last executing test programs:

11.64103441s ago: executing program 2 (id=412):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000280)={'batadv0\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x44}})
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x2}]}}}, @IFLA_IFNAME={0x14, 0x3, 'xfrm0\x00'}]}, 0x50}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x38, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r6, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_bfifo={{0xa}, {0x8, 0x2, 0x2400000}}]}, 0x38}}, 0x44080)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000040)=@req3={0xd1c1, 0x7, 0x8, 0x7, 0x7, 0x0, 0x9}, 0x1c)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000100)='./bus\x00', 0x800000, &(0x7f0000000180)=ANY=[@ANYBLOB='utf8=1,iocharset=cp1255,uni_xlate=0,check=strict,utf8=0,uni_xlate=0,utf8=0,codepage=850,check=relaxed,shortname=winnt\x00\x00hortname=lower,shortname=win95,shortname=win95,nonumtail=0,shortname=mixed,uni_xlate=1,allow_utime=00000000000000000000777,\x00'], 0x1, 0x36b, &(0x7f0000001f80)="$eJzs3U9oI9UfAPBvOmnSXfj92psoCNGboHV3b3qxRbqw2ItK8M9BDG5XJamHFovtYdt6cPEoeNSTNwU9eBCPIijizYNXV5DVxYPubcHFJ8lkkmmSdtvFKsXP55C8fud935+ZIZkOycuLC9G+OB2Xbty4FjMzlaguPL4QNysxF1kUdmJcbUIMADgZbqYUv6fcIVMqxzwkAOCY9d7/X46IRszlkTe/Oqh+8u4PACde////UwfVmdlvQ+NYhgQAHLOx+//379lcq0bUolr8WS19KgAAOKmefu75JxaXI55qNGYiVq9sNDea8ehw++KleDU6sRJnYjZuReQXCt2HSu/x/IXlpTONRmMqfp6LZkRM9ROb+ZXCYtbLr8fZmI25fn73UiP1ytn5T5eXzjZ6ImJnu9d/rFY2mtNxut//D6djZXjhUTTSe4q4sLx0rtFvoLla5G9H7A7vW3THPx+z8d1Lg2ZSKj7BuLx0+Wwx6GH+RrMeFwd7Yd87IAAAAAAAAAAAAAAAAAAAAAAAcEfmGwNzg/VzUvc5Xylnfn7C9t76OHl+f32g3Xx9oFRPkdJvbzzUfDuLPesDja7Ps2EhQQAAAAAAAAAAAAAAAAAAABhY36xFq9NZWVvf3GqXC9tr65tTEdGNvPbNx1+eivE6tylU8y7qEYMuGv1ut9qtlBWVUxYxnp51Oy8iH342GHG5Tn0wi4nDqO+/qdP5330/vTeM3JsVLf85rJPF5AlmpWE8NtLy6v/zIR1lRw0K58qR+njvV1NKpchb5fTLL4w3GJWI6tEP3FZ7Kvavk7qFr6+9cnex91tfpNwDD84+c/XdD663W51uz9E7grW19Vup3aoUlY+0W051U4pIJfJCpXwmVFvXH943fXdvpJV9/+uz97zz7eF6T+XI693zeaROlk/nk9H0Wl7oDnN0OsP06f4kOivTE07+2xXu4Jje9f7nH6X04y+H7mJoauxlo/K3vPgAAAAAAAAAAAAAAAAAAAB7lL4r3tf/su/0QVmPPHn8IwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf87w9/9Lhd2dGIkMCjtjkUHhj+0JWfWVtSu1f3uSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD85/0VAAD//2F9V80=")
r9 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x1c9)
getdents64(r9, &(0x7f0000000f80)=""/4096, 0x1000)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7)
r10 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r10, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
connect$unix(r11, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r12, &(0x7f0000010800)=[{{&(0x7f0000000300)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000000680)=[{&(0x7f0000000380)="474d3a4f597fae53d707610ab12ff399cce26827af060577395191d1ab36306c1fcb580ba8d0ca6ca6724ea74896591c0c81e13d9585134785e15df984d3d1325332b29be1a28ec23364793f73f4c10e9692396f42edecd87ce689af81b12cc40ff43028636759aa6a5567", 0x6b}, {&(0x7f0000000440)="012f41da019c2bb2a4d08915815733db7ca9a4f8562a8629dd3309ab80c357bdeeadd2d815916d872fe91045fcc1fe9391584967d14b5eb88dfe0aef787f8c4abd", 0x41}, {&(0x7f0000000580)="160c5681b476d99ac9629b8620263998d9ef69c47326622c4ce5958b810f8ded4115ba4a8b81107ead5b13165bd8dbf7693544206c76aa05a2539c8885e153f31bde338bb5f40e2f67e74ef4df7da9ed7ab44fa88af75e7520510d12d85f2c486eeee5ce0a", 0x65}, {&(0x7f0000000600)="73d37466542d4a1d0832325cfbc30859062105923cf42512457502295248e488a17f0618cfe2c6f3d3a554b0e614f9bed88a8aeeb2fc63e72c83d23b0b5a937a55892fe950afba73a10770ca9fd53a875454f02027d0e9e34c0780873b1cd354596b", 0x62}], 0x4, 0x0, 0x0, 0x20000090}}, {{&(0x7f00000006c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000000c40)=[{&(0x7f00000007c0)="f8f1e1f298b2ca36d742b2d4c3df310eec31779353a88e0e2e078e0b4bd91a0da7a45b4f955d8cb760ae8ceaabacaba5a5460fe6c1c3d7fbc4c4480161d20cdec1fc9d1d0c8fc743f3abb5faf3d4f91bc73cb7bf832acb5ca923fb9fe1cc02e7af09a647f2f5f24078c5554dfe4835f058b92d78b15c79b0c5a5bad79d1a9f55c7e7e7042d436b8c2111c1496e1fdbf29fffb281894d6d66bd2b2adf80e3d503f95b4e051508524dae3f6d4ec6efc596c81ca07f774f0052a358c32096493a766b4bfe59fa499e", 0xc7}, {&(0x7f0000000740)="808ee2", 0x3}, {&(0x7f0000002300)="06b823831c92229a510e7642d827cb59ff8a218c469c42eff4d84bf3e28e21fca201ff7ca458b5729bc85f7cd1d26f95d28a91024d3b934db99600f3d56507f13bedb2ef882aeb3978c52e8b50a968e0909e5d3ca248d9b67295603875a040e3b1e8a58b916f5f29e213525c73c12e02d980c3b88aba1a0281eda17c0b0d53d0357eeb4aefe4a559b07bda9f0a38d0ba1a5bce1009ebfc17bb62b1f9a9d0458274fac71443580cff97f97acc269811978cdfda53b24a3668198918e13aca6784ea5269f7921a8580466b9c4359eccd3605b65a8a5d80b7a3aadd97a1898685299f81e02f58092330803af4625df656ace5bdfc1d2965c9b4a14be2ba7e0c6a8c837e235e8543b78c1d550efe9e45d5c7f96c0c50cd399a54ccad09394a322ded5e92c715b259e1b7f11e2a93d86a30a002bad0e242972b5bc64caf74768faafa20c13d8d663567171ff4a15a864fba9020253d62aafbcbf3aa426404c5d8fdbdd1b0c52e268695e137f9d17d0bcafaac8a10807d5fc575a175175f436e0f0ee5c2a97bcc9a3c910e73b28fa309bcd54bc1177183fcb91b7c9b634f9d7e3c47bdeb92ee22b998f92a1e496efcd3c4deec26d0495c72d0106dad23e42679d23eb6dd9bc59b178945fa2d628b7ab446a82881886f7686595d782bfc658f1753089473bd76deb528dd61c7a67d786e8c6e353246c8d3254b499cf6d688f2aa93e6af661236ae7aa3158f595c2380d51d6231746b8251a1f1cfd99dde9e7c1d7a3775c7abee969e3ba05880f78c8a1d20352749ad97dd1d04a690f65f6df1839d01f8bda33a483142e9cfb3896c46beb10615461f1a37d7046ded1ba08383bc7ad4c14943a85af4cc951c0121853c2b9131fd47f33d0cca68758ab983edb40c2dc79cad8a8c24d51537106ad5943015dea5e17054acc9072d894ba473a6640910ad10397407f9ade7f39441caeea047e61dd85b49ce916a924f6bc07f81e39d13a790d5cc5bdaccd1faf281ff8057e7a8d51837a0545056318cc6e8cfde96880717dea76cd25f5b2bb30ef3069b70c8e70d22ef42ce7fc9b14098c4799f2749b30ee22ffa5a0c2c324ae19570a3ae8bbc2a728f4065e8f8b00b2f18713e5d4a3ca24d84dd63156c267116443a21f869eab03d2c22364b1755df4a3617981511a349d5a82adcf0e6413527caeac1cae7da4ae7b6bac064adfbf68b1a9644ea52283d8a94697da07b8f918a42299e22c99142ce2d569476948f2062c90b5acf6e597f8f8f0f09f065ac1f67a8e417c51f3ccdc9577e6ccfbc0170fe5c194a0ac0c0d8c5a2ade112ff6f45a83f45cd2cb3c4a1ce3677d6b1f579db9ed7a5ceb47844a4ef892178f417ff73876591fd8dae98bf31a1554abba041736f0ae043ee67f68e98c1b26dee8ce73f00787772e8525d53d9f518efce1976a84e7143a319ac0fa5f9b4dd648718c3dc5fe2327572eb28a035b27956cddd3ca0f8047a971c81c972080e55dc7c723dab3991a4ecf3a4f26524d5f453ea6fc99f9d12aac9394b717f24fba200ec74f5b6a6f0b39006a17fd87c1b71fd023c30dd2bfd52dc6c5ecd89b1f9ec683a07c38a50e73e161a08b55ab1f616bb1f924a682f68e1a6bc9c00070a7a1ced33b134e8a059569678efa480c83c27ec27f50c3c15c616d59a6320358b6c92c69d11a5d02487c95f08bcc6d61fe5bde5b9176c5c6049c2c989a78885eb11ded1cb7e8b95ddbf5ce2fa45aa41ebe2c62d425c8c892c0a524509ba75356dbc2e7a1fd0d852de459f1159cd0cd8feec6d7c741c1533e3731edb7bf9006e8d4dfd129db60d0ae9195fe3ea00cae80143836ece1a672f9cde6316138692b875020e53229ed72f21f884d27ec557e1aaa963a532adfe049308703a74fbbbd10d90a853af1622d893a3ae1a922159946f66c922ca9db48e7b1f90dbdabab0610776757d2a358711739ca0016728884019f25fd460eb13f2a3c2269b6157ab03de8f592c27460361ad6a8ada10a74d3e332cb1680588917e1eb8f26ca71b397928f21918d2682a3306ff88e1bc74ae07eb452df774980730ebbbccb3b231f9516a89625e6048a9f79f8ae7e5921bea56b341a654655a9eed5fe81a2b5153c53ad1fbebb793ee7cf3321021176445883f8ceb28fd362141d6aff78faad119a6d27aacce807be362be7229414b8f409bcea40424af071692abe18fe7145c2fa4b97122bb7886ce8dee942edcf1c4ab46c45acb4cc9f46412473a023b73397453f0a35c1652311aedfe7d0a7a598dd24e94c72680776c25be7149d647c8c7a2c653484dca513a8d7a1370ad9503c6035ae51480cc425b67d57f16ed33bd82319b914f6ecedb469e964c8447ae193f54bccfd8d3e3449bf1e5a1745733c42681267139d62c9ddcfa3f376fd249f80e26f3b59499f01c540345563058dcf43f8afe5f01d8ad68fe3722581829d2e6bc678bab47814482f0abb1d95f8130a4819323f4d0cf2fd90699423f46b57f921bf5d38d77f8e712ac9f2a91ba48e6bb7b857b13ac1fb2c50edcf1655e7856986698f0c5b738928798e840c30735f3cbf317c586e083d5ef2d92ac6f6b3d72e1590671909b3850fed51257baf9e674e5ab3ae0b48088456b9acdb7f08cda139441464c52dc11d88b6e474ed0729ce6f6528d40dce1c4381d2e7930a88aa9ba32c9918ac796cbbc996ba2bc16f2d3c3a98a58bccfe722d4efe13297f7789bbfb282da13453bb213018945a22a54f4812215fb25ca608126925abec979442272c6e57f1695d802f9f63b9188ba5700ad23b3be88fb2b09171b51dc14b8f3d159441dc8cb175160ac0e531229c61a3fc5333d676a693aa1ae6bc8f40d5e43ea5b414bced1562081373462981861f8392226ae546efc809010ba7bd7d23191422aa32f2a8d6659d916275e160ddc212a2c09c95fe95a4e1a97f3d041dfe04def1b86e7dd6e79c886d83b4acc800b588669c3351e40428b87efe4ec51068acb1afed92b34796da0a9857c8cdba367e81c84e4aee818c7ffab91546fd106c0fab4e77537ed5ce5e006734034c025123871bd17616e4bfbe951434267f9915044cec58754d01d169a34ecc954f47ad1fab30ff827d6cab6a25204451c76432034cf4d0ff4648fecf0e0f893b8192f134f8ceb3968abd25ee2a2533484b5a5f867ed0374270da49c7cf84c7382275c2aa6278fdc75b8591b85203cf3adea5fad0dc8590588fa37433c1ee6495dae9581b677ae81c272400a2d4d1f142ea1cf88344131304da209029671ad65bdc02e038a6d36692e2e898f3f0641155e806e2606f311e870540b31dc939d879f821a3f627e939c190ad13e49f760dfd58d0bc7c1d71984b808acb73a739a9c8317e2c0d3b1d67a5ea648258d526e94587e4102df3eb4ea7c9eaed0009233293cb0940ef6ed80db8cfd733c68b5f5a1d3e02f9150aa53171dd3fee7333a501955bfb38a36b8b471c135849e9ee0a086960be507ab0d48503f7429a7c77bdd738d6a47b5bc1bc69f9d354071b129fe260de8c1b9bc0abeb4cbf272692a9f3cbfd640cb98cc2a968dcde3dd8cbf51e72ea6191ed4c665d912b789fe94cd9922c5385015b4a18feb6e00adc497c463b040082627daa4283d9401d908180d26445aa6b75c2788e265e5efd59d350cae8cfe41d27921d5e3b25331f945dbefeb15952887468865cb264e50dbbe46d38aff657bace05d29bdbfde6beb61f2c0802cc277edee0400e3fdc7d827052d484b2d157356497402fd5406a4ec0da1ffa47accaa655b622c0c477e4a66f9fdeb9785036b1b91e2fd117367b8fa763cc341f1406d53ec8717b96d89365e158a6e231e3d6a5b497fa43591dfa53ba32547235c2d623a72cd2330f2f639573c285259cf4d44942b426aa490fd8df91a2077256932e633faf92b7a21202216ee5cbb6ee1a3b86891106791b2eb5eeaf978c0ab1a3c2220eb1988d55e00e88140a0e6d2df3f3c7b704983ef9edfd28f9ab577bcf7685a373a77669062a53fd437ebbb615bc80f4cafc4158c568cf293711a2d59210f269dfc1f4864c0270c8b14cbfc2bdfc28087355451bfd0af49871ffb64b9d45c14102e97d5d83f8251acf68f3fdf955a644776234532134a69e22a9b9ef5b0ead6a159d3e1396783342e7b4ca740b9d84d198c61563ef4b8d25597d590881f2585855af36191ae8d728a39bf342320c6cd791aad5f313e2691e3164ffe08bfa2544d1c1d317baff086ed613078b6b7b5aba43c520cd81a6f95e7283cba85820cfdd9a22230ea7f1dfa013683d66dc63c1316c44aa37e923ff321fe22970b8736636cf2c8c91b037421e38997586032b14707279726d0269d741129071cc4466daa84312c65498f3c1512004bde76e304511bf0f68125442d98b13d628af7213109dbe47cefac19236fcf1f306b1587c7284472c385217778b10a1fe2651ff11712953bd7e33c2dd05c0e1ee35f14fadc833bebd3bf126c415b59c403b5833a3c11c06ffe05ab170320071836492bf4f1bc4fc32fb7948d987c790a6b38bcd6e25f94a2f12c7d8d4594919c6b608fee9ad266e384b021701978d37dfa4060e697b3bb7d1a915df8174e97105f9a2b1e33f89ec11f1a858153dd938e60d4f283621b0606695e535665d68fe413d44089ee288fbca033a3513818703dfac4c7ad3490ff9edc041107c89e09ac6c45b548f192adeb97fd5bfba8b0c408d0bbb58d94ebbad44bc719c75ff5b03a7b61ec118a02d5c69bd1f5471c353033777047a9ca374b151b71a3456644860ef8d06b9bd9999aec4c0ea297780e6947e0dc8652a9e7145dfa98e4225ffaf1ab06b4455e2d9382dfbfc6821c0060f7c396a0567d5413bdb3516422b7ac1593448065114c4988c185848a5c3809969121468f6b3a1a8fb96f0b9478bb992391450696177e576995e9f3b0fd2cd6ccb38c002434ec03ab01fdb85df0a3c1c56e62bcdad6ba4adf2adfc34ca5a762f97832af554b16f4d55271a3588109b58159e036a08ecad07ca7685da7530c29bb6d64749cf3650f7482821d31e131c3c35230711ee58d7aadaaadfd0d423799abb558aa7505579d3eaeca1c12ac4c819611f58087736a3938270ce023e2895d461eedf501e3f80f64a4f7f6855112411e6cb30ae43784bce0fc96b99a03e2398843a9a50458a1fe458c62b6671116b95b9701a0400e3799b10fab84cbbe81977123f9c7cbfab209b1c4af440956be31136042a10c835ace7004b43576a850505e53f5ce77864355256d3d7430a47fa8d9b6c28d5b1632635f027df42d0bf06da44373aa26872e90eca56ccc2fdecd88e4eb96eb141f116f3e96d4bdcbca31ff1a8a7218401412cc0b4e28e56e63a8c86912ae7cda4a3dd34398812837e61a852f8bc418f277702a651e9895da3498a0ba57d9c5048b8d38765707333ea2fba997404c70d1047d41362ac43e5a06598531bc14f3d69338503b00cde5a293002a152471ca720ad685403f906b347a475fec2b32c1368bd2209e20452b9ad7892ab25b6678d1916b14bc7fd89bcaa2cc804234afef5a4c4933ab31235f1163b9c77e6368bc55cea32254865a729e931d7748ac9f5ab3dd85b4de7860803a5073f46146d8b3e8b54d921a852025d8bc0f95d66c4bc639125fddef12b94c16c81c8d1121969f13aec01a77bdfc15d9506aea5e4f4a28ef85b5c113cc64334f4cde2d80a78137429173242cf2e839e0827646935e0ad7298d5e9a8e90d2b341a66d3e598b583ee71465cd8db3a415a0f3803e1774925b2f", 0x1000}, {&(0x7f00000008c0)="bf4e124992060b65534757fdfaf08e393974106523e263c118f9fd27468c4e5c6b15ed11e3026853fe636b6a3fec870da2ada32667ab498283f55a12593cdb522ca99c38bf41a303cd519fceb49c9a46a3213e770dcc9b4c7de2cd855d5f0c18be697ce6de023c78359bde25f4b2ea88e2764e360c5ee44fd874e4ef30bf08db4a61677e5528f0649535a2a03eacecea59d66fe6d14c9191601550bdea6d722e8eb13ebb29baf697d88011501edb11a56951c8205d2d82782512c2d7ad4b4772292342c8d45ae7dc0e57171523a28e6786c2116e890d7df18ec2", 0xda}, {&(0x7f00000009c0)="9c60e429e0275ee130d2d499892c825e6ce28407cc050358c14e47f41c19b4551978c4cf0aa8d220916024828b1fb9e25e02bb802b1b4128608ff051ea336c1d0b60cdd00e31db2f55e27e4c8a123e3b595959aa94fa5c748bcad265ade045b47cc0cba624d5db0c8231790e470d4d89ca674070c53e766d58e25e5aa716a45942d4109eab547d190976328cc9539e89daa1424383a8d7ec37886d344a8fb5b82c032588af5bf0ca0c88f974493e56f90645481bdacd9bf89c88dc", 0xbb}, {&(0x7f0000000a80)="d82c10cd8b0b9e0209be5b7744ecc78d224f56812ead674c095ef53b38cc876f6c9c680fbdd78db1d98416f400db8dcf17a5506d9cf88396e15bf2d12f89adb1cbf2a9566ddfe7434bbefc01df3867763244082f7a694906ff1af0c5a941e54f6695be4ad296c1181bcb754f60698bbc2d621634ef82cc2081228b7cbe74cdb40e3e98201588e55e6a8e068e0f98d32175fe91308cbfb847125ea69c76dc57623ccb9af4e7ea7d483c03e2ca245ebdebc75a19494d7e4a3976ce8cc048eda0a33dbe58a5268f820fd17c78bd35a6b2a41095e87c0d84ae1078607ccb8e2c8af09a2ad8360d5831948bd9548b86d19fb4cea1403aa5d22c", 0xf7}, {&(0x7f0000000b80)="148e0befce5b9893d55871f1b7138cdd9c9f562e2f96ac75c65670ac4a150fd659a8f426b94cea825b6e40972a4d2a0b9a6e70d4aaad631f87f1f13325c3bd376866cc74c07dffd7ad2cb7fd5f01eb094c5667652b4eef77df94b0444ece1597508d62f48924619fb637bd2ba80530ba10889d2952366e42a663b3245ee275494ded74722b626978aa885d12c494f4db09688a168ce3d7b0ccffa7d7", 0x9c}], 0x7, &(0x7f0000003300)=[@cred={{0x1c, 0x1, 0x2, {r10}}}, @cred={{0x1c, 0x1, 0x2, {r10, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {r10}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r10}}}, @rights={{0x28, 0x1, 0x1, [r9, r11, r8, r7, r12, 0xffffffffffffffff]}}], 0xc0, 0x20000000}}, {{&(0x7f0000010280)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f00000104c0)=[{&(0x7f0000010300)="17df172e72f5fe49da5b3c4da0c3faa0b29c299705e1f5080300aabf8a44fffadfefc937a4336316f764847bfc18ec49ba9c95012aa69267cb2e281d88343315ccb829a2f2722c24b565027d6c54406023dbb461e41667190e71acb5f5ada3701cc430d76f2ddf45d689d7062c2ede889cfcbbe8074b59ffb68ae30e2c2067c4a66fdd3108b3426312161d971faf2887e8c6006a3f9966face51846dfbb648f375b77a553bec0c83606d847d5da5e6f056eb4717e7f781ebd8bbe4dccfa0fb9bc5217aa7a7e3a47daf11fb3d90a4a3c2998a7d819e4c10db6100", 0xda}, {&(0x7f0000010400)="1d9a11405493ca639c239f3c0cac8519abae9588911f933cab1973b2f372827f583caaa11145698643deb6f4039c3de4a33ff93b4e74010e5ab2b4ca094aff8fdb71e64ce651d104d479601696eaa61e501248b2ae63dcd12692e1d5ed2f1006632ccff7fd553e503dfcfc77bbca4802308d466f4799d4322fc70f0a1b37e8ce5de3e78600c35ff1186da07c925b8896ada8d05ca35f42b6c3b2c4be9928a436f0a8c72b25dd7b895366be76000000000c000000000000000000", 0xba}], 0x2, &(0x7f0000010740)=[@cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {r10, 0xee01}}}, @rights={{0x38, 0x1, 0x1, [r4, r3, r3, 0xffffffffffffffff, r4, r4, r4, r2, r5, r9]}}, @cred={{0x1c}}], 0x98, 0x40004}}], 0x3, 0x0)
add_key$fscrypt_v1(0x0, 0x0, &(0x7f0000000080)={0x0, "69dcaf20127e9a854529f45826cb35be51682e30944313e2ca73845d177d601880221daeccfda56b75cfe2bad94f000066b2ddab614fec2236da7d88ea07c9ee", 0x4}, 0x48, 0xfffffffffffffffe)
socket$nl_generic(0x10, 0x3, 0x10)

