661283][T12525] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  314.672025][T12526] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  314.672797][T12525] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  314.694163][T12526] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  314.695475][T12525] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  314.724516][T12526] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
[  314.803172][T12525] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
[  314.834145][T12526] EXT4-fs (loop5): get root inode failed
[  314.887843][T12526] EXT4-fs (loop5): mount failed
[  314.904018][T12525] EXT4-fs (loop1): get root inode failed
[  314.959293][T12525] EXT4-fs (loop1): mount failed
22:44:47 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:47 executing program 3:
socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r0 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r0)

22:44:47 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:44:47 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310e", 0x85, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:47 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1", 0x8e, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:47 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1", 0x8e, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  317.238424][T12555] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  317.251132][T12555] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  317.266079][T12558] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  317.270115][T12560] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  317.289891][T12555] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  317.301150][T12558] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  317.303403][T12560] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  317.311620][T12555] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  317.325262][T12558] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:44:47 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

[  317.336318][T12555] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
[  317.373127][T12555] EXT4-fs (loop5): get root inode failed
[  317.381027][T12558] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  317.383592][T12555] EXT4-fs (loop5): mount failed
[  317.414281][T12560] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  317.425279][T12560] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  317.434957][T12558] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
[  317.447622][T12558] EXT4-fs (loop0): get root inode failed
[  317.453288][T12558] EXT4-fs (loop0): mount failed
22:44:47 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1", 0x8e, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:47 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec97", 0x93, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  317.600639][T12560] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
[  317.625022][T12560] EXT4-fs (loop1): get root inode failed
[  317.637168][T12560] EXT4-fs (loop1): mount failed
22:44:48 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

22:44:48 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1", 0x8e, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  317.769582][T12583] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  317.780828][T12582] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  317.800518][T12583] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  317.825622][T12582] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  317.842356][T12582] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  317.859768][T12582] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  317.884311][T12582] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
[  317.889487][T12583] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  317.897111][T12582] EXT4-fs (loop0): get root inode failed
[  317.912402][T12582] EXT4-fs (loop0): mount failed
22:44:48 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1", 0x8e, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  318.028473][T12599] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  318.067750][T12599] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  318.094932][T12583] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  318.114189][T12599] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  318.124081][T12599] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  318.137898][T12583] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
[  318.153441][T12583] EXT4-fs (loop5): get root inode failed
[  318.154619][T12599] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
[  318.159644][T12583] EXT4-fs (loop5): mount failed
[  318.184228][T12599] EXT4-fs (loop1): get root inode failed
[  318.189989][T12599] EXT4-fs (loop1): mount failed
22:44:50 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:50 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:44:50 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1", 0x8e, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:50 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

22:44:50 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec97", 0x93, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:50 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec97", 0x93, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  320.471388][T12624] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  320.496820][T12623] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  320.506289][T12627] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
22:44:50 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

[  320.520553][T12624] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  320.532427][T12623] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  320.546788][T12627] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  320.568583][T12624] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  320.579457][T12624] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  320.589705][T12624] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
[  320.596967][T12623] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  320.603822][T12624] EXT4-fs (loop5): get root inode failed
[  320.617573][T12624] EXT4-fs (loop5): mount failed
[  320.619739][T12627] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  320.642933][T12627] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  320.655556][T12623] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:44:51 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec97", 0x93, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:51 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

[  320.690763][T12627] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
[  320.703845][T12623] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
[  320.733206][T12623] EXT4-fs (loop1): get root inode failed
22:44:51 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

22:44:51 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec97", 0x93, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  320.740429][T12627] EXT4-fs (loop0): get root inode failed
[  320.748709][T12627] EXT4-fs (loop0): mount failed
[  320.763562][T12623] EXT4-fs (loop1): mount failed
22:44:51 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec97", 0x93, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  320.896202][T12652] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  320.920852][T12652] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  320.925543][T12663] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  320.939557][T12663] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  320.949926][T12663] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  320.960103][T12663] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  320.971217][T12663] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
[  320.983771][T12663] EXT4-fs (loop0): get root inode failed
[  320.991868][T12663] EXT4-fs (loop0): mount failed
[  320.991962][T12652] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  321.038447][T12652] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  321.048826][T12652] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
[  321.061440][T12652] EXT4-fs (loop5): get root inode failed
[  321.067523][T12652] EXT4-fs (loop5): mount failed
[  321.085515][T12668] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  321.096710][T12668] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  321.106644][T12668] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  321.117135][T12668] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  321.127952][T12668] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
[  321.189907][T12668] EXT4-fs (loop1): get root inode failed
[  321.196434][T12668] EXT4-fs (loop1): mount failed
22:44:53 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec97", 0x93, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:53 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

22:44:53 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:53 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41", 0x95, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:53 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec97", 0x93, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:53 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  323.680238][T12691] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  323.690543][T12691] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  323.695994][T12693] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  323.700549][T12691] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  323.718690][T12691] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  323.729178][T12699] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  323.744483][T12691] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
[  323.767159][T12699] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:44:54 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

[  323.787877][T12691] EXT4-fs (loop0): get root inode failed
[  323.791068][T12693] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  323.803433][T12693] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  323.815730][T12693] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  323.826182][T12699] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  323.826770][T12691] EXT4-fs (loop0): mount failed
[  323.836140][T12693] EXT4-fs (loop5): corrupt root inode, run e2fsck
[  323.849990][T12699] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  323.860340][T12693] EXT4-fs (loop5): mount failed
22:44:54 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

[  323.883806][T12699] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
[  323.904590][T12699] EXT4-fs (loop1): get root inode failed
[  323.914407][T12699] EXT4-fs (loop1): mount failed
22:44:54 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41", 0x95, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:54 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41", 0x95, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:54 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec97", 0x93, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:54 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

[  324.169611][T12724] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  324.178468][T12724] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  324.189653][T12724] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  324.216509][T12729] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  324.220085][T12724] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  324.226812][T12727] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  324.248572][T12724] EXT4-fs (loop1): corrupt root inode, run e2fsck
[  324.257588][T12724] EXT4-fs (loop1): mount failed
22:44:54 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

[  324.286259][T12729] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  324.333620][T12727] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  324.343422][T12727] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  324.373612][T12729] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  324.384901][T12729] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  324.407412][T12727] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  324.421042][T12729] EXT4-fs (loop5): corrupt root inode, run e2fsck
[  324.448284][T12729] EXT4-fs (loop5): mount failed
[  324.490364][T12727] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
[  324.542640][T12727] EXT4-fs (loop0): get root inode failed
[  324.551941][T12727] EXT4-fs (loop0): mount failed
22:44:57 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:44:57 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41", 0x95, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:57 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

22:44:57 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:44:57 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41", 0x95, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:44:57 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41", 0x95, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:44:57 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

[  326.861898][T12766] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  326.874757][T12765] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
22:44:57 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

[  326.903002][T12768] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  326.925952][T12766] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:44:57 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

[  326.953781][T12765] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  326.969913][T12768] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  326.993444][T12766] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  327.006900][T12765] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  327.022515][T12768] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  327.040446][T12766] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:44:57 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

[  327.053715][T12765] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  327.066839][T12768] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  327.083543][T12766] EXT4-fs (loop0): corrupt root inode, run e2fsck
[  327.097432][T12765] EXT4-fs (loop1): corrupt root inode, run e2fsck
22:44:57 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41", 0x95, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  327.098318][T12766] EXT4-fs (loop0): mount failed
[  327.107242][T12765] EXT4-fs (loop1): mount failed
[  327.110503][T12768] EXT4-fs (loop5): corrupt root inode, run e2fsck
[  327.128881][T12768] EXT4-fs (loop5): mount failed
22:44:57 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

[  327.321596][T12800] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  327.330417][T12800] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  327.341224][T12800] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  327.351464][T12800] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  327.361907][T12800] EXT4-fs (loop1): corrupt root inode, run e2fsck
[  327.369783][T12800] EXT4-fs (loop1): mount failed
22:45:00 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7", 0x96, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:00 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41", 0x95, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:00 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7", 0x96, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:00 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)

22:45:00 executing program 2:
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:00 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  330.092224][T12825] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  330.103452][T12826] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  330.112086][T12825] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  330.124399][T12825] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  330.137770][T12825] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  330.151305][T12833] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  330.153592][T12826] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  330.169790][T12833] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  330.180164][T12833] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  330.190054][T12833] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  330.199830][T12825] EXT4-fs (loop5): corrupt root inode, run e2fsck
[  330.208566][T12825] EXT4-fs (loop5): mount failed
[  330.216008][T12833] EXT4-fs (loop1): corrupt root inode, run e2fsck
[  330.222564][T12833] EXT4-fs (loop1): mount failed
22:45:00 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)

22:45:00 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7", 0x96, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  330.254528][T12826] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  330.284431][T12826] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  330.303122][T12826] EXT4-fs (loop0): corrupt root inode, run e2fsck
[  330.313296][T12826] EXT4-fs (loop0): mount failed
22:45:00 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7", 0x96, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:00 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41", 0x95, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:00 executing program 2:
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

[  330.432701][T12856] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  330.489276][T12856] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  330.517732][T12856] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  330.528951][T12865] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  330.542462][T12862] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  330.561887][T12865] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  330.572718][T12856] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:45:00 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)

[  330.593986][T12862] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  330.622537][T12865] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  330.636760][T12862] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  330.647831][T12856] EXT4-fs (loop5): corrupt root inode, run e2fsck
[  330.668891][T12856] EXT4-fs (loop5): mount failed
[  330.676115][T12865] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:45:01 executing program 3:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)

[  330.691088][T12862] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  330.713272][T12862] EXT4-fs (loop0): corrupt root inode, run e2fsck
[  330.713337][T12865] EXT4-fs (loop1): corrupt root inode, run e2fsck
[  330.720077][T12862] EXT4-fs (loop0): mount failed
22:45:01 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7", 0x96, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  330.773134][T12865] EXT4-fs (loop1): mount failed
22:45:01 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7", 0x96, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:01 executing program 2:
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:01 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7", 0x96, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  330.923282][T12892] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  330.958675][T12894] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
22:45:01 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:01 executing program 3:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0xa, 0x5, 0x0)
perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xd, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8910, &(0x7f0000000000))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={0x0, &(0x7f0000000040)=""/219, 0x2e, 0xdb, 0x8}, 0x20)

[  330.992653][T12892] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  331.021358][T12894] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  331.036390][T12892] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  331.071171][T12894] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  331.101385][T12892] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  331.118516][T12908] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  331.128460][T12908] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  331.140768][T12894] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  331.140793][T12908] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:45:01 executing program 3:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0xa, 0x5, 0x0)
perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xd, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8910, &(0x7f0000000000))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={0x0, &(0x7f0000000040)=""/219, 0x2e, 0xdb, 0x8}, 0x20)

[  331.164936][T12908] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  331.175555][T12908] EXT4-fs (loop1): corrupt root inode, run e2fsck
[  331.176359][T12892] EXT4-fs (loop5): corrupt root inode, run e2fsck
[  331.182320][T12908] EXT4-fs (loop1): mount failed
[  331.191148][T12894] EXT4-fs (loop0): corrupt root inode, run e2fsck
22:45:01 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  331.220598][T12894] EXT4-fs (loop0): mount failed
[  331.226501][T12892] EXT4-fs (loop5): mount failed
22:45:01 executing program 3:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8910, &(0x7f0000000000))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={0x0, 0x0, 0x2e}, 0x20)

22:45:01 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:01 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7", 0x96, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  331.487537][T12928] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  331.508503][T12928] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  331.532640][T12928] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  331.532813][T12935] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  331.554559][T12928] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  331.567029][T12936] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  331.578283][T12928] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
[  331.602043][T12928] EXT4-fs (loop1): get root inode failed
[  331.610255][T12936] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  331.613705][T12928] EXT4-fs (loop1): mount failed
22:45:02 executing program 3:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8910, &(0x7f0000000000))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={0x0, 0x0, 0x2e}, 0x20)

[  331.645838][T12935] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  331.655111][T12936] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  331.657208][T12935] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  331.669226][T12936] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  331.683899][T12935] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:45:02 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  331.690075][T12936] EXT4-fs (loop0): corrupt root inode, run e2fsck
[  331.701838][T12935] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
[  331.725155][T12936] EXT4-fs (loop0): mount failed
[  331.733473][T12935] EXT4-fs (loop5): get root inode failed
22:45:02 executing program 3:
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x400454d0, 0x2)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50785, 0x7fff})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r0, &(0x7f0000000200), 0x400086)
gettid()
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2da8020000100000, 0x500001c)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.events\x00', 0x2da8020000100000, 0x500001c)
openat$cgroup(0xffffffffffffffff, &(0x7f0000000080)='syz0\x00', 0x200002, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40305829, &(0x7f0000000040))
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40086602, 0x400007)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0a7f00f8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92304f242b416ae9eeefc0e9c60ebab1c176bf9bb4dde984510c82dc2b9381b72b100d0682fd0a0c4a06b29e220dc28dac72599456d4c4e6f3fe2d1dee18f638ac947b5e026a3287c84ccc727d6ef3834293812e927c01c7da1322da44c7f2ed1084a12f56d1cb398dff1db3df9858837458a4ca03767c69cee1b6be484e4c9507af216bd8ed42f7dd5adb8e49f4a94615e49c08c9a20819e02cc22e6be4557cd4ed88b37ab8d7674c644dca2f1b4d745fd95c41f9d441d42f49db6d4a4762e5cc23dfc1adafd1e5a3e7f2e898961cb43e438c4e41ae43ea118e1407a601dae4b8b99bffffb1ac006c67767b03b95151aeb89e6d4a43c625aa2285b6e4afd8c1c83eb215ba22f43115f4d39dc7beedb130d9f2be90133a0e3ed34258b8c9370634060105baa664953514605fba3973aa021945b985a8a66e9cfa9d9e57033815717b4fdbe55b37cb8d7f41aacfbd4089ea1bd22440f64909a09b5a759a703e71f358e11ac8e13db15d792e604a4f279b3bd6621bdf2c17bc0400000000000000ff8dc4006200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11a755761fe46169b2b5b8cdfbb695cc425fe203d2f2655a76865c2cb4e2470fcfff248c0add5431a7fbcb0ef4f66a09af93a09fab1daae4b518d7a5d95a017864487366d6594d1434c60fca2e2981b22d08f874e0a9cb6fca7844f9dab530388eb1f43d4abbfc59d6f1b18fe380df4bf024f120bd715d82033f2fb7d8fc9e0d77b294e097e293db58992c0024ab2fd8e5e7003af92d11de48e8b4d32972398861a0f133d6cba6f49051cec1bf6f16231bbb90a2d201e5a47811a2278a03bf7700b06fa191ebd3a0c2ef0058ffebd7ccde2480ae40d6156edc4ef81f74a7cdac01d998c24f34a5ba9a4a2039d0416e3f83074192c48c63384f52b8eeb70571e5bbb3e6d2b5eba52bee6f81968981811f832d064048c0e0bbe46984b2f0d0504255c22ee8674053d0e160e525536edf56a93d0a7a6f0889f4ee8964875fea6ff57ba6ae25c5e8ca4f78d5a01308243b08f1caa46be5244d64f8e875858e083144c642f71cdc8e5634c1360c056430f677ee7ed7ac1f9743786b2fb8d0fcfcc3d36c93230b7b059bc295aa0e38b1c3edc349ab96e73d2060acfd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd0c84892c97c80987e5c7954e9f3694d116b01ce0b8ef953de70e7ce0311c8b018956f8a42ca26ab295f1ecf617a8dc38e525f415a1bd46b38845ebca04061bacbf627f798a7f520078fee48f83b5989543729e57a9e1d686bc86cd51704f309130f5347413776a7b7bea3c46c0c4c4b7c27c45057d95ac85ac1cdcee8e6fa31fc09c45a314a6f0b9352be92986d63263b1aa5264cb4a82cf080de1f87808d0711dd76f35957300"/1175], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe80, 0x0, &(0x7f00000000c0)="b9ff03c6630d698cb89e0bf088ca1fffffff0e000000630677fbac14140ce0", 0x0, 0x2f, 0x0, 0x0, 0xfffffffffffffe2a}, 0x28)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000100)={0xffffffffffffffff, r3, 0x8, 0x0, r2}, 0x14)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000280), 0x4)
close(r0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=""/130, 0x82}, 0x40010102)
close(r1)

