last executing test programs:

18.733149632s ago: executing program 0 (id=1931):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
syz_btf_id_by_name$bpf_lsm(0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0}, 0x18)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev={0xfe, 0x80, '\x00', 0x2d}, 0x0, 0x2, 0x0, 0x8}, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r4 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r4, &(0x7f0000000540)={0x24, @short={0x2, 0x2, 0xffff}}, 0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x274}}, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.events\x00', 0x275a, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x2a, &(0x7f0000000100)=r5, 0x4)
bpf$LINK_GET_FD_BY_ID(0x1e, 0x0, 0x0)
ioctl$FS_IOC_GETFSLABEL(r3, 0x400452c8, &(0x7f0000000100))

15.485986082s ago: executing program 0 (id=1927):
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000079000000090000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000070018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='9p_protocol_dump\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mlockall(0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
prctl$PR_SET_THP_DISABLE(0x29, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x4, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000000)='ext4_mark_inode_dirty\x00', r5}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='blkio.bfq.io_service_time\x00', 0x275a, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018400110800395032303030"], 0x15)
r6 = dup(r3)
write$FUSE_BMAP(r6, &(0x7f0000000080)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r6, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
lchown(&(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x0)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
getdents64(r7, 0x0, 0x0)

10.716094492s ago: executing program 4 (id=1941):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x1c, 0x0, 0x7ff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
syz_usb_connect$hid(0x0, 0x6c, 0x0, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x10, 0x1a1381)
ioctl$USBDEVFS_FREE_STREAMS(r2, 0x802c550a, &(0x7f0000000080)=ANY=[])
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
creat(0x0, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'veth0_to_batadv\x00', <r4=>0x0})
r5 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r5, &(0x7f0000000180)='`', 0x5e0, 0x0, &(0x7f0000000240)={0x2f, 0x8100, r4, 0x1, 0x0, 0x6, @random="4a99fee2a74d"}, 0x14)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000840))
r6 = socket(0x10, 0x803, 0x0)
r7 = socket(0x200000100000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=ANY=[@ANYBLOB="400000001400b59500000000000000000a000000", @ANYRES32=r8, @ANYBLOB="14000200fe8000000000000000000000000000aa14000600ff0f5e24ff"], 0x40}}, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f0000000680)=""/93, &(0x7f0000000700)=""/83, 0x3000})
ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f00000002c0)=&(0x7f0000000200))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000001c0)=0x1)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)

9.86953652s ago: executing program 0 (id=1945):
r0 = socket$inet(0x2, 0x2, 0x1)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000180)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x88}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}, {@resgid}, {@usrquota}, {@data_err_abort}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000001200)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ptrace$ARCH_MAP_VDSO_64(0x1e, r1, 0xfff, 0x2003)
ioctl$SIOCGSTAMP(r3, 0x8906, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = io_uring_setup(0x488, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r5, 0x0, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r4, 0x13, &(0x7f0000000040), 0x2)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x1)
dup(r6)
sendmsg$inet(r0, 0x0, 0x4008000)
r7 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
gettid()
syz_emit_ethernet(0x4e, &(0x7f0000000180)=ANY=[@ANYRES32=r8, @ANYRES32=0x41424344, @ANYBLOB="99c5dbabad7c025c31c3b96fc1de36e013a51f54c9ec3f1a27dee4aa0ffe11e37bd6e4b66fa2ae286aed9258cb7e0db88da9b75c003112e2616f1a3be8d0b8629bdcc1854872e95303415f542ee142d92e99be021575a46d6fc15ceb95cdf13be1df5ff9187c38172f09f07cff289d9f9a797460653e67fbd1a1c45efe94285b3e89d998680d086d74720f10ef9bbc18935cd2b42d5414d16a246e3410f7fdd35588014ca133bd7d461d90ba5a3d4aad4ffb07e758d48f3783ee1aa62a85f97e55e6620cc629cf959b2908224414009617698cbce0b54bd962a71ea99183db690b12db4a9b1fda4d355e4a994455cb04cb37cc", @ANYRES32=0x0], 0x0)

9.382299005s ago: executing program 4 (id=1946):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
capget(&(0x7f00000001c0)={0x20080522}, &(0x7f0000000280)={0x1, 0x0, 0x0, 0x0, 0x0, 0x7})
quotactl$Q_GETINFO(0xffffffff80000500, 0x0, 0xee00, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000040)={'syztnl0\x00', &(0x7f0000000380)={'syztnl2\x00', 0x0, 0x0, 0x80, 0x5, 0xff, {{0xd, 0x4, 0x0, 0x0, 0x34, 0x68, 0x0, 0x4, 0x29, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, {[@rr={0x7, 0x7, 0x7c, [@remote]}, @noop, @timestamp_addr={0x44, 0xc, 0x0, 0x1, 0x0, [{@initdev={0xac, 0x1e, 0x0, 0x0}}]}, @rr={0x7, 0xb, 0xcc, [@remote, @remote]}]}}}}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='afs_flock_op\x00'}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x4d)
newfstatat(0xffffffffffffff9c, &(0x7f00000004c0)='.\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, <r7=>0x0}, 0x0)
setuid(r7)
fcntl$setlease(r6, 0x400, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

8.686743809s ago: executing program 0 (id=1947):
r0 = getpid()
process_vm_readv(r0, 0x0, 0x0, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x6)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x10}}, 0x0)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000a850000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='sched_switch\x00', r2}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, 0x0})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff0010}]})
openat$ptp0(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0)
openat$incfs(r6, &(0x7f0000000080)='.pending_reads\x00', 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
ptrace$getregs(0xc, r0, 0x0, &(0x7f0000000100)=""/4096)

8.657132132s ago: executing program 1 (id=1948):
r0 = getpid()
process_vm_readv(r0, 0x0, 0x0, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x6)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x10}}, 0x0)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff0010}]})
openat$ptp0(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0)
openat$incfs(r5, &(0x7f0000000080)='.pending_reads\x00', 0x0, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_udp_int(r6, 0x11, 0xa, &(0x7f0000000000), 0x4)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
ptrace$getregs(0xc, r0, 0x0, &(0x7f0000000100)=""/4096)

8.337653551s ago: executing program 4 (id=1949):
execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080), &(0x7f00000000c0), 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000cc0), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x1, &(0x7f00000003c0)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r7, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
ioctl$USBDEVFS_SETINTERFACE(r7, 0x80045510, &(0x7f0000000000))

7.727577297s ago: executing program 3 (id=1950):
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
r1 = socket(0x80000000000000a, 0x1, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @local}}}, 0x108)
r2 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x108)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r7}, 0x10)
mprotect(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r8, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x4})
readv(r8, &(0x7f0000002140)=[{&(0x7f00000000c0)=""/4096, 0x1000}], 0x1)
ioctl$UFFDIO_REGISTER(r8, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})

7.670422963s ago: executing program 2 (id=1951):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1600000000000000040000000300000000000000", @ANYRES32=0x1, @ANYBLOB="00000000000000000000000e7a0cf2b49332733c5392e6eb6632a45e3333bc87987c04533ab745771f0bb2c9afe14284865097dccc786f43dc3ad2390400e57562716791b927d3fe3956ed87bfc7b67690a397674a63b7c0ea4e760d17373bc383b72250e120fad1a98aa94670680dcbaa00"/129, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x360044, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x3ffffffffffffda, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$cgroup_subtree(r1, &(0x7f00000001c0), 0x2, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000100)={[{0x2d, 'pids'}]}, 0x6)
write$cgroup_subtree(r5, &(0x7f00000061c0)=ANY=[@ANYBLOB='+pids'], 0x6)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280))

7.536103425s ago: executing program 1 (id=1952):
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000100)={0x100000008})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020005000000000000000008000000b7048000000000548300000003000000950000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000178500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r5)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0006, &(0x7f0000000140)={[{@jqfmt_vfsold}, {@resgid={'resgid', 0x3d, 0xee00}}, {@bh}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x452, &(0x7f0000000980)="$eJzs3M1vFOUfAPDvzG7L+6/8EF9A0CoaiS8tLS9y8ILRxIMmJnrAeKptIchCDa2JEKLoAY+GxLvxaOJf4EkvRj2ZeNW7ISGGC+hpzezOlKXdbbvtlq3M55MMPM/Os3me78w8u888z04DKK3h7J8kYntE/B4RQ83s3QWGm//dvnl58u+blyeTqNff+itplLt18/JkUbR437Zmpl7P85va1Hv13YiJWm36Qp4fnTv3wejsxUsvnDk3cXr69PT58ePHjxzeP3hs/GhP4sziurX345l9e15759obkyevvffzt1l7t+f7W+NYkXT5IsPNo9vW011VtvHtaEkn1T42hK5UIiI7XQON/j8Uldgyv28oXv2sr40D1lW9Xq+3+37OXakD97Ek+t0CoD+KL/rs/rfY7tHQY0O4caJ5A5TFfTvfmnuq87f4Awvub3tpOCJOXvnnq2yL1cxDAAB06fts/PN8u/FfGg+1lPtfvoayMyL+HxG7IuKBiNgdEQ9GNMo+HBGPdFn/whWSxeOf9PqqAluhbPz3Ur62dff4L22M+7KQK/lyz45G/APJqTO16UP5MTkYA5uy/NgSdfzwym9fdNrXOv7Ltqz+YiyYt+N6dcEE3dTE3MTaor7jxqcRe6vt4k+iWMZJImJPROxdZR1nnv1mX6d9y8e/hB6sM9W/jnimef6vxIL4C0nH9cmxF4+NHx3dHLXpQ6PFVbHYL79efbNT/WuKvwey87+17fU/H//OZHPE7MVLZxvrtbPd13H1j8873tOs9vofTN5upAfz1z6amJu7MBYxmLy++PXxO+8t8kX5LP6DB9r3/13VO0fi0YjILuL9EfFYRDyet/2JiHgyIg4sEf9PLz/1fvfxLzEr30NZ/FPLnf9oPf/dJypnf/yu+/gL2fk/0kgdzF9ZyeffShu4lmMHAAAA/xVp4zfwSToyn07TkZHmb/h3x9a0NjM799ypmQ/PTzV/K78zBtJipmuoZT50LJ8bLvLjC/KH83njLytbGvmRyZnaVL+Dh5Lb1qH/Z/6s9Lt1wLrzvBaUl/4P5aX/Q3np/1Be+j+UV7v+/0kf2gHce77/obz0fygv/R/KS/+HUur4bHy6pkf+1z1RfGRtlPbcD4kTXb0r0o3Q5hIkqiv+YxarTGxqu6vPH0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA98m8AAAD//0Fo4Oc=")
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)