9.596448755s ago: executing program 3 (id=414):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='huge=alwa'])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r4, 0x0)

9.515072925s ago: executing program 0 (id=417):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES16=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x2000000, 0x41, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r1}, &(0x7f0000000380), &(0x7f00000003c0)=r2}, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r3)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0700000000000000000005000000180001801400020073797a5f74756e00000000000000000018000380140003800c"], 0x44}}, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, 0x0, 0x38}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r8 = dup(r7)
ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4400ae8f, &(0x7f0000000040)=@x86={0x0, 0x0, 0x0, 0x0, 0x0, 0x8})
ioctl$KVM_SET_VAPIC_ADDR(r8, 0x4008ae93, &(0x7f00000000c0)=0xffff)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

9.091521024s ago: executing program 3 (id=418):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r1 = io_uring_setup(0x1694, &(0x7f0000000080))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x5, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x17, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x5}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x4800, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x9}, 0x1c)
syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1a}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x4, 0x6, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)

9.011774723s ago: executing program 0 (id=419):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
r3 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0xcf38, 0x0, 0x1000, 0xfffffffd})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x11d0)

8.991247723s ago: executing program 0 (id=420):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r1 = io_uring_setup(0x1694, &(0x7f0000000080))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x5, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x17, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x5}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x4800, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x9}, 0x1c)
listen(r3, 0x3)
syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1a}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x4, 0x6, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)

7.501190559s ago: executing program 0 (id=421):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
timer_create(0x0, &(0x7f0000000180)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000340)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000480)='./file1\x00', 0x206000, &(0x7f0000003780)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cd9ae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d312833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80000032030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a1209a63f512fbe3bb9b416e6a374d1b1b02e669f700e0497a94e1e9c40fb5ced8f2a0b0d1991e6e48888e38349922c92c2225bd08faca6dc913", @ANYRES64, @ANYBLOB="ad4c36d2cdce377780f1118bb06964be7cf930190b09917b6490b8"], 0x8, 0x2f4, &(0x7f0000000880)="$eJzs3U1PE1sYwPGnLxRaAsPi5t5cE8OJbnQzgepaaQwkxiYSpMaXxGSQqTYdWzLTYGqM6Mqt8UO4ICzZkShfgI073bhxx8bEhSyMYzqdodAOb6VQAv9fQubJnPNMz+kMyXMmzLB+792zYt7R80ZFon1KIiIiGyJDEpVAxN9GvTghW72Wy/0/v5y/c//BrUw2Oz6l1ERm+kpaKTU4/PH5y6TfbaVX1oYerf9If1/7d+3/9T/TTwuOKjiqVK4oQ82Uv1WMGctUswWnqCs1aZmGY6pCyTHtenu53p63ynNzVWWUZgdSc7bpOMooVVXRrKpKWVXsqoo9MQolpeu6GkgJ9pJbnJoyMm0m93V4MDgitp0xYiKSbGnJLXZlQAAAoKua6/+oqE7W/0sXViv9d5cH/fp/JRFW/1/9Wj/Wtvq/Vl2G1v/B54fW/8bB6v/WiuhsOVT9j5NhONGyK9IIa412xkj5v7+eNw+XRqTn2AYIAAAAAAAAAAAAAAAAAAAAAAAOZ8N1Ndd1tWDrxkXEdbVe/wFv198fkhoTketdGDI6qOX8+z/7OP84BRoP7sUHRay387n5XH3rd1gVEUtMGRFNfnvXg68WB08eqZoh+WQt+PkL87mY15LJS8HLHxWtR5rzXXfiZnZ8VNVtz++R1Nb8tGjyT3h+OjQ/IZcubsnXRZPPj6Uslsx642jkvxpV6sbtbFN+0usHAAAAAMBpoKtNoet3Xd+pvZ6/ub5uvj8Qa6yvR0LX53E5F+/u3AEAAAAAOCuc6ouiYVmmvUuQlL37tB/Ej+jIwQz3mxX8LcPRzXSXIPjwbU3BP9jo+NcSOcDXskMQlXayhmuzUYedRXDbaKc+Mjl2/GfQC/57/+FX5w54bblvj5m2H8R2vwB4OTAAAABwCjWK/mDPWHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGXQcb0fr9hwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk+JvAAAA///+mQDw")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x1, 0x0, 0x3}, 0x20)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x180000, @empty}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000140)={@local}, &(0x7f0000000040)=0xfffffffffffffff1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
io_setup(0x2, &(0x7f0000000200)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f00000006c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}])
io_getevents(r4, 0x2, 0x2, &(0x7f0000001340)=[{}, {}], 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f00000004c0)={'ip6gre0\x00', &(0x7f0000000440)={'syztnl1\x00', 0x0, 0x29, 0x0, 0x3, 0x0, 0x46, @local, @local, 0x0, 0x0, 0x2, 0x3}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r7, 0x89f2, &(0x7f0000000600)={'syztnl1\x00', 0x0})

7.499449119s ago: executing program 3 (id=423):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
r3 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0xcf38, 0x0, 0x1000, 0xfffffffd})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x11d0)

7.463178859s ago: executing program 4 (id=424):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r3}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast}) (fail_nth: 7)

7.442611449s ago: executing program 2 (id=425):
syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sigaltstack(&(0x7f0000000000)={0xffffffffffffffff, 0x0, 0xfffffffffffffefa}, &(0x7f0000000080)={&(0x7f0000000040)})
sigaltstack(&(0x7f0000000480)={0x0, 0x80000002}, &(0x7f0000000040)={0x0})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000300)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@lazytime}, {@jqfmt_vfsold}, {@usrquota}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000100)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000180)={0xffff, 0x9, 0xffff, 0x400000000003, 0x1, 0x4, 0x0, 0x36a, 0x20003f})
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
quotactl_fd$Q_SYNC(r5, 0xffffffff80000101, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="0b00000007000000020001000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000793d92ddd9043028012c09b5c344761ea8059e4595cf07f3721628d003abbdde6d0c7b46607c823c6653e1a77326e247c1b853ac5a941ab089765fa4effabf560ce73a3c0a7a7b105c15151910a8e0046196e2c4739c5197a910a581bae024e7fd78df208dc53cc86d19f08d54106bdd74728a5d6751f9bab3bef85a58831562eddc39cc47a1b9bf9fa351ba4e1fbdc2e292d7a59b4b5bd8601a2a8ee5135efabf0be41f2da51145f9d20830525cb0ac93dcf72db60d5f3dff859df9a354486b62"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r6, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x18, 0x1e, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000003000000000000000600000018110000", @ANYRES8, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000020000850000000600000006c180ff01000000186200000e0000000000000000800000695ac0ff1100000085000000840000009500000000000000810c020000002800bf91000000000000b7020000020000008500000084000000b70000000000000095000000000000003ec98aa7edacd0f1a12669ea4730d90438c06367a415a2d653bc5b845bf554a4a2939f3d371b3185a31a264f55863c3c5127b0a2d331ce2e3bb90d106fc54c4f6304baccd531d12dc006584db75eea4b8d858af654d9990bbff3f7a67f2ef0e3b90cd8b41d80009ff4a97db9e74d521f6e7db1fcd79e8bd0658b293905c08cf3eff05eee2e89a802382aeb546e4270112d29deca92a90c3ab71a2497455ae002ef15d8475856e48df883c418c8d526fb22e5a5b85531b72719f4d2dc176a369ad2dcb874514100cb066075e14f361a1715809479279356e7f73c89b19a750ffcd6b5e4a76935fa2a7588185c78bfe88d07c8ea063dbabef4fe53b5043946e7d774afdc756bd599e4435ca046625542bbf616fa1e0d23a8421886e743"], &(0x7f00000005c0)='GPL\x00', 0xe60, 0xe3, &(0x7f0000000600)=""/227, 0x41100, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000700)={0x6, 0x4000005}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000740)=[r6], &(0x7f0000000780)=[{0x3, 0x2, 0x3, 0x7}, {0x1, 0x20000003, 0xe, 0x7}, {0x5, 0x2, 0x2, 0x7}], 0x10, 0x5, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0xfffffffffffffdf2, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r7, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$inet6(0xa, 0x1, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.effective_mems\x00', 0x275a, 0x0)
write$cgroup_int(r8, &(0x7f0000000380), 0x101bf)
ioctl$EXT4_IOC_MOVE_EXT(r8, 0xc028660f, 0x0)

7.357495149s ago: executing program 3 (id=426):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000005"], 0x48)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000000580)=""/102392, 0x18ff8)
ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f0000000240)={0x2a, 0x3b, 0x0, 0x13, 0x8, 0xffff, 0x1, 0xea})
inotify_add_watch(0xffffffffffffffff, 0x0, 0x42000675)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00'}, 0x10)
r3 = epoll_create1(0x80000)
epoll_wait(r3, &(0x7f0000000240)=[{}], 0x1, 0x7ff)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder1\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f00000000c0)={0x10000001})

7.271572249s ago: executing program 4 (id=427):
r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000540)={[{@test_dummy_encryption}]}, 0x1, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000071120e000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000680)={0x0, r3}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f00000006c0)=ANY=[@ANYRES64=r0, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r7}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
pipe(&(0x7f0000000100))
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000a0db000000000000000000850000000e000000c50000002a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='netlink_extack\x00', r8}, 0x10)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@ipv4_newroute={0x1c, 0x18, 0x1, 0x4, 0x0, {0x2, 0x80, 0x94, 0x0, 0x0, 0x0, 0xc8, 0x7}}, 0x1c}, 0x1, 0x0, 0x0, 0x8045}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=@newlink={0x20, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88adfda5}}, 0x20}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x81c0, 0x0)

7.127283108s ago: executing program 2 (id=428):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000300)={'ip6_vti0\x00', &(0x7f0000000280)={'ip6_vti0\x00', 0x0, 0x4, 0x80, 0x9, 0x6, 0x10, @empty, @empty, 0x7800, 0x8, 0x8, 0x2}})
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
r6 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
sendmmsg$unix(r5, &(0x7f0000000100), 0x4000000000000b1, 0x10)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
mmap(&(0x7f000000c000/0x4000)=nil, 0x4000, 0xa, 0x31, r2, 0x0)
r8 = socket$inet6(0xa, 0x80002, 0x88)
r9 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r8, &(0x7f0000000200)={0xa0000014})
setuid(0xee01)
ioctl$GIO_UNIMAP(r1, 0x4b66, &(0x7f0000000280)={0x0, 0x0})
r10 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
read(r10, &(0x7f0000006b00)=""/165, 0xa5)
ioctl$EVIOCGABS3F(r6, 0x8018457f, &(0x7f00000003c0)=""/160)

3.545654299s ago: executing program 1 (id=429):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES16=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x2000000, 0x41, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r1}, &(0x7f0000000380), &(0x7f00000003c0)=r2}, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r3)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0700000000000000000005000000180001801400020073797a5f74756e00000000000000000018000380140003800c"], 0x44}}, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, 0x0, 0x38}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r8 = dup(r7)
ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4400ae8f, &(0x7f0000000040)=@x86={0x0, 0x0, 0x0, 0x0, 0x0, 0x8})
ioctl$KVM_SET_VAPIC_ADDR(r8, 0x4008ae93, &(0x7f00000000c0)=0xffff)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

3.543735039s ago: executing program 4 (id=430):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000280)={0x2, &(0x7f0000000240)=[{0x48, 0x0, 0x0, 0x172}, {0x6}]}, 0x10)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x3c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x5}, 0x1c)
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000100)="88", 0xfdef}], 0x1)
close(0xffffffffffffffff)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000480), 0x1000}, 0x38)
write$uinput_user_dev(r1, &(0x7f00000004c0)={'syz0\x00', {0x8, 0x9, 0x6, 0x4}, 0x2f, [0x8, 0x1ff, 0x4, 0x5, 0x11, 0x5, 0x4, 0x2, 0x0, 0xcb4, 0x8001, 0x9, 0x8, 0x2, 0x5, 0x0, 0x80000000, 0x7fff, 0xd778, 0x7, 0x7, 0xffffff81, 0x4, 0x0, 0x8, 0x2, 0x7, 0x81, 0x5, 0x8, 0xa4f1, 0xd, 0x6, 0x1, 0x3, 0x7ff, 0x40000000, 0x58dc, 0x9, 0x9, 0x1, 0x2, 0xa37, 0x1, 0x6a70, 0x3, 0x80000000, 0x7, 0x6, 0x6c, 0x8, 0x8, 0x9, 0x7, 0xb, 0x2, 0x7707b3b7, 0x2, 0x4, 0x6, 0x2, 0xf, 0x4, 0x4], [0x7d8, 0x3, 0x10001, 0x4, 0x0, 0x9, 0x0, 0x1, 0xffffffff, 0x9, 0x0, 0x61f, 0x81, 0x4, 0x10, 0x8001, 0xeb4, 0x9, 0x9, 0x7fffffff, 0x3, 0x1000, 0x1a, 0xfffffffd, 0x80000000, 0x0, 0x4, 0xb43, 0x100, 0x56, 0x0, 0xffffffff, 0x7, 0x3, 0x3595, 0x5, 0x7, 0x1, 0x6, 0xffff, 0x7, 0x44, 0x3, 0x4, 0xa, 0x5, 0x0, 0x9, 0x4, 0x78, 0x3ac23a28, 0xd, 0xd, 0x5, 0x7, 0x0, 0x8, 0x100, 0xf1, 0x7, 0xb, 0x7, 0x80000000, 0x5], [0x1000, 0x2, 0x5da, 0x86cf, 0x7ff, 0x7, 0xffff, 0x0, 0x1, 0x79f, 0x3, 0x3f, 0x2, 0x5, 0x3, 0x9, 0xc3a, 0x2, 0x2, 0xbd31, 0x4, 0x1, 0xfffffa3d, 0x0, 0x752d, 0x7fffffff, 0xd, 0x1, 0x9, 0x3be, 0x5, 0x0, 0xb4, 0x81, 0xd774, 0x4, 0xfffffff7, 0x7, 0x8, 0x8, 0x5, 0x2, 0x1, 0x1e1c92c0, 0x2, 0x4, 0xff, 0x2, 0x4, 0x10, 0x6, 0x1, 0xf7a, 0x9, 0x7, 0x8, 0xff, 0x4, 0xd6, 0x8, 0x400, 0xce5, 0x6], [0x9, 0x4, 0x4, 0x4, 0x5, 0x3, 0x9, 0x1, 0x280, 0x76de063f, 0x100, 0x6, 0x5, 0xfffffff7, 0x0, 0x3, 0x0, 0x10000, 0x5, 0x7, 0x3, 0x7, 0xa, 0x3, 0x7, 0x6, 0x5, 0x4, 0x7, 0x5291, 0x400, 0x9, 0x101, 0x2, 0x64289384, 0x4, 0xa0, 0x2, 0x1, 0x0, 0x3, 0x1, 0x7, 0x6, 0x5, 0x2, 0xfffffff9, 0x7, 0x7, 0xa, 0xc, 0x1, 0xfffff91f, 0x0, 0x80000001, 0x9, 0x10001, 0x9, 0x1, 0xf, 0xff, 0x9, 0x1, 0x200]}, 0x45c)

3.502409939s ago: executing program 2 (id=431):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b00000000010000000100000900000001"], 0x48)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
fsetxattr$security_ima(r0, &(0x7f0000000000), &(0x7f0000000a00)=ANY=[@ANYBLOB="04132dd6bdae49af6b049baebf492cf927ba25a045c6733b8c7d47a2dffe97700186999d7987dc265fe4aca27b5dfc88b9d41ab1fbee8a4d1e3c46c7be8528458b749e845de0515edb9614475143d321dcad06813fe22f1006c23781c8a2360e88144c30ea7f3b5dd90d421532e0c9a38d28d2ce7b9ade05eb1d64fd940361e80a9505c23fb8c6da18"], 0xe, 0x2)
prctl$PR_SET_KEEPCAPS(0x8, 0x0)
socket(0x1, 0x803, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000240), 0x208e24b)

2.951269647s ago: executing program 1 (id=432):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r1 = io_uring_setup(0x1694, &(0x7f0000000080))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x5, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x17, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x5}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x4800, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x9}, 0x1c)
listen(r3, 0x3)
syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1a}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x4, 0x6, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)

2.819305157s ago: executing program 0 (id=433):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
timer_create(0x0, &(0x7f0000000180)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000340)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x6, [@struct={0x0, 0x1, 0x0, 0x13, 0x0, 0x2, [{0x1}]}]}, {0x0, [0x2e, 0x61, 0x5f, 0x5f]}}, 0x0, 0x36, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cd9ae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2f4, &(0x7f0000000880)="$eJzs3U1PE1sYwPGnLxRaAsPi5t5cE8OJbnQzgepaaQwkxiYSpMaXxGSQqTYdWzLTYGqM6Mqt8UO4ICzZkShfgI073bhxx8bEhSyMYzqdodAOb6VQAv9fQubJnPNMz+kMyXMmzLB+792zYt7R80ZFon1KIiIiGyJDEpVAxN9GvTghW72Wy/0/v5y/c//BrUw2Oz6l1ERm+kpaKTU4/PH5y6TfbaVX1oYerf9If1/7d+3/9T/TTwuOKjiqVK4oQ82Uv1WMGctUswWnqCs1aZmGY6pCyTHtenu53p63ynNzVWWUZgdSc7bpOMooVVXRrKpKWVXsqoo9MQolpeu6GkgJ9pJbnJoyMm0m93V4MDgitp0xYiKSbGnJLXZlQAAAoKua6/+oqE7W/0sXViv9d5cH/fp/JRFW/1/9Wj/Wtvq/Vl2G1v/B54fW/8bB6v/WiuhsOVT9j5NhONGyK9IIa412xkj5v7+eNw+XRqTn2AYIAAAAAAAAAAAAAAAAAAAAAAAOZ8N1Ndd1tWDrxkXEdbVe/wFv198fkhoTketdGDI6qOX8+z/7OP84BRoP7sUHRay387n5XH3rd1gVEUtMGRFNfnvXg68WB08eqZoh+WQt+PkL87mY15LJS8HLHxWtR5rzXXfiZnZ8VNVtz++R1Nb8tGjyT3h+OjQ/IZcubsnXRZPPj6Uslsx642jkvxpV6sbtbFN+0usHAAAAAMBpoKtNoet3Xd+pvZ6/ub5uvj8Qa6yvR0LX53E5F+/u3AEAAAAAOCuc6ouiYVmmvUuQlL37tB/Ej+jIwQz3mxX8LcPRzXSXIPjwbU3BP9jo+NcSOcDXskMQlXayhmuzUYedRXDbaKc+Mjl2/GfQC/57/+FX5w54bblvj5m2H8R2vwB4OTAAAABwCjWK/mDPWHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGXQcb0fr9hwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk+JvAAAA///+mQDw")
r1 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0xd)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2000002, 0x4052, 0xffffffffffffffff, 0x0)
openat$vcsa(0xffffffffffffff9c, 0x0, 0x80100, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)

2.784541767s ago: executing program 1 (id=434):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r1 = io_uring_setup(0x1694, &(0x7f0000000080))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x5, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x17, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x5}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x4800, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x9}, 0x1c)
syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1a}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x4, 0x6, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)

2.691120087s ago: executing program 2 (id=435):
r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000540)={[{@test_dummy_encryption}]}, 0x1, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000071120e000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000680)={0x0, r3}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f00000006c0)=ANY=[@ANYRES64=r0, @ANYRES32=r4, @ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r7}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
pipe(&(0x7f0000000100))
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000a0db000000000000000000850000000e000000c50000002a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='netlink_extack\x00', r8}, 0x10)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@ipv4_newroute={0x1c, 0x18, 0x1, 0x4, 0x0, {0x2, 0x80, 0x94, 0x0, 0x0, 0x0, 0xc8, 0x7}}, 0x1c}, 0x1, 0x0, 0x0, 0x8045}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=@newlink={0x20, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88adfda5}}, 0x20}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x81c0, 0x0)

2.625932097s ago: executing program 4 (id=436):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
r3 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0xcf38, 0x0, 0x1000, 0xfffffffd})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x11d0)