[  331.747923][T12935] EXT4-fs (loop5): mount failed
22:45:02 executing program 2:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:02 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7", 0x96, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:02 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:02 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r0, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  331.887650][T12958] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  331.927186][T12958] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  331.961077][T12958] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  331.984084][T12958] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  332.017615][T12958] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
[  332.030748][T12958] EXT4-fs (loop1): get root inode failed
[  332.036542][T12958] EXT4-fs (loop1): mount failed
[  332.045446][T12968] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
22:45:02 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r0, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  332.070467][T12970] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  332.096119][T12968] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  332.107750][T12970] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  332.124274][T12968] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  332.139608][T12970] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  332.150449][T12968] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  332.160255][   T28] audit: type=1804 audit(1591742702.467:11): pid=12961 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir388754983/syzkaller.YjSTB7/128/memory.events" dev="sda1" ino=16168 res=1
[  332.177488][T12970] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:45:02 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  332.224906][T12968] EXT4-fs (loop0): corrupt root inode, run e2fsck
[  332.246076][T12968] EXT4-fs (loop0): mount failed
[  332.249909][T12970] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
22:45:02 executing program 2:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:02 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  332.358411][T12970] EXT4-fs (loop5): get root inode failed
22:45:02 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r0, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  332.402125][T12970] EXT4-fs (loop5): mount failed
22:45:02 executing program 3:
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x400454d0, 0x2)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50785, 0x7fff})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r0, &(0x7f0000000200), 0x400086)
gettid()
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2da8020000100000, 0x500001c)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.events\x00', 0x2da8020000100000, 0x500001c)
openat$cgroup(0xffffffffffffffff, &(0x7f0000000080)='syz0\x00', 0x200002, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40305829, &(0x7f0000000040))
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40086602, 0x400007)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0a7f00f8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92304f242b416ae9eeefc0e9c60ebab1c176bf9bb4dde984510c82dc2b9381b72b100d0682fd0a0c4a06b29e220dc28dac72599456d4c4e6f3fe2d1dee18f638ac947b5e026a3287c84ccc727d6ef3834293812e927c01c7da1322da44c7f2ed1084a12f56d1cb398dff1db3df9858837458a4ca03767c69cee1b6be484e4c9507af216bd8ed42f7dd5adb8e49f4a94615e49c08c9a20819e02cc22e6be4557cd4ed88b37ab8d7674c644dca2f1b4d745fd95c41f9d441d42f49db6d4a4762e5cc23dfc1adafd1e5a3e7f2e898961cb43e438c4e41ae43ea118e1407a601dae4b8b99bffffb1ac006c67767b03b95151aeb89e6d4a43c625aa2285b6e4afd8c1c83eb215ba22f43115f4d39dc7beedb130d9f2be90133a0e3ed34258b8c9370634060105baa664953514605fba3973aa021945b985a8a66e9cfa9d9e57033815717b4fdbe55b37cb8d7f41aacfbd4089ea1bd22440f64909a09b5a759a703e71f358e11ac8e13db15d792e604a4f279b3bd6621bdf2c17bc0400000000000000ff8dc4006200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11a755761fe46169b2b5b8cdfbb695cc425fe203d2f2655a76865c2cb4e2470fcfff248c0add5431a7fbcb0ef4f66a09af93a09fab1daae4b518d7a5d95a017864487366d6594d1434c60fca2e2981b22d08f874e0a9cb6fca7844f9dab530388eb1f43d4abbfc59d6f1b18fe380df4bf024f120bd715d82033f2fb7d8fc9e0d77b294e097e293db58992c0024ab2fd8e5e7003af92d11de48e8b4d32972398861a0f133d6cba6f49051cec1bf6f16231bbb90a2d201e5a47811a2278a03bf7700b06fa191ebd3a0c2ef0058ffebd7ccde2480ae40d6156edc4ef81f74a7cdac01d998c24f34a5ba9a4a2039d0416e3f83074192c48c63384f52b8eeb70571e5bbb3e6d2b5eba52bee6f81968981811f832d064048c0e0bbe46984b2f0d0504255c22ee8674053d0e160e525536edf56a93d0a7a6f0889f4ee8964875fea6ff57ba6ae25c5e8ca4f78d5a01308243b08f1caa46be5244d64f8e875858e083144c642f71cdc8e5634c1360c056430f677ee7ed7ac1f9743786b2fb8d0fcfcc3d36c93230b7b059bc295aa0e38b1c3edc349ab96e73d2060acfd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd0c84892c97c80987e5c7954e9f3694d116b01ce0b8ef953de70e7ce0311c8b018956f8a42ca26ab295f1ecf617a8dc38e525f415a1bd46b38845ebca04061bacbf627f798a7f520078fee48f83b5989543729e57a9e1d686bc86cd51704f309130f5347413776a7b7bea3c46c0c4c4b7c27c45057d95ac85ac1cdcee8e6fa31fc09c45a314a6f0b9352be92986d63263b1aa5264cb4a82cf080de1f87808d0711dd76f35957300"/1175], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe80, 0x0, &(0x7f00000000c0)="b9ff03c6630d698cb89e0bf088ca1fffffff0e000000630677fbac14140ce0", 0x0, 0x2f, 0x0, 0x0, 0xfffffffffffffe2a}, 0x28)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000100)={0xffffffffffffffff, r3, 0x8, 0x0, r2}, 0x14)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000280), 0x4)
close(r0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=""/130, 0x82}, 0x40010102)
close(r1)

[  332.448943][   T28] audit: type=1804 audit(1591742702.757:12): pid=12957 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir388754983/syzkaller.YjSTB7/128/memory.events" dev="sda1" ino=16168 res=1
22:45:02 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  332.513585][T12991] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  332.527552][T12991] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  332.548173][T12991] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  332.572232][T12991] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  332.598747][T12999] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  332.612027][T12991] EXT4-fs error (device loop1): ext4_fill_super:4569: inode #2: comm syz-executor.1: iget: root inode unallocated
[  332.627973][T12999] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  332.648133][T12991] EXT4-fs (loop1): get root inode failed
[  332.664929][T13008] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  332.672500][T12991] EXT4-fs (loop1): mount failed
[  332.678715][T12999] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  332.703194][T13008] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:45:03 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r0, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:03 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x1, &(0x7f0000002280)=[{&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  332.722006][T12999] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  332.756988][T13008] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:45:03 executing program 2:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

[  332.778575][T12999] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
[  332.792937][   T28] audit: type=1804 audit(1591742703.097:13): pid=13014 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir388754983/syzkaller.YjSTB7/129/memory.events" dev="sda1" ino=16178 res=1
[  332.802919][T13008] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  332.861160][T12999] EXT4-fs (loop0): get root inode failed
[  332.883008][T12999] EXT4-fs (loop0): mount failed
22:45:03 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r0, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  332.907902][T13023] fuse: Bad value for 'fd'
[  332.926866][T13008] EXT4-fs error (device loop5): ext4_fill_super:4569: inode #2: comm syz-executor.5: iget: root inode unallocated
22:45:03 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:03 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x1, &(0x7f0000002280)=[{&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  332.965681][T13008] EXT4-fs (loop5): get root inode failed
[  332.998486][T13008] EXT4-fs (loop5): mount failed
22:45:03 executing program 3:
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x400454d0, 0x2)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50785, 0x7fff})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r0, &(0x7f0000000200), 0x400086)
gettid()
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2da8020000100000, 0x500001c)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.events\x00', 0x2da8020000100000, 0x500001c)
openat$cgroup(0xffffffffffffffff, &(0x7f0000000080)='syz0\x00', 0x200002, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40305829, &(0x7f0000000040))
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40086602, 0x400007)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0a7f00f8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92304f242b416ae9eeefc0e9c60ebab1c176bf9bb4dde984510c82dc2b9381b72b100d0682fd0a0c4a06b29e220dc28dac72599456d4c4e6f3fe2d1dee18f638ac947b5e026a3287c84ccc727d6ef3834293812e927c01c7da1322da44c7f2ed1084a12f56d1cb398dff1db3df9858837458a4ca03767c69cee1b6be484e4c9507af216bd8ed42f7dd5adb8e49f4a94615e49c08c9a20819e02cc22e6be4557cd4ed88b37ab8d7674c644dca2f1b4d745fd95c41f9d441d42f49db6d4a4762e5cc23dfc1adafd1e5a3e7f2e898961cb43e438c4e41ae43ea118e1407a601dae4b8b99bffffb1ac006c67767b03b95151aeb89e6d4a43c625aa2285b6e4afd8c1c83eb215ba22f43115f4d39dc7beedb130d9f2be90133a0e3ed34258b8c9370634060105baa664953514605fba3973aa021945b985a8a66e9cfa9d9e57033815717b4fdbe55b37cb8d7f41aacfbd4089ea1bd22440f64909a09b5a759a703e71f358e11ac8e13db15d792e604a4f279b3bd6621bdf2c17bc0400000000000000ff8dc4006200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11a755761fe46169b2b5b8cdfbb695cc425fe203d2f2655a76865c2cb4e2470fcfff248c0add5431a7fbcb0ef4f66a09af93a09fab1daae4b518d7a5d95a017864487366d6594d1434c60fca2e2981b22d08f874e0a9cb6fca7844f9dab530388eb1f43d4abbfc59d6f1b18fe380df4bf024f120bd715d82033f2fb7d8fc9e0d77b294e097e293db58992c0024ab2fd8e5e7003af92d11de48e8b4d32972398861a0f133d6cba6f49051cec1bf6f16231bbb90a2d201e5a47811a2278a03bf7700b06fa191ebd3a0c2ef0058ffebd7ccde2480ae40d6156edc4ef81f74a7cdac01d998c24f34a5ba9a4a2039d0416e3f83074192c48c63384f52b8eeb70571e5bbb3e6d2b5eba52bee6f81968981811f832d064048c0e0bbe46984b2f0d0504255c22ee8674053d0e160e525536edf56a93d0a7a6f0889f4ee8964875fea6ff57ba6ae25c5e8ca4f78d5a01308243b08f1caa46be5244d64f8e875858e083144c642f71cdc8e5634c1360c056430f677ee7ed7ac1f9743786b2fb8d0fcfcc3d36c93230b7b059bc295aa0e38b1c3edc349ab96e73d2060acfd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd0c84892c97c80987e5c7954e9f3694d116b01ce0b8ef953de70e7ce0311c8b018956f8a42ca26ab295f1ecf617a8dc38e525f415a1bd46b38845ebca04061bacbf627f798a7f520078fee48f83b5989543729e57a9e1d686bc86cd51704f309130f5347413776a7b7bea3c46c0c4c4b7c27c45057d95ac85ac1cdcee8e6fa31fc09c45a314a6f0b9352be92986d63263b1aa5264cb4a82cf080de1f87808d0711dd76f35957300"/1175], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe80, 0x0, &(0x7f00000000c0)="b9ff03c6630d698cb89e0bf088ca1fffffff0e000000630677fbac14140ce0", 0x0, 0x2f, 0x0, 0x0, 0xfffffffffffffe2a}, 0x28)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000100)={0xffffffffffffffff, r3, 0x8, 0x0, r2}, 0x14)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000280), 0x4)
close(r0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=""/130, 0x82}, 0x40010102)
close(r1)

22:45:03 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:03 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x1, &(0x7f0000002280)=[{&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  333.144575][T13037] fuse: Bad value for 'fd'
[  333.236774][T13040] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
22:45:03 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r0, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  333.281376][T13040] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:45:03 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x1, &(0x7f0000002280)=[{&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  333.377218][T13040] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  333.429305][   T28] audit: type=1804 audit(1591742703.737:14): pid=13054 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir388754983/syzkaller.YjSTB7/130/memory.events" dev="sda1" ino=16164 res=1
[  333.479527][T13040] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  333.511478][T13058] fuse: Bad value for 'fd'
[  333.521113][T13040] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
22:45:03 executing program 4:
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:03 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x1, &(0x7f0000002280)=[{&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  333.560561][T13040] EXT4-fs (loop0): get root inode failed
[  333.566617][T13040] EXT4-fs (loop0): mount failed
22:45:04 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{0x0, 0x0, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:04 executing program 4:
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:04 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:04 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x1, &(0x7f0000002280)=[{&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:04 executing program 4:
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:04 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000008c0))
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x161)
sendmsg$inet(r1, &(0x7f0000000240)={&(0x7f0000000300)={0x2, 0x4e22, @remote}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0)

[  334.019205][T13085] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  334.051532][T13085] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  334.062702][T13085] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  334.074607][T13085] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  334.109059][T13085] EXT4-fs error (device loop0): ext4_fill_super:4569: inode #2: comm syz-executor.0: iget: root inode unallocated
[  334.131136][T13085] EXT4-fs (loop0): get root inode failed
[  334.172020][T13085] EXT4-fs (loop0): mount failed
22:45:04 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:04 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{0x0, 0x0, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:04 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{0x0, 0x0, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:04 executing program 4:
mkdir(0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:04 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000180)=[@in6={0xa, 0x0, 0x0, @dev, 0xc}], 0x1c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000180)=[@in6={0xa, 0x0, 0x0, @dev, 0xc}], 0x1c)

22:45:04 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x1, &(0x7f0000002280)=[{&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:04 executing program 4:
mkdir(0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:04 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{0x0, 0x0, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:04 executing program 4:
mkdir(0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:04 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{0x0, 0x0, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:04 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x1, &(0x7f0000002280)=[{&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:04 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:05 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:05 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100), 0x0, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:05 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{0x0, 0x0, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:05 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x1, &(0x7f0000002280)=[{&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  334.910144][T13164] fuse: Bad value for 'fd'
22:45:05 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f0000000440)={'syz'}, &(0x7f00000000c0), 0x14b, 0xfffffffffffffffd)
r1 = add_key(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={'syz', 0x0}, &(0x7f00000002c0)='4', 0xba, 0xfffffffffffffffe)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r1, r0, r1}, 0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={'vmac64(aes)\x00'}})
request_key(0x0, 0x0, 0x0, r1)
syz_genetlink_get_family_id$nl80211(0x0)
syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x0, 0x0)
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x0)

22:45:05 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:05 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:05 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100), 0x0, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:05 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100), 0x0, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:05 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{0x0, 0x0, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:05 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  335.282910][T13190] fuse: Bad value for 'fd'
22:45:05 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f0000000440)={'syz'}, &(0x7f00000000c0), 0x14b, 0xfffffffffffffffd)
r1 = add_key(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={'syz', 0x0}, &(0x7f00000002c0)='4', 0xba, 0xfffffffffffffffe)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r1, r0, r1}, 0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={'vmac64(aes)\x00'}})
request_key(0x0, 0x0, 0x0, r1)
syz_genetlink_get_family_id$nl80211(0x0)
syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x0, 0x0)
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x0)

22:45:05 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{0x0, 0x0, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:05 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

[  335.480867][T13216] fuse: Bad value for 'fd'
22:45:05 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100), 0x0, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:05 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100), 0x0, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:05 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:05 executing program 3:
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, 0x0)
epoll_create1(0x0)
syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x1, 0x2)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000280)={0x7f, 0xd5c, 0x2, 0x0, <r1=>0x0})
ioctl$DRM_IOCTL_MODE_MAP_DUMB(r0, 0xc00c642d, &(0x7f00000002c0)={r1})
r2 = openat$ion(0xffffffffffffff9c, 0x0, 0x0, 0x0)
dup3(r2, r0, 0x0)
ioctl$VIDIOC_DQBUF(0xffffffffffffffff, 0xc0445611, &(0x7f00000000c0)={0xfc, 0x3, 0x4, 0x0, 0x80000000, {0x0, 0x2710}, {0x4, 0xc, 0x0, 0x0, 0x3f, 0x2, "cf35cd3b"}, 0x80000000, 0x1, @offset=0x9, 0x1eb3})
pipe(0x0)
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, 0x0, &(0x7f0000000080))
ioctl$SNDRV_CTL_IOCTL_PVERSION(0xffffffffffffffff, 0x80045500, &(0x7f0000000180))
syz_open_dev$video(0x0, 0x4000200a, 0x40c0c0)
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000000)={'nat\x00'}, 0x0)

22:45:06 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{0x0, 0x0, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:06 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:06 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001", 0x1d, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:06 executing program 3:
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, 0x0)
epoll_create1(0x0)
syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x1, 0x2)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000280)={0x7f, 0xd5c, 0x2, 0x0, <r1=>0x0})
ioctl$DRM_IOCTL_MODE_MAP_DUMB(r0, 0xc00c642d, &(0x7f00000002c0)={r1})
r2 = openat$ion(0xffffffffffffff9c, 0x0, 0x0, 0x0)
dup3(r2, r0, 0x0)
ioctl$VIDIOC_DQBUF(0xffffffffffffffff, 0xc0445611, &(0x7f00000000c0)={0xfc, 0x3, 0x4, 0x0, 0x80000000, {0x0, 0x2710}, {0x4, 0xc, 0x0, 0x0, 0x3f, 0x2, "cf35cd3b"}, 0x80000000, 0x1, @offset=0x9, 0x1eb3})
pipe(0x0)
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, 0x0, &(0x7f0000000080))
ioctl$SNDRV_CTL_IOCTL_PVERSION(0xffffffffffffffff, 0x80045500, &(0x7f0000000180))
syz_open_dev$video(0x0, 0x4000200a, 0x40c0c0)
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000000)={'nat\x00'}, 0x0)

22:45:06 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:06 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:06 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100), 0x0, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:06 executing program 3:
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, 0x0)
epoll_create1(0x0)
syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x1, 0x2)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000280)={0x7f, 0xd5c, 0x2, 0x0, <r1=>0x0})
ioctl$DRM_IOCTL_MODE_MAP_DUMB(r0, 0xc00c642d, &(0x7f00000002c0)={r1})
r2 = openat$ion(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ion\x00', 0x0, 0x0)
dup3(r2, r0, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1000000008, 0x0)
ioctl$VIDIOC_DQBUF(0xffffffffffffffff, 0xc0445611, &(0x7f00000000c0)={0xfc, 0x0, 0x4, 0x0, 0x80000000, {0x0, 0x2710}, {0x4, 0xc, 0x5, 0xff, 0x3f, 0x2, "cf35cd3b"}, 0x80000000, 0x1, @offset=0x9, 0x1eb3})
pipe(&(0x7f0000000040))
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000000)={'nat\x00'}, &(0x7f0000000080)=0x50)
ioctl$SNDRV_CTL_IOCTL_PVERSION(0xffffffffffffffff, 0x80045500, &(0x7f0000000180))
syz_open_dev$video(0x0, 0x4000200a, 0x40c0c0)
clock_gettime(0x0, 0x0)
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000000)={'nat\x00'}, 0x0)

22:45:06 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100), 0x0, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:06 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001", 0x1d, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:06 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:06 executing program 3:
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, 0x0)
epoll_create1(0x0)
syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x1, 0x2)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000280)={0x7f, 0xd5c, 0x2, 0x0, <r1=>0x0})
ioctl$DRM_IOCTL_MODE_MAP_DUMB(r0, 0xc00c642d, &(0x7f00000002c0)={r1})
r2 = openat$ion(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ion\x00', 0x0, 0x0)
dup3(r2, r0, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1000000008, 0x0)
ioctl$VIDIOC_DQBUF(0xffffffffffffffff, 0xc0445611, &(0x7f00000000c0)={0xfc, 0x0, 0x4, 0x0, 0x80000000, {0x0, 0x2710}, {0x4, 0xc, 0x5, 0xff, 0x3f, 0x2, "cf35cd3b"}, 0x80000000, 0x1, @offset=0x9, 0x1eb3})
pipe(&(0x7f0000000040))
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000000)={'nat\x00'}, &(0x7f0000000080)=0x50)
ioctl$SNDRV_CTL_IOCTL_PVERSION(0xffffffffffffffff, 0x80045500, &(0x7f0000000180))
syz_open_dev$video(0x0, 0x4000200a, 0x40c0c0)
clock_gettime(0x0, 0x0)
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000000)={'nat\x00'}, 0x0)