4.959090042s ago: executing program 3 (id=1953):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x1c, 0x0, 0x7ff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
syz_usb_connect$hid(0x0, 0x6c, 0x0, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x10, 0x1a1381)
ioctl$USBDEVFS_FREE_STREAMS(r2, 0x802c550a, &(0x7f0000000080)=ANY=[])
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
creat(0x0, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'veth0_to_batadv\x00', <r4=>0x0})
r5 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r5, &(0x7f0000000180)='`', 0x5e0, 0x0, &(0x7f0000000240)={0x2f, 0x8100, r4, 0x1, 0x0, 0x6, @random="4a99fee2a74d"}, 0x14)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000840))
r6 = socket(0x10, 0x803, 0x0)
r7 = socket(0x200000100000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=ANY=[@ANYBLOB, @ANYRES32=r8, @ANYBLOB="14000200fe8000000000000000000000000000aa14000600ff0f5e24ffff"], 0x40}}, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f0000000680)=""/93, &(0x7f0000000700)=""/83, 0x3000})
ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f00000002c0)=&(0x7f0000000200))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000001c0)=0x1)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)

4.944180074s ago: executing program 2 (id=1954):
syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000480)='./file0\x00', 0x446, &(0x7f00000004c0)=ANY=[@ANYRES32=0x0, @ANYRES16, @ANYRES16=0x0, @ANYRESHEX, @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163b555b27608594beba6325923aaf5db74cff01000000db92c6c5fcbba0abd975fc76bea49b00513afc856ed82ac6eabbb4dcf5c27354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d39283000000000000010131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d01a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a007f32b6eee3c941a5c942ed139eb5673792cae80335732030f9aeabaf3d3ad3bca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b9941e63b0f31d41783b25cdce079be35f08275e2b4b4477c6fcf4806134e839aa39ffffffffffff0000006a00000000000000000000001f71a4ddab1db3745e4857993f8d3a95f5d3d6ebb839938241bbd3d1a4e6f5c1f2988c7ff03f9cee11c605d182a0f798d88884f6b25eb7b0a41714e1b58593e7f98925ca9d139b287f7cb813d953870e88dd72d88f31c37c5b631e85286c05d658da0a7a4edbd4ad2f7d", @ANYRES32=0x0], 0x8, 0x2eb, &(0x7f0000000080)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0x2, 0x4}, 0x6)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000780)=ANY=[@ANYBLOB="180000fdffffff00000000000000000018110000bb1d596332014f8ad062e123f766d798c7a61276bbcaa6d89f71a7f02b6a5493e1d47c8eb553f312861f02065586d70358eb9c922e13aa9266b7e3c14f33810a85e10b74172d4e1be414f085870aa8275dfd57e149168a74bca93262febf8a14a157b846f298f04664803c390c3520e63be38bff3c2c3030a16173f0f241f818bb62ae1592e4016e6c06efa2c58dd48cc7f6b900"/197, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_PASTESEL(r6, 0x541c, &(0x7f0000000000))
sendfile(r1, r0, 0x0, 0xf03afffe)

4.746625552s ago: executing program 1 (id=1955):
r0 = socket$inet(0x2, 0x2, 0x1)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000180)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x88}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}, {@resgid}, {@usrquota}, {@data_err_abort}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000001200)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ptrace$ARCH_MAP_VDSO_64(0x1e, r1, 0xfff, 0x2003)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = io_uring_setup(0x488, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r5, 0x0, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r4, 0x13, &(0x7f0000000040), 0x2)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x1)
dup(r6)
sendmsg$inet(r0, 0x0, 0x4008000)
r7 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
gettid()
syz_emit_ethernet(0x4e, &(0x7f0000000180)=ANY=[@ANYRES32=r8, @ANYRES32=0x41424344, @ANYBLOB="99c5dbabad7c025c31c3b96fc1de36e013a51f54c9ec3f1a27dee4aa0ffe11e37bd6e4b66fa2ae286aed9258cb7e0db88da9b75c003112e2616f1a3be8d0b8629bdcc1854872e95303415f542ee142d92e99be021575a46d6fc15ceb95cdf13be1df5ff9187c38172f09f07cff289d9f9a797460653e67fbd1a1c45efe94285b3e89d998680d086d74720f10ef9bbc18935cd2b42d5414d16a246e3410f7fdd35588014ca133bd7d461d90ba5a3d4aad4ffb07e758d48f3783ee1aa62a85f97e55e6620cc629cf959b2908224414009617698cbce0b54bd962a71ea99183db690b12db4a9b1fda4d355e4a994455cb04cb37cc", @ANYRES32=0x0], 0x0)

4.65329104s ago: executing program 0 (id=1957):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
pipe2(&(0x7f0000000040), 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da070000000000010902240001000000000904000009030000000921000000012222000905810308"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x0, "2313"}, @global=@item_012={0x2, 0x1, 0x0, "e53f"}, @global=@item_4={0x3, 0x1, 0x0, '\f\x00'}, @local=@item_012={0x2, 0x2, 0x0, "9000"}, @global=@item_4={0x3, 0x1, 0x0, "0900be00"}, @main=@item_4={0x3, 0x0, 0x8}, @local=@item_4={0x3, 0x2, 0x0, "09007a15"}, @local=@item_4={0x3, 0x2, 0x0, "5d8c3dda"}]}}, 0x0}, 0x0)
r1 = syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000040)=ANY=[], 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_udp_encap(r2, 0x11, 0x68, &(0x7f0000000100)=0x5, 0x4)
close(0x3)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
r6 = socket$inet(0x2, 0x3, 0x8d)
setsockopt$inet_msfilter(r6, 0x0, 0x8, &(0x7f0000000100)=ANY=[@ANYBLOB="be"], 0x1)
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_inet6_SIOCSIFADDR(r7, 0x8916, &(0x7f0000000000)={@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}})
read$hidraw(r1, 0x0, 0x0)
syz_usb_connect$hid(0x1, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x20, 0x4f3, 0x755, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0xb6, 0xb0, 0x15, [{{0x9, 0x4, 0x0, 0xff, 0x1, 0x3, 0x1, 0x3, 0x1, {0x9, 0x21, 0x7fff, 0x0, 0x1, {0x22, 0xb1b}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0x3, 0x9, 0xc}}}}}]}}]}}, &(0x7f0000000180)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x200, 0x5, 0xff, 0x7, 0x10, 0x8}, 0xf, &(0x7f0000000140)={0x5, 0xf, 0xf, 0x1, [@ss_cap={0xa, 0x10, 0x3, 0x2, 0x3, 0x3, 0xed, 0x401}]}})

4.652163371s ago: executing program 2 (id=1958):
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000800)={0x0, 0x2, {0x0, @struct={0x0, 0x1}}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x2}})
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r5, &(0x7f00000000c0)="044aac2f202c5feda7", 0x9, 0x20000845, &(0x7f0000b63fe4), 0x1c)
r6 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r6)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000c00))
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f00000005c0)={0x1, r6})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/68, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000000c0)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f0000000480)=""/83, &(0x7f00000001c0)=""/72})
r7 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r7, &(0x7f0000000180)={0x28, 0x0, 0xffffffff, @hyper}, 0x10)

4.549094s ago: executing program 4 (id=1959):
r0 = socket$inet(0x2, 0x2, 0x1)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000180)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x88}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}, {@resgid}, {@usrquota}, {@data_err_abort}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000001200)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ptrace$ARCH_MAP_VDSO_64(0x1e, r1, 0xfff, 0x2003)
ioctl$SIOCGSTAMP(r3, 0x8906, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = io_uring_setup(0x488, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r5, 0x0, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r4, 0x13, &(0x7f0000000040), 0x2)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x1)
dup(r6)
sendmsg$inet(r0, 0x0, 0x4008000)
r7 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
gettid()
syz_emit_ethernet(0x4e, &(0x7f0000000180)=ANY=[@ANYRES32=r8, @ANYRES32=0x41424344, @ANYBLOB="99c5dbabad7c025c31c3b96fc1de36e013a51f54c9ec3f1a27dee4aa0ffe11e37bd6e4b66fa2ae286aed9258cb7e0db88da9b75c003112e2616f1a3be8d0b8629bdcc1854872e95303415f542ee142d92e99be021575a46d6fc15ceb95cdf13be1df5ff9187c38172f09f07cff289d9f9a797460653e67fbd1a1c45efe94285b3e89d998680d086d74720f10ef9bbc18935cd2b42d5414d16a246e3410f7fdd35588014ca133bd7d461d90ba5a3d4aad4ffb07e758d48f3783ee1aa62a85f97e55e6620cc629cf959b2908224414009617698cbce0b54bd962a71ea99183db690b12db4a9b1fda4d355e4a994455cb04cb37cc", @ANYRES32=0x0], 0x0)

3.57690442s ago: executing program 3 (id=1960):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
ptrace$ARCH_MAP_VDSO_32(0x1e, 0x0, 0xfffffffffffffffb, 0x2002)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/asound/timers\x00', 0x0, 0x0)
io_setup(0x3ff, &(0x7f0000000500))
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x1000, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = dup(r7)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000800002c1001c0"])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdir(0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x200008, &(0x7f0000000000)={[{@xino_auto}, {@index_on}, {@workdir={'workdir', 0x3d, './bus'}}]})
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)

3.088527145s ago: executing program 2 (id=1961):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x1c, 0x0, 0x7ff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
syz_usb_connect$hid(0x0, 0x6c, 0x0, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x10, 0x1a1381)
ioctl$USBDEVFS_FREE_STREAMS(r2, 0x802c550a, &(0x7f0000000080)=ANY=[])
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
creat(0x0, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'veth0_to_batadv\x00', <r4=>0x0})
r5 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r5, &(0x7f0000000180)='`', 0x5e0, 0x0, &(0x7f0000000240)={0x2f, 0x8100, r4, 0x1, 0x0, 0x6, @random="4a99fee2a74d"}, 0x14)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000840))
r6 = socket(0x10, 0x803, 0x0)
r7 = socket(0x200000100000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'syz_tun\x00'})
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=ANY=[@ANYBLOB="400000001400b59500000000000000000a000000", @ANYBLOB="14000200fe8000000000000000000000000000aa14000600ff0f5e24ffff"], 0x40}}, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f0000000680)=""/93, &(0x7f0000000700)=""/83, 0x3000})
ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f00000002c0)=&(0x7f0000000200))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000001c0)=0x1)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)