2.561121817s ago: executing program 3 (id=437):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
r3 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0xcf38, 0x0, 0x1000, 0xfffffffd})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x11d0)

1.840318025s ago: executing program 1 (id=438):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2008, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r3, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)={0x6c, 0x0, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_LEVEL={0x4c, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x8}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x2}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x2}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x2}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5, 0x4, 0x1}, @NL802154_SECLEVEL_ATTR_FRAME={0x8}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x1}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0xa}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x9}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x48010}, 0x20004040)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r2}, 0x10)

1.811320475s ago: executing program 4 (id=439):
socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, 0x0, &(0x7f0000000140), 0x5}, 0x38)
mknodat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r3}, &(0x7f0000001c00), &(0x7f0000001c40)=r4}, 0x20)
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a40)=@newtaction={0x488, 0x30, 0xffff, 0x0, 0x0, {}, [{0x474, 0x1, [@m_police={0x470, 0x1, 0x0, 0x0, {{0xb}, {0x444, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xff7ffffc, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x717, 0x3, 0x0, 0x0, 0x3, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x6, 0x0, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x4, 0x2, 0x0, 0x0, 0x0, 0xff}}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x2}}}}]}]}, 0x488}}, 0x0)

1.451013754s ago: executing program 1 (id=440):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a40)=@newtaction={0x488, 0x30, 0xffff, 0x0, 0x0, {}, [{0x474, 0x1, [@m_police={0x470, 0x1, 0x0, 0x0, {{0xb}, {0x444, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xff7ffffc, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x717, 0x3, 0x0, 0x0, 0x3, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x6, 0x0, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x4, 0x2, 0x0, 0x0, 0x0, 0xff}}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x2}}}}]}]}, 0x488}}, 0x0)

1.405089954s ago: executing program 0 (id=441):
r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000540)={[{@test_dummy_encryption}]}, 0x1, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000071120e000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000680)={0x0, r3}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f00000006c0)=ANY=[@ANYRES64=r0, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r7}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
pipe(&(0x7f0000000100))
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000a0db000000000000000000850000000e000000c50000002a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='netlink_extack\x00', r8}, 0x10)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@ipv4_newroute={0x1c, 0x18, 0x1, 0x4, 0x0, {0x2, 0x80, 0x94, 0x0, 0x0, 0x0, 0xc8, 0x7}}, 0x1c}, 0x1, 0x0, 0x0, 0x8045}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=@newlink={0x20, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88adfda5}}, 0x20}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x81c0, 0x0)

1.396671994s ago: executing program 1 (id=442):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000840)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000300), 0x10000, 0x0)
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0a00000004000000060000008000000042000000", @ANYRES32, @ANYRES64=r2, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000e5bc566fa6b0628f47000084c299d800"/37], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={0x0}, 0x18)
r3 = socket(0x1, 0x803, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f0000000180)={'gre0\x00', &(0x7f0000000240)={'syztnl0\x00', 0x0, 0x0, 0x7800, 0x0, 0x0, {{0x6, 0x4, 0x0, 0x1, 0x18, 0x0, 0x0, 0x9, 0x2f, 0x0, @broadcast, @rand_addr=0x64010102, {[@timestamp_prespec={0x44, 0x4, 0x41, 0x3, 0x7}]}}}}})
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r4, &(0x7f0000000000)=0x700, 0x12)
r5 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10)
r6 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r6, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$tipc(r6, &(0x7f0000001940)={&(0x7f0000000480), 0x10, 0x0}, 0x0)

794.012622ms ago: executing program 3 (id=443):
capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x200})
r0 = epoll_create1(0x80000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f000009df00)={0x68, r2, 0x1, 0x70bd25, 0x25dfdbff, {{}, {0x0, 0x4108}, {0xfffffffffffffe9f, 0x18, {0x401, @link='broadcast-link\x00'}}}}, 0x68}, 0x1, 0x0, 0x0, 0x4090}, 0x4040080)
r3 = eventfd2(0x3, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r0, 0xfe, r3, &(0x7f0000000080)={0xb0002005})
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x4810, &(0x7f0000000140)={[{@journal_dev={'journal_dev', 0x3d, 0x8}}, {@data_err_ignore}, {@noinit_itable}, {@sysvgroups}, {@errors_remount}]}, 0x0, 0x4ec, &(0x7f0000000c40)="$eJzs3ElvHMUeAPB/j5fEL8mzX957QBbIQEBYIOLYWQ8cCAIpFyQkEApHYztRiJOg2EhJZBGzKEgcQPkEAW5IfAJOcEGAOIC4EsERIUXIBxw4oEE10zOMPTPe4iWxfz9pnKru6q6q7q64lmkHsGEV048sYmtE/BgR3ZXozATFyj+3piaG/piaGMqiVHrht6ycbnpq4sNq0upxW/JIbyGi8E4Wu5rkO3bp8pnB0dGRC5Xo2zfGC/mes4OnRk6NnBs4evTgga4jhwcOLUs9U5mmd75xfveO4y9fe27oxLVXvv40lbeU75+emhiaeUTPInNoa9hSjOLMa1nnkUWe/U63rS6ctaefhbUrDAuWntp0uzrK7b872sqxiu549q1aImDdKZVKpU0NW2sNfrJUL8sqBwDrRKZJwwa0ve43/vRUGqlODDWOg9e3m8eiPAJK9b6Vfyp72ssj2GJPZWzUsUL5/y8iTkz+eT19ouk8BADA8vr8WETp5987Ur+j+qnsKcQ9den+na8N9UTEfyIi9R3/m/df/h9RTntvRNxXd0zqUW6eJ//irHhj/+f7rjyQuqxLrmcrqf/3ZL62NbP/V1u/6GnLY9vK9e/ITp4eHdmfX5Pe6NiU4v2Np65Nq33xzA8ftMq/WNf/S5+Uf7UvmJfj1/ZZE3TDg+ODt1vvqptvli/slcb6Z9GeVUMROyJi5xLOn67Z6cc+2d1qf63+bXH9RKpnQ/3fb33y9iUUaJbSRxGPVu7/ZMyqf9KZh/rGz77WN3bp8hOn69cn+48cHjjUtzlGR/b3VZ+KRt98d/X5PNgwjJj//q+sdP//1fT5r61c9mT167Vji8/j6o13W45plvr8d2YvlsOd+baLg+PjF/ojOrPJxu0D/xx7cbBrRvpU/969zdv/9oi/qovbuyIiPcT3R8QDEbEnL/uDEfFQROydo/5fPf3wq62GkHfC/R9e1P1vFXjq24jmu9rOfPlZQ8bvFRdY/3T/D5ZDvfmW4cHx+X6txFwlrQ/c9gUEAACAu8CeiNgaWWFfPse5NQqFffsittRmUMbGHz95/vVzw5V3BHqio1Cd6equmw/tz+eGUzwdNVAXT/sPlOeNS6VSqSvF0/h9dNvaVh02vC0t2n/yi+/9w/q3qHW0Vm+0AXelpa+jL/8XMoDVtQzfowHuUto/bFwLbv8r9RYcsGaatf8rEbfWoCjAKmvW/l9ag3IAq8/4HzYu7R82Lu0fNqQFvSS/hMD247O31OWVta9Mpq0DhZj7rwD0RFS3VL/gOPcJfypELE8J25a1pl0z7mmhaZrNsRx5RWHeNO2L+EMMqxso3BnFqAQ2RcQ8T2/tYbtSDVxe6YKVG8HHa/u/EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwO37OwAA//8GPdEz")
ioctl$FS_IOC_SETFSLABEL(r3, 0x41009432, &(0x7f00000001c0)="ef6b60a07d08c2595ce2fc77a6c1a6d9bc323d198e5a4ab3ccdde7b5762d4b1072869626cfd93894d528a5c3704cb1d7685843e702821fb7d3bd9ee75a3eef61fac96fb5c6b0136ab1e4f2a4fc3df7351f6d824c8bf0caa2252ddfdf4d5301741a24d3ca179eecccfc72643f30071afb096a329bd0f77c223a70a6d0b67501d950fbc48ecf9600da741b3b5097a431396bfef27662ab27bfd0a556f41011f9186c248a210612e33ae42643efdc1fa38d1976660ad8f09b661e508696b68e05006cde956b86e9fcc56f30ad5ab5c64911fe8fc3ff6e025dd000682036e09f5c10bbc39e719623d051aa3a973c45d6feda44d68f47a954b8124310d353f480c539")
ppoll(&(0x7f0000000000)=[{0xffffffffffffffff, 0x4}], 0x2259, 0x0, 0x0, 0x0)

511.482191ms ago: executing program 4 (id=444):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000cc0), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
syz_emit_ethernet(0x3a, &(0x7f0000000180)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, {0x0, 0x4e22, 0x18, 0x0, @wg=@data}}}}}, 0x0)
close(r1)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000001c0)={0xffffffffffffffff, 0x20, &(0x7f0000000040)={&(0x7f0000000280)=""/133, 0x85, <r3=>0x0, &(0x7f0000000340)=""/180, 0xb4}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073", @ANYRESHEX=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r4}, 0x10)
r5 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000400), 0x4000, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4, 0x10, r5, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000100)='system.posix_acl_access\x00', &(0x7f0000000400)=ANY=[@ANYBLOB="0200000001dc097ce11c9007dc0000000000000010000000000000002040000000000000"], 0x24, 0x0)
r6 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r6, 0xaf01, 0x0)
r7 = eventfd(0x4)
ioctl$VHOST_SET_VRING_BASE(r6, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f00000000c0)={[{@dioread_lock}, {@noblock_validity}, {@abort}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x1f5}}, {@grpjquota, 0x2e}, {@barrier}, {@nolazytime}, {@jqfmt_vfsv1}, {@grpquota}], [], 0x2c}, 0x84, 0x4aa, &(0x7f0000000740)="$eJzs3MtvG0UYAPBvN4++m7SURx9QQ0FEFJImLdADh4JA6gUJCQ7lGNJQlaYtaoJEq4oGhMoR8RcARyQkTlw4gYQQcAJxhTtCqlAvLRxQ0Nq7ybqxU8d5GOrfT7IzszvrmW93xx7vZB1A16pkT0nE1oj4NSIGatn6ApXan5vXL0/8df3yRBJzcy//mVTL3bh+eaIoWmy3Jc8MpRHp+0nsbVDv9MVLZ8anpiYv5PmRmbNvjkxfvPTE6bPjpyZPTZ4bO3r0yOHRp58ae3JV4sziurHnnfP7dh9/9aMXJ+bitR8+z9q7NV9fjqNmcMV1VqISc7mFpf3V50dW/Or/LdtK6aS3gw1hWXoiIjtcfdX+PxA9sXDwBuKF9+Yz33aogcCayT6bdixa2pP/Tec/v4A7UaKPQ5cqPvGz77/FYz3HH5127dnsebIa/838UVvTG2n2XXaw9o29p8n2x1ZY/9aIODH798fZIxpehwAAWF1fZ+OfxxuN/9K4p1Ruez6HMhgRByNiZ0TcFRG7IuLuiGrZeyPivmXWX7klv3j88/OmtgJrUTb+eyaf26of/6V5iWQ+t60af1/y+umpyUP5PhmKvg1ZfnSJOr55/pcPm62rlMZ/2SOrvxgL5u34o3dD/TYnx2fGVxBynWvvRuzpbRR/Mj8TkO2B3RGxp43Xz/bZ6cc+25elt29ZvP728S9hFeaZ5j6NeLR2/GfjlvgLSa2mZvOTIxtjavLQSHFWLPbjT1dfKuf7Sum6+De2FtPGdoNtIDv+mxue/3n8RTco5munl1/H1d8+aPqdZvHxT+LEbLlEfv6X3gWy878/eaWa7s+XvT0+M3NhNKI/X1C3fGxh2yJflM/iHzrQuP/vjPjnk3y7vRGRncT3R8QDEbE/b/uDEfFQRBxYIv7vn3v4jaX3UJvn/yrI4j+51PGPGEzK8/VtJHrOfPdVs/pbe/87Uk0N5Utaef9rtYEr2XcAAADwf5FW56CTdLhIly5O7YrN6dT56ZmDlXjr3MnaXPVg9KXFla6B0vXQ0fzacJEfuyV/OCJ2VP/TaFM1PzxxfmpbJwMHqvfq1PX/SNPh4dq635v90wtw51jWPFr57sAvvlz9xgDryv2a0L30f+he+j90L/0fulej/n8l4mYHmgKsM5//0L30f+he+j90L/0futLiW+KLH1po507/hcTO4yvafM0TcwNr8sqzy9+qZ40ijfKPdjRNJBHRXhWRLl2mv4XaO5ZIb1vmWJu7ZRmJ/XliQ0S0utWVddurnX1fAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWC3/BgAA//+cGdz7")
ioctl$VHOST_SET_VRING_ADDR(r6, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0})
ioctl$VHOST_SET_LOG_FD(r6, 0x4004af07, &(0x7f0000000740)=r7)
ioctl$VHOST_SET_VRING_KICK(r6, 0x4008af20, &(0x7f0000000040)={0x1, r7})
ioctl$VHOST_SET_VRING_ADDR(r6, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_VRING_ERR(r6, 0x4008af22, &(0x7f0000000140)={0x1, r7})
ioctl$VHOST_SET_MEM_TABLE(r6, 0x4008af03, &(0x7f0000000940)={0x1, 0x0, [{0x0, 0xdd, &(0x7f0000000780)=""/221}]})

0s ago: executing program 2 (id=445):
prlimit64(0x0, 0xe, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x28, 0x6, 0x0, &(0x7f0000000000))
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0x2, &(0x7f0000000040)=0x9, 0x4)
syz_usb_connect(0x3, 0x24, &(0x7f0000008ec0)={{0x12, 0x1, 0x110, 0x2b, 0x95, 0xd9, 0x8, 0x4e2, 0x1412, 0xca10, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x2, 0xfa, 0xa0, 0xbf, [{{0x9, 0x4, 0x0, 0x8, 0x0, 0x8, 0x6, 0x62}}]}}]}}, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x18)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000007b00000000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000080)='netlink_extack\x00', r2}, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r3=>0x0})
r4 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32=r3, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYRES16, @ANYRES32=r4], 0x44}}, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x10, 0x80, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa4}, {0x0, 0x1}}}, 0xb8}}, 0x0)

kernel console output (not intermixed with test programs):