22:45:06 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001", 0x1d, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:06 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:06 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100), 0x0, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:06 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:06 executing program 3:
r0 = socket$inet(0x2, 0x4000000805, 0x0)
getsockopt$EBT_SO_GET_INFO(r0, 0x84, 0x80, 0x0, &(0x7f0000000080))

22:45:06 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001", 0x1d, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:06 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001", 0x1d, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:06 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100), 0x0, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:06 executing program 3:
sendmsg$BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x14, 0x0, 0x1, 0x0, 0x0, {0x3}}, 0x14}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x40, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe, 0x1, 'wireguard\x00'}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x40}}, 0x0)

22:45:07 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:07 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000", 0x2c, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:07 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:07 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r0, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:07 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001", 0x1d, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:07 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001", 0x1d, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:07 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000", 0x2c, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:07 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r0, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:07 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000", 0x2c, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:07 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r0, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:07 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:07 executing program 3:
sendmsg$BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x14, 0x0, 0x1, 0x0, 0x0, {0x3}}, 0x14}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x40, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe, 0x1, 'wireguard\x00'}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x40}}, 0x0)

22:45:07 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001", 0x1d, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:07 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id='])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:07 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000", 0x2c, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:07 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000", 0x2c, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:07 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001", 0x1d, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  337.445530][T13412] fuse: Bad value for 'group_id'
22:45:07 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id='])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:07 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:07 executing program 3:

22:45:07 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000", 0x2c, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:08 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe", 0x33, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  337.695823][T13430] fuse: Bad value for 'group_id'
22:45:08 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id='])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:08 executing program 3:

22:45:08 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000", 0x2c, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:08 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe", 0x33, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:08 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe", 0x33, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:08 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  338.000369][T13447] fuse: Bad value for 'group_id'
22:45:08 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe", 0x33, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:08 executing program 3:

22:45:08 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:08 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:08 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000", 0x2c, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:08 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe", 0x33, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:08 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe", 0x33, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:08 executing program 3:

22:45:08 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:08 executing program 3:

22:45:08 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000", 0x2c, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:08 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:08 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ff", 0x37, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:08 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ff", 0x37, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:08 executing program 3:

22:45:08 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB, @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:09 executing program 3:

22:45:09 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB, @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:09 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe", 0x33, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:09 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ff", 0x37, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:09 executing program 3:

22:45:09 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:09 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ff", 0x37, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:09 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB, @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:09 executing program 3:

22:45:09 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ff", 0x37, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:09 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe", 0x33, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:09 executing program 3:

22:45:09 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',grou', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:09 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ff", 0x37, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:09 executing program 3:

22:45:09 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe", 0x33, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:09 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53", 0x39, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  339.344283][T13555] fuse: Unknown parameter 'grou00000000000000000000'
22:45:12 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:12 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',grou', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:12 executing program 3:

22:45:12 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53", 0x39, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:12 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ff", 0x37, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:12 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53", 0x39, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:12 executing program 3:

22:45:12 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53", 0x39, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  342.376157][T13602] fuse: Unknown parameter 'grou00000000000000000000'
22:45:12 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',grou', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:12 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53", 0x39, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:12 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ff", 0x37, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:13 executing program 3:

[  342.716432][T13624] fuse: Unknown parameter 'grou00000000000000000000'
22:45:15 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:15 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:15 executing program 3:

22:45:15 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53", 0x39, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:15 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_i', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:15 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ff", 0x37, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:15 executing program 3:

22:45:16 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_i', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  345.610203][T13652] fuse: Unknown parameter 'group_i00000000000000000000'
22:45:16 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53", 0x39, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:16 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:16 executing program 3:

22:45:16 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  345.853951][T13671] fuse: Unknown parameter 'group_i00000000000000000000'
22:45:19 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_i', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:19 executing program 3:

22:45:19 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53", 0x39, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:19 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:19 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:19 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:19 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:19 executing program 3:

[  348.888390][T13712] fuse: Unknown parameter 'group_i00000000000000000000'
22:45:19 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53", 0x39, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:19 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:19 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:19 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0x0, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:19 executing program 3:

22:45:19 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  349.110172][T13728] fuse: Unknown parameter 'group_id00000000000000000000'
22:45:19 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:19 executing program 3:

[  349.225121][T13733] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  349.242270][T13733] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  349.255732][T13733] EXT4-fs (loop1): group descriptors corrupted!
[  349.278841][T13741] fuse: Unknown parameter 'group_id00000000000000000000'
[  349.314812][T13742] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  349.332976][T13742] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  349.351958][T13742] EXT4-fs (loop5): group descriptors corrupted!
22:45:22 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:22 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:22 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:22 executing program 3:

22:45:22 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0x0, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:22 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  352.132330][T13777] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  352.145672][T13778] fuse: Unknown parameter 'group_id00000000000000000000'
[  352.166131][T13776] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
22:45:22 executing program 3:

22:45:22 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:22 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  352.199238][T13776] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  352.225708][T13777] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:45:22 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  352.273052][T13776] EXT4-fs (loop1): group descriptors corrupted!
[  352.280910][T13777] EXT4-fs (loop5): group descriptors corrupted!
22:45:22 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0x0, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:22 executing program 3:

[  352.472013][T13800] fuse: Bad value for 'user_id'
[  352.553570][T13804] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  352.575480][T13804] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  352.619979][T13804] EXT4-fs (loop1): group descriptors corrupted!
[  352.631223][T13816] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  352.642705][T13816] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  352.663527][T13816] EXT4-fs (loop5): group descriptors corrupted!
22:45:25 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:25 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:25 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x200])
semop(0x0, &(0x7f0000000100), 0x2d)
semctl$IPC_RMID(0x0, 0x0, 0x0)

22:45:25 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:25 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:25 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, 0x0, 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  355.355683][T13834] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  355.366341][T13835] fuse: Bad value for 'user_id'
[  355.379491][T13834] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  355.398769][T13841] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  355.412049][T13840] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  355.427044][T13841] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  355.431039][T13834] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:45:25 executing program 3:
r0 = syz_open_dev$binderN(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0)
r1 = syz_open_dev$binderN(0x0, 0x0, 0x0)
r2 = dup2(r1, r0)
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = socket$packet(0x11, 0x3, 0x300)
r5 = fcntl$dupfd(r4, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r2, 0x541b, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x25000000, 0x0})

22:45:25 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  355.448346][T13840] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  355.472220][T13841] EXT4-fs (loop0): group descriptors corrupted!
[  355.520102][T13840] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  355.538158][T13853] binder: 13852:13853 ioctl 541b 20000540 returned -22
[  355.549027][T13834] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  355.560109][T13840] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:45:25 executing program 3:
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
write(r0, &(0x7f0000000340), 0x41395527)
r1 = gettid()
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x1)
write$binfmt_script(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="230228efb4a24fe8988dd060ffd7ee027df410469a2bc04b26c0d8d21d5d6fe0eb5781f4f9c58dfa5a52925b1bba478405a979466ebef31721905d14e28d000017d1ede6c1f37bd3a990119beaea99c2adcf359a30a74dc68c37cfbef5c16f3e648860faf8228bf63bb3bf0800318203e6017fe7128d5bcb25236e1882c6e8f1b49e1fc0d13bc4c7234ce9fe065d74f8be4347865d7eb68b41e4edd3a7f66743f4faecb83f5e8439d916a7b325e5dd66d60a45b03935786453686bd61faf5f9368297911f96349c9ea6ed04d70168fefd3bab44ca2a89d7aae487561eb88642de7901a1008617ab2b5082db2b256c34f4e65814976aa4c07e4ef651d28511be00a29c34f59aa8cf840c30e02ed88165d4b8ee524c85b100af5b9a403ce7ba86abc19a7f671cbd143f9827fa224b9ae3ecbe15d9f3ca027cd3ce27b4df518c4823e47e9fe520003493d63ae366174636efeb5952c7ba18b88eb9e75438d80055a9da8c38ed3cdb1027a3ebbc2a5780b14e1d180be2cb2ba9d14af6e4d6a30574980442cc202aa4f85ef6fdb74"], 0x16c)
prctl$PR_SET_PTRACER(0x59616d61, r1)
close(r2)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)

[  355.570349][T13834] EXT4-fs mount: 10 callbacks suppressed
[  355.570372][T13834] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[  355.590857][T13840] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
22:45:26 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, 0x0, 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:26 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:26 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  355.824456][T13861] fuse: Bad value for 'user_id'
[  355.850946][T13868] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  355.886863][T13868] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  355.926933][T13868] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  355.952301][T13872] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  355.960981][T13872] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  355.993521][T13868] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  356.001652][T13872] EXT4-fs (loop0): group descriptors corrupted!
[  356.010892][T13868] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
22:45:28 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, 0x0, 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:28 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:28 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:28 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:28 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:28 executing program 3:
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
write(r0, &(0x7f0000000340), 0x41395527)
r1 = gettid()
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x1)
write$binfmt_script(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="230228efb4a24fe8988dd060ffd7ee027df410469a2bc04b26c0d8d21d5d6fe0eb5781f4f9c58dfa5a52925b1bba478405a979466ebef31721905d14e28d000017d1ede6c1f37bd3a990119beaea99c2adcf359a30a74dc68c37cfbef5c16f3e648860faf8228bf63bb3bf0800318203e6017fe7128d5bcb25236e1882c6e8f1b49e1fc0d13bc4c7234ce9fe065d74f8be4347865d7eb68b41e4edd3a7f66743f4faecb83f5e8439d916a7b325e5dd66d60a45b03935786453686bd61faf5f9368297911f96349c9ea6ed04d70168fefd3bab44ca2a89d7aae487561eb88642de7901a1008617ab2b5082db2b256c34f4e65814976aa4c07e4ef651d28511be00a29c34f59aa8cf840c30e02ed88165d4b8ee524c85b100af5b9a403ce7ba86abc19a7f671cbd143f9827fa224b9ae3ecbe15d9f3ca027cd3ce27b4df518c4823e47e9fe520003493d63ae366174636efeb5952c7ba18b88eb9e75438d80055a9da8c38ed3cdb1027a3ebbc2a5780b14e1d180be2cb2ba9d14af6e4d6a30574980442cc202aa4f85ef6fdb74"], 0x16c)
prctl$PR_SET_PTRACER(0x59616d61, r1)
close(r2)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)

[  358.571143][T13900] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  358.579937][T13900] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  358.594462][T13900] EXT4-fs (loop0): group descriptors corrupted!
[  358.632748][T13901] fuse: Bad value for 'fd'
22:45:29 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, 0x0, 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  358.667507][T13906] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  358.682570][T13905] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  358.700833][T13905] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:45:29 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:29 executing program 3:
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
write(r0, &(0x7f0000000340), 0x41395527)
r1 = gettid()
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x1)
write$binfmt_script(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="230228efb4a24fe8988dd060ffd7ee027df410469a2bc04b26c0d8d21d5d6fe0eb5781f4f9c58dfa5a52925b1bba478405a979466ebef31721905d14e28d000017d1ede6c1f37bd3a990119beaea99c2adcf359a30a74dc68c37cfbef5c16f3e648860faf8228bf63bb3bf0800318203e6017fe7128d5bcb25236e1882c6e8f1b49e1fc0d13bc4c7234ce9fe065d74f8be4347865d7eb68b41e4edd3a7f66743f4faecb83f5e8439d916a7b325e5dd66d60a45b03935786453686bd61faf5f9368297911f96349c9ea6ed04d70168fefd3bab44ca2a89d7aae487561eb88642de7901a1008617ab2b5082db2b256c34f4e65814976aa4c07e4ef651d28511be00a29c34f59aa8cf840c30e02ed88165d4b8ee524c85b100af5b9a403ce7ba86abc19a7f671cbd143f9827fa224b9ae3ecbe15d9f3ca027cd3ce27b4df518c4823e47e9fe520003493d63ae366174636efeb5952c7ba18b88eb9e75438d80055a9da8c38ed3cdb1027a3ebbc2a5780b14e1d180be2cb2ba9d14af6e4d6a30574980442cc202aa4f85ef6fdb74"], 0x16c)
prctl$PR_SET_PTRACER(0x59616d61, r1)
close(r2)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)

[  358.719178][T13906] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  358.719192][T13905] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  358.737509][T13905] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  358.767159][T13905] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
22:45:29 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  358.850505][T13906] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  358.870705][T13924] fuse: Bad value for 'fd'
22:45:29 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  358.894969][T13906] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  358.908557][T13925] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  358.946743][T13925] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  358.964007][T13906] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  358.978336][T13925] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:45:29 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

[  358.988914][T13925] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  359.088553][T13925] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  359.126162][T13940] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  359.146685][T13939] fuse: Bad value for 'fd'
[  359.152537][T13940] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  359.164139][T13940] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  359.174833][T13940] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:45:29 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:29 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, 0x0, 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:29 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  359.191798][T13940] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
22:45:29 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  359.429447][T13956] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  359.442341][T13956] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  359.452399][T13958] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  359.456837][T13961] fuse: Bad value for 'fd'
[  359.462363][T13956] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  359.475529][T13958] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  359.477950][T13963] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  359.486389][T13958] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  359.504667][T13956] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  359.514855][T13963] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  359.534699][T13958] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  359.549557][T13956] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  359.563272][T13963] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  359.602593][T13958] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[  359.604609][T13963] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  359.664017][T13963] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
22:45:32 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, 0x0, 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:32 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:32 executing program 3:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x30d041, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x20000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={0x0, @rc={0x1f, @none}, @phonet, @sco, 0x9, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)='vlan0\x00', 0x0, 0x0, 0x2})
socket$inet6_tcp(0xa, 0x1, 0x0)
read(0xffffffffffffffff, &(0x7f0000000000)=""/97, 0x61)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000300)={0x7000000000, 0x0, 0x0, 0x7ff})
dup(0xffffffffffffffff)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
setsockopt$inet6_MRT6_DEL_MFC(r0, 0x29, 0xcd, &(0x7f00000001c0)={{0xa, 0x4e22, 0x0, @mcast1, 0x7e6}, {0xa, 0x4e20, 0x530, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x7ff, [0x40744b8f, 0x401, 0xfff, 0x2, 0x81, 0x1, 0x8, 0x4]}, 0x5c)
ioctl$CAPI_GET_ERRCODE(0xffffffffffffffff, 0x80024321, &(0x7f0000000100))
getsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f00000000c0)={0x0, 0xfd, 0x80000001, 0x1}, &(0x7f0000000240)=0x10)

22:45:32 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

22:45:32 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:32 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:32 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  361.879220][T14000] fuse: Bad value for 'fd'
[  361.879930][T13997] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  361.909593][T13999] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  361.923452][T14003] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  361.964544][T13999] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  361.984203][T13997] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  361.996766][T14003] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  362.036139][T13999] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  362.048983][T13997] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  362.072424][T14003] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:45:32 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  362.125730][T14019] fuse: Bad value for 'fd'
[  362.127026][T13999] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  362.148419][T13997] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  362.161842][T14003] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:45:32 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

[  362.203472][T13997] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[  362.215501][T13999] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  362.249665][T14003] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
22:45:32 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:32 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  362.300614][T14025] fuse: Invalid rootmode
[  362.386105][T14028] fuse: Invalid rootmode
22:45:32 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:32 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  362.462191][T14033] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
22:45:32 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  362.528297][T14033] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  362.555871][T14037] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  362.591819][T14045] fuse: Invalid rootmode
[  362.605495][T14037] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  362.640092][T14046] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  362.646353][T14033] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  362.658256][T14037] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  362.669927][T14037] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  362.680731][T14046] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  362.709848][T14037] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[  362.724350][T14033] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  362.735872][T14046] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  362.800626][T14046] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  362.825535][T14033] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  362.858952][T14054] fuse: Bad value for 'rootmode'
[  362.897711][T14046] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
22:45:33 executing program 3:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x30d041, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x20000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={0x0, @rc={0x1f, @none}, @phonet, @sco, 0x9, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)='vlan0\x00', 0x0, 0x0, 0x2})
socket$inet6_tcp(0xa, 0x1, 0x0)
read(0xffffffffffffffff, &(0x7f0000000000)=""/97, 0x61)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000300)={0x7000000000, 0x0, 0x0, 0x7ff})
dup(0xffffffffffffffff)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
setsockopt$inet6_MRT6_DEL_MFC(r0, 0x29, 0xcd, &(0x7f00000001c0)={{0xa, 0x4e22, 0x0, @mcast1, 0x7e6}, {0xa, 0x4e20, 0x530, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x7ff, [0x40744b8f, 0x401, 0xfff, 0x2, 0x81, 0x1, 0x8, 0x4]}, 0x5c)
ioctl$CAPI_GET_ERRCODE(0xffffffffffffffff, 0x80024321, &(0x7f0000000100))
getsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f00000000c0)={0x0, 0xfd, 0x80000001, 0x1}, &(0x7f0000000240)=0x10)

22:45:35 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:35 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:35 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:35 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

22:45:35 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:35 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0x10, 0x80002, 0x0)
pipe(&(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$alg(0x26, 0x5, 0x0)
sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r3 = accept$alg(r2, 0x0, 0x0)
sendmsg$alg(r3, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r3, &(0x7f0000000600)=ANY=[], 0xfec8)
splice(r3, 0x0, r1, 0x0, 0x10000, 0x0)
close(0xffffffffffffffff)
syz_genetlink_get_family_id$batadv(&(0x7f0000007580)='batadv\x00')
sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, r0)

[  365.136203][T14095] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  365.172667][T14100] fuse: Bad value for 'rootmode'
[  365.177865][T14097] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  365.196958][T14095] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  365.219481][T14105] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  365.234159][T14097] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:45:35 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  365.244119][T14095] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  365.258331][T14105] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  365.277157][T14097] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  365.279213][T14105] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  365.314898][T14095] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  365.347577][T14097] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:45:35 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:35 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