2.92452961s ago: executing program 4 (id=1962):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x1c, 0x0, 0x7ff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
syz_usb_connect$hid(0x0, 0x6c, 0x0, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x10, 0x1a1381)
ioctl$USBDEVFS_FREE_STREAMS(r2, 0x802c550a, &(0x7f0000000080)=ANY=[])
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
creat(0x0, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'veth0_to_batadv\x00', <r4=>0x0})
r5 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r5, &(0x7f0000000180)='`', 0x5e0, 0x0, &(0x7f0000000240)={0x2f, 0x8100, r4, 0x1, 0x0, 0x6, @random="4a99fee2a74d"}, 0x14)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000840))
r6 = socket(0x10, 0x803, 0x0)
r7 = socket(0x200000100000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=ANY=[@ANYBLOB="400000001400b5950000", @ANYRES32=r8, @ANYBLOB="14000200fe8000000000000000000000000000aa14000600ff0f5e24ffff"], 0x40}}, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f0000000680)=""/93, &(0x7f0000000700)=""/83, 0x3000})
ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f00000002c0)=&(0x7f0000000200))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000001c0)=0x1)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)

2.894265343s ago: executing program 1 (id=1963):
r0 = getpid()
process_vm_readv(r0, 0x0, 0x0, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x6)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x10}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff0010}]})
openat$ptp0(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0)
openat$incfs(r5, &(0x7f0000000080)='.pending_reads\x00', 0x0, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_udp_int(r6, 0x11, 0xa, &(0x7f0000000000), 0x4)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
ptrace$getregs(0xc, r0, 0x0, &(0x7f0000000100)=""/4096)

1.882027346s ago: executing program 3 (id=1964):
mkdir(0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
r0 = syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000000000f9000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xfed7)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
close(r2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x3ffffffffffffda, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
open(&(0x7f0000000100)='./file2\x00', 0x1126d981c12bd6f3, 0x20)
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000000000)='./file0\x00', 0x20010080, &(0x7f0000000780)=ANY=[@ANYRES32=r0, @ANYRES64, @ANYRESOCT, @ANYBLOB="2a3a6dc4d70cd8504afe4f20df34ad3cf37d706dd73fd000", @ANYBLOB="00001b0087e1e85631dc26e7a9ce3c4396436bc6736574e997938c382c009cd0ff00477396b2cb852b9c7a6a4bf39e031a468c00cbeb2d8b51a8eb043d68bfe3e9c44e1f7ad7daf3c58a5c51f75a867e98ccd6297aeade0000000000fb4fff2229249f9eae67b594fb6fa71518c4638f5e66923f2ba986156feb62be500e4840d9708c20671157779887", @ANYRESHEX], 0x1, 0x14ee, &(0x7f0000004000)="$eJzs3Au0jtX2MPA511qPW9Kb5L7mmg9v2lgkSS5JckmSJElyS0iSJAmJTW5JSELuSe4hucVO7vdb7klyJEkSEpKsb+ic89ep842+b5y+z/8/9vyNscZecz97rneud77jfZ/n2WPvbzsOrlq/WqW6zAz/Efz7l1QAyAQA/QDgGgCIAKBU9lLZLx3PrDH1P3sQ8dd6aNqVrkBcSdL/9E36n75J/9M36X/6Jv1P36T/6Zv0P32T/guRnm2dnudaGel3yP3/9Ew+/9M36X/6Jv1P36T/6Zv0P32T/qdv0v/0Tfqfvkn/hUjPrvT95/85I+M/nrErXcdfO67wy08IIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghRDpxLlxmAOCf8ytdlxBCCCGEEEIIIf46IeOVrkAIIYQQQgghhBD/7yEo0GAgggyQETJBZsgCV0FWuBqywTWQgGshO1wHOeB6yAm5IDfkgbyQD/KDBQIHDDEUgIKQhBugENwIKVAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6Ai3AmV4C6oDFWgKlSDu6E63AM14F6oCfdBLbgfzpX5e5V14SGoBw9DfXgEGsCj0BAaQWNoAk1/n48I8Jv82vAA1IEHf5f/InSFl6AbdIdU6AE94WXoBb2hD/SFfvAK9IdXYQC8BgNhEAyG12EIvAFD4U0YBsNhBLwFI2EUjIYxMBbGwXh4GybAOzAR3oVJMBmmwFSYBtNhBrwHM2EWzIb3YQ58AHNhHsyHBbAQPoRFsBjS4CNYAh/DUlgGy2EFrIRVsBrWwFpYB+thA2yETbAZtsBW+AS2wXbYATthF+yGPfAp7IXPYB98Dvvhi//L/LO/y++EgIAKFRo0mAEzYCbMhFkwC2bFrJgNs2ECE5gds//XiyU35sa8mBfzY34kJGRkLIAFMIlJLISFMAVTsAgWQY8ei2NxLIE3Y0ksiaWwFJbG0lgGy2JZLI/lsQJWwIpYESthJayMlbEqVsW78W68B2tgDayJNbEW1sLaWBvrYB2si3WxHtbD+lgfG2ADbIgNsTE2xqbYFJthM2yOzbEltsRW2ApbY2tsg22wLbbFdtgO22N77IAdsCN2xE7YGTvji/givoQvYXesrHpgT+yJvbAX9sG+2Bdfwf74Kr6Kr+FAHISD8XV8Hd/AoXgGh+FwHIEjsIIahaNxDLIah+NxPE7ACTgRJ+IknIyTcSpOw+k4A2fgTJyFs/B9nIMf4Ac4D+fhAlyIC3ERLsY0TMMleBaX4jJcjitwJa7ClbgG1+IaXI8bcD1uwk24BbfgJ/gJbsftuBN34m7cjZ/ip/gZfoYDcT/uxwN4AA/iQTyEh/AwHsYjeASP4lE8hsfwOB7HE3gST+FJPI2n8QyexXN4Ds/jebyAz+f9ut7uwusGgrrEKKMyqAwqk8qksqgsKqvKqrKpbCqhEiq7yq5yqBwqp8qpcqvcKq/Kq/Kr/IoUKVaxKqAKqKRKqkKqkEpRKaqIKqK88qq4Kq5KqBKqpCqpSqlbVWl1myqjyqoWvrwqryqolr6iulNVUpVUZVVFVVXVVDVVXVVXNVQNVVPVVLVULVVbPaDqqB7YBx9SlzpTXw3CBmowNlSNVGPVRL2Bj6lmaig2Vy1US/WEGo7DsLVq5tuop1VbNRrbqWfVGHxOdVDjsKN6QXVSnVUX9aLqqpr7bqq7moQ9VE81FXup3qqP6qtmYhV1qWNV1WtqoBqkBqvX1QJ8Qw1Vb6phargaod5SI9UoNVqNUWPVODVeva0mqHfURPWumqQmqylqqpqmpqsZ6j01U81Ss9X7ao76QM1V89R8tUAtVB+qRWqxSlMfqSXqY7VULVPL1Qq1Uq1Sq9UatVatU+vVBrVRbVKb1Ra1VX2itqntaofaqXap3WqP+lTtVZ+pfepztV99oQ4oTAX4Uh1SX6nD6mt1RH2jjqpv1TH1nTquvlcn1El1Sv2gTqsf1Zlf3xsBQP2sLqhf1EUVFGjUSmttdKQz6Iw6k86ss+irdFZ9tc6mr9EJfa3Orq/TOfT1OqfOpXPrPDqvzqfza6tJO8061gV0QZ3UN+hC+kadogvrIrqo9rqYLq5v0iX0zbqkvkWX0rfq0vo2XUaX1eV0eX27rqDv0BX1nbqSvktX1lV0VV1N362r63t0DX2vrqnv07X0/bq2fkDX0Q/quvohXU8/rOvrR3QD/ahuqBvpxrqJbqof083047q5bqFb6id0K/2kbq2f0m3007qtfka308/q9vo53UE/rzvqF3Qn3Vl30b/oizrobrq7TtU9dE/9su6le+s+uq/up1/R/fWreoB+TQ/Ug/Rg/boeot/QQ/Wbepgerkfot/RIPUqP1mP0WD1Oj9dv6wn6HT1Rv6sn6cl6ip6qp+npus8/Vpr9f5D/zr/JH/Dro2/RW/UnepvernfonXqX3q336D16r96r9+l9er/erw/oA/qgPqgP6UP6sD6sj+gj+qg+qo/pY/q4Pq5P6JP6J/2DPq1/1Gf0WX1W/6TP6/P6wj+eAzBolNHGmMhkMBlNJpPZZDFXmazmapPNXGMS5lqT3VxncpjrTU6Ty+Q2eUxek8/kN9aQcYZNbAqYgiZpbjCFzI0mxRQ2RUxR400xU9zc9B/n/1l9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL532RSpSkYlMlCHKEGWKMkVZoixR1ihrlC3KFiWiRJQ9yh7liK6Pcka5otxRnihvlC/KH9mIIhdxFEcFooJRMrohKhTdGKVEhaMiUdHIR8Wi4tFNUYno5qhkdEtUKro1Kh3dFpWJykblovLR7VGF6I6oYnRnVCm6K6ocVYmqRtWiu6Pq0T1RjejeqGZ0X1Qruj+qHT0Q1YkejOpGD0X1ooej+tEjUYPo0ahh1ChqHDWJmv6l64dwJtfjvpvtblNtD9vTvmx72d62j+1r+9lXbH/7qh1gX7MD7SA72L5uh9g37FD7ph1mh9sR9i070o6yo+0YO9aOs+Pt23aCfcdOtO/aSXaynWKn2ml2up1h37Mz7Sw7275v59gP7Fw7z863C+xC+6FdZBfbNPuRXWI/tkvtMrvcrrAr7Sq72q6xa+06u95usBvtJrvZbrFb7Sd2m91ud9iddpfdbffYT+1e+5ndZz+3++0X9oD9m1XwpT1kv7KH7df2iP3GHrXf2mP2O3vcfm9P2JP2lP3BnrY/2jP2rD1nf7Ln7c/2gv3FXrTh0sn9pY93MmQoA2WgTJSJslAWykpZKRtlowQlKDtlpxyUg3JSTspNuSkv5aX8lJ8uYWIqQAUoSUkqRIUohVKoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qA76U66i+6iKlSFqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVAml9llcVe5rO5ql81d434f53Z5XF6Xz+V31uV0uf4lJudciivsiriizrtirri76Q9xGVfWlXPl3e2ugrvDVfxDXN3d42q4e11Nd5+r5u7+l7iWu9/Vdo+4Ou5RV9c1cvVcE1ffPeIauEddQ9fINXZNXCv3pGvtnnJt3NOurXvmD/Eit9itdevcerfB7XWfuXPuJ3fUfevOu59dN9fd9XOvuP7uVTfAveYGukF/iEe4t9xIN8qNdmPcWDfuD/EUN9VNc9PdDPeem+lm/SFe6D50c1yam+vmufluwa/xpZrS3EduifvYLXXL3HK3wq10q9xqt+a/al3hNrnNbovb4z5129x2t8PtdLvc7l/jS/vY5z53+90X7oj7xh10X7pD7pg77L7+Nb60v2PuO3fcfe9OuJPulPvBnXY/ujPu7K/7v7T3H9wv7qILDhhZsWbDEWfgjJyJM3MWvoqz8tWcja/hBF/L2fk6zsHXc07Oxbk5D+flfJyfLRM7Zo65ABfkJN/AhfhGTuHCXISLsudiXJxv4hJ8M5fkW7gU38ql+TYuw2W5HJfn27kC38EV+U6uxHdxZa7CVbka383V+R6uwfdyTb6Pa/H9XJsf4Dr8INflh7geP8z1+RFuwI9yQ27EjbkJN+XHuBk/zs25BbfkJ7gVP8mt+Sluw09zW36G2/Gz3J6f4w78PHfkF7gTd+Yu/CJ35Ze4G3fnVO7BPfll7sW9uQ/35X78CvfnV3kAv8YDeRAP5td5CL/BQ/lNHsbDeQS/xSN5FI/mMTyWx/F4fpsn8Ds8kd/lSTyZp/BUnsbTeQa/xzN5Fs/m93kOf8BzeR7P5wW8kD/kRbyY0/gjXsIf81Jexst5Ba/kVbya1/BaXsfreQNv5E28mbfwVv6Et/F23sE7eRfv5j38Ke/lz3gff877+Qs+wH/jg/wlH+Kv+DB/zUf4Gz7K3/Ix/o6P8/d8gk/yKf6BT/OPfIbP8jn+ic/zz3yBf+GLHBhijFWsYxNHcYY4Y5wpzhxnia+Ks8ZXx9nia+JEfG2cPb4uzhFfH+eMc8W54zxx3jhfnD+2McUu5jiOC8QF42R8Q1wovjFOiQvHReKisY+LxcXjm+IS8c1xyfiWuFR8a1w6vi0uE5eNH7mvfHx7XCG+I64Y3xlXiu+KK8dV4qpxtfjuuHp8T1wjvjeuGd8Xl4zvj2vHD8R14gfjuvFDcb344bh+/EjcIH40bhg3ihvHTeKm8WNxs/jxuHncIm4ZPxG3ip+MW8dPxW3ip+O28TN/ejw17hH3jF+OX45DuFfPTy5ILkx+mFyUXJxMS36UXJL8OLk0uSy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5ObklGUK1jODRK6+98ZHP4DP6TD6zz+Kv8ln91T6bv8Yn/LU+u7/O5/DX+5w+l8/t8/i8Pp/P760n7zz72BfwBX3S3+AL+Rt9ii/si/ii3vtivrhv4pv6pr6Zf9w39y18S/+Ef8I/6Z/0T/mn/NO+rX/Gt/PP+vb+Od/BP++f9y/4Tr6z7+Jf9F39S76b7+5Tfarv6Xv6Xr6X7xOB7+f7+f6+vx/gB/iBfqAf7Af7IX6IH+qH+mF+mB/hR/iRfqQf7Uf7sX6sH+/H+wl+gp/oJ/pJfpKf4qf4aX6an+Fn+Jl+pp/tZ/s5KXP8XD/Xz/fz/UK/0C/yi3yaT/NL/BK/1C/1y/1yv9Kv9Kv9ar/Wr/Xr/Xq/0W/0m/1mv9Vv9dv8Nr/D7/C7/C6/x+/xe/1ev8/v8/v9fn/AH/AH/UF/yH/lD/uv/RH/jT/qv/XH/Hf+uP/en/An/Sn/gz/tf/Rn/Fl/zv/kz/uf/QX/i7/ogx+feDsxIfFOYmLi3cSkzJMTUxJTE9MS0xMzEu8lZiZmJWYn3k/MSXyQmJuYl5ifWJBYmPgwsSixOJGW+CixJPFxYmliWWJ5YkViZWJVIoR82+JQIBQMyXBDKBRuDCmhcCgSigYfioXi4aZQItwcSoZbQqlwaygdbgtlQtlQLjwaGoZGoXFoEpqGx0Kz8HhoHlqEluGJ0Co8GVqHp0Kb8HRoG54J7cKzoX14LnQIz4eO4YXQKXQOXcKLoWt4KXQL3UNq6BF6hpdDr9A79Al9Q7/wSugfXg0DwmthYBgUBofXw5DwRhga3gzDwvAwIrwVRoZRYXQYE8aGcWF8eDtMCO+EieHdMClMDlPC1DAtTA8zwnthZpgVZof3w5zwQZgb5oX5YUFYGD4Mi8LikBY+CkvCx2FpWBaWhxVhZVgVVoc1YW1YF9aHDWFj2BQ2hy1ha/gkbAvbw46wM+wKu8Oe8GnYGz4L+8LnYX/4IhwIfwsHw5fhUPgqHA5fhyPhm3A0fBuOhe/C8fB9OBFOhlPhh3A6/BjOhLPhXPgpnA8/hwvhl3Dx179Z636lbqILIYQQQvyPkfonx3v8m++pf4xLegLA1dvzHP7tcQ0AG3P+fd5b5W2VAICnu3d86J+jcuXU1H8+7lINUcF5AJC4nJ8BLsfLoCU8CW2gBZSAf/766rd6q87n+U/WT94KkOU3OZngcnx5/Zv/7f57q1Fz/nT9eQApBS/nZIbL8eX1S/5v1s/V7E/Wz/zleIDmv8nJCpfjy+sXh8fhGWjzLz8phBBCCCGEEEL8XW9Vrv2fXd9euj7Pay7nZITL8W+vz4UQQgghhBBCCPHf03Oduzz1WJs2LdrL5L/jZLe0SSZXZnKF35iEEEIIIYQQf7nLJ/1XuhIhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEECL9+v/x78Su9B6FEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKIK+1/BQAA///apiom")
unshare(0x64000600)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)