TASK>
[   31.910534][  T446]  dump_stack_lvl+0x151/0x1b7
[   31.910565][  T446]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[   31.932397][  T446]  dump_stack+0x15/0x18
[   31.936383][  T446]  should_fail_ex+0x3d0/0x520
[   31.940900][  T446]  should_fail+0xb/0x10
[   31.944895][  T446]  should_fail_usercopy+0x1a/0x20
[   31.949838][  T446]  _copy_from_user+0x1e/0xc0
[   31.954267][  T446]  kstrtouint_from_user+0xc2/0x180
[   31.959210][  T446]  ? kstrtol_from_user+0x180/0x180
[   31.964192][  T446]  ? __kasan_check_read+0x11/0x20
[   31.969025][  T446]  proc_fail_nth_write+0xa6/0x290
[   31.973910][  T446]  ? selinux_file_permission+0x2bb/0x560
[   31.979345][  T446]  ? proc_fail_nth_read+0x210/0x210
[   31.984381][  T446]  ? fsnotify_perm+0x6a/0x5b0
[   31.988983][  T446]  ? security_file_permission+0x86/0xb0
[   31.994370][  T446]  ? proc_fail_nth_read+0x210/0x210
[   31.999395][  T446]  vfs_write+0x41d/0xed0
[   32.003473][  T446]  ? __kasan_check_read+0x11/0x20
[   32.008338][  T446]  ? file_end_write+0x1c0/0x1c0
[   32.013024][  T446]  ? mutex_lock+0xb1/0x1e0
[   32.017274][  T446]  ? bit_wait_io_timeout+0x120/0x120
[   32.022400][  T446]  ? __fdget_pos+0x2e2/0x390
[   32.026821][  T446]  ? ksys_write+0x77/0x2c0
[   32.031077][  T446]  ksys_write+0x199/0x2c0
[   32.035239][  T446]  ? __ia32_sys_recv+0xb0/0xb0
[   32.039842][  T446]  ? __ia32_sys_read+0x90/0x90
[   32.044443][  T446]  ? debug_smp_processor_id+0x17/0x20
[   32.049650][  T446]  ? fpregs_assert_state_consistent+0xb6/0xe0
[   32.055553][  T446]  __x64_sys_write+0x7b/0x90
[   32.059977][  T446]  x64_sys_call+0x2f/0x9a0
[   32.064228][  T446]  do_syscall_64+0x3b/0xb0
[   32.068481][  T446]  ? clear_bhb_loop+0x55/0xb0
[   32.072994][  T446]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   32.078723][  T446] RIP: 0033:0x7fa8b61847df
[   32.082978][  T446] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   32.102421][  T446] RSP: 002b:00007fa8b6f0b030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   32.110663][  T446] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa8b61847df
[   32.118563][  T446] RDX: 0000000000000001 RSI: 00007fa8b6f0b0a0 RDI: 0000000000000003
[   32.126372][  T446] RBP: 00007fa8b6f0b090 R08: 0000000000000000 R09: 0000000000000000
[   32.134184][  T446] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[   32.141996][  T446] R13: 0000000000000000 R14: 00007fa8b6375fa0 R15: 00007ffd6dcf2088
[   32.149810][  T446]  </TASK>
[   32.189054][   T28] audit: type=1400 audit(1736619832.390:154): avc:  denied  { read write } for  pid=453 comm="syz.3.37" name="fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   32.222711][  T454] 9pnet_fd: Insufficient options for proto=fd
[   32.233991][  T448] FAT-fs (loop0): Directory bread(block 64) failed
[   32.240573][  T448] FAT-fs (loop0): Directory bread(block 65) failed
[   32.247171][  T448] FAT-fs (loop0): Directory bread(block 66) failed
[   32.247553][  T454] loop3: detected capacity change from 0 to 512
[   32.253751][  T448] FAT-fs (loop0): Directory bread(block 67) failed
[   32.266291][  T448] FAT-fs (loop0): Directory bread(block 68) failed
[   32.266402][   T28] audit: type=1400 audit(1736619832.420:155): avc:  denied  { open } for  pid=453 comm="syz.3.37" path="/dev/fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   32.272748][  T448] FAT-fs (loop0): Directory bread(block 69) failed
[   32.303238][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   32.322856][  T448] FAT-fs (loop0): Directory bread(block 70) failed
[   32.329312][  T448] FAT-fs (loop0): Directory bread(block 71) failed
[   32.335641][  T448] FAT-fs (loop0): Directory bread(block 72) failed
[   32.338832][  T454] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.37: casefold flag without casefold feature
[   32.342392][  T448] FAT-fs (loop0): Directory bread(block 73) failed
[   32.364400][   T39] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   32.367103][   T28] audit: type=1400 audit(1736619832.430:156): avc:  denied  { mounton } for  pid=453 comm="syz.3.37" path="/8/file0" dev="tmpfs" ino=61 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   32.402386][   T28] audit: type=1400 audit(1736619832.570:157): avc:  denied  { write } for  pid=449 comm="syz.1.36" name="udp" dev="proc" ino=4026532315 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   32.424511][   T28] audit: type=1400 audit(1736619832.570:158): avc:  denied  { mount } for  pid=449 comm="syz.1.36" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[   32.441270][   T39] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   32.446045][   T28] audit: type=1326 audit(1736619832.600:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=449 comm="syz.1.36" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1c13585d29 code=0x0
[   32.458521][  T454] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.37: couldn't read orphan inode 15 (err -117)
[   32.492061][  T454] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   32.507820][  T454] EXT4-fs (loop3): unmounting filesystem.
[   32.526769][   T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   32.547019][  T461] FAULT_INJECTION: forcing a failure.
[   32.547019][  T461] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   32.563119][   T39] usb 5-1: config 0 descriptor??
[   32.591509][  T461] CPU: 0 PID: 461 Comm: syz.0.38 Not tainted 6.1.118-syzkaller-00015-g770852bf7d99 #0
[   32.600898][  T461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   32.610802][  T461] Call Trace:
[   32.613919][  T461]  <TASK>
[   32.616696][  T461]  dump_stack_lvl+0x151/0x1b7
[   32.621215][  T461]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[   32.626506][  T461]  ? vmx_get_msr+0xf99/0x1890
[   32.631021][  T461]  dump_stack+0x15/0x18
[   32.635008][  T461]  should_fail_ex+0x3d0/0x520
[   32.639523][  T461]  should_fail+0xb/0x10
[   32.643515][  T461]  should_fail_usercopy+0x1a/0x20
[   32.648374][  T461]  _copy_to_user+0x1e/0x90
[   32.652634][  T461]  msr_io+0x2a6/0x380
[   32.656454][  T461]  ? kvm_vcpu_ioctl_interrupt+0x380/0x380
[   32.661997][  T461]  ? kvm_arch_dev_ioctl+0xa20/0xa20
[   32.667035][  T461]  kvm_arch_vcpu_ioctl+0x787/0x24a0
[   32.672067][  T461]  ? kvm_arch_vcpu_put+0x620/0x620
[   32.677021][  T461]  ? 0xffffffffa0003940
[   32.681008][  T461]  ? is_bpf_text_address+0x172/0x190
[   32.686128][  T461]  ? stack_trace_save+0x1c0/0x1c0
[   32.690988][  T461]  ? kernel_text_address+0xa9/0xe0
[   32.695933][  T461]  ? __kernel_text_address+0xd/0x40
[   32.700980][  T461]  ? unwind_get_return_address+0x4d/0x90
[   32.706438][  T461]  ? arch_stack_walk+0xf3/0x140
[   32.711132][  T461]  ? _parse_integer_limit+0x19b/0x1e0
[   32.716333][  T461]  ? _parse_integer+0x2a/0x40
[   32.720845][  T461]  ? kstrtoull+0x1cd/0x2e0
[   32.725098][  T461]  ? _parse_integer+0x40/0x40
[   32.729613][  T461]  ? __stack_depot_save+0x36/0x480
[   32.734568][  T461]  ? putname+0xfa/0x150
[   32.738551][  T461]  ? kstrtouint+0xf6/0x180
[   32.742804][  T461]  ? kasan_set_track+0x4b/0x70
[   32.747404][  T461]  ? kasan_save_free_info+0x2b/0x40
[   32.752437][  T461]  ? _kstrtol+0x150/0x150
[   32.756785][  T461]  ? do_vfs_ioctl+0xba7/0x29a0
[   32.761376][  T461]  ? kstrtouint_from_user+0x124/0x180
[   32.766583][  T461]  ? __x64_compat_sys_ioctl+0x90/0x90
[   32.771788][  T461]  ? kstrtol_from_user+0x180/0x180
[   32.776739][  T461]  ? __kasan_check_write+0x14/0x20
[   32.781682][  T461]  ? ioctl_has_perm+0x1f8/0x560
[   32.786369][  T461]  ? memcpy+0x56/0x70
[   32.790189][  T461]  ? __kasan_check_write+0x14/0x20
[   32.795150][  T461]  ? mutex_lock_killable+0xb1/0x1e0
[   32.800173][  T461]  ? __mutex_lock_interruptible_slowpath+0x10/0x10
[   32.806593][  T461]  ? vfs_write+0x952/0xed0
[   32.810849][  T461]  kvm_vcpu_ioctl+0x6d6/0xcf0
[   32.815363][  T461]  ? xa_release+0x40/0x40
[   32.819525][  T461]  ? selinux_file_ioctl+0x3cc/0x540
[   32.824561][  T461]  ? __mutex_lock_slowpath+0x10/0x10
[   32.829678][  T461]  ? selinux_file_alloc_security+0x120/0x120
[   32.835498][  T461]  ? __fget_files+0x2cb/0x330
[   32.840009][  T461]  ? security_file_ioctl+0x84/0xb0
[   32.844957][  T461]  ? xa_release+0x40/0x40
[   32.849206][  T461]  __se_sys_ioctl+0x114/0x190
[   32.853721][  T461]  __x64_sys_ioctl+0x7b/0x90
[   32.858151][  T461]  x64_sys_call+0x98/0x9a0
[   32.862402][  T461]  do_syscall_64+0x3b/0xb0
[   32.866652][  T461]  ? clear_bhb_loop+0x55/0xb0
[   32.871168][  T461]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   32.876898][  T461] RIP: 0033:0x7fea46b85d29
[   32.881149][  T461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   32.900593][  T461] RSP: 002b:00007fea479fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   32.908839][  T461] RAX: ffffffffffffffda RBX: 00007fea46d75fa0 RCX: 00007fea46b85d29
[   32.916647][  T461] RDX: 0000000020000040 RSI: 00000000c008ae88 RDI: 0000000000000005
[   32.924461][  T461] RBP: 00007fea479fe090 R08: 0000000000000000 R09: 0000000000000000
[   32.932361][  T461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   32.940167][  T461] R13: 0000000000000000 R14: 00007fea46d75fa0 R15: 00007ffc976fef28
[   32.947985][  T461]  </TASK>
[   32.958955][   T28] audit: type=1400 audit(1736619833.160:160): avc:  denied  { write } for  pid=435 comm="syz.4.30" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[   33.156419][   T28] audit: type=1400 audit(1736619833.360:161): avc:  denied  { ioctl } for  pid=435 comm="syz.4.30" path="/dev/binderfs/binder0" dev="binder" ino=7 ioctlcmd=0x6207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   33.288856][  T472] Zero length message leads to an empty skb
[   33.297105][   T28] audit: type=1400 audit(1736619833.370:162): avc:  denied  { set_context_mgr } for  pid=435 comm="syz.4.30" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   33.456753][  T470] loop4: detected capacity change from 0 to 128
[   33.501022][  T470] FAT-fs (loop4): Unrecognized mount option "00000000000000000000005" or missing value
[   33.569292][  T475] loop1: detected capacity change from 0 to 8192
[   33.634473][   T39] usbhid 5-1:0.0: can't add hid device: -71
[   33.642917][   T39] usbhid: probe of 5-1:0.0 failed with error -71
[   33.652312][   T39] usb 5-1: USB disconnect, device number 2
[   33.661197][  T429] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   34.029315][  T429] usb 1-1: Using ep0 maxpacket: 8
[   34.038080][  T429] usb 1-1: config 2 interface 0 has no altsetting 0
[   34.059969][  T429] usb 1-1: New USB device found, idVendor=04e2, idProduct=1412, bcdDevice=ca.10
[   34.081820][  T429] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   34.096163][  T429] usb 1-1: Product: syz
[   34.103440][  T429] usb 1-1: Manufacturer: syz
[   34.111505][  T429] usb 1-1: SerialNumber: syz
[   34.219385][  T491] device dummy0 entered promiscuous mode
[   34.238930][  T491] device dummy0 left promiscuous mode
[   34.345469][  T429] usb 1-1: USB disconnect, device number 2
[   34.392311][  T477] syz.1.41[477] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   34.392393][  T477] syz.1.41[477] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   34.436920][  T498] loop4: detected capacity change from 0 to 512
[   34.458348][  T498] EXT4-fs: Ignoring removed nomblk_io_submit option
[   34.489862][  T498] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   34.513727][  T498] ext4 filesystem being mounted at /6/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   34.604012][  T502] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 1
[   37.065218][  T509] loop3: detected capacity change from 0 to 128
[   37.411070][   T28] kauditd_printk_skb: 9 callbacks suppressed
[   37.411089][   T28] audit: type=1400 audit(1736619837.600:172): avc:  denied  { create } for  pid=508 comm="syz.3.50" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   37.441058][   T28] audit: type=1400 audit(1736619837.600:173): avc:  denied  { ioctl } for  pid=508 comm="syz.3.50" path="socket:[16685]" dev="sockfs" ino=16685 ioctlcmd=0x6628 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   37.466836][  T291] EXT4-fs (loop4): unmounting filesystem.
[   37.489320][  T517] loop4: detected capacity change from 0 to 256
[   37.495580][  T515] loop2: detected capacity change from 0 to 128
[   37.513300][  T517] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xbd4b369d, utbl_chksum : 0xe619d30d)
[   37.533490][   T28] audit: type=1400 audit(1736619837.740:174): avc:  denied  { write } for  pid=516 comm="syz.4.52" name="file1" dev="loop4" ino=1048603 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   37.556326][  T517] exFAT-fs (loop4): error, tried to truncate zeroed cluster.
[   37.563549][  T517] exFAT-fs (loop4): Filesystem has been set read-only
[   37.570287][   T28] audit: type=1400 audit(1736619837.740:175): avc:  denied  { create } for  pid=514 comm="syz.2.53" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   37.658839][   T28] audit: type=1400 audit(1736619837.740:176): avc:  denied  { setopt } for  pid=514 comm="syz.2.53" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   37.708251][  T521] device vlan2 entered promiscuous mode
[   37.716267][  T521] device syz_tun entered promiscuous mode
[   37.722174][   T28] audit: type=1400 audit(1736619837.770:177): avc:  denied  { open } for  pid=516 comm="syz.4.52" name="file1" dev="loop4" ino=1048603 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   37.779198][   T28] audit: type=1400 audit(1736619837.880:178): avc:  denied  { unmount } for  pid=291 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   37.810317][   T28] audit: type=1400 audit(1736619837.910:179): avc:  denied  { create } for  pid=511 comm="syz.0.51" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   37.830427][   T28] audit: type=1400 audit(1736619837.910:180): avc:  denied  { ioctl } for  pid=511 comm="syz.0.51" path="socket:[16703]" dev="sockfs" ino=16703 ioctlcmd=0x48e4 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   38.694575][   T28] audit: type=1400 audit(1736619837.910:181): avc:  denied  { ioctl } for  pid=511 comm="syz.0.51" path="socket:[16707]" dev="sockfs" ino=16707 ioctlcmd=0x8902 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   38.841682][  T547] loop3: detected capacity change from 0 to 512
[   38.862927][  T547] EXT4-fs: Ignoring removed oldalloc option
[   38.868769][  T547] EXT4-fs: Ignoring removed i_version option
[   38.877027][  T547] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   38.970411][  T548] netlink: 'syz.1.63': attribute type 27 has an invalid length.
[   38.980118][  T547] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   38.990060][  T548] netlink: 8 bytes leftover after parsing attributes in process `syz.1.63'.
[   39.011329][  T547] ext4 filesystem being mounted at /13/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   39.091603][  T555] loop2: detected capacity change from 0 to 1024
[   39.100227][  T555] EXT4-fs: Ignoring removed i_version option
[   39.106397][  T555] EXT4-fs: Ignoring removed mblk_io_submit option
[   39.192336][  T555] EXT4-fs (loop2): Test dummy encryption mode enabled
[   39.408008][  T555] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   39.478666][  T555] fscrypt: AES-256-XTS using blk-crypto-fallback
[   40.195634][  T293] EXT4-fs (loop3): unmounting filesystem.
[   40.236147][  T292] EXT4-fs (loop2): unmounting filesystem.
[   40.269923][  T565] loop4: detected capacity change from 0 to 128
[   40.280900][  T563] loop3: detected capacity change from 0 to 512
[   40.290070][  T563] EXT4-fs: Ignoring removed mblk_io_submit option
[   40.296613][  T563] ext3: Unknown parameter 'fsmagic'
[   40.363264][  T315] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   40.550780][  T573] FAULT_INJECTION: forcing a failure.
[   40.550780][  T573] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   40.563767][  T573] CPU: 1 PID: 573 Comm: syz.3.64 Not tainted 6.1.118-syzkaller-00015-g770852bf7d99 #0
[   40.573139][  T573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   40.583033][  T573] Call Trace:
[   40.586156][  T573]  <TASK>
[   40.588933][  T573]  dump_stack_lvl+0x151/0x1b7
[   40.593449][  T573]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[   40.598744][  T573]  ? raw_irqentry_exit_cond_resched+0x2a/0x30
[   40.604643][  T573]  ? irqentry_exit+0x30/0x40
[   40.609070][  T573]  ? sysvec_reschedule_ipi+0x8f/0x170
[   40.614279][  T573]  dump_stack+0x15/0x18
[   40.618270][  T573]  should_fail_ex+0x3d0/0x520
[   40.622786][  T573]  should_fail+0xb/0x10
[   40.626776][  T573]  should_fail_usercopy+0x1a/0x20
[   40.631816][  T573]  copyin+0x1e/0x90
[   40.635470][  T573]  _copy_from_iter+0x3c9/0xe00
[   40.640058][  T573]  ? copyout_mc+0x80/0x80
[   40.644231][  T573]  ? __kasan_check_write+0x14/0x20
[   40.649170][  T573]  ? __check_object_size+0x48e/0x650
[   40.654306][  T573]  netlink_sendmsg+0x8c8/0xd30
[   40.658895][  T573]  ? netlink_getsockopt+0x540/0x540
[   40.663926][  T573]  ? security_socket_sendmsg+0x82/0xb0
[   40.669224][  T573]  ? netlink_getsockopt+0x540/0x540
[   40.674255][  T573]  ____sys_sendmsg+0x5d3/0x9a0
[   40.678861][  T573]  ? __sys_sendmsg_sock+0x40/0x40
[   40.683719][  T573]  __sys_sendmsg+0x2a9/0x390
[   40.688167][  T573]  ? ____sys_sendmsg+0x9a0/0x9a0
[   40.692928][  T573]  ? fpregs_restore_userregs+0x130/0x290
[   40.698381][  T573]  __x64_sys_sendmsg+0x7f/0x90
[   40.702980][  T573]  x64_sys_call+0x16a/0x9a0
[   40.707327][  T573]  do_syscall_64+0x3b/0xb0
[   40.711579][  T573]  ? clear_bhb_loop+0x55/0xb0
[   40.716086][  T573]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   40.721815][  T573] RIP: 0033:0x7fa8b6185d29
[   40.726069][  T573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   40.745684][  T573] RSP: 002b:00007fa8b5fff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   40.754116][  T573] RAX: ffffffffffffffda RBX: 00007fa8b6376160 RCX: 00007fa8b6185d29
[   40.761889][  T573] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000008
[   40.769702][  T573] RBP: 00007fa8b5fff090 R08: 0000000000000000 R09: 0000000000000000
[   40.777513][  T573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   40.785328][  T573] R13: 0000000000000000 R14: 00007fa8b6376160 R15: 00007ffd6dcf2088
[   40.793143][  T573]  </TASK>
[   40.883683][  T577] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   40.938660][  T575] device veth0_virt_wifi entered promiscuous mode
[   41.165196][  T580] loop1: detected capacity change from 0 to 128
[   41.203919][  T585] device vlan2 entered promiscuous mode
[   41.428675][    T8] kworker/u4:0: attempt to access beyond end of device
[   41.428675][    T8] loop1: rw=1, sector=145, nr_sectors = 896 limit=128
[   41.862151][  T597] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   41.934401][  T599] syz.1.75[599] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   41.934594][  T599] syz.1.75[599] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   42.043520][  T601] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 1
[   42.717379][  T570] loop0: detected capacity change from 0 to 40427
[   42.838165][  T570] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   43.351203][  T570] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   43.376909][  T570] F2FS-fs (loop0): invalid crc value
[   43.390013][  T608] loop3: detected capacity change from 0 to 128
[   43.396666][  T570] F2FS-fs (loop0): Failed to start F2FS issue_checkpoint_thread (-4)
[   43.515941][  T608] syz.3.76: attempt to access beyond end of device
[   43.515941][  T608] loop3: rw=2049, sector=145, nr_sectors = 896 limit=128
[   44.489998][  T607] syz.3.76: attempt to access beyond end of device
[   44.489998][  T607] loop3: rw=524288, sector=145, nr_sectors = 33 limit=128
[   44.572282][   T28] kauditd_printk_skb: 36 callbacks suppressed
[   44.572309][   T28] audit: type=1400 audit(1736619844.770:218): avc:  denied  { write } for  pid=626 comm="syz.1.81" name="ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   44.711287][   T28] audit: type=1400 audit(1736619844.920:219): avc:  denied  { read } for  pid=627 comm="syz.2.82" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=16325 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   44.832218][  T645] loop3: detected capacity change from 0 to 128
[   44.854482][   T28] audit: type=1400 audit(1736619845.060:220): avc:  denied  { map } for  pid=642 comm="syz.2.87" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=16354 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   44.861051][  T643] netlink: 28 bytes leftover after parsing attributes in process `syz.2.87'.
[   44.878565][   T28] audit: type=1400 audit(1736619845.060:221): avc:  denied  { write } for  pid=642 comm="syz.2.87" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=16354 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   44.902073][  T643] loop2: detected capacity change from 0 to 128
[   44.910737][  T429] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   44.919258][  T643] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   44.944703][  T643] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   45.057235][  T651] FAULT_INJECTION: forcing a failure.
[   45.057235][  T651] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   45.070247][  T651] CPU: 1 PID: 651 Comm: syz.4.88 Not tainted 6.1.118-syzkaller-00015-g770852bf7d99 #0
[   45.079614][  T651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   45.089510][  T651] Call Trace:
[   45.092633][  T651]  <TASK>
[   45.095416][  T651]  dump_stack_lvl+0x151/0x1b7
[   45.099921][  T651]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[   45.105218][  T651]  ? do_vfs_ioctl+0xba7/0x29a0
[   45.109832][  T651]  dump_stack+0x15/0x18
[   45.113812][  T651]  should_fail_ex+0x3d0/0x520
[   45.118412][  T651]  should_fail+0xb/0x10
[   45.122405][  T651]  should_fail_usercopy+0x1a/0x20
[   45.127264][  T651]  _copy_to_user+0x1e/0x90
[   45.131517][  T651]  simple_read_from_buffer+0xc7/0x150
[   45.136813][  T651]  proc_fail_nth_read+0x1a3/0x210
[   45.141673][  T651]  ? proc_fault_inject_write+0x390/0x390
[   45.147141][  T651]  ? fsnotify_perm+0x269/0x5b0
[   45.151743][  T651]  ? security_file_permission+0x86/0xb0
[   45.157120][  T651]  ? proc_fault_inject_write+0x390/0x390
[   45.162590][  T651]  vfs_read+0x26c/0xae0
[   45.166582][  T651]  ? kernel_read+0x1f0/0x1f0
[   45.171008][  T651]  ? mutex_lock+0xb1/0x1e0
[   45.175261][  T651]  ? bit_wait_io_timeout+0x120/0x120
[   45.180384][  T651]  ? __fdget_pos+0x2e2/0x390
[   45.184808][  T651]  ? ksys_read+0x77/0x2c0
[   45.188975][  T651]  ksys_read+0x199/0x2c0
[   45.193053][  T651]  ? kvm_reboot+0x40/0x40
[   45.197220][  T651]  ? vfs_write+0xed0/0xed0
[   45.201477][  T651]  ? debug_smp_processor_id+0x17/0x20
[   45.206683][  T651]  ? fpregs_assert_state_consistent+0xb6/0xe0
[   45.212582][  T651]  __x64_sys_read+0x7b/0x90
[   45.216934][  T651]  x64_sys_call+0x28/0x9a0
[   45.221181][  T651]  do_syscall_64+0x3b/0xb0
[   45.225426][  T651]  ? clear_bhb_loop+0x55/0xb0
[   45.229940][  T651]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   45.235670][  T651] RIP: 0033:0x7f4b96b8473c
[   45.239921][  T651] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   45.259362][  T651] RSP: 002b:00007f4b979dd030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   45.267607][  T651] RAX: ffffffffffffffda RBX: 00007f4b96d75fa0 RCX: 00007f4b96b8473c
[   45.275493][  T651] RDX: 000000000000000f RSI: 00007f4b979dd0a0 RDI: 0000000000000004
[   45.283235][  T651] RBP: 00007f4b979dd090 R08: 0000000000000000 R09: 0000000000000000
[   45.291051][  T651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   45.298853][  T651] R13: 0000000000000000 R14: 00007f4b96d75fa0 R15: 00007ffe268750d8
[   45.306670][  T651]  </TASK>
[   45.331186][  T429] usb 1-1: Using ep0 maxpacket: 16
[   45.337480][  T429] usb 1-1: config 1 has an invalid descriptor of length 121, skipping remainder of the config
[   45.348136][  T429] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[   45.359118][  T429] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   45.371180][  T429] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   45.390065][  T429] usb 1-1: Product: syz