[  365.377931][T14095] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[  365.397828][T14097] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  365.417884][T14105] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:45:35 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(0x0)
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  365.525247][T14105] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
22:45:35 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:35 executing program 3:
clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000100)=ANY=[@ANYBLOB="7261775000000000000000000000003c0000000001b60000c800000000000000c10300000300200098030000d0010000d001000016400000d0010000d0010000c8020000c8020000c8020000c8eda92e77020000030000000000000000000000000000002a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000800000000000000000000000000000009001d001000000000000000000000000000000000000000000000000c000737472696e6700000000000000000000000000000000000400000000000101005f85626d0000000000000000000000000000e7253543dbb4f5f8afaf946d72c340f92f908d6e6b8033e825db7975007cba3af665cc0da87a4c5c88d9dadf17aaed191816d1d900d54fc8b9cd1cb72d022c7a56cffdf0c65a76bcc754233982ae47b4f7d657c8ef7d7cf8dbab03f8e8416698f70faf25207c17ef213018accef0fd6d28913a4e0a91b50a7cb9761e4d12e2967e033b544b318eb26e720000000000000000000000000000000000000000000000000000000000004000da2e75873b935dc6d54f2d6b"], 0x1)
r1 = memfd_create(&(0x7f00000000c0)='systemem0ed1<\x14w\x00\x9a', 0x0)
mmap(&(0x7f0000000000/0xaa2000)=nil, 0xaa2000, 0x5, 0x11, r1, 0x0)
rt_sigaction(0x7, &(0x7f0000b4a000)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000000))
prctl$PR_SET_DUMPABLE(0x4, 0x0)
syz_open_procfs(0x0, &(0x7f00000008c0)='sessionid\x00')

[  365.598643][T14125] fuse: Bad value for 'rootmode'
[  365.800435][T14134] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  365.811299][T14131] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  365.822403][T14128] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  365.835834][T14131] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  365.846717][T14128] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  365.857547][T14134] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  365.868978][T14131] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  365.879443][T14128] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  365.889506][T14128] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  365.898261][T14134] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  365.901402][T14131] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  365.920441][T14128] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  365.932689][T14131] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[  365.988895][T14134] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  366.052709][T14134] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
22:45:38 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:38 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:38 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:45:38 executing program 3:
perf_event_open(&(0x7f0000000400)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/syz1\x00', 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f0000000040), 0x12)
gettid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000003c0)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={<r2=>0x0, <r3=>0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000300)='selinuxposix_acl_access,keyring\x00'}, 0x30)
perf_event_open(&(0x7f0000000480)={0x0, 0x70, 0x2, 0x5, 0x0, 0x1, 0x0, 0x5, 0x11000, 0x4, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4178e489, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x4, 0x5, 0x6, 0x4, 0x0, 0xcad}, r2, 0x0, 0xffffffffffffffff, 0x8)
close(r3)
openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000240))
socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1}, 0x0)

22:45:38 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(0x0)
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:38 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  368.300232][T14168] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  368.318571][T14168] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  368.335218][T14168] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  368.348599][T14173] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  368.350341][T14177] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  368.366045][T14177] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  368.375852][T14177] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  368.385877][T14177] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  368.401243][T14177] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  368.414346][T14177] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  368.423763][T14173] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  368.434805][T14181] fuse: Unknown parameter 'user00000000000000000000'
22:45:38 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  368.447669][T14177] EXT4-fs (loop0): re-mounted. Opts: (null)
[  368.457394][T14168] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  368.475442][T14173] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  368.552266][T14190] EXT4-fs (loop0): re-mounted. Opts: (null)
[  368.584009][T14173] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:45:39 executing program 3:
perf_event_open(&(0x7f0000000400)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/syz1\x00', 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f0000000040), 0x12)
gettid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000003c0)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={<r2=>0x0, <r3=>0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000300)='selinuxposix_acl_access,keyring\x00'}, 0x30)
perf_event_open(&(0x7f0000000480)={0x0, 0x70, 0x2, 0x5, 0x0, 0x1, 0x0, 0x5, 0x11000, 0x4, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4178e489, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x4, 0x5, 0x6, 0x4, 0x0, 0xcad}, r2, 0x0, 0xffffffffffffffff, 0x8)
close(r3)
openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000240))
socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1}, 0x0)

[  368.599779][T14168] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
22:45:39 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x4)
socket$kcm(0x2, 0xa, 0x2)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x161)
sendmsg$inet(r1, &(0x7f0000000240)={&(0x7f0000000300)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000040)=[@ip_retopts={{0x20, 0x0, 0x7, {[@timestamp={0x7, 0x10, 0x7, 0x9, 0x0, [0x0, 0x0, 0x0]}]}}}], 0x20, 0x5}, 0x0)

22:45:39 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(0x0)
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:39 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  368.709719][T14173] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
22:45:39 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

[  368.819344][T14200] fuse: Unknown parameter 'user00000000000000000000'
22:45:39 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:39 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  368.984053][T14208] syz-executor.3 uses obsolete (PF_INET,SOCK_PACKET)
22:45:39 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  369.106456][T14216] fuse: Unknown parameter 'user00000000000000000000'
[  369.170953][T14213] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  369.208679][T14224] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
22:45:39 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x4)
socket$kcm(0x2, 0xa, 0x2)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x161)
sendmsg$inet(r1, &(0x7f0000000240)={&(0x7f0000000300)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000040)=[@ip_retopts={{0x20, 0x0, 0x7, {[@timestamp={0x7, 0x10, 0x7, 0x9, 0x0, [0x0, 0x0, 0x0]}]}}}], 0x20, 0x5}, 0x0)

22:45:39 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

[  369.217620][T14224] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  369.227568][T14224] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  369.238030][T14224] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  369.238789][T14213] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  369.259296][T14224] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
22:45:39 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_i', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  369.278482][T14227] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  369.330069][T14227] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  369.353269][T14227] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  369.363359][T14227] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  369.375709][T14227] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
22:45:39 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x4)
socket$kcm(0x2, 0xa, 0x2)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x161)
sendmsg$inet(r1, &(0x7f0000000240)={&(0x7f0000000300)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000040)=[@ip_retopts={{0x20, 0x0, 0x7, {[@timestamp={0x7, 0x10, 0x7, 0x9, 0x0, [0x0, 0x0, 0x0]}]}}}], 0x20, 0x5}, 0x0)

22:45:39 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_i', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  369.442731][T14239] fuse: Unknown parameter 'user_i00000000000000000000'
[  369.446287][T14213] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:45:39 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  369.560552][T14213] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:45:40 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(0x0, 0x0)

22:45:40 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  369.611121][T14213] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
22:45:40 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f0000000300))
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0x12)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
close(r0)
socket$kcm(0x2c, 0x3, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89a0, &(0x7f0000000000)='&@[\x00')
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89a1, &(0x7f0000000680)='&@[\x00')

22:45:40 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

[  369.697718][T14248] fuse: Unknown parameter 'user_i00000000000000000000'
22:45:40 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_i', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  369.750001][T14251] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  369.804394][T14251] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  369.846141][T14251] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  369.858684][T14251] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  369.872312][T14251] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  369.889168][T14255] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  369.904092][T14258] fuse: Unknown parameter 'user_i00000000000000000000'
22:45:40 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)

[  369.947474][T14255] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  369.951713][T14272] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  369.981193][T14272] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:45:40 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  369.984853][T14255] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  370.001999][T14272] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  370.012065][T14272] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  370.025744][T14272] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[  370.053512][T14255] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  370.090378][T14255] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
22:45:40 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f0000000300))
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0x12)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
close(r0)
socket$kcm(0x2c, 0x3, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89a0, &(0x7f0000000000)='&@[\x00')
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89a1, &(0x7f0000000680)='&@[\x00')

22:45:40 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(0x0, 0x0)

[  370.153779][T14288] fuse: Unknown parameter 'user_id00000000000000000000'
[  370.178140][T14286] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
22:45:40 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  370.226539][T14286] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:45:40 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  370.302538][T14286] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  370.345629][T14286] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  370.393587][T14286] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  370.445336][T14298] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  370.462738][T14304] fuse: Unknown parameter 'user_id00000000000000000000'
22:45:40 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
write(r0, &(0x7f0000000340), 0x41395527)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x1}, 0x0)
r1 = gettid()
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x1)
write$binfmt_script(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="230228efb4a24fe8988dd060ffd7ee027df410469a2bc04b26c0d8d21d5d6fe0eb5781f4f9c58dfa5a52925b1bba478405a979466ebef31721905d14e28d000017d1ede6c1f37bd3a990119beaea99c2adcf359a30a74dc68c37cfbef5c16f3e648860faf8228bf63bb3bf0800318203e6017fe7128d5bcb25236e1882c6e8f1b49e1fc0d13bc4c7234ce9fe065d74f8be4347865d7eb68b41e4edd3a7f66743f4faecb83f5e8439d916a7b325e5dd66d60a45b03935786453686bd61faf5f9368297911f96349c9ea6ed04d70168fefd3bab44ca2a89d7aae487561eb88642de7901a1008617ab2b5082db2b256c34f4e65814976aa4c07e4ef651d28511be00a29c34f59aa8cf840c30e02ed88165d4b8ee524c85b100af5b9a403ce7ba86abc19a7f671cbd143f9827fa224b9ae3ecbe1"], 0x16c)
prctl$PR_SET_PTRACER(0x59616d61, r1)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$TUNSETNOCSUM(0xffffffffffffffff, 0x400454c8, 0x0)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)

22:45:40 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)

[  370.528812][T14298] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:45:40 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  370.600080][T14309] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  370.614485][T14298] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  370.629214][T14298] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  370.639423][T14309] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:45:41 executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(0x0, 0x0)

[  370.674951][T14298] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[  370.676203][T14309] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  370.694502][T14309] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  370.705834][T14309] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
22:45:41 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:41 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r0, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  370.773927][T14322] fuse: Unknown parameter 'user_id00000000000000000000'
22:45:41 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  370.854969][T14323] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
22:45:41 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r0, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  370.946982][T14323] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  370.957621][T14323] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  370.967535][T14323] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  370.977913][T14323] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  371.000911][T14338] fuse: Bad value for 'fd'
22:45:41 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r0, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:41 executing program 5:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)

[  371.042830][T14332] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  371.071336][T14343] fuse: Bad value for 'fd'
[  371.081423][T14332] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:45:41 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r0, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  371.124725][T14332] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  371.156911][T14348] fuse: Bad value for 'fd'
[  371.164902][T14332] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:45:41 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r0, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  371.214225][T14346] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  371.225693][T14332] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[  371.234615][T14355] fuse: Bad value for 'fd'
[  371.265871][T14346] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  371.306159][T14359] fuse: Bad value for 'fd'
[  371.314340][T14346] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  371.350679][T14360] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  371.353347][T14346] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  371.371151][T14346] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  371.398767][T14360] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  371.431374][T14360] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  371.454498][T14360] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  371.483770][T14360] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
22:45:43 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
write(r0, &(0x7f0000000340), 0x41395527)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x1}, 0x0)
r1 = gettid()
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x1)
write$binfmt_script(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="230228efb4a24fe8988dd060ffd7ee027df410469a2bc04b26c0d8d21d5d6fe0eb5781f4f9c58dfa5a52925b1bba478405a979466ebef31721905d14e28d000017d1ede6c1f37bd3a990119beaea99c2adcf359a30a74dc68c37cfbef5c16f3e648860faf8228bf63bb3bf0800318203e6017fe7128d5bcb25236e1882c6e8f1b49e1fc0d13bc4c7234ce9fe065d74f8be4347865d7eb68b41e4edd3a7f66743f4faecb83f5e8439d916a7b325e5dd66d60a45b03935786453686bd61faf5f9368297911f96349c9ea6ed04d70168fefd3bab44ca2a89d7aae487561eb88642de7901a1008617ab2b5082db2b256c34f4e65814976aa4c07e4ef651d28511be00a29c34f59aa8cf840c30e02ed88165d4b8ee524c85b100af5b9a403ce7ba86abc19a7f671cbd143f9827fa224b9ae3ecbe1"], 0x16c)
prctl$PR_SET_PTRACER(0x59616d61, r1)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$TUNSETNOCSUM(0xffffffffffffffff, 0x400454c8, 0x0)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)

22:45:43 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:43 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r0, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:43 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r0, 0x8982, &(0x7f0000000040)={0x0, 'bridge_slave_1\x00'})

22:45:43 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, 0x0)
dup(0xffffffffffffffff)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
setsockopt$inet6_MRT6_DEL_MFC(0xffffffffffffffff, 0x29, 0xcd, &(0x7f00000001c0)={{0xa, 0x0, 0x0, @mcast1, 0x7e6}, {0xa, 0x4e20, 0x530, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x0, [0x40744b8f, 0x401, 0x0, 0x2, 0x81, 0x1]}, 0x5c)

22:45:43 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

[  373.680700][T14389] fuse: Bad value for 'fd'
22:45:44 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
write(r0, &(0x7f0000000340), 0x41395527)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x1}, 0x0)
r1 = gettid()
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x1)
write$binfmt_script(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="230228efb4a24fe8988dd060ffd7ee027df410469a2bc04b26c0d8d21d5d6fe0eb5781f4f9c58dfa5a52925b1bba478405a979466ebef31721905d14e28d000017d1ede6c1f37bd3a990119beaea99c2adcf359a30a74dc68c37cfbef5c16f3e648860faf8228bf63bb3bf0800318203e6017fe7128d5bcb25236e1882c6e8f1b49e1fc0d13bc4c7234ce9fe065d74f8be4347865d7eb68b41e4edd3a7f66743f4faecb83f5e8439d916a7b325e5dd66d60a45b03935786453686bd61faf5f9368297911f96349c9ea6ed04d70168fefd3bab44ca2a89d7aae487561eb88642de7901a1008617ab2b5082db2b256c34f4e65814976aa4c07e4ef651d28511be00a29c34f59aa8cf840c30e02ed88165d4b8ee524c85b100af5b9a403ce7ba86abc19a7f671cbd143f9827fa224b9ae3ecbe1"], 0x16c)
prctl$PR_SET_PTRACER(0x59616d61, r1)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$TUNSETNOCSUM(0xffffffffffffffff, 0x400454c8, 0x0)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)

22:45:44 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  373.722552][T14395] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  373.761501][T14395] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
22:45:44 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
write(r0, &(0x7f0000000340), 0x41395527)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x1}, 0x0)
r1 = gettid()
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x1)
write$binfmt_script(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="230228efb4a24fe8988dd060ffd7ee027df410469a2bc04b26c0d8d21d5d6fe0eb5781f4f9c58dfa5a52925b1bba478405a979466ebef31721905d14e28d000017d1ede6c1f37bd3a990119beaea99c2adcf359a30a74dc68c37cfbef5c16f3e648860faf8228bf63bb3bf0800318203e6017fe7128d5bcb25236e1882c6e8f1b49e1fc0d13bc4c7234ce9fe065d74f8be4347865d7eb68b41e4edd3a7f66743f4faecb83f5e8439d916a7b325e5dd66d60a45b03935786453686bd61faf5f9368297911f96349c9ea6ed04d70168fefd3bab44ca2a89d7aae487561eb88642de7901a1008617ab2b5082db2b256c34f4e65814976aa4c07e4ef651d28511be00a29c34f59aa8cf840c30e02ed88165d4b8ee524c85b100af5b9a403ce7ba86abc19a7f671cbd143f9827fa224b9ae3ecbe1"], 0x16c)
prctl$PR_SET_PTRACER(0x59616d61, r1)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$TUNSETNOCSUM(0xffffffffffffffff, 0x400454c8, 0x0)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)

[  373.804908][T14395] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  373.858491][T14395] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  373.908638][T14395] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  373.924498][T14413] fuse: Unknown parameter '0x0000000000000003'
22:45:44 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:44 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
write(r0, &(0x7f0000000340), 0x41395527)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x1}, 0x0)
r1 = gettid()
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x1)
write$binfmt_script(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="230228efb4a24fe8988dd060ffd7ee027df410469a2bc04b26c0d8d21d5d6fe0eb5781f4f9c58dfa5a52925b1bba478405a979466ebef31721905d14e28d000017d1ede6c1f37bd3a990119beaea99c2adcf359a30a74dc68c37cfbef5c16f3e648860faf8228bf63bb3bf0800318203e6017fe7128d5bcb25236e1882c6e8f1b49e1fc0d13bc4c7234ce9fe065d74f8be4347865d7eb68b41e4edd3a7f66743f4faecb83f5e8439d916a7b325e5dd66d60a45b03935786453686bd61faf5f9368297911f96349c9ea6ed04d70168fefd3bab44ca2a89d7aae487561eb88642de7901a1008617ab2b5082db2b256c34f4e65814976aa4c07e4ef651d28511be00a29c34f59aa8cf840c30e02ed88165d4b8ee524c85b100af5b9a403ce7ba86abc19a7f671cbd143f9827fa224b9ae3ecbe1"], 0x16c)
prctl$PR_SET_PTRACER(0x59616d61, r1)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$TUNSETNOCSUM(0xffffffffffffffff, 0x400454c8, 0x0)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)

22:45:44 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:44 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
write(r0, &(0x7f0000000340), 0x41395527)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x1}, 0x0)
r1 = gettid()
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x1)
write$binfmt_script(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="230228efb4a24fe8988dd060ffd7ee027df410469a2bc04b26c0d8d21d5d6fe0eb5781f4f9c58dfa5a52925b1bba478405a979466ebef31721905d14e28d000017d1ede6c1f37bd3a990119beaea99c2adcf359a30a74dc68c37cfbef5c16f3e648860faf8228bf63bb3bf0800318203e6017fe7128d5bcb25236e1882c6e8f1b49e1fc0d13bc4c7234ce9fe065d74f8be4347865d7eb68b41e4edd3a7f66743f4faecb83f5e8439d916a7b325e5dd66d60a45b03935786453686bd61faf5f9368297911f96349c9ea6ed04d70168fefd3bab44ca2a89d7aae487561eb88642de7901a1008617ab2b5082db2b256c34f4e65814976aa4c07e4ef651d28511be00a29c34f59aa8cf840c30e02ed88165d4b8ee524c85b100af5b9a403ce7ba86abc19a7f671cbd143f9827fa224b9ae3ecbe1"], 0x16c)
prctl$PR_SET_PTRACER(0x59616d61, r1)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$TUNSETNOCSUM(0xffffffffffffffff, 0x400454c8, 0x0)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)