1.794908334s ago: executing program 1 (id=1965):
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
r1 = socket(0x80000000000000a, 0x1, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @local}}}, 0x108)
r2 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x108)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r7}, 0x10)
mprotect(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r8, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x4})
readv(r8, &(0x7f0000002140)=[{&(0x7f00000000c0)=""/4096, 0x1000}], 0x1)
ioctl$UFFDIO_REGISTER(r8, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})

1.503345301s ago: executing program 3 (id=1966):
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000100)={0x100000008})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020005000000000000000008000000b7048000000000548300000003000000950000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000178500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r5)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0006, &(0x7f0000000140)={[{@jqfmt_vfsold}, {@resgid={'resgid', 0x3d, 0xee00}}, {@bh}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x452, &(0x7f0000000980)="$eJzs3M1vFOUfAPDvzG7L+6/8EF9A0CoaiS8tLS9y8ILRxIMmJnrAeKptIchCDa2JEKLoAY+GxLvxaOJf4EkvRj2ZeNW7ISGGC+hpzezOlKXdbbvtlq3M55MMPM/Os3me78w8u888z04DKK3h7J8kYntE/B4RQ83s3QWGm//dvnl58u+blyeTqNff+itplLt18/JkUbR437Zmpl7P85va1Hv13YiJWm36Qp4fnTv3wejsxUsvnDk3cXr69PT58ePHjxzeP3hs/GhP4sziurX345l9e15759obkyevvffzt1l7t+f7W+NYkXT5IsPNo9vW011VtvHtaEkn1T42hK5UIiI7XQON/j8Uldgyv28oXv2sr40D1lW9Xq+3+37OXakD97Ek+t0CoD+KL/rs/rfY7tHQY0O4caJ5A5TFfTvfmnuq87f4Awvub3tpOCJOXvnnq2yL1cxDAAB06fts/PN8u/FfGg+1lPtfvoayMyL+HxG7IuKBiNgdEQ9GNMo+HBGPdFn/whWSxeOf9PqqAluhbPz3Ur62dff4L22M+7KQK/lyz45G/APJqTO16UP5MTkYA5uy/NgSdfzwym9fdNrXOv7Ltqz+YiyYt+N6dcEE3dTE3MTaor7jxqcRe6vt4k+iWMZJImJPROxdZR1nnv1mX6d9y8e/hB6sM9W/jnimef6vxIL4C0nH9cmxF4+NHx3dHLXpQ6PFVbHYL79efbNT/WuKvwey87+17fU/H//OZHPE7MVLZxvrtbPd13H1j8873tOs9vofTN5upAfz1z6amJu7MBYxmLy++PXxO+8t8kX5LP6DB9r3/13VO0fi0YjILuL9EfFYRDyet/2JiHgyIg4sEf9PLz/1fvfxLzEr30NZ/FPLnf9oPf/dJypnf/yu+/gL2fk/0kgdzF9ZyeffShu4lmMHAAAA/xVp4zfwSToyn07TkZHmb/h3x9a0NjM799ypmQ/PTzV/K78zBtJipmuoZT50LJ8bLvLjC/KH83njLytbGvmRyZnaVL+Dh5Lb1qH/Z/6s9Lt1wLrzvBaUl/4P5aX/Q3np/1Be+j+UV7v+/0kf2gHce77/obz0fygv/R/KS/+HUur4bHy6pkf+1z1RfGRtlPbcD4kTXb0r0o3Q5hIkqiv+YxarTGxqu6vPH0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA98m8AAAD//0Fo4Oc=")
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)