[   45.396269][  T292] EXT4-fs (loop2): unmounting filesystem.
[   45.404473][  T656] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   45.411542][  T429] usb 1-1: Manufacturer: syz
[   45.416390][  T429] usb 1-1: SerialNumber: syz
[   45.675905][  T628] 
@ÿ: renamed from bond_slave_0
[   45.721333][   T28] audit: type=1400 audit(1736619845.880:222): avc:  denied  { create } for  pid=622 comm="syz.0.79" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   46.011480][  T668] loop2: detected capacity change from 0 to 128
[   46.059886][  T668] EXT4-fs (loop2): Test dummy encryption mode enabled
[   46.105054][  T668] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   46.123838][  T668] ext4 filesystem being mounted at /23/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   46.607184][  T682] netem: change failed
[   48.497241][  T685] loop4: detected capacity change from 0 to 1024
[   48.506140][  T685] EXT4-fs: Ignoring removed i_version option
[   48.512310][  T685] EXT4-fs: Ignoring removed mblk_io_submit option
[   51.080886][  T685] EXT4-fs (loop4): Test dummy encryption mode enabled
[   51.090686][  T429] usb 1-1: 0:2 : does not exist
[   51.116752][  T429] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[   51.131375][  T685] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   51.154260][  T429] usb 1-1: 5:0: cannot get min/max values for control 3 (id 5)
[   51.182112][  T429] usb 1-1: 5:0: cannot get min/max values for control 4 (id 5)
[   51.192489][  T429] usb 1-1: 5:0: cannot get min/max values for control 8 (id 5)
[   51.212603][  T429] usb 1-1: USB disconnect, device number 3
[   51.373648][  T292] EXT4-fs (loop2): unmounting filesystem.
[   51.408522][   T28] audit: type=1400 audit(1736619851.610:223): avc:  denied  { remove_name } for  pid=84 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   51.438639][  T291] EXT4-fs (loop4): unmounting filesystem.
[   51.446737][  T700] fuse: Unknown parameter 'LŽ'
[   51.452343][  T697] syz.1.100[697] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   51.452422][  T697] syz.1.100[697] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   51.466454][  T700] xt_time: unknown flags 0xc
[   51.502333][   T28] audit: type=1400 audit(1736619851.610:224): avc:  denied  { rename } for  pid=84 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   51.525130][   T28] audit: type=1400 audit(1736619851.610:225): avc:  denied  { create } for  pid=84 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   52.407254][  T716] loop0: detected capacity change from 0 to 1024
[   52.413867][  T716] EXT4-fs: Ignoring removed i_version option
[   52.419834][  T716] EXT4-fs: Ignoring removed mblk_io_submit option
[   52.457552][  T716] EXT4-fs (loop0): Test dummy encryption mode enabled
[   52.474011][  T716] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   52.780572][  T723] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   52.818747][  T723] ICMPv6: NA: fd:f9:a6:84:a5:1b advertised our address fe80::aa on syz_tun!
[   53.101166][  T507] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   53.214317][  T294] EXT4-fs (loop0): unmounting filesystem.
[   53.235296][  T735] loop0: detected capacity change from 0 to 128
[   53.244197][  T735] EXT4-fs (loop0): Test dummy encryption mode enabled
[   53.253193][  T735] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   53.261830][  T735] ext4 filesystem being mounted at /14/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   53.340918][  T507] usb 5-1: Using ep0 maxpacket: 8
[   53.354919][  T507] usb 5-1: config 2 interface 0 has no altsetting 0
[   53.373025][  T507] usb 5-1: New USB device found, idVendor=04e2, idProduct=1412, bcdDevice=ca.10
[   53.392612][  T507] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   53.936655][  T507] usb 5-1: Product: syz
[   53.971427][  T507] usb 5-1: Manufacturer: syz
[   54.023261][  T507] usb 5-1: SerialNumber: syz
[   54.368327][  T507] usb 5-1: USB disconnect, device number 3
[   54.515853][  T294] EXT4-fs (loop0): unmounting filesystem.
[   54.560359][  T764] loop0: detected capacity change from 0 to 512
[   54.592377][  T764] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.122: casefold flag without casefold feature
[   54.604737][  T754] loop3: detected capacity change from 0 to 40427
[   54.620511][  T764] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.122: couldn't read orphan inode 15 (err -117)
[   54.641622][  T764] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   54.836664][  T778] loop3: detected capacity change from 0 to 128
[   54.845683][  T778] EXT4-fs (loop3): Test dummy encryption mode enabled
[   54.856265][  T764] overlayfs: failed to resolve './file2': -2
[   54.886476][  T778] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   54.895278][  T778] ext4 filesystem being mounted at /25/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   54.942288][  T781] loop1: detected capacity change from 0 to 1024
[   54.948798][  T781] EXT4-fs: Ignoring removed i_version option
[   54.954655][  T781] EXT4-fs: Ignoring removed mblk_io_submit option
[   54.963338][  T781] EXT4-fs (loop1): Test dummy encryption mode enabled
[   55.010151][  T781] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   55.091835][  T787] loop4: detected capacity change from 0 to 256
[   55.639074][  T778] device vlan2 entered promiscuous mode
[   55.644484][  T778] device syz_tun entered promiscuous mode
[   55.662527][   T28] audit: type=1400 audit(1736619855.840:226): avc:  denied  { append } for  pid=777 comm="syz.3.126" path="/25/mnt/cpuset.effective_cpus" dev="loop3" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   55.695246][  T294] EXT4-fs (loop0): unmounting filesystem.
[   55.786861][   T28] audit: type=1400 audit(1736619855.840:227): avc:  denied  { lock } for  pid=777 comm="syz.3.126" path="/25/mnt/cpuset.effective_cpus" dev="loop3" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   55.862994][  T290] EXT4-fs (loop1): unmounting filesystem.
[   55.921234][  T507] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[   56.026425][  T293] EXT4-fs (loop3): unmounting filesystem.
[   56.111511][  T796] syz.0.128[796] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   56.111591][  T796] syz.0.128[796] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   56.124468][  T507] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[   56.187537][  T799] loop3: detected capacity change from 0 to 1024
[   56.328696][  T799] EXT4-fs: Ignoring removed orlov option
[   56.340555][  T507] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   56.352188][  T799] EXT4-fs: Ignoring removed nomblk_io_submit option
[   56.416380][  T507] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   56.725745][  T507] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[   56.739606][  T507] usb 5-1: New USB device found, idVendor=17ef, idProduct=6085, bcdDevice= 0.00
[   56.748899][  T507] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   56.827256][  T507] usb 5-1: config 0 descriptor??
[   56.870005][  T799] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   57.285987][  T293] EXT4-fs (loop3): unmounting filesystem.
[   57.483523][  T818] loop2: detected capacity change from 0 to 1024
[   57.492414][  T818] EXT4-fs: Ignoring removed i_version option
[   57.498608][  T818] EXT4-fs: Ignoring removed mblk_io_submit option
[   57.508645][  T818] EXT4-fs (loop2): Test dummy encryption mode enabled
[   57.592211][  T507] hid-rmi 0003:17EF:6085.0001: unknown main item tag 0x0
[   57.638185][  T818] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   57.703226][  T395] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   57.780390][  T507] hid-rmi 0003:17EF:6085.0001: unknown main item tag 0x0
[   58.011456][  T823] incfs: Can't find or create .incomplete dir in ./file0
[   58.317553][  T823] incfs: mount failed -28
[   58.326167][  T507] hid-rmi 0003:17EF:6085.0001: item fetching failed at offset 2/5
[   58.334062][  T507] hid-rmi 0003:17EF:6085.0001: parse failed
[   58.339817][  T507] hid-rmi: probe of 0003:17EF:6085.0001 failed with error -22
[   58.348932][   T28] audit: type=1400 audit(1736619858.210:228): avc:  denied  { mounton } for  pid=786 comm="syz.4.127" path="/20/file1/file0" dev="loop4" ino=1048607 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1
[   58.371885][  T395] usb 1-1: Using ep0 maxpacket: 8
[   58.401307][  T395] usb 1-1: New USB device found, idVendor=05d1, idProduct=9003, bcdDevice= 2.00
[   58.415996][  T827] loop1: detected capacity change from 0 to 128
[   58.433857][  T395] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   58.452251][  T827] EXT4-fs (loop1): Test dummy encryption mode enabled
[   58.463357][  T395] usb 1-1: Product: syz
[   58.468837][  T827] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   58.477601][  T395] usb 1-1: Manufacturer: syz
[   58.482436][  T395] usb 1-1: SerialNumber: syz
[   58.487071][  T827] ext4 filesystem being mounted at /34/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   58.501930][  T395] usb 1-1: config 0 descriptor??
[   58.508230][  T395] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[   58.602026][  T395] usb 1-1: Detected FT232A
[   58.607201][  T395] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[   58.638981][  T292] EXT4-fs (loop2): unmounting filesystem.
[   59.353489][   T19] usb 1-1: USB disconnect, device number 4
[   59.363343][   T28] audit: type=1400 audit(1736619859.540:229): avc:  denied  { unmount } for  pid=293 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   59.419714][  T395] usb 5-1: USB disconnect, device number 4
[   59.489153][  T839] loop3: detected capacity change from 0 to 1024
[   59.578147][  T839] EXT4-fs: Ignoring removed orlov option
[   59.597918][  T839] EXT4-fs (loop3): Test dummy encryption mode enabled
[   60.227498][  T852] FAULT_INJECTION: forcing a failure.
[   60.227498][  T852] name failslab, interval 1, probability 0, space 0, times 0
[   60.239951][  T852] CPU: 0 PID: 852 Comm: syz.4.141 Not tainted 6.1.118-syzkaller-00015-g770852bf7d99 #0
[   60.249382][  T852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   60.259276][  T852] Call Trace:
[   60.262401][  T852]  <TASK>
[   60.265184][  T852]  dump_stack_lvl+0x151/0x1b7
[   60.269691][  T852]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[   60.274987][  T852]  ? avc_denied+0x1b0/0x1b0
[   60.279330][  T852]  dump_stack+0x15/0x18
[   60.283322][  T852]  should_fail_ex+0x3d0/0x520
[   60.287834][  T852]  __should_failslab+0xaf/0xf0
[   60.292433][  T852]  ? raw_open+0x8b/0x3c0
[   60.296512][  T852]  should_failslab+0x9/0x20
[   60.300856][  T852]  __kmem_cache_alloc_node+0x3d/0x2a0
[   60.306061][  T852]  ? raw_open+0x8b/0x3c0
[   60.310225][  T852]  kmalloc_trace+0x2a/0xa0
[   60.314477][  T852]  raw_open+0x8b/0x3c0
[   60.318384][  T852]  ? raw_ioctl+0x3620/0x3620
[   60.322809][  T852]  misc_open+0x30f/0x380
[   60.326892][  T852]  chrdev_open+0x4f7/0x620
[   60.331144][  T852]  ? cd_forget+0x170/0x170
[   60.335394][  T852]  ? fsnotify_perm+0x3e5/0x5b0
[   60.339996][  T852]  ? cd_forget+0x170/0x170
[   60.344253][  T852]  do_dentry_open+0x891/0x1250
[   60.348854][  T852]  vfs_open+0x73/0x80
[   60.352758][  T852]  path_openat+0x2532/0x2d60
[   60.357183][  T852]  ? kasan_save_alloc_info+0x1f/0x30
[   60.362302][  T852]  ? slab_post_alloc_hook+0x53/0x2c0
[   60.367423][  T852]  ? getname+0x19/0x20
[   60.371328][  T852]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   60.377235][  T852]  ? do_filp_open+0x480/0x480
[   60.381746][  T852]  do_filp_open+0x230/0x480
[   60.386088][  T852]  ? vfs_tmpfile+0x480/0x480
[   60.390514][  T852]  ? alloc_fd+0x4fe/0x5a0
[   60.394684][  T852]  do_sys_openat2+0x151/0x870
[   60.399192][  T852]  ? do_sys_open+0x220/0x220
[   60.403616][  T852]  ? numa_migrate_prep+0xe0/0xe0
[   60.408390][  T852]  ? lock_vma_under_rcu+0x4aa/0x590
[   60.413428][  T852]  __x64_sys_openat+0x243/0x290
[   60.418112][  T852]  ? __ia32_sys_open+0x270/0x270
[   60.423064][  T852]  ? fpregs_assert_state_consistent+0xb6/0xe0
[   60.428964][  T852]  ? exit_to_user_mode_prepare+0x39/0xa0
[   60.434430][  T852]  ? irqentry_exit_to_user_mode+0xe/0x10
[   60.439897][  T852]  ? irqentry_exit+0x12/0x40
[   60.444322][  T852]  x64_sys_call+0x6bf/0x9a0
[   60.448665][  T852]  do_syscall_64+0x3b/0xb0
[   60.452915][  T852]  ? clear_bhb_loop+0x55/0xb0
[   60.457428][  T852]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   60.463160][  T852] RIP: 0033:0x7f4b96b84690
[   60.467410][  T852] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[   60.486853][  T852] RSP: 002b:00007f4b97998ef0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[   60.495096][  T852] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f4b96b84690
[   60.502907][  T852] RDX: 0000000000000002 RSI: 00007f4b96c017ec RDI: 00000000ffffff9c
[   60.510721][  T852] RBP: 00007f4b96c017ec R08: 0000000000000000 R09: 0000000000000000
[   60.518530][  T852] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   60.526349][  T852] R13: 000000000000005a R14: 0000000020000080 R15: 00007ffe268750d8
[   60.534161][  T852]  </TASK>
[   60.554451][  T290] EXT4-fs (loop1): unmounting filesystem.
[   60.571833][   T19] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[   60.605138][  T839] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   60.641422][   T19] ftdi_sio 1-1:0.0: device disconnected
[   60.711399][  T839] device veth0_vlan left promiscuous mode
[   60.740267][  T839] device veth0_vlan entered promiscuous mode
[   60.787362][  T380] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   60.803271][  T380] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   60.829058][  T380] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   60.901004][  T293] EXT4-fs (loop3): unmounting filesystem.
[   62.456773][   T28] audit: type=1400 audit(1736619862.660:230): avc:  denied  { setattr } for  pid=858 comm="syz.0.146" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[   62.647329][   T28] audit: type=1400 audit(1736619862.850:231): avc:  denied  { unmount } for  pid=294 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[   62.676227][  T873] loop3: detected capacity change from 0 to 512
[   62.803675][  T857] loop1: detected capacity change from 0 to 40427
[   62.828605][  T857] F2FS-fs (loop1): Invalid SB checksum offset: 0
[   62.835269][  T857] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[   62.845592][  T873] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   62.855543][  T873] ext4 filesystem being mounted at /32/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.867393][  T857] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[   62.940913][  T857] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[   62.948152][  T857] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   62.996142][  T895] loop4: detected capacity change from 0 to 512
[   63.032815][  T895] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   63.236999][  T901] EXT4-fs error (device loop3): ext4_xattr_block_get:546: inode #15: comm syz.3.148: corrupted xattr block 32
[   64.011655][   T28] audit: type=1326 audit(1736619863.540:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=872 comm="syz.3.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8b6185d29 code=0x7ffc0000
[   64.035021][  T895] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.046477][  T901] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[   64.055494][  T901] EXT4-fs error (device loop3): ext4_xattr_block_get:546: inode #15: comm syz.3.148: corrupted xattr block 32
[   64.067637][  T901] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[   64.076559][  T901] EXT4-fs error (device loop3): ext4_xattr_block_get:546: inode #15: comm syz.3.148: corrupted xattr block 32
[   64.088450][  T901] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[   64.138873][  T293] EXT4-fs (loop3): unmounting filesystem.
[   64.556434][   T28] audit: type=1326 audit(1736619863.540:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=872 comm="syz.3.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8b6185d29 code=0x7ffc0000
[   64.580099][   T28] audit: type=1326 audit(1736619863.570:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=872 comm="syz.3.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fa8b6185d29 code=0x7ffc0000
[   64.662576][   T28] audit: type=1326 audit(1736619863.570:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=872 comm="syz.3.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8b6185d29 code=0x7ffc0000
[   64.688182][  T913] loop3: detected capacity change from 0 to 128
[   64.751383][  T913] EXT4-fs (loop3): Test dummy encryption mode enabled
[   64.777611][  T913] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   64.800620][  T913] ext4 filesystem being mounted at /33/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   65.258682][   T28] audit: type=1326 audit(1736619863.570:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=872 comm="syz.3.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8b6185d29 code=0x7ffc0000
[   66.317609][  T291] EXT4-fs (loop4): unmounting filesystem.
[   66.528759][   T28] audit: type=1326 audit(1736619863.580:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=872 comm="syz.3.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa8b6185d29 code=0x7ffc0000
[   66.672737][   T28] audit: type=1326 audit(1736619863.600:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=872 comm="syz.3.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8b6185d29 code=0x7ffc0000
[   66.771965][   T28] audit: type=1326 audit(1736619863.600:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=872 comm="syz.3.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8b6185d29 code=0x7ffc0000
[   66.868565][   T28] audit: type=1326 audit(1736619863.700:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=872 comm="syz.3.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa8b6185d29 code=0x7ffc0000
[   66.968227][   T28] audit: type=1326 audit(1736619863.710:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=872 comm="syz.3.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8b6185d29 code=0x7ffc0000
[   67.013057][  T293] EXT4-fs (loop3): unmounting filesystem.
[   67.885459][  T950] loop0: detected capacity change from 0 to 1024
[   67.892043][  T950] EXT4-fs: Ignoring removed i_version option
[   67.897894][  T950] EXT4-fs: Ignoring removed mblk_io_submit option
[   68.724513][  T953] netlink: 25 bytes leftover after parsing attributes in process `syz.1.165'.
[   69.490374][  T953] device gretap0 entered promiscuous mode
[   69.497625][  T955] netlink: 45349 bytes leftover after parsing attributes in process `syz.1.165'.
[   69.506668][  T955] 0ªX¹¦Dö»: renamed from gretap0
[   69.588612][  T955] device 
00ªX¹¦Dö» left promiscuous mode
[   69.884734][  T950] EXT4-fs (loop0): Test dummy encryption mode enabled
[   69.925294][  T950] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   70.283177][  T965] device veth1_to_batadv entered promiscuous mode
[   70.289449][  T965] device macsec1 entered promiscuous mode
[   70.532342][   T28] kauditd_printk_skb: 10 callbacks suppressed
[   70.534229][  T967] netlink: 36 bytes leftover after parsing attributes in process `syz.1.166'.
[   70.550173][   T28] audit: type=1400 audit(1736619870.510:252): avc:  denied  { bind } for  pid=963 comm="syz.4.167" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   70.672057][  T294] EXT4-fs (loop0): unmounting filesystem.
[   70.738849][  T969] loop3: detected capacity change from 0 to 256
[   70.797808][  T969] FAT-fs (loop3): Unrecognized mount option "shortnB—e=mixed" or missing value
[   71.107593][  T977] loop0: detected capacity change from 0 to 256
[   71.472024][  T981] loop2: detected capacity change from 0 to 512
[   71.494089][  T977] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d)
[   71.626553][  T983] loop1: detected capacity change from 0 to 128
[   71.638191][   T28] audit: type=1400 audit(1736619871.850:253): avc:  denied  { setattr } for  pid=973 comm="syz.0.169" name="file0" dev="loop0" ino=1048610 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   71.669353][  T977] exFAT-fs (loop0): error, invalid size(size(0) > aligned(9223372036854777344)
[   71.669353][  T977] 
[   71.686274][  T983] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   71.686381][  T981] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   71.695238][  T983] ext4 filesystem being mounted at /40/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   71.703570][  T981] ext4 filesystem being mounted at /42/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.728029][  T977] exFAT-fs (loop0): Filesystem has been set read-only
[   71.735281][  T991] loop3: detected capacity change from 0 to 128
[   71.762364][   T28] audit: type=1326 audit(1736619871.950:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=973 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea46b85d29 code=0x7ffc0000
[   71.769664][  T991] EXT4-fs (loop3): Test dummy encryption mode enabled
[   71.785962][   T28] audit: type=1326 audit(1736619871.950:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=973 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea46b85d29 code=0x7ffc0000
[   71.815317][   T28] audit: type=1326 audit(1736619871.950:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=973 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea46b85d29 code=0x7ffc0000
[   71.838794][   T28] audit: type=1326 audit(1736619871.950:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=973 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea46b85d29 code=0x7ffc0000
[   71.863325][   T28] audit: type=1326 audit(1736619871.950:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=973 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea46b85d29 code=0x7ffc0000
[   71.872874][  T290] EXT4-fs (loop1): unmounting filesystem.
[   71.900623][  T991] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   71.901834][   T28] audit: type=1326 audit(1736619871.960:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=973 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea46b85d29 code=0x7ffc0000
[   71.935771][  T991] ext4 filesystem being mounted at /38/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   71.937299][   T28] audit: type=1326 audit(1736619871.960:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=973 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea46b85d29 code=0x7ffc0000
[   71.972371][  T996] loop4: detected capacity change from 0 to 128
[   72.853836][   T28] audit: type=1326 audit(1736619871.960:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=973 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea46b85d29 code=0x7ffc0000
[   72.937562][  T292] EXT4-fs (loop2): unmounting filesystem.
[   73.160111][ T1018] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   73.836830][ T1025] loop2: detected capacity change from 0 to 128
[   74.029434][ T1026] netlink: 36 bytes leftover after parsing attributes in process `syz.0.183'.
[   74.040546][ T1025] EXT4-fs (loop2): Test dummy encryption mode enabled
[   74.082993][  T293] EXT4-fs (loop3): unmounting filesystem.
[   74.978126][ T1025] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   74.986780][ T1025] ext4 filesystem being mounted at /45/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   75.161904][  T292] EXT4-fs (loop2): unmounting filesystem.
[   75.985270][ T1051] loop0: detected capacity change from 0 to 512
[   76.006269][ T1057] loop1: detected capacity change from 0 to 512
[   76.041811][ T1051] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   76.050640][ T1051] ext4 filesystem being mounted at /26/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.062936][ T1051] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #2: comm syz.0.188: corrupted inode contents
[   76.075176][ T1051] EXT4-fs error (device loop0): ext4_dirty_inode:6091: inode #2: comm syz.0.188: mark_inode_dirty error
[   76.087371][ T1051] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #2: comm syz.0.188: corrupted inode contents