[  374.204305][T14429] fuse: Unknown parameter '0x0000000000000003'
22:45:44 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:44 executing program 5:

[  374.378389][T14443] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  374.399084][T14443] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  374.435722][T14443] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  374.451593][T14449] fuse: Unknown parameter '0x0000000000000003'
22:45:44 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  374.516091][T14443] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:45:44 executing program 5:

[  374.582419][T14443] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
22:45:45 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r0, r1, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:45 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:45 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
write(r0, &(0x7f0000000340), 0x41395527)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x1}, 0x0)
r1 = gettid()
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x1)
write$binfmt_script(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="230228efb4a24fe8988dd060ffd7ee027df410469a2bc04b26c0d8d21d5d6fe0eb5781f4f9c58dfa5a52925b1bba478405a979466ebef31721905d14e28d000017d1ede6c1f37bd3a990119beaea99c2adcf359a30a74dc68c37cfbef5c16f3e648860faf8228bf63bb3bf0800318203e6017fe7128d5bcb25236e1882c6e8f1b49e1fc0d13bc4c7234ce9fe065d74f8be4347865d7eb68b41e4edd3a7f66743f4faecb83f5e8439d916a7b325e5dd66d60a45b03935786453686bd61faf5f9368297911f96349c9ea6ed04d70168fefd3bab44ca2a89d7aae487561eb88642de7901a1008617ab2b5082db2b256c34f4e65814976aa4c07e4ef651d28511be00a29c34f59aa8cf840c30e02ed88165d4b8ee524c85b100af5b9a403ce7ba86abc19a7f671cbd143f9827fa224b9ae3ecbe1"], 0x16c)
prctl$PR_SET_PTRACER(0x59616d61, r1)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$TUNSETNOCSUM(0xffffffffffffffff, 0x400454c8, 0x0)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)

22:45:45 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  374.739122][T14459] fuse: Unknown parameter '0x0000000000000003'
22:45:45 executing program 5:

22:45:45 executing program 5:

[  374.907817][T14471] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  374.917187][T14471] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  374.919191][T14470] fuse: Unknown parameter '0x0000000000000003'
[  374.927920][T14471] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  374.943953][T14471] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:45:45 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  374.991630][T14471] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  375.028489][T14471] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  375.088137][T14471] EXT4-fs (loop0): re-mounted. Opts: (null)
[  375.113185][T14483] fuse: Unknown parameter '0x0000000000000003'
[  375.124921][T14479] EXT4-fs (loop0): re-mounted. Opts: (null)
[  375.231859][    T0] NOHZ: local_softirq_pending 08
[  377.141111][    T0] NOHZ: local_softirq_pending 08
22:45:47 executing program 1:

22:45:47 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:47 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, 0x0)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:47 executing program 5:

22:45:47 executing program 3:
clone(0x7fd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000000840)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@unspec=@quota={{0x38, 'quota\x00'}}, @common=@inet=@socket3={{0x28, 'socket\x00'}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00'}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @remote, 0x0, 0x0, 'syzkaller1\x00', 'caif0\x00'}, 0x0, 0x98, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28, 'rpfilter\x00'}}]}, @common=@SET={0x60, 'SET\x00'}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x2e8)

22:45:47 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r0, r1, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:47 executing program 3:

22:45:47 executing program 5:

[  377.425202][T14502] xt_TCPMSS: Only works on TCP SYN packets
[  377.435550][T14503] fuse: Unknown parameter 'fd0x0000000000000003'
[  377.452908][T14505] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
22:45:47 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  377.484808][T14505] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  377.514148][T14505] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:45:47 executing program 5:

[  377.540034][T14505] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  377.554735][T14505] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
22:45:47 executing program 1:

22:45:47 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:48 executing program 3:

[  377.610941][T14518] fuse: Unknown parameter 'fd0x0000000000000003'
22:45:48 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, 0x0)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:48 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:48 executing program 5:
set_mempolicy(0x2, &(0x7f0000000040)=0x10001, 0x7)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  377.698957][T14520] fuse: Unknown parameter 'fd0x0000000000000003'
22:45:48 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0xffffffffffffffc2, &(0x7f0000000400)={&(0x7f0000000440)=ANY=[@ANYBLOB="500000001000050774740000dfdbdfa65501a381", @ANYRES32=0x0, @ANYBLOB="7fff0002818600000f0012000b0001006d616373656300e10b00020005000700010020000a000540370000000000000008000ac0040000587e27a8b0b9cad4a128c1"], 0x50}}, 0x0)

[  377.905070][T14533] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  377.916502][T14533] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  377.927680][T14533] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  377.966369][T14533] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  377.968964][T14539] netlink: 'syz-executor.1': attribute type 5 has an invalid length.
[  378.010444][T14533] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  378.133425][T14539] netlink: 'syz-executor.1': attribute type 5 has an invalid length.
22:45:48 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r0, r1, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:48 executing program 3:
r0 = io_uring_setup(0x65, &(0x7f0000000040))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000001280)=[{&(0x7f00000000c0)=""/99, 0x63}], 0x1)

22:45:48 executing program 5:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4070aea0, &(0x7f0000000540)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f}, {0x7, 0x7}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0xc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}], 0x7})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb, 0x0, 0x6]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

22:45:48 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, 0x0)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:48 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf9]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380))
select(0x40, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x35d7, 0x0, 0x1f}, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  378.478898][T14566] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  378.500448][T14566] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  378.510473][T14566] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:45:48 executing program 3:
r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0)
io_setup(0x81, &(0x7f0000000040)=<r1=>0x0)
io_submit(r1, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x200a00}])
write$P9_RFLUSH(r0, 0x0, 0x0)
read$snddsp(r0, 0x0, 0x0)

[  378.520523][T14566] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  378.532068][T14566] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  378.562509][T14566] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  378.585991][T14566] EXT4-fs (loop0): re-mounted. Opts: (null)
[  378.612304][T14566] EXT4-fs (loop0): re-mounted. Opts: (null)
22:45:49 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:49 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(0x0)
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:49 executing program 5:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mount$fuseblk(&(0x7f0000000180)='/dev/loop0\x00', &(0x7f0000000200)='./file0\x00', &(0x7f0000000100)='fuseblk\x00', 0x0, &(0x7f0000000240)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize'}}]}})

22:45:49 executing program 3:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
getsockopt$inet_int(r0, 0x0, 0x21, 0x0, &(0x7f0000000480))

[  378.865482][T14602] fuseblk: Bad value for 'fd'
22:45:49 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = creat(&(0x7f0000000000)='./file2\x00', 0x0)
ioctl$EXT4_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000080)=0x100e0)

[  378.932326][T14605] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  378.954087][T14605] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  378.974302][T14605] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  378.988860][T14605] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  379.005921][T14605] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
22:45:49 executing program 3:
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x38}}, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00003e0000)='/dev/ptmx\x00', 0x6, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_misc(r0, &(0x7f00000000c0)=ANY=[], 0xffa8)
ioctl$TCSETSF(r1, 0x5437, 0x0)

[  379.030215][T14605] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  379.046889][T14605] EXT4-fs (loop0): re-mounted. Opts: (null)
22:45:49 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, 0x0, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:49 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = dup(r0)
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r1, 0xc00464be, &(0x7f0000000180))

22:45:49 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(0x0)
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

22:45:49 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_FREE(r0, 0x40206435, &(0x7f0000000000))

22:45:49 executing program 5:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
preadv(r0, &(0x7f0000000740)=[{&(0x7f0000002900)=""/165, 0xa5}], 0x1, 0x0)
mknod$loop(&(0x7f00000001c0)='./file0/file1\x00', 0x0, 0xffffffffffffffff)
read$FUSE(r0, &(0x7f0000000780), 0x1000)
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, 0x1, {0x7, 0x1e}}, 0x50)
write$FUSE_NOTIFY_DELETE(r0, &(0x7f0000000180)={0x33, 0x6, 0x0, {0x1, 0x0, 0xa, 0x0, '/dev/fuse\x00'}}, 0x33)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
write$FUSE_ENTRY(r0, &(0x7f0000002840)={0x90, 0x0, 0x2, {0x801}}, 0x90)

22:45:49 executing program 1:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
preadv(r0, &(0x7f0000000740)=[{&(0x7f0000002900)=""/165, 0xa5}], 0x1, 0x0)
mknod$loop(&(0x7f00000001c0)='./file0/file1\x00', 0x0, 0xffffffffffffffff)
read$FUSE(r0, &(0x7f0000000780), 0x1000)
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, 0x1, {0x7, 0x1e}}, 0x50)
write$FUSE_OPEN(r0, &(0x7f0000000000)={0x20, 0x0, 0x2}, 0x20)

[  379.498365][T14637] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  379.550876][T14637] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  379.584872][T14637] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
22:45:50 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:50 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(0x0)
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  379.610344][T14637] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  379.630953][T14637] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  379.829956][T14660] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  379.839618][T14660] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  379.852673][T14660] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  379.863458][T14660] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
22:45:50 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(0x0, 0x0)

[  379.877989][T14660] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[  379.892150][T14660] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  379.902301][T14660] EXT4-fs (loop0): re-mounted. Opts: (null)
22:45:50 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(0x0, 0x0)

22:45:50 executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000, 0x2, &(0x7f0000002280)=[{&(0x7f0000000100)="800000003804000019000300e60100006c00fec9000000000100000001000000000700000040000080000000101308006d5ebe5a0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000000140)="fcba5820c3ef1b77e8a23dd18b16961616356dd7fdeb89769b12def3b6cfd1ab4505524f78c1aa2bf4de120e650f04d278edd8006ad9f89c8b6d8ed96e63d878ff15074525d84e21090fcf500adea45e5683baf409b890f14dec72b7819a765b1f523b740006fa097ad63376050c8f865b5ffbd88b998d1665f951439c15e32429223f310ee8e4d1652b156fd2a1b1c7deec970e41e7a4", 0x97, 0x6}], 0xc801, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
dup(0xffffffffffffffff)
mount$9p_rdma(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x20, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000280)=""/58)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(0x0, 0x0)

22:45:50 executing program 3:
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x38}}, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00003e0000)='/dev/ptmx\x00', 0x6, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_misc(r0, &(0x7f00000000c0)=ANY=[], 0xffa8)
ioctl$TCSETSF(r1, 0x5437, 0x0)

22:45:50 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, 0x0, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:50 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_DROP_MASTER(r0, 0x641f)

22:45:50 executing program 1:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
preadv(r0, &(0x7f0000000740)=[{&(0x7f0000002900)=""/165, 0xa5}], 0x1, 0x0)
mknod$loop(&(0x7f00000001c0)='./file0/file1\x00', 0x0, 0xffffffffffffffff)
read$FUSE(r0, &(0x7f0000000780), 0x1000)
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, 0x1, {0x7, 0x1e}}, 0x50)
write$FUSE_OPEN(r0, &(0x7f0000000000)={0x20, 0x0, 0x2}, 0x20)

22:45:50 executing program 5:
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="0207000702"], 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="020a000007"], 0x38}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e"], 0x70}}, 0x0)
sendmmsg(r0, &(0x7f0000000180), 0x3ef, 0x0)

22:45:50 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:51 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000000))

22:45:51 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, 0x0, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:51 executing program 0:
syz_emit_ethernet(0x4a, &(0x7f0000000a00)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0cfdff", 0x14, 0x6, 0x0, @empty={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2}}}}}}}, 0x0)

22:45:51 executing program 3:
socket$inet6(0xa, 0x802, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setitimer(0x1, &(0x7f0000000000)={{}, {0x0, 0x2710}}, 0x0)
perf_event_open(&(0x7f00000005c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl(r0, 0x0, &(0x7f00000003c0)="0941a197de94fceecfa7030758f3e386ada39710")
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=ANY=[@ANYBLOB="0df55d3bb660a4e8434b060a3fff8410244057c21362ffc874cd0bb0d240c33137c5d3cf3860aa21afbd38a42b0408d467ae699766510df878644c303373b655a0e0d3d0840fdd9460bef26998131b75447292d9518de1623e5d6eecc5061113a2264d30009b3c42dcdb8a2a0fd86c8c7cf2dbbed656143ccbf3beb8ea1b9d4d773210d11f22d966f000d4a7705005365624eda351f03cd46c9e9f7f36c5", @ANYRES16=r1], 0x3}}, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf9281a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27)
syz_open_procfs(0x0, &(0x7f0000000080)='net/udp6\x00')
sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x24004880)

22:45:51 executing program 0:
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="020a000007000000b6f1ffff0000854105001a"], 0x38}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e"], 0x70}}, 0x0)
sendmmsg(r0, &(0x7f0000000180), 0x3ef, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0)

22:45:51 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, 0x0, 0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:51 executing program 3:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x80801, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0x10)

22:45:51 executing program 0:
r0 = socket(0x11, 0x2, 0x0)
fstat(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
r2 = socket(0x11, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setreuid(r3, r1)
setfsuid(r3)

22:45:51 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0)

22:45:51 executing program 0:
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000440)='./file0\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f0000000380)={{}, {0x2}}, 0x24, 0x0)

[  381.667764][   T28] audit: type=1800 audit(1591742751.980:15): pid=14772 uid=0 auid=0 ses=4 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16369 res=0
22:45:52 executing program 5:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
preadv(r0, &(0x7f0000000740)=[{&(0x7f0000002900)=""/165, 0xa5}], 0x1, 0x0)
mknod$loop(&(0x7f00000001c0)='./file0/file1\x00', 0x0, 0xffffffffffffffff)
read$FUSE(r0, &(0x7f0000000780), 0x1000)
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, 0x1, {0x7, 0x1e}}, 0x50)
write$FUSE_NOTIFY_DELETE(r0, &(0x7f0000000180)={0x33, 0x6, 0x0, {0x1, 0x0, 0xa, 0x0, '/dev/fuse\x00'}}, 0x33)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
write$FUSE_ENTRY(r0, &(0x7f0000002840)={0x90, 0x0, 0x2, {0x1}}, 0x90)

22:45:52 executing program 3:
ioprio_set$pid(0x2, 0x0, 0x2007)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

22:45:52 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:52 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, 0x0, 0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:52 executing program 1:
r0 = socket(0x11, 0x2, 0x0)
fstat(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
r2 = socket(0x11, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setreuid(0x0, r1)
setfsuid(r3)

22:45:52 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r1=>0x0}, &(0x7f0000000280)=0x5)
setreuid(0x0, r1)
ioprio_set$pid(0x0, 0x0, 0x2007)

[  381.790384][   T28] audit: type=1800 audit(1591742752.010:16): pid=14787 uid=0 auid=0 ses=4 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16369 res=0
[  381.870529][   T28] audit: type=1804 audit(1591742752.180:17): pid=14799 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir388754983/syzkaller.YjSTB7/196/bus" dev="sda1" ino=16369 res=1
22:45:52 executing program 3:
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="020a000007000000b6f1ffff0000854105001a"], 0x38}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e"], 0x70}}, 0x0)
sendmmsg(r0, &(0x7f0000000180), 0x3ef, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0)

22:45:52 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, 0xfffffffffffffffd)

[  381.952390][   T28] audit: type=1804 audit(1591742752.220:18): pid=14806 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir388754983/syzkaller.YjSTB7/196/bus" dev="sda1" ino=16369 res=1
22:45:52 executing program 0:
syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201a6ffffff0a000000ff45ac00000000006300e931190000000000000680ffffffa5000000e100e2ff877700720030070081ffffff00000000008000da55aa", 0x40, 0x1c0}])

22:45:52 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, 0x0, 0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:52 executing program 1:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)
sendmsg$OSF_MSG_ADD(0xffffffffffffffff, 0x0, 0x0)
modify_ldt$read_default(0x2, &(0x7f0000000300)=""/4096, 0x1000)

22:45:52 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
socketpair$unix(0x1, 0x5, 0x0, 0xfffffffffffffffd)

[  382.198551][T14825]  loop0: p1 p2 p3 p4
[  382.202963][T14825] loop0: partition table partially beyond EOD, truncated
[  382.216900][T14825] loop0: p1 start 10 is beyond EOD, truncated
[  382.229938][T14825] loop0: p2 start 25 is beyond EOD, truncated
[  382.235335][   T28] audit: type=1804 audit(1591742752.551:19): pid=14831 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir432885801/syzkaller.Vcm8cx/156/bus" dev="sda1" ino=16369 res=1
[  382.242795][T14825] loop0: p3 start 4293001441 is beyond EOD, truncated
[  382.280211][T14825] loop0: p4 size 3657465856 extends beyond EOD, truncated
[  382.400142][T14825]  loop0: p1 p2 p3 p4
[  382.404372][T14825] loop0: partition table partially beyond EOD, truncated
[  382.417181][T14825] loop0: p1 start 10 is beyond EOD, truncated
[  382.435176][T14825] loop0: p2 start 25 is beyond EOD, truncated
[  382.445694][T14825] loop0: p3 start 4293001441 is beyond EOD, truncated
[  382.466558][T14825] loop0: p4 size 3657465856 extends beyond EOD, truncated
[  382.542005][ T5286]  loop0: p1 p2 p3 p4
[  382.546035][ T5286] loop0: partition table partially beyond EOD, truncated
[  382.554479][ T5286] loop0: p1 start 10 is beyond EOD, truncated
[  382.561328][ T5286] loop0: p2 start 25 is beyond EOD, truncated
[  382.567673][ T5286] loop0: p3 start 4293001441 is beyond EOD, truncated
[  382.575271][ T5286] loop0: p4 size 3657465856 extends beyond EOD, truncated
22:45:53 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x6, @local}, 0xd, {0x2, 0x0, @loopback}, 'team_slave_0\x00'})

22:45:53 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
futimesat(r0, 0x0, 0x0)

22:45:53 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:53 executing program 0:
syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201a6ffffff0a000000ff45ac00000000006300e931190000000000000680ffffffa5000000e100e2ff877700720030070081ffffff00000000008000da55aa", 0x40, 0x1c0}])