1.217361767s ago: executing program 2 (id=1967):
r0 = getpid()
process_vm_readv(r0, 0x0, 0x0, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x6)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x10}}, 0x0)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000a850000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, 0x0})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff0010}]})
openat$ptp0(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0)
openat$incfs(r5, &(0x7f0000000080)='.pending_reads\x00', 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
ptrace$getregs(0xc, r0, 0x0, &(0x7f0000000100)=""/4096)

1.200930479s ago: executing program 4 (id=1968):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000001040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xe, &(0x7f0000000440), 0x3, 0x440, &(0x7f00000006c0)="$eJzs28tvG8UfAPDvrpP019cvoZRHH0CgICIeSZMW6IEDIJA4FAkJDnCMkrQqdRvUBIlWFRSEygkhJO6II/8CJ7ggxAmJK9xRpQr10paT0dq7ie3YbuLaNcWfj7TtzO5sZr7eHXtmxw5gaE1m/yQRuyLi94gYr2UbC0zW/rtx7eLCzWsXF5KoVN76K6mWu37t4kJRtDhvZ56ZSiPSz5I40KLelfMXTs+Xy0vn8vzM6pn3Z1bOX3j21Jn5k0snl87OHTt29MjsC8/PPdeTOLM2Xd//0fLBfa+/+9Ubx79oiL8pjh6Z7HTwiUqlx9UN1u66dDIywIawJaWIyC7XaLX/j0cp1i/eeLz26UAbB/RVpVKp7Gx/+FIF+A9LojGvy8OwKD7os/lvsTUPAl7q3/Bj4K6+XJsAZXHfyLfakZFI8zKjTfPbXpqMiHcu/f1NtkV/nkMAADT4IRv/PNNq/JfG/XXl/p+vDU1ExD0RsSci7o2IvRFxX0S17AMR8eAW629eJNk4/kmvdBXYJmXjvxfzta3G8V8x+ouJUp7bXY1/NDlxqrx0OH9NpmJ0W5af7VDHj6/+9mW7Y/Xjv2zL6i/Ggnk7roxsazxncX51/nZirnf1k4j9I63iT9ZWApKI2BcR+7us49RT3x1sd+zW8XfQg3WmyrcRT9au/6Voir+QdF6fnPlflJcOzxR3xUa//Hr5zXb131b8PZBd/x0t7/+1+CeS+vXala3XcfmPz9vOabq9/8eSt6vpsXzfh/Orq+dmI8aS47VG1++fWz+3yBfls/inDrXu/3ti/ZU4EBHZTfxQRDwcEY/kbX80Ih6LiEMd4v/5lcff6z7+/sriX9zS9V9PjEXzntaJ0umfvm+odGJD/Dc7X/+j1dRUvmcz73+baVd3dzMAAADcfdKI2BVJOr2WTtPp6dr35ffGjrS8vLL69InlD84u1n4jMBGjafGka7zueehsPq0v8nNR+2pBkT+SPzf+urS9mp9eWC4vDjp4GHI72/T/zJ+lQbcO6Du/14Lhpf/D8NL/YXjp/zC8WvT/7YNoB3Dntfr8/3gA7QDuvKb+b9kPhoj5Pwwv/R+Gl/4PQ2lle9z6R/IdE8Vf6vJ0ibs0Eem/ohkSfUoM9n0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgV/4JAAD//3sE4iY=")
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000100095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
r1 = epoll_create(0x4)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ptrace$ARCH_GET_CPUID(0x1e, 0x0, 0x0, 0x1011)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, 0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYRESOCT=r1], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r7, &(0x7f0000000000)=0x700, 0x12)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000003c0)=@generic={0x0, 0x0, 0x28}, 0x18)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d0000008500000008"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)

216.08112ms ago: executing program 2 (id=1969):
syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000480)='./file0\x00', 0x446, &(0x7f00000004c0)=ANY=[@ANYRES32=0x0, @ANYRES16, @ANYRES16=0x0, @ANYRESHEX, @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163b555b27608594beba6325923aaf5db74cff01000000db92c6c5fcbba0abd975fc76bea49b00513afc856ed82ac6eabbb4dcf5c27354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d39283000000000000010131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d01a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a007f32b6eee3c941a5c942ed139eb5673792cae80335732030f9aeabaf3d3ad3bca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b9941e63b0f31d41783b25cdce079be35f08275e2b4b4477c6fcf4806134e839aa39ffffffffffff0000006a00000000000000000000001f71a4ddab1db3745e4857993f8d3a95f5d3d6ebb839938241bbd3d1a4e6f5c1f2988c7ff03f9cee11c605d182a0f798d88884f6b25eb7b0a41714e1b58593e7f98925ca9d139b287f7cb813d953870e88dd72d88f31c37c5b631e85286c05d658da0a7a4edbd4ad2f7d", @ANYRES32=0x0], 0x8, 0x2eb, &(0x7f0000000080)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0x2, 0x4}, 0x6)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000780)=ANY=[@ANYBLOB="180000fdffffff00000000000000000018110000bb1d596332014f8ad062e123f766d798c7a61276bbcaa6d89f71a7f02b6a5493e1d47c8eb553f312861f02065586d70358eb9c922e13aa9266b7e3c14f33810a85e10b74172d4e1be414f085870aa8275dfd57e149168a74bca93262febf8a14a157b846f298f04664803c390c3520e63be38bff3c2c3030a16173f0f241f818bb62ae1592e4016e6c06efa2c58dd48cc7f6b900"/197, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_PASTESEL(r6, 0x541c, &(0x7f0000000000))
sendfile(r1, r0, 0x0, 0xf03afffe)

81.444332ms ago: executing program 3 (id=1970):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x1c, 0x0, 0x7ff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
syz_usb_connect$hid(0x0, 0x6c, 0x0, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x10, 0x1a1381)
ioctl$USBDEVFS_FREE_STREAMS(r2, 0x802c550a, &(0x7f0000000080)=ANY=[])
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
creat(0x0, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'veth0_to_batadv\x00', <r4=>0x0})
r5 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r5, &(0x7f0000000180)='`', 0x5e0, 0x0, &(0x7f0000000240)={0x2f, 0x8100, r4, 0x1, 0x0, 0x6, @random="4a99fee2a74d"}, 0x14)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000840))
r6 = socket(0x10, 0x803, 0x0)
r7 = socket(0x200000100000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=ANY=[@ANYBLOB, @ANYRES32=r8, @ANYBLOB="14000200fe8000000000000000000000000000aa14000600ff0f5e24ffff"], 0x40}}, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f0000000680)=""/93, &(0x7f0000000700)=""/83, 0x3000})
ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f00000002c0)=&(0x7f0000000200))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000001c0)=0x1)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)

78.644702ms ago: executing program 1 (id=1971):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x204410, &(0x7f0000000740), 0xfe, 0x4a1, &(0x7f00000001c0)="$eJzs3M1vVFUbAPDn3mnLN+3Li6h8SBWNjR8tLags3Gh0p4mJLnBjUttCKgM1tCRCiFZjcGlI3BvdGKJ/gSvdGHVl4lb3hoQoMQFdmDF35t4yU2ZKW6YdcH6/5JZz5p7pOc+ce+499x6mAXStwexHErE1In6JiP5atrHAYO2f61fPT/x19fxEEpXKq78n1XLXrp6fKIoW79uSZ4bSiPTDJK+k0ezZcyfGy+Wp03l+ZO7k2yOzZ889OX1y/PjU8alTY0eOHD40+szTY0+1Jc4srmu7353Zm/S8fvHliaMX3/zhqzQidu2r7a+P47akWxaSg1ngf1SqFhd7pC2V3Tm21aWTng42hBUpRUTWXb3V8d8fpbjRef3x4gcdbRywprJr04bWu+crwH9YEp1uAdAZxYU+u/8ttnWaetwRrjxXuwHK4r6eb7U9PZHmZXrXsP77IuLo/N+fZlvk/fDP1jWsEADoet9k858nms3/0thVV257voYyEBH/i4gdEfH/iNgZEfdEVMvem89nVqK2NFRayN88/0wvrzq4Zcjmf8/ma1uN879i9hcDpTy3rRp/b3Jsujx1MP9MhqJ3Q5YfXaKOb1/4+eNW+wbr5n/ZltVfzAXzdlzuWfSAbnJ8brxdk9Ir70fs7mkWf7KwEpBExP0RsXtlv3p7kZh+7NLeVoVuHf8S2rDOVPks4tFa/8/HovgLydLrkyMbozx1cKQ4Km72408XXmle+8bbi78Nsv7f3Hj8LyrR/2dSv147u/I6Lvz6Uct7ytUe/33Ja9Ux2Ze/9s743Nzp0Yi+5KVqvuH1sRvvLfJF+Sz+oQPNx/+O/D1Z/HsiIjuI90XEAxGxP2/7gxHxUEQcWCL+759/+K0VxT+9vv0/2fT8t3D8DzT2/8oTpRPffd2q/jz+4mTbov8PV1ND+SvV898ttG5OlKciKpVVH80AAABw98luvLdGkg4vpNN0eLj2f/h3xua0PDM79/ixmTOnJmvfERiI3rR40tWfPw/N7rZHk/n8N9aej47lz4qL56WH8ufGn5Q2VfPDEzPlyQ7HDt1uS4vxn/mt1OnWAWvO97Wgey0e/2mH2gGsP9d/6F7GP3Qv4x+6V934//LMhT3VxHvVn/sXdjRdC1jiL4cAd4dF1/9Ln3eqIcC6M/+H7mX8Q/cy/qEr3c73+juT2JS3/FaF+zrf1NUlvuidLWXx1e1KeiI637DGRKRLlXkjmu8ajIg1aljcER9LuxPJMg715SaOHc+HznIKd/KsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0D7/BgAA//9ajd4t")
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
r1 = dup(r0)
getsockname$inet6(r1, 0x0, 0x0)
creat(&(0x7f0000000100)='./bus\x00', 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000700)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet6(r1, &(0x7f00000006c0)={0xa, 0x4e24, 0x800, @mcast2, 0x4}, 0x1c)