[   76.099905][ T1051] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #2: comm syz.0.188: mark_inode_dirty error
[   76.117016][ T1054] loop3: detected capacity change from 0 to 512
[   76.138141][ T1054] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   76.164912][ T1054] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   76.187466][ T1054] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2809: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   76.205067][ T1057] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   76.222155][ T1057] ext4 filesystem being mounted at /43/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.239383][ T1054] EXT4-fs (loop3): 1 truncate cleaned up
[   76.259937][ T1054] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   76.367425][ T1073] device bridge1 entered promiscuous mode
[   76.373340][   T28] kauditd_printk_skb: 21 callbacks suppressed
[   76.373356][   T28] audit: type=1400 audit(1736619876.570:283): avc:  denied  { write } for  pid=1053 comm="syz.3.191" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   76.442924][  T294] EXT4-fs (loop0): unmounting filesystem.
[   76.478861][   T28] audit: type=1400 audit(1736619876.570:284): avc:  denied  { setattr } for  pid=1053 comm="syz.3.191" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   76.539019][  T293] EXT4-fs (loop3): unmounting filesystem.
[   76.553587][ T1076] loop2: detected capacity change from 0 to 16
[   76.581485][ T1076] erofs: (device loop2): mounted with root inode @ nid 36.
[   76.594781][   T28] audit: type=1400 audit(1736619876.770:285): avc:  denied  { create } for  pid=1075 comm="syz.2.195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   76.641007][   T28] audit: type=1400 audit(1736619876.770:286): avc:  denied  { bind } for  pid=1075 comm="syz.2.195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   76.680657][   T28] audit: type=1400 audit(1736619876.770:287): avc:  denied  { listen } for  pid=1075 comm="syz.2.195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   76.841177][  T437] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   76.945535][ T1048] loop4: detected capacity change from 0 to 131072
[   76.963701][ T1048] F2FS-fs (loop4): Invalid log sectorsize (67108873)
[   76.970219][ T1048] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   76.985941][ T1048] F2FS-fs (loop4): invalid crc value
[   76.992945][ T1048] F2FS-fs (loop4): Found nat_bits in checkpoint
[   77.008687][ T1082] IPv6: NLM_F_REPLACE set, but no existing node found!
[   77.030009][ T1086] FAULT_INJECTION: forcing a failure.
[   77.030009][ T1086] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   77.091683][  T290] EXT4-fs (loop1): unmounting filesystem.
[   77.094109][ T1086] CPU: 0 PID: 1086 Comm: syz.3.197 Not tainted 6.1.118-syzkaller-00015-g770852bf7d99 #0
[   77.097826][  T437] usb 3-1: config 0 has no interfaces?
[   77.106794][ T1086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   77.106811][ T1086] Call Trace:
[   77.106819][ T1086]  <TASK>
[   77.106826][ T1086]  dump_stack_lvl+0x151/0x1b7
[   77.106857][ T1086]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[   77.137775][ T1086]  ? _parse_integer+0x2a/0x40
[   77.142289][ T1086]  dump_stack+0x15/0x18
[   77.146277][ T1086]  should_fail_ex+0x3d0/0x520
[   77.150792][ T1086]  should_fail+0xb/0x10
[   77.154782][ T1086]  should_fail_usercopy+0x1a/0x20
[   77.159640][ T1086]  _copy_from_user+0x1e/0xc0
[   77.164073][ T1086]  iovec_from_user+0xc7/0x320
[   77.168582][ T1086]  ? kasan_set_track+0x4b/0x70
[   77.173180][ T1086]  ? kasan_save_free_info+0x2b/0x40
[   77.178216][ T1086]  __import_iovec+0x70/0x430
[   77.182646][ T1086]  import_iovec+0xe5/0x120
[   77.186895][ T1086]  copy_msghdr_from_user+0x527/0x670
[   77.192018][ T1086]  ? sendmsg_copy_msghdr+0x70/0x70
[   77.196967][ T1086]  __sys_sendmsg+0x236/0x390
[   77.201393][ T1086]  ? ____sys_sendmsg+0x9a0/0x9a0
[   77.206168][ T1086]  ? __kasan_check_write+0x14/0x20
[   77.211114][ T1086]  ? mutex_unlock+0xb2/0x260
[   77.215542][ T1086]  ? __kasan_check_write+0x14/0x20
[   77.220487][ T1086]  ? __ia32_sys_read+0x90/0x90
[   77.225172][ T1086]  ? debug_smp_processor_id+0x17/0x20
[   77.230377][ T1086]  ? fpregs_assert_state_consistent+0xb6/0xe0
[   77.236283][ T1086]  __x64_sys_sendmsg+0x7f/0x90
[   77.240883][ T1086]  x64_sys_call+0x16a/0x9a0
[   77.245220][ T1086]  do_syscall_64+0x3b/0xb0
[   77.249471][ T1086]  ? clear_bhb_loop+0x55/0xb0
[   77.253993][ T1086]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   77.259721][ T1086] RIP: 0033:0x7fa8b6185d29
[   77.263969][ T1086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.283412][ T1086] RSP: 002b:00007fa8b6f0b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   77.291655][ T1086] RAX: ffffffffffffffda RBX: 00007fa8b6375fa0 RCX: 00007fa8b6185d29
[   77.299465][ T1086] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003
[   77.307279][ T1086] RBP: 00007fa8b6f0b090 R08: 0000000000000000 R09: 0000000000000000
[   77.315090][ T1086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   77.322900][ T1086] R13: 0000000000000000 R14: 00007fa8b6375fa0 R15: 00007ffd6dcf2088
[   77.330720][ T1086]  </TASK>
[   77.338058][ T1048] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   77.346215][ T1048] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[   77.360004][  T437] usb 3-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[   77.384326][  T437] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   77.392631][  T437] usb 3-1: Product: syz
[   77.396812][  T437] usb 3-1: Manufacturer: syz
[   77.397081][   T28] audit: type=1400 audit(1736619877.600:288): avc:  denied  { open } for  pid=1047 comm="syz.4.189" path="/29/file1/file1" dev="loop4" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   77.407287][ T1094] loop0: detected capacity change from 0 to 1024
[   77.430147][  T437] usb 3-1: SerialNumber: syz
[   77.437282][  T437] r8152-cfgselector 3-1: config 0 descriptor??
[   77.444312][   T28] audit: type=1400 audit(1736619877.640:289): avc:  denied  { read } for  pid=1047 comm="syz.4.189" name="file1" dev="loop4" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   77.482963][   T28] audit: type=1400 audit(1736619877.660:290): avc:  denied  { ioctl } for  pid=1047 comm="syz.4.189" path="/29/file1/file1" dev="loop4" ino=7 ioctlcmd=0xf501 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   77.557094][ T1094] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   77.565787][ T1094] ext4 filesystem being mounted at /28/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.666498][ T1101] netlink: 36 bytes leftover after parsing attributes in process `syz.1.198'.
[   77.685109][ T1094] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.200: bg 0: block 393: padding at end of block bitmap is not set
[   77.908124][   T10] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 131075 with max blocks 1 with error 28
[   77.957261][ T1076] capability: warning: `syz.2.195' uses 32-bit capabilities (legacy support in use)
[   77.981543][   T10] EXT4-fs (loop0): This should not happen!! Data will be lost
[   77.981543][   T10] 
[   78.071281][   T28] audit: type=1400 audit(1736619878.220:291): avc:  denied  { connect } for  pid=1075 comm="syz.2.195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   78.108804][   T10] EXT4-fs (loop0): Total free blocks count 0
[   78.178958][   T10] EXT4-fs (loop0): Free/Dirty block details
[   78.324318][  T437] usb 3-1: USB disconnect, device number 2
[   78.353972][   T10] EXT4-fs (loop0): free_blocks=0
[   78.358752][   T10] EXT4-fs (loop0): dirty_blocks=16
[   78.500296][   T10] EXT4-fs (loop0): Block reservation details
[   78.511377][   T10] EXT4-fs (loop0): i_reserved_data_blocks=1
[   78.541667][  T294] EXT4-fs (loop0): unmounting filesystem.
[   78.593329][   T28] audit: type=1400 audit(1736619878.800:292): avc:  denied  { read } for  pid=1108 comm="syz.2.204" name="loop-control" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   78.631956][ T1113] loop3: detected capacity change from 0 to 512
[   78.672806][ T1113] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   78.682616][ T1113] ext4 filesystem being mounted at /48/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.700922][ T1113] EXT4-fs error (device loop3): ext4_do_update_inode:5226: inode #2: comm syz.3.206: corrupted inode contents
[   78.713161][ T1113] EXT4-fs error (device loop3): ext4_dirty_inode:6091: inode #2: comm syz.3.206: mark_inode_dirty error
[   78.726472][ T1113] EXT4-fs error (device loop3): ext4_do_update_inode:5226: inode #2: comm syz.3.206: corrupted inode contents
[   78.739396][ T1113] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.206: mark_inode_dirty error
[   79.125379][ T1132] loop1: detected capacity change from 0 to 512
[   80.295592][ T1132] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.207: invalid indirect mapped block 10 (level 1)
[   80.309475][ T1132] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.207: invalid indirect mapped block 8 (level 1)
[   80.336465][ T1133] loop4: detected capacity change from 0 to 512
[   80.348819][ T1132] EXT4-fs (loop1): 1 truncate cleaned up
[   80.354395][ T1132] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   80.566719][ T1133] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.209: Failed to acquire dquot type 0
[   80.590167][ T1133] EXT4-fs (loop4): Remounting filesystem read-only
[   80.597149][ T1133] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.209: Failed to acquire dquot type 0
[   80.618313][ T1133] EXT4-fs (loop4): Remounting filesystem read-only
[   80.628584][ T1133] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.209: Failed to acquire dquot type 0
[   80.642413][ T1133] EXT4-fs (loop4): Remounting filesystem read-only
[   80.649538][ T1133] EXT4-fs (loop4): 1 orphan inode deleted
[   80.655702][ T1133] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   80.672967][ T1133] ext4 filesystem being mounted at /32/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.162434][  T290] EXT4-fs (loop1): unmounting filesystem.
[   82.168608][  T293] EXT4-fs (loop3): unmounting filesystem.
[   82.186567][  T291] EXT4-fs (loop4): unmounting filesystem.
[   82.191036][ T1143] loop0: detected capacity change from 0 to 128
[   82.289030][ T1157] overlayfs: missing 'lowerdir'
[   82.555004][  T871] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[   82.943544][ T1165] netlink: 36 bytes leftover after parsing attributes in process `syz.4.218'.
[   83.290484][    T6] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   84.435390][   T28] kauditd_printk_skb: 12 callbacks suppressed
[   84.435408][   T28] audit: type=1400 audit(1736619884.640:299): avc:  denied  { create } for  pid=1173 comm="syz.2.220" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   84.488824][ T1175] loop2: detected capacity change from 0 to 512
[   84.540959][ T1175] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.220: invalid indirect mapped block 10 (level 1)
[   84.554257][ T1175] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.220: invalid indirect mapped block 8 (level 1)
[   84.568014][ T1175] EXT4-fs (loop2): 1 truncate cleaned up
[   84.573509][ T1175] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   84.941179][    T6] usb 2-1: Using ep0 maxpacket: 16
[   84.947387][    T6] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[   84.977864][ T1185] loop4: detected capacity change from 0 to 128
[   84.984029][    T6] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   85.011358][ T1185] EXT4-fs (loop4): Test dummy encryption mode enabled
[   85.016060][ T1150] loop3: detected capacity change from 0 to 131072
[   85.018063][    T6] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[   85.025471][ T1150] F2FS-fs (loop3): Invalid log sectorsize (67108873)
[   85.039931][ T1150] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   85.049510][ T1150] F2FS-fs (loop3): invalid crc value
[   85.056984][ T1185] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   85.069401][ T1185] ext4 filesystem being mounted at /39/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   85.071343][    T6] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   85.091923][    T6] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   85.103283][    T6] usb 2-1: Product: syz
[   85.107317][    T6] usb 2-1: Manufacturer: syz
[   85.114093][ T1150] F2FS-fs (loop3): Found nat_bits in checkpoint
[   85.128853][    T6] usb 2-1: SerialNumber: syz
[   85.200240][ T1183] netlink: 96 bytes leftover after parsing attributes in process `syz.0.221'.
[   85.215874][    T6] usb 2-1: can't set config #1, error -71
[   85.229601][  T292] EXT4-fs (loop2): unmounting filesystem.
[   85.245382][    T6] usb 2-1: USB disconnect, device number 4
[   85.269840][   T28] audit: type=1400 audit(1736619885.470:300): avc:  denied  { unlink } for  pid=292 comm="syz-executor" name="file1" dev="tmpfs" ino=299 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   86.268981][ T1200] loop2: detected capacity change from 0 to 1024
[   86.338634][ T1200] EXT4-fs: Ignoring removed orlov option
[   86.361203][ T1200] EXT4-fs: Ignoring removed nomblk_io_submit option
[   86.409573][ T1200] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   86.419169][ T1204] loop0: detected capacity change from 0 to 128
[   86.435921][  T291] EXT4-fs (loop4): unmounting filesystem.
[   86.443400][ T1204] EXT4-fs (loop0): Test dummy encryption mode enabled
[   86.462381][ T1204] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   86.472634][ T1204] ext4 filesystem being mounted at /33/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   86.484286][  T292] EXT4-fs (loop2): unmounting filesystem.
[   86.508122][ T1209] loop4: detected capacity change from 0 to 128
[   86.523707][ T1210] loop2: detected capacity change from 0 to 1024
[   86.535674][ T1209] EXT4-fs (loop4): Test dummy encryption mode enabled
[   86.600809][ T1210] EXT4-fs: Ignoring removed orlov option
[   86.606450][ T1210] EXT4-fs: Ignoring removed nomblk_io_submit option
[   86.632148][ T1209] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   86.640859][ T1209] ext4 filesystem being mounted at /40/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   86.666002][ T1210] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   89.264653][  T294] EXT4-fs (loop0): unmounting filesystem.
[   89.614800][ T1227] loop0: detected capacity change from 0 to 128
[   90.422774][  T292] EXT4-fs (loop2): unmounting filesystem.
[   90.482784][  T291] EXT4-fs (loop4): unmounting filesystem.
[   91.528164][ T1239] netlink: 36 bytes leftover after parsing attributes in process `syz.0.232'.
[   91.941327][ T1250] loop3: detected capacity change from 0 to 256
[   91.954090][ T1250] exFAT-fs (loop3): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[   91.972795][   T28] audit: type=1400 audit(1736619892.180:301): avc:  denied  { write } for  pid=1245 comm="syz.3.237" name="/" dev="loop3" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   92.228058][ T1256] loop1: detected capacity change from 0 to 1024
[   92.234741][ T1256] EXT4-fs: Ignoring removed i_version option
[   92.240616][ T1256] EXT4-fs: Ignoring removed mblk_io_submit option
[   92.264598][ T1256] EXT4-fs (loop1): Test dummy encryption mode enabled
[   92.295746][   T28] audit: type=1400 audit(1736619892.180:302): avc:  denied  { add_name } for  pid=1245 comm="syz.3.237" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   92.338207][ T1256] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   92.352708][   T28] audit: type=1400 audit(1736619892.180:303): avc:  denied  { associate } for  pid=1245 comm="syz.3.237" name="file2" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   92.381239][   T28] audit: type=1400 audit(1736619892.180:304): avc:  denied  { mount } for  pid=1251 comm="syz.0.238" name="/" dev="ramfs" ino=18807 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   92.556058][   T28] audit: type=1400 audit(1736619892.560:305): avc:  denied  { mount } for  pid=1244 comm="syz.1.235" name="/" dev="loop1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   92.589872][ T1260] loop4: detected capacity change from 0 to 1024
[   92.596626][ T1260] EXT4-fs: Ignoring removed orlov option
[   92.602352][ T1260] EXT4-fs: Ignoring removed nomblk_io_submit option
[   92.714288][ T1262] loop2: detected capacity change from 0 to 128
[   92.729929][   T28] audit: type=1400 audit(1736619892.930:306): avc:  denied  { unmount } for  pid=290 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   92.754098][ T1262] EXT4-fs (loop2): Test dummy encryption mode enabled
[   92.765429][  T290] EXT4-fs (loop1): unmounting filesystem.
[   92.775236][ T1262] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   92.784030][ T1262] ext4 filesystem being mounted at /56/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   92.795703][ T1260] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   93.090687][ T1268] loop1: detected capacity change from 0 to 8192
[   94.129256][  T291] EXT4-fs (loop4): unmounting filesystem.
[   94.292931][ T1277] syz.3.242[1277] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   94.293014][ T1277] syz.3.242[1277] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   94.319350][  T292] EXT4-fs (loop2): unmounting filesystem.
[   94.352555][   T28] audit: type=1400 audit(1736619894.560:307): avc:  denied  { unmount } for  pid=294 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   94.385547][ T1279] loop4: detected capacity change from 0 to 128
[   94.434342][   T28] audit: type=1400 audit(1736619894.630:308): avc:  denied  { append } for  pid=1276 comm="syz.3.242" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   94.460355][ T1279] EXT4-fs (loop4): Test dummy encryption mode enabled
[   94.472899][ T1279] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   94.481463][ T1279] ext4 filesystem being mounted at /43/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   94.517417][   T28] audit: type=1400 audit(1736619894.720:309): avc:  denied  { read write } for  pid=1276 comm="syz.3.242" name="uhid" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   94.618672][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x0
[   94.629546][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x0
[   94.651849][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x0
[   94.661854][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x0
[   94.669173][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x0
[   94.673797][   T28] audit: type=1400 audit(1736619894.760:310): avc:  denied  { open } for  pid=1276 comm="syz.3.242" path="/dev/uhid" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   94.676892][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x0
[   94.707514][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x0
[   94.715926][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x0
[   94.787147][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x0
[   94.843699][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x0
[   94.925863][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x0
[   95.011596][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x0
[   95.097972][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x0
[   95.271499][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x0
[   95.288212][ T1282] loop0: detected capacity change from 0 to 40427
[   95.294751][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x0
[   95.302985][ T1282] F2FS-fs (loop0): Invalid SB checksum offset: 0
[   95.309262][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x0
[   95.316796][ T1282] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[   95.325149][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x0
[   95.333542][ T1282] F2FS-fs (loop0): invalid crc value
[   95.338779][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x0
[   95.346432][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x2
[   95.353900][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x2
[   95.361312][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x7
[   95.368590][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x0
[   95.376028][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x0
[   95.383581][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x0
[   95.391359][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x0
[   95.399598][ T1282] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[   95.411673][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x2
[   95.427522][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x2
[   95.442434][  T328] hid-generic 0000:0000:0003.0002: unknown main item tag 0x2
[   95.455961][  T328] hid-generic 0000:0000:0003.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   95.465961][ T1282] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[   95.472906][ T1282] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   95.735172][  T291] EXT4-fs (loop4): unmounting filesystem.
[   96.380247][ T1305] netlink: 36 bytes leftover after parsing attributes in process `syz.4.248'.
[   97.341768][   T28] audit: type=1400 audit(1736619897.550:311): avc:  denied  { nlmsg_write } for  pid=1308 comm="syz.3.249" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   98.168238][   T28] audit: type=1400 audit(1736619898.370:312): avc:  denied  { setopt } for  pid=1321 comm="syz.3.253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   98.238569][   T28] audit: type=1400 audit(1736619898.440:313): avc:  denied  { append } for  pid=1321 comm="syz.3.253" name="ptp0" dev="devtmpfs" ino=260 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   98.295825][   T28] audit: type=1400 audit(1736619898.440:314): avc:  denied  { create } for  pid=1321 comm="syz.3.253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   98.317071][   T28] audit: type=1400 audit(1736619898.440:315): avc:  denied  { write } for  pid=1321 comm="syz.3.253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   98.349745][   T28] audit: type=1400 audit(1736619898.450:316): avc:  denied  { ioctl } for  pid=1321 comm="syz.3.253" path="socket:[19776]" dev="sockfs" ino=19776 ioctlcmd=0x941c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   98.986270][ T1338] FAULT_INJECTION: forcing a failure.
[   98.986270][ T1338] name failslab, interval 1, probability 0, space 0, times 0
[   98.998709][ T1338] CPU: 0 PID: 1338 Comm: syz.3.257 Not tainted 6.1.118-syzkaller-00015-g770852bf7d99 #0
[   99.008241][ T1338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   99.018134][ T1338] Call Trace:
[   99.021254][ T1338]  <TASK>
[   99.024034][ T1338]  dump_stack_lvl+0x151/0x1b7
[   99.028545][ T1338]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[   99.033839][ T1338]  ? __local_bh_enable_ip+0x58/0x80
[   99.038873][ T1338]  ? ipt_do_table+0x14df/0x17c0
[   99.043587][ T1338]  dump_stack+0x15/0x18
[   99.047549][ T1338]  should_fail_ex+0x3d0/0x520
[   99.052066][ T1338]  ? skb_clone+0x1f8/0x380
[   99.056326][ T1338]  __should_failslab+0xaf/0xf0
[   99.060920][ T1338]  should_failslab+0x9/0x20
[   99.065259][ T1338]  kmem_cache_alloc+0x3b/0x320
[   99.069872][ T1338]  skb_clone+0x1f8/0x380
[   99.073940][ T1338]  ip_mc_output+0x1d7/0xa40
[   99.078281][ T1338]  ? ip_build_and_send_pkt+0xa80/0xa80
[   99.083579][ T1338]  ? nf_hook_slow+0x1ba/0x200
[   99.088087][ T1338]  ? __ip_local_out+0x4b0/0x4c0
[   99.092772][ T1338]  ? ip_send_check+0xb0/0xb0
[   99.097200][ T1338]  ? __ip_local_out+0x4c0/0x4c0
[   99.101886][ T1338]  ip_send_skb+0xb0/0x140
[   99.106070][ T1338]  udp_send_skb+0xac5/0x1520
[   99.110484][ T1338]  udp_sendmsg+0x1d26/0x2af0
[   99.114913][ T1338]  ? ip_skb_dst_mtu+0x630/0x630
[   99.119591][ T1338]  ? udp_cmsg_send+0x3a0/0x3a0
[   99.124287][ T1338]  ? selinux_socket_sendmsg+0x243/0x340
[   99.129752][ T1338]  ? kernel_text_address+0xa9/0xe0
[   99.134798][ T1338]  ? inet_send_prepare+0x5e/0x4a0
[   99.139642][ T1338]  inet_sendmsg+0xa1/0xc0
[   99.143806][ T1338]  ? inet_send_prepare+0x4a0/0x4a0
[   99.148847][ T1338]  ____sys_sendmsg+0x5d3/0x9a0
[   99.153450][ T1338]  ? __sys_sendmsg_sock+0x40/0x40