22:45:53 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  382.960279][T14867]  loop0: p1 p2 p3 p4
[  382.964543][T14867] loop0: partition table partially beyond EOD, truncated
[  382.994419][T14867] loop0: p1 start 10 is beyond EOD, truncated
22:45:53 executing program 5:
r0 = socket$inet(0x2, 0x3, 0x1)
getsockopt$inet_int(r0, 0x0, 0x32, 0x0, &(0x7f0000000480))

[  383.012489][T14867] loop0: p2 start 25 is beyond EOD, truncated
[  383.027943][T14867] loop0: p3 start 4293001441 is beyond EOD, truncated
22:45:53 executing program 3:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f00000001c0))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfbffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa10000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3b}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="8304099167ca5bf647"], 0x0, 0x7}, 0x20)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0)

[  383.041284][   T28] audit: type=1804 audit(1591742753.361:20): pid=14843 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir432885801/syzkaller.Vcm8cx/156/bus" dev="sda1" ino=16369 res=1
[  383.042470][T14867] loop0: p4 size 3657465856 extends beyond EOD, truncated
22:45:53 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:53 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x11d000})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff})
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000000))

22:45:53 executing program 1:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)
sendmsg$OSF_MSG_ADD(0xffffffffffffffff, 0x0, 0x0)
modify_ldt$read_default(0x2, &(0x7f0000000300)=""/4096, 0x1000)

[  383.172917][   T28] audit: type=1804 audit(1591742753.401:21): pid=14831 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir432885801/syzkaller.Vcm8cx/156/bus" dev="sda1" ino=16369 res=1
22:45:53 executing program 0:
syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201a6ffffff0a000000ff45ac00000000006300e931190000000000000680ffffffa5000000e100e2ff877700720030070081ffffff00000000008000da55aa", 0x40, 0x1c0}])

[  383.447941][   T28] audit: type=1804 audit(1591742753.761:22): pid=14897 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir432885801/syzkaller.Vcm8cx/157/bus" dev="sda1" ino=16362 res=1
22:45:53 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)
sendmsg$OSF_MSG_ADD(0xffffffffffffffff, 0x0, 0x0)
modify_ldt$read_default(0x2, &(0x7f0000000300)=""/4096, 0x1000)

[  383.635049][T14913]  loop0: p1 p2 p3 p4
[  383.639877][T14913] loop0: partition table partially beyond EOD, truncated
[  383.648664][T14913] loop0: p1 start 10 is beyond EOD, truncated
[  383.649512][   T28] audit: type=1804 audit(1591742753.961:23): pid=14918 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir695412014/syzkaller.h0519W/153/bus" dev="sda1" ino=16382 res=1
22:45:54 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, 0x0, 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  383.681145][T14913] loop0: p2 start 25 is beyond EOD, truncated
[  383.695136][T14913] loop0: p3 start 4293001441 is beyond EOD, truncated
[  383.704669][T14913] loop0: p4 size 3657465856 extends beyond EOD, truncated
22:45:54 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000280)={0x7f, 0xd5c, 0x2, 0x0, <r1=>0x0})
ioctl$DRM_IOCTL_MODE_MAP_DUMB(r0, 0xc00c642d, &(0x7f00000002c0)={r1})

22:45:54 executing program 3:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f00000001c0))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfbffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa10000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3b}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="8304099167ca5bf647"], 0x0, 0x7}, 0x20)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0)

22:45:54 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000280)={0x7f, 0xd5c, 0x2, 0x0, <r1=>0x0})
ioctl$DRM_IOCTL_MODE_MAP_DUMB(r0, 0xc00c642d, &(0x7f00000002c0)={r1})

22:45:54 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000280)={0x7f, 0xd5c, 0x2, 0x0, <r1=>0x0})
ioctl$DRM_IOCTL_MODE_MAP_DUMB(r0, 0xc00c642d, &(0x7f00000002c0)={r1})

22:45:54 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:54 executing program 1:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)
sendmsg$OSF_MSG_ADD(0xffffffffffffffff, 0x0, 0x0)
modify_ldt$read_default(0x2, &(0x7f0000000300)=""/4096, 0x1000)

22:45:54 executing program 0:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x0, 0x0)
ioctl$FIBMAP(r0, 0x1, &(0x7f00000000c0)=0xffffffff)

[  384.448254][   T28] audit: type=1804 audit(1591742754.761:24): pid=14948 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir432885801/syzkaller.Vcm8cx/158/bus" dev="sda1" ino=16380 res=1
22:45:54 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)
sendmsg$OSF_MSG_ADD(0xffffffffffffffff, 0x0, 0x0)
modify_ldt$read_default(0x2, &(0x7f0000000300)=""/4096, 0x1000)

22:45:55 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, 0x0, 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:55 executing program 0:
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, 0x0)
epoll_create1(0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000280)={0x7f, 0xd5c, 0x2})
r1 = openat$ion(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ion\x00', 0x0, 0x0)
dup3(r1, r0, 0x0)

22:45:55 executing program 0:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f00000001c0))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfbffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa10000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3b}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB], 0x0, 0x7}, 0x20)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

22:45:55 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200))
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r0, r1, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:55 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$inet6(0xa, 0x0, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
getpid()
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10)
writev(r0, &(0x7f0000000200)=[{&(0x7f0000000280)="8e", 0x7ffff000}], 0x1)
listen(0xffffffffffffffff, 0x4)

22:45:56 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_MAP_DUMB(r0, 0x41015500, &(0x7f00000002c0))

22:45:56 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, 0x0, 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:56 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)
sendmsg$OSF_MSG_ADD(0xffffffffffffffff, 0x0, 0x0)
modify_ldt$read_default(0x2, &(0x7f0000000300)=""/4096, 0x1000)

22:45:56 executing program 3:
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000000340)=@raw={'raw\x00', 0x2, 0x3, 0x1f8, 0x0, 0xc8, 0xc8, 0x0, 0xc8, 0x160, 0x160, 0x160, 0x160, 0x160, 0x3, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@inet=@tcp={{0x30, 'tcp\x00'}, {[], [], 0x0, 0x0, 0x2}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00'}}, {{@ip={@rand_addr, @multicast2, 0x0, 0x0, 'syzkaller1\x00', 'caif0\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00'}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x258)

22:45:56 executing program 3:
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201fe0109003c0800040042ef420000010109021b01017600230009040000010209bd0007058107"], 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0)
socket(0x0, 0x0, 0x0)

[  386.158252][T15002] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
22:45:56 executing program 0:
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201fe0109003c0800040042ef420000010109021b01017600230009040000010209bd0007058107"], 0x0)

22:45:56 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200))
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r0, r1, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:56 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f00000000c0)='wg1\x00', 0x4)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000140)=0x32, 0x4)
connect$inet(r0, &(0x7f00000002c0)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg(r0, &(0x7f00000038c0), 0x4000000000000a8, 0xa00)

[  386.539617][   T12] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  386.640342][   T12] usb 4-1: Using ep0 maxpacket: 8
22:45:57 executing program 1:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000009c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x450, 0x98, 0x2f0, 0x130, 0x130, 0x2f0, 0x3b8, 0x3b8, 0x3b8, 0x3b8, 0x3b8, 0x6, 0x0, {[{{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00'}}, {{@ip={@multicast2, @local, 0x0, 0x0, 'vcan0\x00', 'veth0_virt_wifi\x00'}, 0x0, 0x70, 0x98}, @TTL={0x28, 'TTL\x00'}}, {{@uncond, 0x0, 0x70, 0xb0}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv6=@ipv4={[], [], @remote}}}}, {{@ip={@rand_addr, @multicast2, 0x0, 0x0, 'syzkaller0\x00', 'bond0\x00'}, 0x0, 0xe8, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28, 'rpfilter\x00'}}, @common=@osf={{0x50, 'osf\x00'}, {'syz0\x00'}}]}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00'}}, {{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@inet=@dccp={{0x30, 'dccp\x00'}}]}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00'}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x4b0)
connect$bt_rfcomm(0xffffffffffffffff, 0x0, 0x0)

[  386.709571][T10197] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  386.769612][   T12] usb 4-1: config index 0 descriptor too short (expected 283, got 27)
[  386.809638][   T12] usb 4-1: config 118 has an invalid descriptor of length 0, skipping remainder of the config
22:45:57 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

[  386.874484][T10197] usb 1-1: Using ep0 maxpacket: 8
[  386.892989][   T12] usb 4-1: config 118 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  386.956997][   T12] usb 4-1: config 118 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  386.969698][T15032] xt_CONNSECMARK: invalid mode: 0
[  386.984425][T15032] xt_CONNSECMARK: invalid mode: 0
22:45:57 executing program 1:
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
r3 = socket$packet(0x11, 0x3, 0x300)
write(r1, &(0x7f0000000340)="240000002100255107000165ff00fc020a0066c400000000", 0x18)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'veth0_to_hsr\x00', <r4=>0x0})
bind$packet(r3, &(0x7f0000000040)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @random="8fb9b0ec5a49"}, 0x14)
write$binfmt_misc(r1, 0x0, 0xfffffed2)
splice(r0, 0x0, r2, 0x0, 0x4ffe3, 0x0)

[  387.022887][T10197] usb 1-1: config index 0 descriptor too short (expected 283, got 27)
[  387.036412][T10197] usb 1-1: config 118 has an invalid descriptor of length 0, skipping remainder of the config
22:45:57 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)
sendmsg$OSF_MSG_ADD(0xffffffffffffffff, 0x0, 0x0)

[  387.071601][T10197] usb 1-1: config 118 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  387.085382][T10197] usb 1-1: config 118 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  387.101023][   T12] usb 4-1: New USB device found, idVendor=0400, idProduct=4200, bcdDevice=42.ef
[  387.118462][   T12] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  387.140010][   T12] usb 4-1: SerialNumber: syz
[  387.186940][   T28] kauditd_printk_skb: 2 callbacks suppressed
[  387.186964][   T28] audit: type=1804 audit(1591742757.501:27): pid=15043 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir695412014/syzkaller.h0519W/156/bus" dev="sda1" ino=16376 res=1
[  387.219607][   T12] hub 4-1:118.0: bad descriptor, ignoring hub
[  387.225836][   T12] hub: probe of 4-1:118.0 failed with error -5
[  387.238257][   T12] cdc_wdm 4-1:118.0: cdc-wdm0: USB WDM device
[  387.269628][T10197] usb 1-1: New USB device found, idVendor=0400, idProduct=4200, bcdDevice=42.ef
[  387.281305][T10197] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  387.290625][T10197] usb 1-1: SerialNumber: syz
[  387.342976][T10197] hub 1-1:118.0: bad descriptor, ignoring hub
[  387.349674][T10197] hub: probe of 1-1:118.0 failed with error -5
[  387.357850][T10197] cdc_wdm 1-1:118.0: cdc-wdm1: USB WDM device
22:45:57 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200))
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r0, r1, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:45:57 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
shmctl$IPC_STAT(0x0, 0x2, &(0x7f0000000000)=""/102)

22:45:57 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
syz_open_dev$dri(0x0, 0x0, 0x0)

22:45:58 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x7, &(0x7f0000000680)=@framed={{}, [@map={0x63}, @map={0x18, 0x0, 0x0}]}, &(0x7f0000000080)='GPL\x00', 0x4, 0x90, &(0x7f0000000200)=""/144, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

22:45:59 executing program 3:
ioctl$TCSETXW(0xffffffffffffffff, 0x5435, &(0x7f0000000140)={0x0, 0x0, [0x401, 0x0, 0x0, 0x0, 0x1], 0xd0})
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0)
socket$inet(0x2, 0x200000003, 0x84)
connect$inet(r2, &(0x7f0000001280)={0x2, 0x0, @multicast1}, 0x10)
splice(r0, 0x0, r2, 0x0, 0x19404, 0x0)

22:45:59 executing program 0:
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201fe0109003c0800040042ef420000010109021b01017600230009040000010209bd0007058107"], 0x0)

22:45:59 executing program 1:
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$int_in(r0, 0x5421, &(0x7f0000000180)=0xffffffffffffff9b)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x7fd0}], 0x1)

22:45:59 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:45:59 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)
sendmsg$OSF_MSG_ADD(0xffffffffffffffff, 0x0, 0x0)

22:45:59 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

[  389.513016][   T28] audit: type=1804 audit(1591742759.831:28): pid=15092 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir695412014/syzkaller.h0519W/157/bus" dev="sda1" ino=16376 res=1
22:45:59 executing program 1:
perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_getaffinity(0x0, 0x8, &(0x7f0000000000))

22:46:00 executing program 1:
clock_gettime(0x0, &(0x7f0000000140)={0x0, <r0=>0x0})
setitimer(0x1, &(0x7f0000000180)={{}, {0x0, r0/1000+60000}}, 0x0)
getitimer(0x1, &(0x7f0000000440))

22:46:00 executing program 1:
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = fcntl$dupfd(r1, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
exit_group(0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)={0x2c, 0xb, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x4}]}, 0x2c}}, 0x0)

22:46:00 executing program 1:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS3\x00', 0x0, 0x0)
ioctl$TIOCGSERIAL(r0, 0x541e, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

22:46:00 executing program 1:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2)
readv(r0, &(0x7f0000019fe0)=[{&(0x7f00008ec000)=""/219, 0x30}], 0x1000000000000308)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
write$evdev(r0, &(0x7f000004d000)=[{{}, 0x0, 0x1}], 0xfffffe82)

22:46:00 executing program 3:

22:46:00 executing program 3:

22:46:02 executing program 0:
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201fe0109003c0800040042ef420000010109021b01017600230009040000010209bd0007058107"], 0x0)

22:46:02 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)

22:46:02 executing program 3:

22:46:02 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:46:02 executing program 1:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2)
readv(r0, &(0x7f0000019fe0)=[{&(0x7f00008ec000)=""/219, 0x30}], 0x1000000000000308)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
write$evdev(r0, &(0x7f000004d000)=[{{}, 0x0, 0x1}], 0xfffffe82)

22:46:02 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:46:02 executing program 3:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2)
readv(r0, &(0x7f0000019fe0)=[{&(0x7f00008ec000)=""/219, 0x30}], 0x1000000000000308)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
write$evdev(r0, &(0x7f000004d000)=[{{}, 0x0, 0x1}], 0xfffffe82)

[  392.672547][   T28] audit: type=1804 audit(1591742762.991:29): pid=15152 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir695412014/syzkaller.h0519W/158/bus" dev="sda1" ino=16361 res=1
22:46:03 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:46:03 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)

22:46:04 executing program 3:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2)
readv(r0, &(0x7f0000019fe0)=[{&(0x7f00008ec000)=""/219, 0x30}], 0x1000000000000308)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
write$evdev(r0, &(0x7f000004d000)=[{{}, 0x0, 0x1}], 0xfffffe82)

[  393.625861][   T28] audit: type=1804 audit(1591742763.941:30): pid=15172 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir695412014/syzkaller.h0519W/159/bus" dev="sda1" ino=16384 res=1
22:46:04 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:46:04 executing program 3:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2)
readv(r0, &(0x7f0000019fe0)=[{&(0x7f00008ec000)=""/219, 0x30}], 0x1000000000000308)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
write$evdev(r0, &(0x7f000004d000)=[{{}, 0x0, 0x1}], 0xfffffe82)

22:46:05 executing program 0:
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201fe0109003c0800040042ef420000010109021b01017600230009040000010209bd0007058107"], 0x0)

22:46:05 executing program 1:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2)
readv(r0, &(0x7f0000019fe0)=[{&(0x7f00008ec000)=""/219, 0x30}], 0x1000000000000308)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
write$evdev(r0, &(0x7f000004d000)=[{{}, 0x0, 0x1}], 0xfffffe82)

22:46:05 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:46:05 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)

22:46:05 executing program 3:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2)
readv(r0, &(0x7f0000019fe0)=[{&(0x7f00008ec000)=""/219, 0x30}], 0x1000000000000308)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)

22:46:05 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

[  395.748566][   T28] audit: type=1804 audit(1591742766.061:31): pid=15216 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir695412014/syzkaller.h0519W/160/bus" dev="sda1" ino=16363 res=1
22:46:06 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

22:46:06 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)

[  396.657876][   T28] audit: type=1804 audit(1591742766.971:32): pid=15229 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir695412014/syzkaller.h0519W/161/bus" dev="sda1" ino=15857 res=1
22:46:07 executing program 3:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2)
readv(r0, &(0x7f0000019fe0)=[{&(0x7f00008ec000)=""/219, 0x30}], 0x1000000000000308)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)

22:46:07 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:46:07 executing program 1:

22:46:07 executing program 1:

22:46:09 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0xb5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
close(r0)

22:46:09 executing program 1:

22:46:09 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, 0x0, 0x2, 0x0)

22:46:09 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x8400fffffffa)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xffffffff)

22:46:09 executing program 3:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2)
readv(r0, &(0x7f0000019fe0)=[{&(0x7f00008ec000)=""/219, 0x30}], 0x1000000000000308)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)