0s ago: executing program 0 (id=1972):
r0 = socket$inet(0x2, 0x2, 0x1)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000180)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x88}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}, {@resgid}, {@usrquota}, {@data_err_abort}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000001200)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ptrace$ARCH_MAP_VDSO_64(0x1e, r1, 0xfff, 0x2003)
ioctl$SIOCGSTAMP(r3, 0x8906, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = io_uring_setup(0x488, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r5, 0x0, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r4, 0x13, &(0x7f0000000040), 0x2)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x1)
dup(r6)
sendmsg$inet(r0, 0x0, 0x4008000)
r7 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
gettid()
syz_emit_ethernet(0x4e, &(0x7f0000000180)=ANY=[@ANYRES32=r8, @ANYRES32=0x41424344, @ANYBLOB="99c5dbabad7c025c31c3b96fc1de36e013a51f54c9ec3f1a27dee4aa0ffe11e37bd6e4b66fa2ae286aed9258cb7e0db88da9b75c003112e2616f1a3be8d0b8629bdcc1854872e95303415f542ee142d92e99be021575a46d6fc15ceb95cdf13be1df5ff9187c38172f09f07cff289d9f9a797460653e67fbd1a1c45efe94285b3e89d998680d086d74720f10ef9bbc18935cd2b42d5414d16a246e3410f7fdd35588014ca133bd7d461d90ba5a3d4aad4ffb07e758d48f3783ee1aa62a85f97e55e6620cc629cf959b2908224414009617698cbce0b54bd962a71ea99183db690b12db4a9b1fda4d355e4a994455cb04cb37cc", @ANYRES32=0x0], 0x0)

kernel console output (not intermixed with test programs):