[   99.158307][ T1338]  __sys_sendmmsg+0x3b9/0x6f0
[   99.162816][ T1338]  ? kasan_set_track+0x4b/0x70
[   99.167419][ T1338]  ? __ia32_sys_sendmsg+0x90/0x90
[   99.172275][ T1338]  ? __kasan_check_write+0x14/0x20
[   99.177238][ T1338]  ? __kasan_check_write+0x14/0x20
[   99.182177][ T1338]  ? proc_fail_nth_write+0x20b/0x290
[   99.187297][ T1338]  ? selinux_file_permission+0x2bb/0x560
[   99.192759][ T1338]  ? proc_fail_nth_read+0x210/0x210
[   99.197795][ T1338]  ? fsnotify_perm+0x6a/0x5b0
[   99.202308][ T1338]  ? vfs_write+0x952/0xed0
[   99.206558][ T1338]  ? __kasan_slab_free+0x11/0x20
[   99.211335][ T1338]  ? __kasan_check_write+0x14/0x20
[   99.216278][ T1338]  ? mutex_unlock+0xb2/0x260
[   99.220712][ T1338]  ? __ia32_sys_read+0x90/0x90
[   99.225308][ T1338]  ? debug_smp_processor_id+0x17/0x20
[   99.230514][ T1338]  ? fpregs_assert_state_consistent+0xb6/0xe0
[   99.236418][ T1338]  __x64_sys_sendmmsg+0xa0/0xb0
[   99.241106][ T1338]  x64_sys_call+0x81d/0x9a0
[   99.245448][ T1338]  do_syscall_64+0x3b/0xb0
[   99.249696][ T1338]  ? clear_bhb_loop+0x55/0xb0
[   99.254210][ T1338]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   99.259936][ T1338] RIP: 0033:0x7fa8b6185d29
[   99.264193][ T1338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.283636][ T1338] RSP: 002b:00007fa8b5fff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   99.291876][ T1338] RAX: ffffffffffffffda RBX: 00007fa8b6376160 RCX: 00007fa8b6185d29
[   99.299689][ T1338] RDX: 000000000800001d RSI: 0000000020007fc0 RDI: 0000000000000006
[   99.307500][ T1338] RBP: 00007fa8b5fff090 R08: 0000000000000000 R09: 0000000000000000
[   99.315321][ T1338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   99.323125][ T1338] R13: 0000000000000000 R14: 00007fa8b6376160 R15: 00007ffd6dcf2088
[   99.331115][ T1338]  </TASK>
[   99.495851][   T39] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   99.653612][ T1341] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[   99.679507][ T1341] overlayfs: missing 'lowerdir'
[   99.681154][   T39] usb 5-1: Using ep0 maxpacket: 8
[   99.690749][   T39] usb 5-1: config 2 interface 0 has no altsetting 0
[   99.711402][ T1341] loop3: detected capacity change from 0 to 128
[   99.718431][   T39] usb 5-1: New USB device found, idVendor=04e2, idProduct=1412, bcdDevice=ca.10
[   99.731501][   T39] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.795143][ T1347] loop2: detected capacity change from 0 to 512
[  100.469866][   T39] usb 5-1: Product: syz
[  100.545321][ T1347] EXT4-fs error (device loop2): ext4_get_branch:178: inode #13: block 2: comm syz.2.254: invalid block
[  100.564505][ T1347] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.254: invalid indirect mapped block 10 (level 1)
[  100.580585][ T1347] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.254: invalid indirect mapped block 8 (level 1)
[  100.603109][ T1347] EXT4-fs (loop2): 1 truncate cleaned up
[  100.608968][ T1347] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  101.151210][   T28] audit: type=1400 audit(1736619901.070:317): avc:  denied  { write } for  pid=1342 comm="syz.2.254" name="ptp0" dev="devtmpfs" ino=260 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  101.184853][ T1356] syz.3.259: attempt to access beyond end of device
[  101.184853][ T1356] loop3: rw=2049, sector=145, nr_sectors = 192 limit=128
[  101.717474][ T1359] loop1: detected capacity change from 0 to 512
[  101.788667][ T1359] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  101.796897][ T1340] syz.3.259: attempt to access beyond end of device
[  101.796897][ T1340] loop3: rw=524288, sector=145, nr_sectors = 33 limit=128
[  101.812238][ T1362] loop4: detected capacity change from 0 to 1024
[  101.827534][ T1359] EXT4-fs (loop1): orphan cleanup on readonly fs
[  101.841442][ T1359] Quota error (device loop1): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  101.861903][ T1362] EXT4-fs: Ignoring removed orlov option
[  101.867394][ T1362] EXT4-fs: Ignoring removed nomblk_io_submit option
[  101.874442][ T1340] syz.3.259: attempt to access beyond end of device
[  101.874442][ T1340] loop3: rw=0, sector=153, nr_sectors = 8 limit=128
[  101.891224][ T1359] EXT4-fs warning (device loop1): ext4_enable_quotas:7023: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  101.915932][ T1340] syz.3.259: attempt to access beyond end of device
[  101.915932][ T1340] loop3: rw=0, sector=153, nr_sectors = 8 limit=128
[  101.939464][ T1359] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  101.939997][   T39] usb 5-1: Manufacturer: syz
[  101.948578][ T1362] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  101.950422][   T39] usb 5-1: SerialNumber: syz
[  101.951914][   T39] usb 5-1: can't set config #2, error -71
[  101.964174][  T292] EXT4-fs (loop2): unmounting filesystem.
[  101.969629][   T39] usb 5-1: USB disconnect, device number 5
[  101.979964][ T1340] syz.3.259: attempt to access beyond end of device
[  101.979964][ T1340] loop3: rw=0, sector=153, nr_sectors = 8 limit=128
[  101.993551][ T1359] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.258: bg 0: block 40: padding at end of block bitmap is not set
[  101.993650][ T1340] syz.3.259: attempt to access beyond end of device
[  101.993650][ T1340] loop3: rw=0, sector=153, nr_sectors = 8 limit=128
[  102.007991][ T1359] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  102.029287][ T1359] EXT4-fs (loop1): 1 truncate cleaned up
[  102.034775][ T1359] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  102.050066][ T1340] syz.3.259: attempt to access beyond end of device
[  102.050066][ T1340] loop3: rw=0, sector=153, nr_sectors = 8 limit=128
[  102.071490][ T1340] syz.3.259: attempt to access beyond end of device
[  102.071490][ T1340] loop3: rw=0, sector=153, nr_sectors = 8 limit=128
[  102.126018][ T1340] syz.3.259: attempt to access beyond end of device
[  102.126018][ T1340] loop3: rw=0, sector=153, nr_sectors = 8 limit=128
[  102.292423][ T1340] syz.3.259: attempt to access beyond end of device
[  102.292423][ T1340] loop3: rw=0, sector=153, nr_sectors = 8 limit=128
[  102.621966][ T1373] syz.2.264[1373] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  102.622051][ T1373] syz.2.264[1373] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  102.809218][  T291] EXT4-fs (loop4): unmounting filesystem.
[  103.280352][ T1380] loop3: detected capacity change from 0 to 512
[  103.366446][ T1380] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  103.641951][ T1380] EXT4-fs (loop3): 1 truncate cleaned up
[  103.647555][ T1380] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  103.675363][   T28] audit: type=1400 audit(1736619903.880:318): avc:  denied  { sqpoll } for  pid=1379 comm="syz.3.266" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  103.706530][ T1385] loop4: detected capacity change from 0 to 1024
[  103.712527][ T1389] loop2: detected capacity change from 0 to 128
[  103.735693][ T1389] EXT4-fs (loop2): Test dummy encryption mode enabled
[  103.742920][ T1385] EXT4-fs: Ignoring removed orlov option
[  103.748415][ T1385] EXT4-fs: Ignoring removed nomblk_io_submit option
[  103.748941][  T293] EXT4-fs (loop3): unmounting filesystem.
[  103.774021][ T1389] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  103.796937][ T1392] loop0: detected capacity change from 0 to 128
[  103.798743][ T1389] ext4 filesystem being mounted at /63/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  103.849496][ T1385] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  103.931079][  T291] EXT4-fs (loop4): unmounting filesystem.
[  103.951485][  T290] EXT4-fs (loop1): unmounting filesystem.
[  104.021954][ T1402] loop1: detected capacity change from 0 to 512
[  104.968878][ T1402] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.271: casefold flag without casefold feature
[  105.218302][ T1402] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.271: couldn't read orphan inode 15 (err -117)
[  105.459767][ T1402] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  106.077301][ T1402] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  106.218057][  T292] EXT4-fs (loop2): unmounting filesystem.
[  106.337925][  T290] EXT4-fs (loop1): unmounting filesystem.
[  106.424041][ T1422] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 1
[  107.679749][ T1432] loop4: detected capacity change from 0 to 512
[  107.718418][ T1432] EXT4-fs: Ignoring removed mblk_io_submit option
[  107.742133][ T1432] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  107.787586][ T1432] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b002c118, mo2=0002]
[  107.807240][ T1432] System zones: 1-12
[  107.832059][ T1432] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2186: inode #15: comm syz.4.273: corrupted in-inode xattr
[  107.874779][ T1432] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.273: couldn't read orphan inode 15 (err -117)
[  107.918471][ T1432] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  108.023765][   T28] audit: type=1326 audit(1736619908.230:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1431 comm="syz.4.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b96b85d29 code=0x7ffc0000
[  108.026749][ T1429] loop2: detected capacity change from 0 to 40427
[  108.061892][ T1429] F2FS-fs (loop2): invalid crc value
[  108.088384][ T1429] F2FS-fs (loop2): Found nat_bits in checkpoint
[  108.135509][   T28] audit: type=1326 audit(1736619908.230:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1431 comm="syz.4.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4b96b85d29 code=0x7ffc0000
[  108.163142][   T28] audit: type=1326 audit(1736619908.230:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1431 comm="syz.4.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b96b85d29 code=0x7ffc0000
[  108.189391][   T28] audit: type=1326 audit(1736619908.230:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1431 comm="syz.4.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f4b96b85d29 code=0x7ffc0000
[  108.189417][ T1429] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  108.238222][ T1429] bio_check_eod: 4 callbacks suppressed
[  108.238242][ T1429] syz.2.278: attempt to access beyond end of device
[  108.238242][ T1429] loop2: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  108.266749][ T1429] syz.2.278: attempt to access beyond end of device
[  108.266749][ T1429] loop2: rw=2049, sector=53256, nr_sectors = 48 limit=40427
[  108.280410][   T28] audit: type=1326 audit(1736619908.230:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1431 comm="syz.4.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b96b85d29 code=0x7ffc0000
[  108.329408][   T28] audit: type=1326 audit(1736619908.260:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1431 comm="syz.4.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4b96b84690 code=0x7ffc0000
[  108.352548][  T854] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  108.360430][  T292] syz-executor: attempt to access beyond end of device
[  108.360430][  T292] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  108.375158][   T28] audit: type=1326 audit(1736619908.260:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1431 comm="syz.4.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b96b85d29 code=0x7ffc0000
[  108.398511][   T28] audit: type=1326 audit(1736619908.260:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1431 comm="syz.4.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4b96b85d29 code=0x7ffc0000
[  108.421496][   T28] audit: type=1326 audit(1736619908.260:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1431 comm="syz.4.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b96b85d29 code=0x7ffc0000
[  108.445216][ T1451] loop3: detected capacity change from 0 to 4096
[  108.495324][ T1449] kvm: emulating exchange as write
[  108.536807][  T291] EXT4-fs (loop4): unmounting filesystem.
[  108.552970][  T854] usb 2-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice= 0.00
[  109.002605][ T1460] loop0: detected capacity change from 0 to 128
[  109.016801][ T1460] EXT4-fs (loop0): Test dummy encryption mode enabled
[  109.025457][ T1460] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  109.034182][ T1460] ext4 filesystem being mounted at /44/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  109.165964][  T854] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.182884][  T854] usb 2-1: config 0 descriptor??
[  110.957800][  T294] EXT4-fs (loop0): unmounting filesystem.
[  110.971276][  T854] usbhid 2-1:0.0: can't add hid device: -71
[  110.977081][  T854] usbhid: probe of 2-1:0.0 failed with error -71
[  111.608720][ T1477] loop3: detected capacity change from 0 to 512
[  111.632286][  T854] usb 2-1: USB disconnect, device number 5
[  111.721877][ T1480] syz.0.287[1480] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  111.721958][ T1480] syz.0.287[1480] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  111.918179][ T1482] loop1: detected capacity change from 0 to 256
[  113.152489][   T28] kauditd_printk_skb: 79 callbacks suppressed
[  113.152506][   T28] audit: type=1400 audit(1736619913.360:407): avc:  denied  { ioctl } for  pid=1486 comm="syz.0.290" path="socket:[19314]" dev="sockfs" ino=19314 ioctlcmd=0x891c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  113.549941][   T28] audit: type=1400 audit(1736619913.750:408): avc:  denied  { write } for  pid=1492 comm="syz.2.288" name="binder1" dev="binder" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  113.582049][ T1493] FAULT_INJECTION: forcing a failure.
[  113.582049][ T1493] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  113.606556][ T1493] CPU: 1 PID: 1493 Comm: syz.2.288 Not tainted 6.1.118-syzkaller-00015-g770852bf7d99 #0
[  113.616115][ T1493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  113.626097][ T1493] Call Trace:
[  113.629219][ T1493]  <TASK>
[  113.631997][ T1493]  dump_stack_lvl+0x151/0x1b7
[  113.636510][ T1493]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  113.641805][ T1493]  ? __kasan_check_write+0x14/0x20
[  113.646755][ T1493]  ? _raw_spin_lock+0xa4/0x1b0
[  113.651351][ T1493]  dump_stack+0x15/0x18
[  113.655341][ T1493]  should_fail_ex+0x3d0/0x520
[  113.659859][ T1493]  should_fail+0xb/0x10
[  113.663850][ T1493]  should_fail_usercopy+0x1a/0x20
[  113.668710][ T1493]  _copy_from_user+0x1e/0xc0
[  113.673134][ T1493]  binder_ioctl+0x71f/0x22d0
[  113.677566][ T1493]  ? ioctl_has_perm+0x3f0/0x560
[  113.682336][ T1493]  ? binder_poll+0x2b0/0x2b0
[  113.686762][ T1493]  ? has_cap_mac_admin+0x3c0/0x3c0
[  113.691706][ T1493]  ? vfs_write+0x952/0xed0
[  113.695990][ T1493]  ? selinux_file_ioctl+0x3cc/0x540
[  113.700994][ T1493]  ? __mutex_lock_slowpath+0x10/0x10
[  113.706119][ T1493]  ? selinux_file_alloc_security+0x120/0x120
[  113.711934][ T1493]  ? __fget_files+0x2cb/0x330
[  113.716451][ T1493]  ? security_file_ioctl+0x84/0xb0
[  113.721393][ T1493]  ? binder_poll+0x2b0/0x2b0
[  113.725819][ T1493]  __se_sys_ioctl+0x114/0x190
[  113.730334][ T1493]  __x64_sys_ioctl+0x7b/0x90
[  113.734759][ T1493]  x64_sys_call+0x98/0x9a0
[  113.739011][ T1493]  do_syscall_64+0x3b/0xb0
[  113.743265][ T1493]  ? clear_bhb_loop+0x55/0xb0
[  113.747778][ T1493]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  113.753508][ T1493] RIP: 0033:0x7f184f985d29
[  113.757762][ T1493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.777206][ T1493] RSP: 002b:00007f18507f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  113.785564][ T1493] RAX: ffffffffffffffda RBX: 00007f184fb75fa0 RCX: 00007f184f985d29
[  113.793374][ T1493] RDX: 0000000020002100 RSI: 00000000c00c620f RDI: 0000000000000003
[  113.801187][ T1493] RBP: 00007f18507f6090 R08: 0000000000000000 R09: 0000000000000000
[  113.808997][ T1493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.816809][ T1493] R13: 0000000000000000 R14: 00007f184fb75fa0 R15: 00007ffff552ad88
[  113.824626][ T1493]  </TASK>
[  113.841729][ T1493] binder: 1492:1493 ioctl c00c620f 20002100 returned -14
[  115.002664][ T1506] loop4: detected capacity change from 0 to 128
[  116.295961][ T1523] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 1
[  117.874889][ T1542] SELinux:  Context Ü is not valid (left unmapped).
[  118.110812][ T1544] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 1
[  118.674393][ T1550] syz.1.306[1550] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  118.674481][ T1550] syz.1.306[1550] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  120.967213][ T1566] loop4: detected capacity change from 0 to 128
[  121.086783][ T1566] EXT4-fs (loop4): Test dummy encryption mode enabled
[  121.094923][ T1566] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  121.103785][ T1566] ext4 filesystem being mounted at /54/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  121.409557][ T1573] netlink: 8 bytes leftover after parsing attributes in process `syz.3.308'.
[  122.198728][ T1575] netlink: 8 bytes leftover after parsing attributes in process `syz.3.308'.
[  125.874310][  T291] EXT4-fs (loop4): unmounting filesystem.
[  125.922632][ T1613] syz.4.318[1613] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.922725][ T1613] syz.4.318[1613] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  126.066272][ T1624] loop3: detected capacity change from 0 to 128
[  128.033398][   T28] audit: type=1400 audit(1736619928.240:409): avc:  denied  { setopt } for  pid=1617 comm="syz.2.315" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  128.123274][ T1626] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  128.216172][   T28] audit: type=1400 audit(1736619928.270:410): avc:  denied  { ioctl } for  pid=1617 comm="syz.2.315" path="socket:[21569]" dev="sockfs" ino=21569 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  128.289037][   T28] audit: type=1400 audit(1736619928.280:411): avc:  denied  { bind } for  pid=1617 comm="syz.2.315" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  128.545971][ T1633] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 1
[  128.902196][  T854] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  128.985008][ T1637] loop3: detected capacity change from 0 to 128
[  129.027544][ T1641] loop0: detected capacity change from 0 to 128
[  129.050662][ T1641] EXT4-fs (loop0): Test dummy encryption mode enabled
[  129.084888][ T1641] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  129.093891][ T1641] ext4 filesystem being mounted at /53/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  130.143733][ T1653] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  130.187732][ T1656] netlink: 36 bytes leftover after parsing attributes in process `syz.4.323'.
[  131.894394][  T294] EXT4-fs (loop0): unmounting filesystem.
[  131.934808][ T1660] loop0: detected capacity change from 0 to 512
[  132.070654][ T1660] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  132.091208][ T1660] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  134.732185][ T1676] loop3: detected capacity change from 0 to 256
[  134.741376][  T294] EXT4-fs (loop0): unmounting filesystem.
[  134.750697][ T1681] loop2: detected capacity change from 0 to 128
[  134.781806][  T315] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  134.804779][ T1676] loop3: detected capacity change from 0 to 128
[  134.811029][ T1151] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  135.866873][ T1676] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  135.883423][ T1676] ext4 filesystem being mounted at /74/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  135.988662][ T1698] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 1
[  136.015661][ T1696] syz.1.334[1696] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  136.016337][ T1696] syz.1.334[1696] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  136.257068][ T1703] syz.2.336[1703] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  136.268760][ T1703] syz.2.336[1703] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  136.405687][  T293] EXT4-fs (loop3): unmounting filesystem.
[  137.244167][ T1715] random: crng reseeded on system resumption
[  137.271168][   T28] audit: type=1400 audit(1736619937.450:412): avc:  denied  { write } for  pid=1714 comm="syz.2.339" name="snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  137.371154][   T28] audit: type=1400 audit(1736619937.450:413): avc:  denied  { open } for  pid=1714 comm="syz.2.339" path="/dev/snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  137.969737][ T1715] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=1715 comm=syz.2.339
[  138.004391][ T1730] loop3: detected capacity change from 0 to 1024
[  138.070658][   T28] audit: type=1400 audit(1736619938.270:414): avc:  denied  { ioctl } for  pid=1714 comm="syz.2.339" path="/dev/snapshot" dev="devtmpfs" ino=91 ioctlcmd=0x330f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  138.072556][ T1730] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  138.104362][ T1730] ext4 filesystem being mounted at /76/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.404170][ T1716] netlink: 12 bytes leftover after parsing attributes in process `syz.2.339'.
[  138.480491][   T28] audit: type=1400 audit(1736619938.680:415): avc:  denied  { mounton } for  pid=1729 comm="syz.3.342" path="/76/file1/file0" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  138.505888][  T293] EXT4-fs (loop3): unmounting filesystem.
[  138.530002][ T1744] loop3: detected capacity change from 0 to 128
[  138.585429][ T1151] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  138.602149][   T28] audit: type=1400 audit(1736619938.810:416): avc:  denied  { append } for  pid=1745 comm="syz.0.347" name="binder1" dev="binder" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  138.800471][ T1750] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  139.073024][  T854] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  139.095369][ T1753] loop1: detected capacity change from 0 to 512
[  139.124634][ T1753] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  139.137093][ T1753] EXT4-fs error (device loop1): ext4_orphan_get:1426: comm syz.1.348: bad orphan inode 131083
[  139.147979][ T1753] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  139.222084][  T290] EXT4-fs (loop1): unmounting filesystem.
[  139.271216][  T854] usb 5-1: Using ep0 maxpacket: 8
[  139.282516][  T854] usb 5-1: config 2 interface 0 has no altsetting 0
[  139.300617][ T1759] syz.1.350[1759] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  139.300724][ T1759] syz.1.350[1759] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  139.302030][  T854] usb 5-1: New USB device found, idVendor=04e2, idProduct=1412, bcdDevice=ca.10
[  139.355056][  T854] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.377713][  T854] usb 5-1: Product: syz
[  139.386283][  T854] usb 5-1: Manufacturer: syz
[  139.390708][  T854] usb 5-1: SerialNumber: syz
[  140.253915][ T1767] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 1
[  140.606687][   T28] audit: type=1400 audit(1736619940.810:417): avc:  denied  { create } for  pid=1770 comm="syz.1.352" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=appletalk_socket permissive=1
[  141.032713][  T854] usb 5-1: USB disconnect, device number 6
[  141.051872][ T1775] syz.0.354[1775] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  141.051951][ T1775] syz.0.354[1775] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  141.067138][ T1777] loop2: detected capacity change from 0 to 512
[  141.102822][ T1777] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  141.111741][ T1777] I/O error, dev loop20, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  141.120890][ T1777] EXT4-fs (loop2): couldn't read superblock of external journal
[  143.062333][ T1800] loop0: detected capacity change from 0 to 128
[  143.076586][ T1800] EXT4-fs (loop0): Test dummy encryption mode enabled
[  143.084948][ T1800] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  143.093896][ T1800] ext4 filesystem being mounted at /60/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  143.145887][ T1805] loop3: detected capacity change from 0 to 512