22:46:09 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:46:09 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="440f20c066350a000000440f22c00f01c46564f30f0966b8000000000f23c80f21f866350800e0000f23f8f20f35660f113ff26c0f0fcb9e2e0f011c365c", 0x3e}], 0x1, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x11d000})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
write(0xffffffffffffffff, &(0x7f0000000600)="bb8f9f640903127a53527c6fbfe65d43b0e0586f2d40c7e7df58cac83420e83662d6e39bb6d5430622431454eedeeaee423d8f210bc3525fa7927c18d5fbc91ab13c2041136047d8da9375934d00f325499bfe7712208d387d41c31821c2a22d1325b556528e9b790b74053d1ed631c6ec8126d37c87216173138c00cef396868029af5b76bebac5e38b74d8bbc6ae66b6e202b6d505710377710ea7d43edf00e1a4c1c670bb4c263ce777da81abdd5ba5a5c82f67232f9b4d6f21b2e6afa8b38e4642b0daa2acbc0478d89b88e8b2094d4248855e5e81992e60be3afff0f3c3799350615489a901a659abdeca0c615a622ebf64175f990320e0356d4a11ed62eff72b709c23dd65942e8b534d7d775d370c1e435654a2634e6ee3649c4c3bcbe39e866f1eb9972af1a9cef42e701798a53dc92a242aadbac343e1765cf8ea5665e22deda69777e52b1e9e5d3edc022256939e1eee013448294911139d5b9c6241049fecdf9b31f4cdf6cff65d71b5071ef70e1798347c8846aa5b905e83050e3e606986ed3f603d18c5cdeb11cda1ce3abddea9376231af130e19fc7601ec1ab8cb5a7de9e2174547f18225b09a54fc8720dbb91eb69c1be88e601c3c9df4f2758f39a5151951b9c6dbb419ffd783a34c9fad10f201b8724d31865e2fc1fcf48db2be713053b43a0e3943c1e2b08e8a26e946c439d891db2a80b5ffa054bc8d0177d3214056250c61a537d2ec7630fb90395df2cd6aa9c5e573365db580520bdc3f1c6b2be992e1516a4b810a11935dc780699e461d9715f70c6d103ff49bf168f3cff4c0d0d6ba5671fcd2975450b0e1a3474139cb0f2d3476fcd87a8bccbeb2f5f8a821017b879aa5b9d1fafa9f4c429a74cd2da782114d97bf031746a817dd0293c4eddc3a9ecb5afe496f4971474ccd827449409f07cf94dda2e7dbe8520b5afff10a7e3b0b4289a167fc692635b5b7426d9e771b95860b09a3e752c867213c772e48ba30a78feecc7ff26e63e1749c62b52d377ac5cc52db830c965e04ccfcfb24ceacc69cfdc2094124dd27b2d68f699476a2562bab1de117ffc2b0702ee8b0b77f85fecec3a25b37ab7eb06232c9a73b4470f1727c82581d81942abf42d3ea37957927ad3dbd0ebe46678a9f4d25c47acaac83c14210a54b71fed40df017e2be27f01e3e6ea3ea381ca14efd202858e6535ad4f79a8cdf47e385b740a70c14e3651731a45cc0ca4a56f2e903cad0384efcc364caf67e09551d35c682ebc90a9286c4d274ba1b8ced742ede4e55a62db7ef9a96fde2add05b41599fd72a79ba280cc125cb266ef21b7eeafe3ee6aa78eef33fc66454549c3ec298cb683a55a32208cf6ce88b560166159d59e65f30540f62c5437652ea7f2a02f87ca242dd2250f58e75938a9a3ded51ae6598c2aba53287ff5cdaab17be7f4310f8e07e310d52778de79e1c2e4391b254be38910aa1cf6e1ca0e75d24be97d59f7025f16c6fbd549529b74e319c58f50438765ef0e3dc394eeb75dec41b3d80435b17520c97f5cd7ee692fb86d188fb0089fbf737dc1b96b9cc49be23a38a8cd92e5075f349993d7866369dd25eccbe1481477a05fee14e0edd1617921d7fcaa8fdc642e63b64388fa5b63442ff1466b1938d02546750b01ed9c980282ccbe10f204741249aed88c555ed6fdf7f68af9209807a71bbf4f31bef5a4223466da74ba8b034df529aef6ec6610a0d25973961e50e02af22d0ca8be1b9804a5918acbdb536e8f2f441ec9d640ed15133ee747440c86fc4526c9195954528673d25c8390170f3c19cb0b0c30b9e634c7ebae96946ae97c19eabca92226da925d22be37abbe0740938ea899ec42fd529a3b1063981e4c154219df5cf5af60a29b5a8ee530905725a14b28900eae937e705401ba8f632a7bca00d9724a992afdc9ed14aac71b8e3a7ee5ca095888feb195b4e083c3b611a1c2f8d092febe3b9f5f0df61e8d3c31a643c935b76bc1ad4265164e755484beb06610510bc51e8c6da8d71123bbe83a5e4128f41cf5c486d6a60496c300c406f990bee485cbdef794f2663ee66d2b18d8e55210c25c04b1a0c6d9c5f904e72806d2d4f5e5439bcdf146343cdffe4d0d70d42a9959cff9bd50c37cd478b0b0add16aae4dc839b46bca2ac7547144b6a422aed5e2db661bcb31a82bc0fc678e71a6cb090ef772860f3008b4152b5d281033be4a77b367baec3ab8ce7c83c601b11c8199bafcd15161a5454a6a982dbc3c2e3a5172b6a63e4904817075754eccbb0188c9cb2e5da9600f567485014887463b40f189b7ec3c5c0f36d502509e402c285765c78417ce6b3aab130ee79622dcd8ada842233e73a14554ee5e4995e32b3fe4075e247eb9bdeef64d1a7436c9b5782fb2f84f74e4c6e976289729c37b5bb8200a9480d181a6b11f5ec229b818134b8334967ae935ac1d81be4776fae4cb68b6fa330e93bd8de388b38455d569159bcd166df030a6dfedf28caf4608de7243f5df2c76f6680c301d819dc67d24d2f780432a931700a253b0a5b075195c6dbfd1fe17a1c11a3dffa872a07b877adc66d069fffb6d8326e1998c5a337c3d530250cae335ceffcf81dc438a47e73490d050a053813dbe6674e42c91ae94b4a88144f36adc1b08b4bcd6ddf4058c4e08d4dc83d5fbd843ee27eaf50b297c220350260d9abbeeb6deb921e50cae0ea590cfb6f00fb3c71520f565bb769705e2481ef27cf537d29f163c9fe3d39ed9fd18dc8b0c976cd302283e430807a9d751357f89092532d89fe280c69ad36e3541b5da9dea13fd19d0434c760fe295dfd9b9e63453c7853914c50b1b77ccd4b33c8b1f31fcb1aec040ffe2f9d728d8ea84297bac2e22230ebd1488c503b05b2e433cc37ce9fc123b7d3eb244b4549e9a841e73b664c8f6621ea5a4c9ff9c1da032255311f2c063a682baf4c97e7ba552bf71af4bd64f43872b846d15c65c487089be272cfa24a33f8c50930ea0bc4b089505fb8e9e688d35a978813c38add66548d7575727ded0e7e64a5ce897da6b940df4c3dddb8b4871d773f6ebf02058518c55c19aadb0f266caf18777ae68d2bfcfb2225961fcd10538ba664fd053a443320072707533ab761b9397bd0559126b84fe9196463ae50633017ea2d80940311d9c867102b1017f34af1965d8eb61be616a0d40656e2bbb750aee6f74f788c8acb2578e8686f5f8da6a19e979c152b7ee7c7f16902120588e2ff630144b5f929ffc593e946d9717c5968aa16c2d73d689fb5cce117acda3e23e5e0116de1cb6bddfa1a84cefb22c1e2c3753017696f27b9aec5d44f15411247643b84dd4410e784b4eb5b9c68fea671976f9b51c6526e2ddb40659611b0b3bcc7e249c77396fdb8c864ea9318f9de7fd3936fcbdc732c2f8b9556ec9afeb15d5e2df890351d66074d53dddc6e8dba8c91d733623ac95a49eb69c7de37ff2364ccddb01f6500750a012c2acf32a9f6bbd9e92d17ef858fbc34575db414ea42ad87a65b11ae5506469db256c421328f45aec73bdf18562447dc2840bbe9fc84dedd0fe6276fa174f21210d40193530ec7a70a9e60bfd6b00cba4d483be59950f16fa0dbd089b5fd0bb078badfcf42270cc62fe37be22b0d81f755263d74636fa466d2574ca62b58c649936d21e949de73ea45df3acade6609413f56fc218d6f11947bf1fd629d38d8acce90ee3c1a51117601ae126bec537e3e76ce7ecc53", 0xa56)

22:46:09 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x8400fffffffa)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xffffffff)

22:46:09 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0xb5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
close(r0)

[  398.985547][T15278] kvm: emulating exchange as write
22:46:09 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup3(r4, r3, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:09 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x8400fffffffa)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xffffffff)

22:46:09 executing program 1:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f00000001c0))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfbffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa10000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3b}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="8304099167ca5bf647f7d9e391"], 0x0, 0x7}, 0x20)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f00000001c0))

22:46:09 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup3(r4, r3, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:09 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)

[  399.396625][   T28] audit: type=1804 audit(1591742769.711:33): pid=15308 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir695412014/syzkaller.h0519W/165/bus" dev="sda1" ino=16273 res=1
22:46:09 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, 0x0, 0x2, 0x0)

22:46:09 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)

22:46:10 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup3(r4, r3, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:10 executing program 3:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2)
readv(r0, &(0x7f0000019fe0)=[{&(0x7f00008ec000)=""/219, 0x30}], 0x1000000000000308)
r1 = socket$inet6(0xa, 0x2, 0x0)
dup(r1)
write$evdev(r0, &(0x7f000004d000)=[{{}, 0x0, 0x1}], 0xfffffe82)

22:46:10 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

[  399.713348][   T28] audit: type=1804 audit(1591742770.021:34): pid=15313 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir695412014/syzkaller.h0519W/166/bus" dev="sda1" ino=15777 res=1
22:46:10 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)

22:46:10 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup3(r4, r3, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

[  399.954432][   T28] audit: type=1804 audit(1591742770.271:35): pid=15331 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir695412014/syzkaller.h0519W/167/bus" dev="sda1" ino=16097 res=1
22:46:10 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)

22:46:10 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
dup3(r4, r3, 0x0)
sendfile(r1, r2, 0x0, 0x7ffff048)

[  400.117287][   T28] audit: type=1804 audit(1591742770.431:36): pid=15335 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir695412014/syzkaller.h0519W/168/bus" dev="sda1" ino=16097 res=1
22:46:11 executing program 1:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000040000,user_id=', @ANYRESDEC=0x0])

22:46:11 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)

22:46:11 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
dup3(r4, r3, 0x0)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:11 executing program 4:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000004040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r2, 0x0, 0x2, 0x0)

22:46:11 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
dup3(r4, r3, 0x0)
sendfile(r1, r2, 0x0, 0x7ffff048)

[  401.199951][   T28] audit: type=1804 audit(1591742771.521:37): pid=15353 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir695412014/syzkaller.h0519W/169/bus" dev="sda1" ino=16369 res=1
22:46:11 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)

[  401.392691][   T28] audit: type=1804 audit(1591742771.711:38): pid=15363 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir695412014/syzkaller.h0519W/170/bus" dev="sda1" ino=16321 res=1
22:46:12 executing program 3:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2)
readv(r0, &(0x7f0000019fe0)=[{&(0x7f00008ec000)=""/219, 0x30}], 0x1000000000000308)
r1 = socket$inet6(0xa, 0x2, 0x0)
dup(r1)
write$evdev(r0, &(0x7f000004d000)=[{{}, 0x0, 0x1}], 0xfffffe82)

22:46:12 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup3(r4, r3, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

22:46:12 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:12 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)

22:46:12 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:46:12 executing program 4:

22:46:12 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

[  402.074040][   T28] audit: type=1804 audit(1591742772.392:39): pid=15378 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir695412014/syzkaller.h0519W/171/bus" dev="sda1" ino=16365 res=1
22:46:12 executing program 4:

22:46:12 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:12 executing program 1:

22:46:12 executing program 4:

22:46:12 executing program 1:

22:46:14 executing program 3:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2)
readv(r0, &(0x7f0000019fe0)=[{&(0x7f00008ec000)=""/219, 0x30}], 0x1000000000000308)
r1 = socket$inet6(0xa, 0x2, 0x0)
dup(r1)
write$evdev(r0, &(0x7f000004d000)=[{{}, 0x0, 0x1}], 0xfffffe82)

22:46:14 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
r3 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:14 executing program 4:

22:46:14 executing program 1:
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="2400000030009901000100000000400004"], 0x24}}, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg(r2, &(0x7f0000000080), 0x30, 0x0)

22:46:14 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:46:14 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)

22:46:14 executing program 4:
syz_mount_image$tmpfs(&(0x7f00000002c0)='tmpfs\x00', &(0x7f0000000400)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000380)='./bus\x00')
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000540)=ANY=[], 0x133)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
truncate(&(0x7f0000000180)='./file0\x00', 0x101)

22:46:14 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
r3 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

[  404.042325][   T28] audit: type=1804 audit(1591742774.362:40): pid=15430 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir695412014/syzkaller.h0519W/172/bus" dev="sda1" ino=16378 res=1
22:46:14 executing program 1:
perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x10, 0x4000000000000800, 0x1}, 0x1d)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r0, &(0x7f0000000000), &(0x7f00000001c0)}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r0}, 0x20)

22:46:14 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:46:14 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
r3 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:14 executing program 4:
r0 = syz_open_dev$binderN(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binderN(0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000200)={0x1, 0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="05630440"], 0x0, 0x0, 0x0})
r2 = dup2(r1, r0)
mmap$binder(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x11, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000280)={0x4, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="05630440"], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000240)={0x44, 0x0, &(0x7f0000000540)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000140)={@flat=@binder={0x70742a85, 0x3}, @fda, @flat=@weak_handle}, &(0x7f0000000080)={0x0, 0x18, 0x38}}}], 0x0, 0x1000000, 0x0})

[  404.749292][T15460] binder: BINDER_SET_CONTEXT_MGR already set
[  404.766441][T15460] binder: 15459:15460 ioctl 40046207 0 returned -16
[  404.774865][T15462] binder: BINDER_SET_CONTEXT_MGR already set
[  404.799484][T15462] binder: 15459:15462 ioctl 40046207 0 returned -16
22:46:16 executing program 3:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2)
readv(r0, &(0x7f0000019fe0)=[{&(0x7f00008ec000)=""/219, 0x30}], 0x1000000000000308)
socket$inet6(0xa, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
write$evdev(r0, &(0x7f000004d000)=[{{}, 0x0, 0x1}], 0xfffffe82)

22:46:16 executing program 1:
socket$inet6(0xa, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000033c0)=[{{0x0, 0x0, &(0x7f0000000140)=[{0x0}], 0x1, 0x0, 0x0, 0x2000}}], 0x1, 0x0, 0x0)
perf_event_open(&(0x7f0000001200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cpuset\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000000c0)='cgroup.procs\x00', 0x2, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x68)
memfd_create(&(0x7f0000000400)='\x05\x00\x9e\x86p\xbe\xf2#\xda0n\x004\x1cVV\x87x\xae4\xe0\x87Yi\xf8\x12\x14\xcd|l\xbe(n\x87(P\xbbr\rI5\xe5\xd1M\x92m\x7f{\xee\xfb[\xd7\xe0\xc4\t-\xa5>\xac\x0f\xc0\xc0\xd6\x19\x1bU\x05\x844\xb0\xed\x0e#\tD\xf2\x1c\x99\x9e\xba\x10\x8b\xb0\xe2\xb6x\xc3PT\xba=\xa0\x9f\x19\xb5\x95\xa8\xb6\xd0\x13Z\xe4', 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

22:46:16 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:46:16 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = dup3(r3, r2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x7ffff048)

22:46:16 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)

22:46:16 executing program 4:
syz_open_dev$loop(&(0x7f0000000880)='/dev/loop#\x00', 0x0, 0x0)
clone(0x20100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
add_key(&(0x7f0000000000)='dns_resolver\x00', &(0x7f00000000c0)={'syz'}, &(0x7f0000000080), 0xfe28, 0xfffffffffffffffb)
syz_mount_image$ext4(0x0, 0x0, 0x0, 0x44, &(0x7f0000000040)=[{&(0x7f0000000680)="62f23e748cdfecc0d3bcb88248f9f8f8e8ba030000000000001dcdc6041c8d8a0957939950c15c7ac6360c7820e1d5957ba4167f17600b58767db91e29eb92a20f86dddfb0f8dda322d3ddeadba924051c7894f228f090746b1a55e851e7dcaae4d8411f6806d216b4f2e7eca231a30142ee9bb4bb5598a94336a99790d3b77dcda45483c1fb1194c56ddfddb587442754e6c815", 0xfffffd92, 0xb6}], 0x80000, 0x0)

[  406.023032][T15478] dns_resolver: Unsupported server list version (0)
[  406.061817][T15486] dns_resolver: Unsupported server list version (0)
22:46:16 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c00000010000d0700000000ff03000000000010", @ANYRES32=r4, @ANYBLOB="00000000e60000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x28, 0x10, 0x825, 0x0, 0x0, {0xa, 0x0, 0x0, r7}, [@IFLA_PROTO_DOWN={0x8, 0xa, 0xf}]}, 0x28}}, 0x0)

22:46:16 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = dup3(r3, r2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x7ffff048)

[  406.073778][   T28] audit: type=1804 audit(1591742776.392:41): pid=15483 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir695412014/syzkaller.h0519W/173/bus" dev="sda1" ino=16365 res=1
[  406.133078][T15489] new mount options do not match the existing superblock, will be ignored
[  406.230039][T15496] new mount options do not match the existing superblock, will be ignored
[  406.334387][T15501] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
22:46:16 executing program 1:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000000080)=[{&(0x7f0000000200)=""/4095, 0xfff}], 0x1)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000000c0)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x387b1d0849878266, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
clone(0x20002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
pkey_free(0xffffffffffffffff)

[  406.432704][T15501] 8021q: adding VLAN 0 to HW filter on device bond1
22:46:16 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = dup3(r3, r2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x7ffff048)

[  406.495986][T15501] bond0: (slave bond1): Enslaving as an active interface with an up link
[  406.540747][T15501] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
22:46:16 executing program 4:
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
madvise(&(0x7f000079c000/0x800000)=nil, 0x800000, 0xc)
madvise(&(0x7f00002f8000/0xc00000)=nil, 0xc00000, 0xd)

22:46:17 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = dup3(r3, r2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
sendfile(0xffffffffffffffff, r1, 0x0, 0x7ffff048)

22:46:18 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = dup3(r3, r2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
sendfile(0xffffffffffffffff, r1, 0x0, 0x7ffff048)

22:46:18 executing program 4:
perf_event_open(&(0x7f00000012c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket(0x200000000000011, 0x3, 0x0)
fcntl$setstatus(r0, 0x4, 0x2400)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'ip6_vti0\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000002c0)=0x596, 0x4)
sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendto$phonet(0xffffffffffffffff, 0x0, 0x0, 0x4000000, 0x0, 0x0)
fstat(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setuid(r3)
sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="24000000520007031dfffd946fa2830081200a00090003", 0x17}], 0x1}, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(0xffffffffffffffff, 0x8982, 0x0)
r4 = getpid()
ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f0000000000)=r4)