-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ce77def9 code=0x7ffc0000
[  555.291372][ T4893] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  555.302262][ T4893] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  555.334456][ T6520] device veth0_vlan entered promiscuous mode
[  555.372342][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  555.381226][   T28] audit: type=1326 audit(2000000072.780:1131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6552 comm="syz.1.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ce77def9 code=0x7ffc0000
[  555.397371][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  555.467584][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  555.517351][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  555.526078][   T28] audit: type=1326 audit(2000000072.780:1132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6552 comm="syz.1.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f07ce77def9 code=0x7ffc0000
[  555.899938][ T4893] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  555.913440][ T4893] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  555.928092][ T4893] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  555.987000][ T4893] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  555.995995][   T28] audit: type=1326 audit(2000000072.780:1133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6552 comm="syz.1.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ce77def9 code=0x7ffc0000
[  556.037844][ T6520] device veth1_macvtap entered promiscuous mode
[  556.097737][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  556.116789][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  556.131933][   T28] audit: type=1326 audit(2000000072.780:1134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6552 comm="syz.1.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ce77def9 code=0x7ffc0000
[  556.167331][  T318] device bridge_slave_1 left promiscuous mode
[  556.191122][ T6564] loop2: detected capacity change from 0 to 128
[  556.221834][  T318] bridge0: port 2(bridge_slave_1) entered disabled state
[  556.266193][  T318] device veth1_macvtap left promiscuous mode
[  556.267291][ T6564] syz.2.1279: attempt to access beyond end of device
[  556.267291][ T6564] loop2: rw=2049, sector=145, nr_sectors = 88 limit=128
[  556.305251][  T318] device veth0_vlan left promiscuous mode
[  556.313913][   T28] audit: type=1326 audit(2000000072.790:1135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6552 comm="syz.1.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f07ce77def9 code=0x7ffc0000
[  556.403623][   T28] audit: type=1326 audit(2000000072.790:1136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6552 comm="syz.1.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ce77def9 code=0x7ffc0000
[  556.608734][ T6567] syz.2.1279: attempt to access beyond end of device
[  556.608734][ T6567] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[  556.629575][ T6567] syz.2.1279: attempt to access beyond end of device
[  556.629575][ T6567] loop2: rw=34817, sector=145, nr_sectors = 88 limit=128
[  556.808858][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  556.858553][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  556.974714][ T6571] loop1: detected capacity change from 0 to 8192
[  557.067730][ T6571]  loop1: p1 < > p4
[  557.100952][ T6571] loop1: partition table partially beyond EOD, truncated
[  557.906569][   T28] kauditd_printk_skb: 22 callbacks suppressed
[  557.906677][   T28] audit: type=1400 audit(2000000074.910:1159): avc:  denied  { create } for  pid=6573 comm="syz.0.1282" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  558.109852][ T6571] loop1: p1 start 295168 is beyond EOD, truncated
[  558.127005][  T101]  loop1: p1 < > p4
[  558.131114][  T101] loop1: partition table partially beyond EOD, truncated
[  558.203392][  T101] loop1: p1 start 295168 is beyond EOD, truncated
[  558.240612][ T6591] loop2: detected capacity change from 0 to 512
[  558.262420][ T6591] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  558.274254][ T3945] udevd[3945]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  558.289351][ T6591] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.1286: casefold flag without casefold feature
[  558.305028][ T6591] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz.2.1286: missing EA_INODE flag
[  558.328548][ T6591] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.1286: error while reading EA inode 12 err=-117
[  558.347540][ T6591] EXT4-fs (loop2): 1 orphan inode deleted
[  558.369064][ T6591] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  558.622920][ T6599] xt_hashlimit: size too large, truncated to 1048576
[  558.773974][ T3945] udevd[3945]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  559.377240][ T6269] EXT4-fs (loop2): unmounting filesystem.
[  560.316271][ T6613] loop2: detected capacity change from 0 to 512
[  560.367884][ T6613] EXT4-fs (loop2): Test dummy encryption mode enabled
[  560.379827][ T6613] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  560.654146][  T973] Bluetooth: hci0: sending frame failed (-49)
[  560.663311][ T3945] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  560.678391][ T2425] Bluetooth: hci0: Opcode 0x1003 failed: -49
[  561.217997][ T6635] loop1: detected capacity change from 0 to 128
[  561.253380][ T6635] syz.1.1296: attempt to access beyond end of device
[  561.253380][ T6635] loop1: rw=2049, sector=145, nr_sectors = 88 limit=128
[  561.297779][   T28] audit: type=1400 audit(2000000079.010:1160): avc:  denied  { relabelfrom } for  pid=6636 comm="syz.3.1295" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  561.530439][ T6640] syz.1.1296: attempt to access beyond end of device
[  561.530439][ T6640] loop1: rw=34817, sector=97, nr_sectors = 32 limit=128
[  561.551355][ T6640] syz.1.1296: attempt to access beyond end of device
[  561.551355][ T6640] loop1: rw=34817, sector=145, nr_sectors = 88 limit=128
[  561.627082][   T28] audit: type=1400 audit(2000000079.120:1161): avc:  denied  { relabelto } for  pid=6636 comm="syz.3.1295" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  562.262980][ T6651] loop2: detected capacity change from 0 to 512
[  562.283226][ T6651] EXT4-fs: Ignoring removed bh option
[  562.284892][ T6651] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  562.319385][ T6651] EXT4-fs (loop2): 1 truncate cleaned up
[  562.376028][ T6651] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  562.571763][   T28] audit: type=1400 audit(2000000080.280:1162): avc:  denied  { validate_trans } for  pid=6636 comm="syz.3.1295" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  562.834302][ T6662] loop1: detected capacity change from 0 to 256
[  562.861898][ T6662] FAT-fs (loop1): Directory bread(block 64) failed
[  562.873961][ T6662] FAT-fs (loop1): Directory bread(block 65) failed
[  562.883556][ T6662] FAT-fs (loop1): Directory bread(block 66) failed
[  562.893496][ T6662] FAT-fs (loop1): Directory bread(block 67) failed
[  562.903235][ T6662] FAT-fs (loop1): Directory bread(block 68) failed
[  562.912628][ T6662] FAT-fs (loop1): Directory bread(block 69) failed
[  562.923326][ T6662] FAT-fs (loop1): Directory bread(block 70) failed
[  562.933527][ T6662] FAT-fs (loop1): Directory bread(block 71) failed
[  562.941028][ T6662] FAT-fs (loop1): Directory bread(block 72) failed
[  562.951056][ T6662] FAT-fs (loop1): Directory bread(block 73) failed
[  563.995458][ T6269] EXT4-fs (loop2): unmounting filesystem.
[  564.050851][ T6671] loop2: detected capacity change from 0 to 1024
[  564.079109][ T6671] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  564.407337][ T6679] xt_hashlimit: size too large, truncated to 1048576
[  565.287730][ T6269] EXT4-fs (loop2): unmounting filesystem.
[  565.402765][ T6690] loop2: detected capacity change from 0 to 256
[  565.455390][ T6690] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xcc9b7de9, utbl_chksum : 0xe619d30d)
[  565.837041][ T6695] fuse: Bad value for 'rootmode'
[  568.207886][ T6724] loop1: detected capacity change from 0 to 128
[  568.458013][ T6730] loop1: detected capacity change from 0 to 512
[  568.536567][ T6730] EXT4-fs (loop1): Test dummy encryption mode enabled
[  568.726601][ T6730] EXT4-fs error (device loop1): __ext4_iget:5046: inode #11: block 1: comm syz.1.1314: invalid block
[  568.741853][ T6730] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.1314: couldn't read orphan inode 11 (err -117)
[  568.758299][ T6730] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  568.863707][ T6713] loop2: detected capacity change from 0 to 40427
[  568.885617][ T6713] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  568.912837][ T6713] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  568.932376][ T6713] F2FS-fs (loop2): invalid crc value
[  569.032491][ T6713] F2FS-fs (loop2): Found nat_bits in checkpoint
[  569.292555][ T6740] xt_hashlimit: size too large, truncated to 1048576
[  569.576309][ T6330] EXT4-fs (loop1): unmounting filesystem.
[  569.711206][ T6713] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  569.766093][ T6713] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  570.536060][   T10] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  570.573937][   T10] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  570.841790][ T6760] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1320'.
[  571.366025][  T313] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  571.756267][  T313] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  571.806019][  T313] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  571.863879][  T313] usb 2-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  571.942045][  T313] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  572.011713][  T313] usb 2-1: config 0 descriptor??
[  572.748970][   T28] audit: type=1400 audit(2000000090.460:1163): avc:  denied  { shutdown } for  pid=6780 comm="syz.3.1326" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  575.822806][ T6810] xt_hashlimit: size too large, truncated to 1048576
[  576.256064][  T313] usbhid 2-1:0.0: can't add hid device: -71
[  576.264015][  T313] usbhid: probe of 2-1:0.0 failed with error -71
[  576.294743][  T313] usb 2-1: USB disconnect, device number 7
[  578.852150][ T6839] loop2: detected capacity change from 0 to 40427
[  578.958343][ T6848] xt_hashlimit: size too large, truncated to 1048576
[  580.046105][ T6839] F2FS-fs (loop2): Invalid segment count (0)
[  580.052861][ T6839] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  580.150322][ T6839] F2FS-fs (loop2): invalid crc value
[  580.238520][ T6839] F2FS-fs (loop2): Found nat_bits in checkpoint
[  580.511135][ T6839] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  580.529328][ T6839] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  580.601965][ T6306] Bluetooth: hci0: Frame reassembly failed (-84)
[  580.655871][   T28] audit: type=1400 audit(2000000098.360:1164): avc:  denied  { setattr } for  pid=6838 comm="syz.2.1338" name="/" dev="loop2" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  581.241514][ T6865] bridge0: port 1(bridge_slave_0) entered blocking state
[  581.253784][ T6269] syz-executor: attempt to access beyond end of device
[  581.253784][ T6269] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  581.302940][ T6865] bridge0: port 1(bridge_slave_0) entered disabled state
[  581.341429][ T6865] device bridge_slave_0 entered promiscuous mode
[  581.369724][ T6865] bridge0: port 2(bridge_slave_1) entered blocking state
[  581.403213][ T6865] bridge0: port 2(bridge_slave_1) entered disabled state
[  581.426675][ T6865] device bridge_slave_1 entered promiscuous mode
[  581.621918][  T629] device bridge_slave_1 left promiscuous mode
[  581.634042][  T629] bridge0: port 2(bridge_slave_1) entered disabled state
[  581.665497][ T6879] xt_hashlimit: size too large, truncated to 1048576
[  581.944568][  T629] device bridge_slave_0 left promiscuous mode
[  582.102514][  T629] bridge0: port 1(bridge_slave_0) entered disabled state
[  582.501831][  T629] device veth1_macvtap left promiscuous mode
[  582.520879][  T629] device veth0_vlan left promiscuous mode
[  582.675980][ T6618] Bluetooth: hci0: command 0x1003 tx timeout
[  582.676326][ T2425] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  583.050408][ T6892] loop2: detected capacity change from 0 to 512
[  583.059078][ T6892] EXT4-fs: Ignoring removed oldalloc option
[  583.070683][ T6892] EXT4-fs (loop2): Test dummy encryption mode enabled
[  583.081441][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  583.094466][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  583.133953][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  583.144858][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  583.157539][ T6892] EXT4-fs error (device loop2): __ext4_iget:5046: inode #11: block 1: comm syz.2.1348: invalid block
[  583.174808][ T6892] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.1348: couldn't read orphan inode 11 (err -117)
[  583.175059][  T313] bridge0: port 1(bridge_slave_0) entered blocking state
[  583.200607][  T313] bridge0: port 1(bridge_slave_0) entered forwarding state
[  583.210872][ T6892] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  583.210995][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  583.251859][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  583.260606][  T313] bridge0: port 2(bridge_slave_1) entered blocking state
[  583.269336][  T313] bridge0: port 2(bridge_slave_1) entered forwarding state
[  583.286343][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  583.298707][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  583.311488][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  583.321660][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  583.345044][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  583.365361][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  583.381784][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  583.395397][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  583.412850][ T6865] device veth0_vlan entered promiscuous mode
[  583.435776][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  583.456306][ T6865] device veth1_macvtap entered promiscuous mode
[  583.498176][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  583.507703][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  583.541806][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  583.555842][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  583.771440][ T6902] loop1: detected capacity change from 0 to 512
[  583.779232][ T6902] EXT4-fs: Ignoring removed bh option
[  583.785527][ T6902] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  583.848079][ T6269] EXT4-fs (loop2): unmounting filesystem.
[  583.962955][ T6902] EXT4-fs (loop1): 1 truncate cleaned up
[  583.969798][ T6902] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  585.217802][ T6865] EXT4-fs (loop1): unmounting filesystem.
[  585.298043][ T6912] loop2: detected capacity change from 0 to 1024
[  585.438882][ T6919] loop1: detected capacity change from 0 to 512
[  585.448081][ T6919] EXT4-fs: Ignoring removed bh option
[  585.518026][ T6919] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  585.532647][ T6912] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  585.597539][ T6919] EXT4-fs (loop1): 1 truncate cleaned up
[  585.604407][ T6919] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  586.608671][ T6865] EXT4-fs (loop1): unmounting filesystem.
[  586.628462][ T6269] EXT4-fs (loop2): unmounting filesystem.
[  587.787603][ T6942] loop1: detected capacity change from 0 to 16
[  588.829305][ T6942] erofs: (device loop1): mounted with root inode @ nid 36.
[  589.046578][   T28] audit: type=1400 audit(2000000106.750:1165): avc:  denied  { unlink } for  pid=6865 comm="syz-executor" name=".pending_reads" dev="incremental-fs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  589.907691][ T6961] loop2: detected capacity change from 0 to 128
[  590.006240][ T6961] syz.2.1362: attempt to access beyond end of device
[  590.006240][ T6961] loop2: rw=2049, sector=145, nr_sectors = 88 limit=128
[  590.154639][ T6963] bridge0: port 1(bridge_slave_0) entered blocking state
[  590.183235][ T6963] bridge0: port 1(bridge_slave_0) entered disabled state
[  590.214897][ T6963] device bridge_slave_0 entered promiscuous mode
[  590.280263][ T6963] bridge0: port 2(bridge_slave_1) entered blocking state
[  590.319477][ T6963] bridge0: port 2(bridge_slave_1) entered disabled state
[  590.344536][ T6974] syz.2.1362: attempt to access beyond end of device
[  590.344536][ T6974] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[  590.360084][ T6974] syz.2.1362: attempt to access beyond end of device