[  143.153889][ T1805] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  143.170500][ T1805] EXT4-fs error (device loop3): ext4_orphan_get:1426: comm syz.3.360: bad orphan inode 131083
[  143.190747][ T1805] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  144.224838][ T1814] FAULT_INJECTION: forcing a failure.
[  144.224838][ T1814] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  144.243582][ T1814] CPU: 1 PID: 1814 Comm: syz.2.361 Not tainted 6.1.118-syzkaller-00015-g770852bf7d99 #0
[  144.253139][ T1814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  144.263037][ T1814] Call Trace:
[  144.266163][ T1814]  <TASK>
[  144.268944][ T1814]  dump_stack_lvl+0x151/0x1b7
[  144.273457][ T1814]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  144.278743][ T1814]  ? _parse_integer+0x2a/0x40
[  144.283256][ T1814]  dump_stack+0x15/0x18
[  144.287250][ T1814]  should_fail_ex+0x3d0/0x520
[  144.291763][ T1814]  should_fail+0xb/0x10
[  144.295776][ T1814]  should_fail_usercopy+0x1a/0x20
[  144.300713][ T1814]  _copy_from_user+0x1e/0xc0
[  144.305131][ T1814]  iovec_from_user+0xc7/0x320
[  144.309647][ T1814]  ? kasan_set_track+0x4b/0x70
[  144.314241][ T1814]  ? kasan_save_free_info+0x2b/0x40
[  144.319277][ T1814]  __import_iovec+0x70/0x430
[  144.323711][ T1814]  import_iovec+0xe5/0x120
[  144.327960][ T1814]  copy_msghdr_from_user+0x527/0x670
[  144.333082][ T1814]  ? sendmsg_copy_msghdr+0x70/0x70
[  144.338125][ T1814]  __sys_sendmsg+0x236/0x390
[  144.342541][ T1814]  ? ____sys_sendmsg+0x9a0/0x9a0
[  144.347330][ T1814]  ? __kasan_check_write+0x14/0x20
[  144.352273][ T1814]  ? mutex_unlock+0xb2/0x260
[  144.356690][ T1814]  ? __kasan_check_write+0x14/0x20
[  144.361647][ T1814]  ? __ia32_sys_read+0x90/0x90
[  144.366233][ T1814]  ? debug_smp_processor_id+0x17/0x20
[  144.371439][ T1814]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  144.377342][ T1814]  __x64_sys_sendmsg+0x7f/0x90
[  144.381942][ T1814]  x64_sys_call+0x16a/0x9a0
[  144.386299][ T1814]  do_syscall_64+0x3b/0xb0
[  144.390537][ T1814]  ? clear_bhb_loop+0x55/0xb0
[  144.395048][ T1814]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  144.400793][ T1814] RIP: 0033:0x7f184f985d29
[  144.405033][ T1814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.424472][ T1814] RSP: 002b:00007f18507f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  144.432715][ T1814] RAX: ffffffffffffffda RBX: 00007f184fb75fa0 RCX: 00007f184f985d29
[  144.440526][ T1814] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  144.448337][ T1814] RBP: 00007f18507f6090 R08: 0000000000000000 R09: 0000000000000000
[  144.456167][ T1814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  144.463963][ T1814] R13: 0000000000000000 R14: 00007f184fb75fa0 R15: 00007ffff552ad88
[  144.471786][ T1814]  </TASK>
[  144.917190][  T293] EXT4-fs (loop3): unmounting filesystem.
[  145.563851][  T294] EXT4-fs (loop0): unmounting filesystem.
[  145.677081][ T1823] loop2: detected capacity change from 0 to 128
[  145.764632][ T1826] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  145.771695][ T1826] IPv6: NLM_F_CREATE should be set when creating new route
[  145.796526][ T1823] EXT4-fs (loop2): Test dummy encryption mode enabled
[  145.805313][ T1823] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  145.814116][ T1823] ext4 filesystem being mounted at /83/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  145.847313][ T1831] loop4: detected capacity change from 0 to 16
[  145.853871][ T1831] erofs: (device loop4): mounted with root inode @ nid 36.
[  148.061586][  T437] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  148.124978][ T1842] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  148.132075][ T1842] IPv6: NLM_F_CREATE should be set when creating new route
[  148.207569][  T292] EXT4-fs (loop2): unmounting filesystem.
[  148.311171][  T437] usb 5-1: Using ep0 maxpacket: 8
[  148.317636][  T437] usb 5-1: config 2 interface 0 has no altsetting 0
[  148.332321][  T437] usb 5-1: New USB device found, idVendor=04e2, idProduct=1412, bcdDevice=ca.10
[  148.355565][  T437] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.428083][  T437] usb 5-1: Product: syz
[  148.459878][  T437] usb 5-1: Manufacturer: syz
[  148.497817][  T437] usb 5-1: SerialNumber: syz
[  148.721921][   T28] audit: type=1400 audit(1736619948.930:418): avc:  denied  { remount } for  pid=1857 comm="syz.0.372" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  148.742023][ T1858] tmpfs: Unknown parameter 'uuid'
[  148.758356][ T1858] loop0: detected capacity change from 0 to 1024
[  148.775729][ T1858] EXT4-fs: quotafile must be on filesystem root
[  148.857657][  T437] usb 5-1: USB disconnect, device number 7
[  148.872801][ T1860] loop0: detected capacity change from 0 to 1024
[  148.909192][ T1860] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  148.930914][   T28] audit: type=1400 audit(1736619949.130:419): avc:  denied  { ioctl } for  pid=1859 comm="syz.0.373" path="/63/bus/cgroup.controllers" dev="loop0" ino=18 ioctlcmd=0x5829 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  148.964007][ T1860] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  148.978950][ T1860] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 32 with max blocks 32 with error 28
[  148.993122][ T1860] EXT4-fs (loop0): This should not happen!! Data will be lost
[  148.993122][ T1860] 
[  149.002773][ T1860] EXT4-fs (loop0): Total free blocks count 0
[  149.008600][ T1860] EXT4-fs (loop0): Free/Dirty block details
[  149.014421][ T1860] EXT4-fs (loop0): free_blocks=68451041280
[  149.020068][ T1860] EXT4-fs (loop0): dirty_blocks=64
[  149.031185][ T1860] EXT4-fs (loop0): Block reservation details
[  149.037065][ T1860] EXT4-fs (loop0): i_reserved_data_blocks=4
[  149.200272][ T1870] loop3: detected capacity change from 0 to 128
[  149.220113][ T1870] EXT4-fs (loop3): Test dummy encryption mode enabled
[  149.251974][ T1870] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  149.262714][ T1870] ext4 filesystem being mounted at /84/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  150.228189][ T1886] loop4: detected capacity change from 0 to 512
[  150.266753][  T719] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28
[  150.311705][ T1880] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  150.318767][ T1880] IPv6: NLM_F_CREATE should be set when creating new route
[  150.327318][ T1886] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  150.341891][ T1886] EXT4-fs (loop4): orphan cleanup on readonly fs
[  150.351627][ T1886] Quota error (device loop4): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  150.382133][ T1886] EXT4-fs warning (device loop4): ext4_enable_quotas:7023: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  150.427041][ T1886] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  150.450820][ T1886] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.379: bg 0: block 40: padding at end of block bitmap is not set
[  150.495470][ T1886] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  150.515828][ T1886] EXT4-fs (loop4): 1 truncate cleaned up
[  150.535681][ T1886] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  150.692660][  T293] EXT4-fs (loop3): unmounting filesystem.
[  150.727887][ T1889] loop2: detected capacity change from 0 to 40427
[  150.738298][ T1889] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  150.746456][ T1889] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  150.755877][ T1892] device batadv_slave_1 entered promiscuous mode
[  150.761895][ T1889] F2FS-fs (loop2): Found nat_bits in checkpoint
[  150.762415][ T1894] syz.1.382[1894] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  150.768729][ T1894] syz.1.382[1894] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  150.786157][ T1896] syz.3.381[1896] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  150.797334][ T1896] syz.3.381[1896] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  150.810974][ T1889] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  150.829189][ T1889] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  150.840075][ T1891] device batadv_slave_1 left promiscuous mode
[  155.406561][  T437] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  155.444629][  T291] EXT4-fs (loop4): unmounting filesystem.
[  155.479148][ T1952] loop4: detected capacity change from 0 to 128
[  155.490805][   T28] audit: type=1400 audit(1736619955.700:420): avc:  denied  { read } for  pid=1950 comm="syz.1.393" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  155.518543][ T1952] EXT4-fs (loop4): Test dummy encryption mode enabled
[  155.545629][ T1952] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  155.558393][ T1952] ext4 filesystem being mounted at /65/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  155.587721][ T1956] loop1: detected capacity change from 0 to 512
[  155.601328][  T437] usb 3-1: Using ep0 maxpacket: 8
[  155.629312][ T1956] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  155.648937][ T1956] EXT4-fs warning (device loop1): dx_probe:881: Enable large directory feature to access it
[  155.659732][  T437] usb 3-1: config 2 interface 0 has no altsetting 0
[  155.674599][ T1956] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.393: Corrupt directory, running e2fsck is recommended
[  155.688981][ T1956] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[  155.697655][ T1956] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2186: inode #15: comm syz.1.393: corrupted in-inode xattr
[  155.710437][ T1956] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.393: couldn't read orphan inode 15 (err -117)
[  155.722524][ T1956] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  155.750371][  T437] usb 3-1: New USB device found, idVendor=04e2, idProduct=1412, bcdDevice=ca.10
[  155.751007][ T1956] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  155.759606][ T1959] syz.0.394[1959] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  155.770745][  T437] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  155.798124][ T1959] syz.0.394[1959] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  155.832088][ T1956] EXT4-fs warning (device loop1): dx_probe:881: Enable large directory feature to access it
[  155.920957][  T437] usb 3-1: Product: syz
[  155.953515][  T437] usb 3-1: Manufacturer: syz
[  156.011683][  T437] usb 3-1: SerialNumber: syz
[  156.055067][ T1956] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.393: Corrupt directory, running e2fsck is recommended
[  156.546301][  T437] usb 3-1: USB disconnect, device number 4
[  157.493606][ T1953] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  157.512284][ T1953] EXT4-fs warning (device loop1): dx_probe:881: Enable large directory feature to access it
[  158.095064][ T1982] tmpfs: Bad value for 'huge'
[  158.175149][  T291] EXT4-fs (loop4): unmounting filesystem.
[  158.211984][ T1953] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.393: Corrupt directory, running e2fsck is recommended
[  158.216055][ T1956] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  158.252795][ T1956] EXT4-fs warning (device loop1): dx_probe:881: Enable large directory feature to access it
[  158.263411][ T1991] loop4: detected capacity change from 0 to 512
[  158.270359][ T1991] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  158.369001][ T1991] EXT4-fs (loop4): 1 truncate cleaned up
[  158.374776][ T1991] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  158.455878][  T437] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  158.462982][ T1956] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.393: Corrupt directory, running e2fsck is recommended
[  158.491325][ T1953] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  158.531949][  T290] EXT4-fs (loop1): unmounting filesystem.
[  158.551259][ T1996] netlink: 20 bytes leftover after parsing attributes in process `syz.1.402'.
[  158.718830][  T437] usb 4-1: Using ep0 maxpacket: 32
[  158.725522][  T437] usb 4-1: config 0 has an invalid interface number: 115 but max is 0
[  158.735437][  T437] usb 4-1: config 0 has no interface number 0
[  158.741709][  T437] usb 4-1: config 0 interface 115 has no altsetting 0
[  158.750853][  T437] usb 4-1: New USB device found, idVendor=03f0, idProduct=3239, bcdDevice=c1.64
[  158.760102][  T437] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.768309][  T437] usb 4-1: Product: syz
[  158.772619][  T437] usb 4-1: Manufacturer: syz
[  158.777160][  T437] usb 4-1: SerialNumber: syz
[  158.800320][  T437] usb 4-1: config 0 descriptor??
[  158.830391][  T437] pl2303 4-1:0.115: required interrupt-in endpoint missing
[  159.172678][ T2009] syz.2.405[2009] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  159.172764][ T2009] syz.2.405[2009] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  159.327249][  T291] EXT4-fs (loop4): unmounting filesystem.
[  160.169684][ T2016] syz.2.407[2016] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  160.169768][ T2016] syz.2.407[2016] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  160.398203][ T2025] loop2: detected capacity change from 0 to 128
[  160.510293][ T2029] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 1
[  161.791165][ T2034] loop0: detected capacity change from 0 to 128
[  161.800207][   T24] usb 4-1: USB disconnect, device number 2
[  161.825349][ T2034] EXT4-fs (loop0): Test dummy encryption mode enabled
[  162.279507][ T2034] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  162.298544][ T2034] ext4 filesystem being mounted at /74/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  162.424852][ T2040] loop2: detected capacity change from 0 to 256
[  162.452764][ T2040] FAT-fs (loop2): Directory bread(block 64) failed
[  162.459240][ T2040] FAT-fs (loop2): Directory bread(block 65) failed
[  162.466186][ T2040] FAT-fs (loop2): Directory bread(block 66) failed
[  163.054029][ T2040] FAT-fs (loop2): Directory bread(block 67) failed
[  163.104669][ T2040] FAT-fs (loop2): Directory bread(block 68) failed
[  163.228187][ T2040] FAT-fs (loop2): Directory bread(block 69) failed
[  163.236250][ T2040] FAT-fs (loop2): Directory bread(block 70) failed
[  163.242813][ T2040] FAT-fs (loop2): Directory bread(block 71) failed
[  163.249261][ T2040] FAT-fs (loop2): Directory bread(block 72) failed
[  163.255872][ T2040] FAT-fs (loop2): Directory bread(block 73) failed
[  164.439342][ T2051] tmpfs: Bad value for 'huge'
[  164.504235][  T294] EXT4-fs (loop0): unmounting filesystem.
[  164.762729][   T28] audit: type=1400 audit(1736619964.970:421): avc:  denied  { name_bind } for  pid=2058 comm="syz.1.415" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  164.977925][ T2069] syz.3.418[2069] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  164.978021][ T2069] syz.3.418[2069] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  165.096236][ T2073] syz.0.420[2073] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  165.107398][ T2073] syz.0.420[2073] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  166.605880][ T2082] loop0: detected capacity change from 0 to 128
[  166.612820][ T2079] loop1: detected capacity change from 0 to 128
[  166.630242][ T2084] device pim6reg1 entered promiscuous mode
[  166.695277][ T2079] EXT4-fs (loop1): Test dummy encryption mode enabled
[  166.731531][ T2086] loop2: detected capacity change from 0 to 1024
[  166.738316][ T2086] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  166.750537][ T2079] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  166.760991][ T2079] ext4 filesystem being mounted at /84/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  166.773094][ T2086] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  166.778818][ T2095] loop4: detected capacity change from 0 to 128
[  166.833947][ T2095] EXT4-fs (loop4): Test dummy encryption mode enabled
[  166.867465][ T2095] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  166.878434][ T2095] ext4 filesystem being mounted at /71/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  166.938029][  T292] EXT4-fs (loop2): unmounting filesystem.
[  169.488674][ T2108] loop2: detected capacity change from 0 to 4096
[  169.531522][ T2108] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  170.002467][  T290] EXT4-fs (loop1): unmounting filesystem.
[  170.008910][  T291] EXT4-fs (loop4): unmounting filesystem.
[  170.021792][   T28] audit: type=1400 audit(1736619970.130:422): avc:  denied  { block_suspend } for  pid=2107 comm="syz.2.428" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  170.560769][  T292] EXT4-fs (loop2): unmounting filesystem.
[  171.118954][ T2124] syz.1.432[2124] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  171.119035][ T2124] syz.1.432[2124] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  171.172138][ T2082] syz.0.421 (2082) used greatest stack depth: 18976 bytes left
[  171.291805][ T2127] syz.1.434[2127] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  171.291898][ T2127] syz.1.434[2127] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  171.306621][ T2129] loop0: detected capacity change from 0 to 128
[  171.450813][ T2134] loop2: detected capacity change from 0 to 128
[  171.635212][ T2134] EXT4-fs (loop2): Test dummy encryption mode enabled
[  172.192564][ T2134] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  172.201507][ T2134] ext4 filesystem being mounted at /97/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  172.232130][   T28] audit: type=1400 audit(1736619972.440:423): avc:  denied  { read } for  pid=2141 comm="syz.1.438" dev="nsfs" ino=4026532291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  172.359828][   T28] audit: type=1400 audit(1736619972.470:424): avc:  denied  { open } for  pid=2141 comm="syz.1.438" path="net:[4026532291]" dev="nsfs" ino=4026532291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  172.693214][ T2151] loop0: detected capacity change from 0 to 128
[  173.047501][ T2151] EXT4-fs (loop0): Test dummy encryption mode enabled
[  173.963658][  T292] EXT4-fs (loop2): unmounting filesystem.
[  173.986848][ T2151] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  174.050173][ T2151] general protection fault, probably for non-canonical address 0xdffffc0000000007: 0000 [#1] PREEMPT SMP KASAN
[  174.061740][ T2151] KASAN: null-ptr-deref in range [0x0000000000000038-0x000000000000003f]
[  174.066270][ T2161] loop3: detected capacity change from 0 to 512
[  174.069983][ T2151] CPU: 1 PID: 2151 Comm: syz.0.441 Not tainted 6.1.118-syzkaller-00015-g770852bf7d99 #0
[  174.085612][ T2151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  174.095498][ T2151] RIP: 0010:__ext4_journal_get_write_access+0xb0/0x690
[  174.102188][ T2151] Code: 88 ff 49 8d 5e 30 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 6e d8 cf ff 48 8b 1b 48 83 c3 38 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 51 d8 cf ff 4c 8b 23 4d 85 e4 4c
[  174.121621][ T2151] RSP: 0018:ffffc9000fe776e0 EFLAGS: 00010202
[  174.127613][ T2151] RAX: 0000000000000007 RBX: 0000000000000038 RCX: 0000000000080000
[  174.135426][ T2151] RDX: ffffc900016ca000 RSI: 0000000000005889 RDI: 000000000000588a
[  174.143232][ T2151] RBP: ffffc9000fe777b0 R08: ffff888132aa59d8 R09: 0000000000000001
[  174.151045][ T2151] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000001
[  174.158943][ T2151] R13: dffffc0000000000 R14: ffff888132aa59d8 R15: 0000000000000001
[  174.166752][ T2151] FS:  00007fea479fe6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  174.175523][ T2151] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  174.181945][ T2151] CR2: 00007fa8ac1f8400 CR3: 000000011d9fb000 CR4: 00000000003506a0
[  174.189762][ T2151] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  174.197568][ T2151] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  174.205550][ T2151] Call Trace:
[  174.208680][ T2151]  <TASK>
[  174.211455][ T2151]  ? __die_body+0x62/0xb0
[  174.215622][ T2151]  ? die_addr+0x9f/0xd0
[  174.219622][ T2151]  ? exc_general_protection+0x317/0x4c0
[  174.224996][ T2151]  ? _raw_spin_unlock+0x4c/0x70
[  174.229680][ T2151]  ? asm_exc_general_protection+0x27/0x30
[  174.235237][ T2151]  ? __ext4_journal_get_write_access+0xb0/0x690
[  174.241312][ T2151]  ? __ext4_journal_ensure_credits+0x470/0x470
[  174.247297][ T2151]  ? __kasan_check_read+0x11/0x20
[  174.252164][ T2151]  ext4_update_superblocks_fn+0x2dc/0x1300
[  174.257809][ T2151]  ? irqentry_exit+0x30/0x40
[  174.262227][ T2151]  ? ext4_update_superblocks_fn+0x1300/0x1300
[  174.268143][ T2151]  ? ext4_update_overhead+0x170/0x170
[  174.273340][ T2151]  ext4_update_overhead+0x143/0x170
[  174.278372][ T2151]  ext4_fill_super+0x309b/0x8460
[  174.283157][ T2151]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  174.289222][ T2151]  ? snprintf+0xd6/0x120
[  174.293304][ T2151]  ? sb_set_blocksize+0xa8/0xf0
[  174.297987][ T2151]  get_tree_bdev+0x440/0x680
[  174.302413][ T2151]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  174.308488][ T2151]  ext4_get_tree+0x1c/0x20
[  174.312743][ T2151]  vfs_get_tree+0x88/0x290
[  174.316993][ T2151]  do_new_mount+0x2ba/0xb30
[  174.321334][ T2151]  ? do_move_mount_old+0x160/0x160
[  174.326280][ T2151]  ? security_capable+0x87/0xb0
[  174.330975][ T2151]  ? ns_capable+0x89/0xe0
[  174.335133][ T2151]  path_mount+0x671/0x1070
[  174.339386][ T2151]  ? user_path_at_empty+0x14e/0x1a0
[  174.344424][ T2151]  __se_sys_mount+0x2c4/0x3b0
[  174.348942][ T2151]  ? __x64_sys_mount+0xd0/0xd0
[  174.353535][ T2151]  ? switch_fpu_return+0xe/0x10
[  174.358222][ T2151]  __x64_sys_mount+0xbf/0xd0
[  174.362653][ T2151]  x64_sys_call+0x49d/0x9a0
[  174.366986][ T2151]  do_syscall_64+0x3b/0xb0
[  174.371239][ T2151]  ? clear_bhb_loop+0x55/0xb0
[  174.375754][ T2151]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  174.381482][ T2151] RIP: 0033:0x7fea46b874ca
[  174.385734][ T2151] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.405262][ T2151] RSP: 002b:00007fea479fde68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  174.413511][ T2151] RAX: ffffffffffffffda RBX: 00007fea479fdef0 RCX: 00007fea46b874ca
[  174.421322][ T2151] RDX: 0000000020000240 RSI: 0000000020000280 RDI: 00007fea479fdeb0
[  174.429133][ T2151] RBP: 0000000020000240 R08: 00007fea479fdef0 R09: 0000000000000840
[  174.436941][ T2151] R10: 0000000000000840 R11: 0000000000000246 R12: 0000000020000280
[  174.444756][ T2151] R13: 00007fea479fdeb0 R14: 0000000000000236 R15: 0000000020000540
[  174.452572][ T2151]  </TASK>
[  174.455432][ T2151] Modules linked in:
[  175.053422][ T2151] ---[ end trace 0000000000000000 ]---
[  175.058775][ T2151] RIP: 0010:__ext4_journal_get_write_access+0xb0/0x690
[  175.078558][ T2151] Code: 88 ff 49 8d 5e 30 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 6e d8 cf ff 48 8b 1b 48 83 c3 38 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 51 d8 cf ff 4c 8b 23 4d 85 e4 4c
[  175.103310][ T2166] loop4: detected capacity change from 0 to 128
[  175.109605][ T2151] RSP: 0018:ffffc9000fe776e0 EFLAGS: 00010202
[  175.124100][ T2151] RAX: 0000000000000007 RBX: 0000000000000038 RCX: 0000000000080000
[  175.133704][ T2166] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  175.142066][ T2151] RDX: ffffc900016ca000 RSI: 0000000000005889 RDI: 000000000000588a
[  175.150224][ T2166] ext4 filesystem being mounted at /75/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  175.183146][ T2151] RBP: ffffc9000fe777b0 R08: ffff888132aa59d8 R09: 0000000000000001
[  175.191012][ T2151] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000001
[  175.199142][ T2151] R13: dffffc0000000000 R14: ffff888132aa59d8 R15: 0000000000000001
[  175.207202][ T2151] FS:  00007fea479fe6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  175.227689][ T2151] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  175.244424][ T2151] CR2: 00007f4b96b69160 CR3: 000000011d9fb000 CR4: 00000000003506a0
[  175.252699][ T2151] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  175.260570][ T2151] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  175.268866][ T2151] Kernel panic - not syncing: Fatal exception
[  175.275031][ T2151] Kernel Offset: disabled
[  175.279181][ T2151] Rebooting in 86400 seconds..