22:46:18 executing program 3:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2)
readv(r0, &(0x7f0000019fe0)=[{&(0x7f00008ec000)=""/219, 0x30}], 0x1000000000000308)
socket$inet6(0xa, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
write$evdev(r0, &(0x7f000004d000)=[{{}, 0x0, 0x1}], 0xfffffe82)

22:46:18 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6900)
ftruncate(0xffffffffffffffff, 0x800)
lseek(0xffffffffffffffff, 0x0, 0x2)
r0 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0x8400fffffffa)
sendfile(0xffffffffffffffff, r0, 0x0, 0xffffffff)

22:46:18 executing program 1:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000001440)={0x8, {"a2e3ad21ed6b52f99cfbf4c087f719b4d04fe7ff7fc6e5539b366e0e8b546a9b376d94370890e0878fdb1ac6e7049b73b4956c409a472a5b67f3988f7ef31952a981ffe8d178708c523c921b1b4d4b0a169b71d336cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fef5952a5391fd5615d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e67d1d7232f17696294378ce716dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f7927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a39973132f02768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90195c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b010a3ad0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

22:46:18 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:46:18 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6900)
ftruncate(0xffffffffffffffff, 0x800)
lseek(0xffffffffffffffff, 0x0, 0x2)
r0 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0x8400fffffffa)
sendfile(0xffffffffffffffff, r0, 0x0, 0xffffffff)

22:46:18 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = dup3(r3, r2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
sendfile(0xffffffffffffffff, r1, 0x0, 0x7ffff048)

22:46:18 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6900)
ftruncate(0xffffffffffffffff, 0x800)
lseek(0xffffffffffffffff, 0x0, 0x2)
r0 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0x8400fffffffa)
sendfile(0xffffffffffffffff, r0, 0x0, 0xffffffff)

22:46:18 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup3(r4, r3, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:18 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00')
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f0000000100), 0x4)
sendto$inet(r0, &(0x7f00000012c0)='\f', 0x1, 0x0, 0x0, 0x0)

22:46:18 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)

22:46:19 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup3(r4, r3, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:19 executing program 4:

[  408.700620][   T28] audit: type=1804 audit(1591742779.022:42): pid=15594 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir695412014/syzkaller.h0519W/177/bus" dev="sda1" ino=16368 res=1
22:46:20 executing program 3:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2)
readv(r0, &(0x7f0000019fe0)=[{&(0x7f00008ec000)=""/219, 0x30}], 0x1000000000000308)
socket$inet6(0xa, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
write$evdev(r0, &(0x7f000004d000)=[{{}, 0x0, 0x1}], 0xfffffe82)

22:46:20 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup3(r4, r3, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:20 executing program 4:

22:46:20 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:46:20 executing program 1:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000001440)={0x8, {"a2e3ad21ed6b52f99cfbf4c087f719b4d04fe7ff7fc6e5539b366e0e8b546a9b376d94370890e0878fdb1ac6e7049b73b4956c409a472a5b67f3988f7ef31952a981ffe8d178708c523c921b1b4d4b0a169b71d336cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fef5952a5391fd5615d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e67d1d7232f17696294378ce716dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f7927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a39973132f02768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90195c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b010a3ad0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

22:46:20 executing program 5:
open(0x0, 0x4045, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2007)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)

22:46:20 executing program 0:
bind$alg(0xffffffffffffffff, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r0 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = dup3(r3, r2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
sendfile(r0, r1, 0x0, 0x7ffff048)

22:46:20 executing program 4:

[  410.163835][   T28] audit: type=1804 audit(1591742780.482:43): pid=15620 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir695412014/syzkaller.h0519W/178/bus" dev="sda1" ino=16383 res=1
22:46:20 executing program 0:
bind$alg(0xffffffffffffffff, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r0 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = dup3(r3, r2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
sendfile(r0, r1, 0x0, 0x7ffff048)

22:46:20 executing program 4:

22:46:20 executing program 4:

22:46:20 executing program 0:
bind$alg(0xffffffffffffffff, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r0 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = dup3(r3, r2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
sendfile(r0, r1, 0x0, 0x7ffff048)

22:46:22 executing program 3:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2)
readv(r0, &(0x7f0000019fe0)=[{&(0x7f00008ec000)=""/219, 0x30}], 0x1000000000000308)
r1 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
write$evdev(r0, &(0x7f000004d000)=[{{}, 0x0, 0x1}], 0xfffffe82)

22:46:22 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:46:22 executing program 4:

22:46:22 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup3(r4, r3, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:22 executing program 5:
open(0x0, 0x4045, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)

22:46:22 executing program 1:

22:46:22 executing program 1:

[  411.951865][   T28] audit: type=1804 audit(1591742782.272:44): pid=15649 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir695412014/syzkaller.h0519W/179/bus" dev="sda1" ino=16369 res=1
22:46:22 executing program 4:

22:46:22 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup3(r4, r3, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:22 executing program 1:

22:46:22 executing program 4:

22:46:22 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup3(r4, r3, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:23 executing program 3:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2)
readv(r0, &(0x7f0000019fe0)=[{&(0x7f00008ec000)=""/219, 0x30}], 0x1000000000000308)
r1 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
write$evdev(r0, &(0x7f000004d000)=[{{}, 0x0, 0x1}], 0xfffffe82)

22:46:23 executing program 4:

22:46:23 executing program 1:

22:46:23 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup3(r4, r3, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:23 executing program 5:
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)

22:46:23 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:46:24 executing program 4:

22:46:24 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup3(r4, r3, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:24 executing program 1:

[  413.650037][   T28] audit: type=1804 audit(1591742783.972:45): pid=15682 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir695412014/syzkaller.h0519W/180/bus" dev="sda1" ino=16368 res=1
22:46:24 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup3(r4, r3, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:24 executing program 1:

22:46:24 executing program 4:

[  414.898617][    T0] NOHZ: local_softirq_pending 08
22:46:25 executing program 3:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2)
readv(r0, &(0x7f0000019fe0)=[{&(0x7f00008ec000)=""/219, 0x30}], 0x1000000000000308)
r1 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
write$evdev(r0, &(0x7f000004d000)=[{{}, 0x0, 0x1}], 0xfffffe82)

22:46:25 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup3(r4, r3, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:25 executing program 1:

22:46:25 executing program 4:

22:46:25 executing program 5:
r0 = creat(0x0, 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)

22:46:25 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(0x0, 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:46:25 executing program 1:

22:46:25 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup3(r4, r3, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:25 executing program 5:
r0 = creat(0x0, 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)

22:46:25 executing program 4:

22:46:25 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(0x0, 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:46:25 executing program 1:

22:46:27 executing program 3:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
readv(0xffffffffffffffff, &(0x7f0000019fe0)=[{&(0x7f00008ec000)=""/219, 0x30}], 0x1000000000000308)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
write$evdev(0xffffffffffffffff, &(0x7f000004d000)=[{{}, 0x0, 0x1}], 0xfffffe82)

22:46:27 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup3(r4, r3, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:27 executing program 4:

22:46:27 executing program 1:

22:46:27 executing program 5:
r0 = creat(0x0, 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)

22:46:27 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(0x0, 0x0, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:46:27 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup3(r4, r3, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:27 executing program 5:
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6900)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)

22:46:27 executing program 4:
pipe(&(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
close(r1)
syz_open_dev$tty1(0xc, 0x4, 0x1)
write$vhci(0xffffffffffffffff, &(0x7f0000000300)=@HCI_SCODATA_PKT={0x3, "ffc195f5883848b9ec8dd7e1142da6844fc1b139e8db0e5c127fe61751ca107055a5b5252c6590b2828eafa0c526c58ea766202bcf55765a83f7dfc75e2292a343b203f136efa5c9c29ecc54d0569ff5ea64472128a5bede5ffd0ed821d9b8a26b22f8a8f5c24c47237b72724f71598b98ead7770051b74aa9ca3fe8d864e62c48e81b7e818ccff444d6b5f62902223b7eff0b672b75feec7e89ca2eed9a6d4f44be59fe29aaa4d87a5d88974ec18ddc1a998a7219cf65b4346d2e9df89e04534e23869f06dc3d300d62fbaedc7918c016629571f492aeeda7eab5078ed17f2fc2667e111719e2cb260e18974a3fa288d9f407f16743b8b5cf1ae3c67eaa81a2f3966e499a666604d0464999cbffb63bd7639fbd98b20af8daa6121272ba7c8715a6bdcfd4542471eda18b442e3b02450aea8dcd5bf3a3e74f3079f72486e3c3ab4221f36598efaa436d57893d4ff45f74ff52fd7770bc18875e317964d8439b5772621e595e5633def3e897963246ea962fc4a8b1dd5b790ac153718ed64c0ad605ce3ce8426f937b6ca898f200476ba97d8d32fb30061b93e52608a5a76f9dc7643d2d5c60928403443152b3c508a24734a5f06a496bfea4fe244048d81c3664ae3d3e1241e027490dd2f95da9e90710ebf248dcf39dc7e3f4001999cc4c56833031ada396d7df89c36648164c0fb522baecf078a112efa85d9ae3c004faf097c94c8c32897528004ebcdebfefd2bca73d15bec0042bda3649b66187186df0247674acf86a93e9673acf9c0060eba0b74a3d5ae3467d0d97c97667dc2ac29f751fc18c8e52faaf40cc954ae0f3621fe366a8b06456974f8b1cb5ecf74af4f3210af5da"}, 0x265)
splice(r0, 0x0, r1, 0x0, 0xfffd, 0x0)

22:46:27 executing program 1:
syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={[{@nls={'nls', 0x3d, 'macturkish'}}]})

22:46:27 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup3(r4, r3, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:27 executing program 3:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
readv(0xffffffffffffffff, &(0x7f0000019fe0)=[{&(0x7f00008ec000)=""/219, 0x30}], 0x1000000000000308)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
write$evdev(0xffffffffffffffff, &(0x7f000004d000)=[{{}, 0x0, 0x1}], 0xfffffe82)

22:46:27 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:46:27 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup3(r4, r3, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

[  417.012843][   T28] audit: type=1804 audit(1591742787.332:46): pid=15758 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir695412014/syzkaller.h0519W/184/bus" dev="sda1" ino=16377 res=1
[  417.057096][T15756] ntfs: (device loop1): parse_options(): Unrecognized mount option .
22:46:27 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha384\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000040)='\n', 0x1)

[  417.131412][T15756] ntfs: (device loop1): parse_options(): Unrecognized mount option .
22:46:27 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup3(r4, r3, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:27 executing program 3:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
readv(0xffffffffffffffff, &(0x7f0000019fe0)=[{&(0x7f00008ec000)=""/219, 0x30}], 0x1000000000000308)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
write$evdev(0xffffffffffffffff, &(0x7f000004d000)=[{{}, 0x0, 0x1}], 0xfffffe82)

22:46:27 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup3(r4, r3, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:27 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:46:28 executing program 5:
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6900)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)

22:46:28 executing program 1:
recvmmsg(0xffffffffffffffff, &(0x7f0000003d40)=[{{0x0, 0x0, &(0x7f0000002940)=[{0x0}], 0x1}}], 0x1, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='loginuid\x00')
preadv(r0, &(0x7f00000017c0), 0x3da, 0x0)

22:46:28 executing program 4:
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x7fffffff, 0x8, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff})
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000040)=ANY=[], 0x208e24b)

22:46:28 executing program 3:
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2)
readv(r0, &(0x7f0000019fe0)=[{&(0x7f00008ec000)=""/219, 0x30}], 0x1000000000000308)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
write$evdev(r0, &(0x7f000004d000)=[{{}, 0x0, 0x1}], 0xfffffe82)

22:46:28 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup3(r4, r3, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:28 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000380)=""/157, 0x9d}], 0x1)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:46:28 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r3 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:28 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, 0x0, 0x0)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:46:28 executing program 1:
recvmmsg(0xffffffffffffffff, &(0x7f0000003d40)=[{{0x0, 0x0, &(0x7f0000002940)=[{0x0}], 0x1}}], 0x1, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='loginuid\x00')
preadv(r0, &(0x7f00000017c0), 0x3da, 0x0)

[  418.105749][   T28] audit: type=1804 audit(1591742788.422:47): pid=15809 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir695412014/syzkaller.h0519W/185/bus" dev="sda1" ino=16382 res=1
22:46:28 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r3 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:28 executing program 2:
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{0x303}, "3568ee81f98e40c4", "ae0a43a87bcf349e80eab3b10f4aab3a", "9bac33fd", "a00fcf88fc78c0bc"}, 0x28)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
readv(r2, 0x0, 0x0)
dup3(r1, r2, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)

22:46:28 executing program 1:
recvmmsg(0xffffffffffffffff, &(0x7f0000003d40)=[{{0x0, 0x0, &(0x7f0000002940)=[{0x0}], 0x1}}], 0x1, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='loginuid\x00')
preadv(r0, &(0x7f00000017c0), 0x3da, 0x0)

22:46:29 executing program 5:
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6900)
ftruncate(r0, 0x800)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
sendfile(r0, r1, 0x0, 0xffffffff)

22:46:29 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r3 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
sendfile(r1, r2, 0x0, 0x7ffff048)

22:46:29 executing program 4:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000040)='./file0\x00', 0x800000000e008, 0x1, &(0x7f0000000000)=[{&(0x7f0000000300)="eb3c906d6b66732e666174000204010002000270fff8f21ca9e769e886861bca4d94d83c0231", 0x26}], 0x0, 0x0)

[  419.060825][T15838] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  419.147037][   T28] audit: type=1804 audit(1591742789.462:48): pid=15842 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir695412014/syzkaller.h0519W/186/bus" dev="sda1" ino=16337 res=1
[  419.455671][T15842] ==================================================================
[  419.464180][T15842] BUG: KCSAN: data-race in generic_file_read_iter / generic_file_read_iter
[  419.472834][T15842] 
[  419.475182][T15842] write to 0xffff888121f1f3b0 of 8 bytes by task 15843 on cpu 1:
[  419.483043][T15842]  generic_file_read_iter+0xb0f/0x18c0
[  419.488509][T15842]  ext4_file_read_iter+0x103/0x360
[  419.493655][T15842]  generic_file_splice_read+0x2df/0x470
[  419.500013][T15842]  do_splice_to+0xc7/0x100
[  419.504450][T15842]  splice_direct_to_actor+0x1b9/0x540
[  419.509901][T15842]  do_splice_direct+0x152/0x1d0
[  419.514784][T15842]  do_sendfile+0x380/0x800
[  419.519215][T15842]  __x64_sys_sendfile64+0x121/0x140
[  419.524614][T15842]  do_syscall_64+0xc7/0x3b0
[  419.529310][T15842]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  419.535207][T15842] 
[  419.537552][T15842] read to 0xffff888121f1f3b0 of 8 bytes by task 15842 on cpu 0:
[  419.545242][T15842]  generic_file_read_iter+0x359/0x18c0
[  419.550800][T15842]  ext4_file_read_iter+0x103/0x360
[  419.555923][T15842]  generic_file_splice_read+0x2df/0x470
[  419.561526][T15842]  do_splice_to+0xc7/0x100
[  419.565958][T15842]  splice_direct_to_actor+0x1b9/0x540
[  419.571356][T15842]  do_splice_direct+0x152/0x1d0
[  419.576314][T15842]  do_sendfile+0x380/0x800
[  419.580829][T15842]  __x64_sys_sendfile64+0x121/0x140
[  419.586047][T15842]  do_syscall_64+0xc7/0x3b0
[  419.590563][T15842]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  419.596516][T15842] 
[  419.598845][T15842] Reported by Kernel Concurrency Sanitizer on:
[  419.605081][T15842] CPU: 0 PID: 15842 Comm: syz-executor.5 Not tainted 5.7.0-rc1-syzkaller #0
[  419.613755][T15842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  419.623917][T15842] ==================================================================
[  419.632159][T15842] Kernel panic - not syncing: panic_on_warn set ...
[  419.638763][T15842] CPU: 0 PID: 15842 Comm: syz-executor.5 Not tainted 5.7.0-rc1-syzkaller #0
[  419.647854][T15842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  419.658075][T15842] Call Trace:
[  419.661527][T15842]  dump_stack+0x11d/0x187
[  419.665877][T15842]  panic+0x210/0x640
[  419.670046][T15842]  ? vprintk_func+0x89/0x13a
[  419.674665][T15842]  kcsan_report.cold+0xc/0x1a
[  419.679543][T15842]  kcsan_setup_watchpoint+0x3fb/0x440
[  419.684940][T15842]  generic_file_read_iter+0x359/0x18c0
[  419.690593][T15842]  ? iter_file_splice_write+0x439/0x830
[  419.696150][T15842]  ext4_file_read_iter+0x103/0x360
[  419.701497][T15842]  generic_file_splice_read+0x2df/0x470
[  419.707235][T15842]  ? add_to_pipe+0x1b0/0x1b0
[  419.711957][T15842]  do_splice_to+0xc7/0x100
[  419.716399][T15842]  splice_direct_to_actor+0x1b9/0x540
[  419.722029][T15842]  ? generic_pipe_buf_nosteal+0x20/0x20
[  419.727595][T15842]  do_splice_direct+0x152/0x1d0
[  419.732469][T15842]  do_sendfile+0x380/0x800
[  419.737021][T15842]  __x64_sys_sendfile64+0x121/0x140
[  419.742344][T15842]  do_syscall_64+0xc7/0x3b0
[  419.746990][T15842]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  419.752908][T15842] RIP: 0033:0x45ca69
[  419.756827][T15842] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  419.776530][T15842] RSP: 002b:00007ff9840f5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  419.785063][T15842] RAX: ffffffffffffffda RBX: 00000000004fc580 RCX: 000000000045ca69
[  419.793207][T15842] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  419.801192][T15842] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[  419.809171][T15842] R10: 00008400fffffffa R11: 0000000000000246 R12: 00000000ffffffff
[  419.817156][T15842] R13: 00000000000008dc R14: 00000000004cba56 R15: 00007ff9840f66d4
[  419.827003][T15842] Kernel Offset: disabled
[  419.831473][T15842] Rebooting in 86400 seconds..