[  590.360084][ T6974] loop2: rw=34817, sector=145, nr_sectors = 88 limit=128
[  590.402090][ T6963] device bridge_slave_1 entered promiscuous mode
[  590.452755][   T10] device bridge_slave_1 left promiscuous mode
[  590.466123][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  590.500098][   T10] device bridge_slave_0 left promiscuous mode
[  590.542287][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  590.857184][   T10] device veth1_macvtap left promiscuous mode
[  590.971129][   T10] device veth0_vlan left promiscuous mode
[  591.203623][ T6986] loop2: detected capacity change from 0 to 128
[  592.178243][ T3945] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  592.953883][ T6999] loop2: detected capacity change from 0 to 512
[  592.962051][ T6999] EXT4-fs (loop2): Test dummy encryption mode enabled
[  593.261943][ T6999] EXT4-fs error (device loop2): __ext4_iget:5046: inode #11: block 1: comm syz.2.1368: invalid block
[  593.274952][ T6999] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.1368: couldn't read orphan inode 11 (err -117)
[  593.288971][ T6999] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  593.482982][ T6269] EXT4-fs (loop2): unmounting filesystem.
[  593.516770][ T5982] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  593.542297][ T7010] loop2: detected capacity change from 0 to 128
[  593.546387][ T5982] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  593.576402][ T5982] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  593.595813][ T5982] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  593.609925][ T7010] syz.2.1374: attempt to access beyond end of device
[  593.609925][ T7010] loop2: rw=2049, sector=145, nr_sectors = 88 limit=128
[  593.616278][ T5982] bridge0: port 1(bridge_slave_0) entered blocking state
[  593.634330][ T5982] bridge0: port 1(bridge_slave_0) entered forwarding state
[  593.748479][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  593.759755][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  593.776562][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  593.785561][ T1811] bridge0: port 2(bridge_slave_1) entered blocking state
[  593.792921][ T1811] bridge0: port 2(bridge_slave_1) entered forwarding state
[  593.814706][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  593.852005][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  593.860840][ T7012] syz.2.1374: attempt to access beyond end of device
[  593.860840][ T7012] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[  593.875446][ T7012] syz.2.1374: attempt to access beyond end of device
[  593.875446][ T7012] loop2: rw=34817, sector=145, nr_sectors = 88 limit=128
[  593.877072][ T5982] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  593.915007][ T5982] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  593.944368][ T6963] device veth0_vlan entered promiscuous mode
[  593.972266][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  593.989003][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  594.010851][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  594.040105][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  594.069299][ T6963] device veth1_macvtap entered promiscuous mode
[  594.102349][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  594.117298][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  594.216171][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  594.233392][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  594.292829][ T7021] loop1: detected capacity change from 0 to 512
[  594.389657][ T7021] EXT4-fs: Ignoring removed orlov option
[  594.414070][ T7021] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  594.482669][ T7021] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.1371: casefold flag without casefold feature
[  594.521954][ T7021] EXT4-fs (loop1): Remounting filesystem read-only
[  594.532481][ T7021] EXT4-fs (loop1): 1 truncate cleaned up
[  594.539920][ T7021] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  595.172011][ T6963] EXT4-fs (loop1): unmounting filesystem.
[  595.196527][   T28] audit: type=1400 audit(2000000112.910:1166): avc:  denied  { write } for  pid=83 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  596.968174][   T28] audit: type=1400 audit(2000000112.910:1167): avc:  denied  { remove_name } for  pid=83 comm="syslogd" name="messages" dev="tmpfs" ino=9 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  597.102853][   T28] audit: type=1400 audit(2000000112.910:1168): avc:  denied  { rename } for  pid=83 comm="syslogd" name="messages" dev="tmpfs" ino=9 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  597.185756][   T28] audit: type=1400 audit(2000000112.910:1169): avc:  denied  { add_name } for  pid=83 comm="syslogd" name="messages.0" dev="tmpfs" ino=8 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  597.215295][   T28] audit: type=1400 audit(2000000112.910:1170): avc:  denied  { unlink } for  pid=83 comm="syslogd" name="messages.0" dev="tmpfs" ino=8 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  597.277373][   T28] audit: type=1400 audit(2000000112.910:1171): avc:  denied  { create } for  pid=83 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  597.327751][ T7053] loop1: detected capacity change from 0 to 1024
[  597.339904][   T28] audit: type=1400 audit(2000000114.890:1172): avc:  denied  { map } for  pid=7045 comm="syz.4.1381" path="socket:[43777]" dev="sockfs" ino=43777 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  597.382104][ T7053] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  598.562477][ T6963] EXT4-fs (loop1): unmounting filesystem.
[  598.765683][ T7075] loop2: detected capacity change from 0 to 128
[  598.853131][ T7077] overlayfs: failed to resolve './file0': -2
[  599.962991][   T28] audit: type=1400 audit(2000000116.640:1173): avc:  denied  { ioctl } for  pid=7070 comm="syz.4.1386" path="socket:[43797]" dev="sockfs" ino=43797 ioctlcmd=0x8902 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  600.017926][ T7075] syz.2.1389: attempt to access beyond end of device
[  600.017926][ T7075] loop2: rw=2049, sector=145, nr_sectors = 88 limit=128
[  600.555266][ T7088] overlayfs: failed to resolve './file0': -2
[  601.025358][ T7091] syz.2.1389: attempt to access beyond end of device
[  601.025358][ T7091] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[  601.040924][ T7091] syz.2.1389: attempt to access beyond end of device
[  601.040924][ T7091] loop2: rw=34817, sector=145, nr_sectors = 88 limit=128
[  601.925972][ T4167] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  602.246067][ T4167] usb 1-1: device descriptor read/64, error -71
[  602.695973][ T4167] usb 1-1: device descriptor read/64, error -71
[  603.102890][ T4167] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  604.296081][ T4167] usb 1-1: device descriptor read/64, error -71
[  605.280857][ T5982] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  605.421671][   T28] audit: type=1400 audit(2000000123.120:1174): avc:  denied  { audit_read } for  pid=7134 comm="syz.4.1403" capability=37  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  605.955350][ T5982] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  605.966498][ T5982] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  605.986275][ T5982] usb 3-1: config 0 descriptor??
[  606.089231][ T7153] loop1: detected capacity change from 0 to 512
[  606.097822][ T7153] EXT4-fs: Ignoring removed oldalloc option
[  606.114933][ T7153] EXT4-fs (loop1): Test dummy encryption mode enabled
[  606.167137][   T28] audit: type=1400 audit(2000000123.880:1175): avc:  denied  { write } for  pid=7152 comm="syz.0.1407" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  606.316799][ T7153] EXT4-fs error (device loop1): __ext4_iget:5046: inode #11: block 1: comm syz.1.1406: invalid block
[  606.336967][ T7153] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.1406: couldn't read orphan inode 11 (err -117)
[  606.361778][ T7153] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  606.415406][ T7127] loop2: detected capacity change from 0 to 512
[  606.436413][ T7127] ext2: Unknown parameter 'subj_user'
[  606.453137][   T28] audit: type=1326 audit(2000000124.160:1176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7152 comm="syz.0.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a6d77def9 code=0x7ffc0000
[  606.607642][   T28] audit: type=1326 audit(2000000124.220:1177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7152 comm="syz.0.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f0a6d77def9 code=0x7ffc0000
[  606.619942][ T7127] loop2: detected capacity change from 0 to 1024
[  607.130628][ T6963] EXT4-fs (loop1): unmounting filesystem.
[  607.180922][ T7127] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  607.215076][   T28] audit: type=1326 audit(2000000124.220:1178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7152 comm="syz.0.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a6d77def9 code=0x7ffc0000
[  607.355568][   T28] audit: type=1326 audit(2000000124.220:1179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7152 comm="syz.0.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a6d77def9 code=0x7ffc0000
[  607.605262][ T7172] loop1: detected capacity change from 0 to 256
[  607.617110][ T7172] FAT-fs (loop1): Unrecognized mount option "utv8=0" or missing value
[  607.704026][ T7172] overlayfs: missing 'lowerdir'
[  607.848056][   T28] audit: type=1326 audit(2000000124.220:1180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7152 comm="syz.0.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f0a6d77def9 code=0x7ffc0000
[  607.907620][   T28] audit: type=1326 audit(2000000124.230:1181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7152 comm="syz.0.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a6d77def9 code=0x7ffc0000
[  609.220554][   T39] usb 3-1: USB disconnect, device number 12
[  609.411183][   T28] audit: type=1326 audit(2000000124.230:1182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7152 comm="syz.0.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7f0a6d77def9 code=0x7ffc0000
[  609.443210][ T7127] EXT4-fs (loop2): unmounting filesystem.
[  609.503783][   T28] audit: type=1326 audit(2000000124.230:1183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7152 comm="syz.0.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a6d77def9 code=0x7ffc0000
[  610.756138][   T28] kauditd_printk_skb: 31 callbacks suppressed
[  610.756158][   T28] audit: type=1400 audit(2000000128.470:1215): avc:  denied  { write } for  pid=7208 comm="syz.0.1419" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  611.006031][ T4166] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  612.009313][ T7220] serio: Serial port pts0
[  612.057675][ T7223] loop2: detected capacity change from 0 to 512
[  612.066168][ T7223] EXT4-fs: Ignoring removed bh option
[  612.129525][ T7223] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  612.466900][ T7223] EXT4-fs (loop2): 1 truncate cleaned up
[  612.475020][ T7223] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  612.486018][ T4166] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 4
[  612.523383][ T4166] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  612.720368][ T6269] EXT4-fs (loop2): unmounting filesystem.
[  612.755038][ T4166] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  612.776143][ T4166] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  612.795018][ T4166] usb 5-1: SerialNumber: syz
[  612.804545][ T7234] loop2: detected capacity change from 0 to 1024
[  612.826203][ T7207] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  612.856982][ T7234] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  613.386294][ T7207] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  613.440818][ T7240] loop1: detected capacity change from 0 to 1024
[  613.490559][ T7240] EXT4-fs: Ignoring removed orlov option
[  613.509425][ T7240] EXT4-fs (loop1): Test dummy encryption mode enabled
[  613.558950][ T7240] EXT4-fs warning (device loop1): ext4_enable_quotas:6999: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[  613.655619][ T6269] EXT4-fs (loop2): unmounting filesystem.
[  613.718238][ T7240] EXT4-fs (loop1): mount failed
[  613.773495][ T7244] loop2: detected capacity change from 0 to 2048
[  613.846494][ T7244]  loop2: p2 < > p4
[  613.851983][ T7244] loop2: p4 size 8192 extends beyond EOD, truncated
[  614.787718][  T101] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  614.803160][  T101] Buffer I/O error on dev loop2, logical block 0, async page read
[  614.843406][  T101]  loop2: unable to read partition table
[  614.872451][  T101] loop2: partition table beyond EOD, truncated
[  614.886462][ T4166] cdc_ether: probe of 5-1:1.0 failed with error -71
[  614.908307][ T4166] usb 5-1: USB disconnect, device number 8
[  614.984002][ T7244] loop2: detected capacity change from 0 to 2048
[  614.988762][ T3945] udevd[3945]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  615.340089][ T4062] udevd[4062]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  616.795034][ T7277] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1435'.
[  618.622107][ T7296] xt_hashlimit: size too large, truncated to 1048576
[  619.164536][ T7300] loop1: detected capacity change from 0 to 512
[  619.636002][   T28] audit: type=1400 audit(2000000137.310:1216): avc:  denied  { ioctl } for  pid=7299 comm="syz.1.1439" path="socket:[45252]" dev="sockfs" ino=45252 ioctlcmd=0x7452 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  620.030947][ T7316] overlayfs: failed to resolve './file0': -2
[  620.208562][ T4167] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  620.209358][ T7321] loop1: detected capacity change from 0 to 1024
[  620.258041][ T7318] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1443'.
[  620.342280][ T7321] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  621.393534][ T7332] netlink: 'syz.1.1444': attribute type 4 has an invalid length.
[  621.451219][ T7332] netlink: 'syz.1.1444': attribute type 17 has an invalid length.
[  621.465404][ T7332] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  621.566507][ T4167] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 4
[  621.685743][ T6963] EXT4-fs (loop1): unmounting filesystem.
[  621.696816][ T4167] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  621.786202][ T4167] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  622.214265][ T4167] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  622.256174][ T4167] usb 4-1: SerialNumber: syz
[  622.277454][ T7341] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  622.288564][ T4167] usb 4-1: can't set config #1, error -71
[  622.299389][ T4167] usb 4-1: USB disconnect, device number 10
[  623.177458][ T7349] binder: 7337:7349 ioctl 4018620d 0 returned -22
[  623.644894][ T7356] bridge0: port 2(gretap0) entered blocking state
[  623.652773][ T7356] bridge0: port 2(gretap0) entered disabled state
[  623.670383][ T7356] device gretap0 entered promiscuous mode
[  623.678658][ T7356] bridge0: port 2(gretap0) entered blocking state
[  623.687483][ T7356] bridge0: port 2(gretap0) entered forwarding state
[  623.816145][ T4167] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  623.858443][ T7354] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1451'.
[  624.075953][ T4167] usb 2-1: Using ep0 maxpacket: 16
[  624.196316][ T4167] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  624.215213][ T4167] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  624.225883][ T4167] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  624.279573][ T4167] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  624.454190][ T7362] bridge0: port 1(bridge_slave_0) entered blocking state
[  624.465627][ T4167] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  624.476383][ T7362] bridge0: port 1(bridge_slave_0) entered disabled state
[  624.486540][ T7362] device bridge_slave_0 entered promiscuous mode
[  624.567279][ T7362] bridge0: port 2(bridge_slave_1) entered blocking state
[  624.578625][ T7362] bridge0: port 2(bridge_slave_1) entered disabled state
[  624.587687][ T4167] usb 2-1: config 0 descriptor??
[  624.597691][ T7362] device bridge_slave_1 entered promiscuous mode
[  625.028038][    T8] device bridge_slave_1 left promiscuous mode
[  625.092267][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  625.295715][    T8] device bridge_slave_0 left promiscuous mode
[  625.429979][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  625.461174][    T8] device veth1_macvtap left promiscuous mode
[  625.490075][    T8] device veth0_vlan left promiscuous mode
[  625.592154][ T7385] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1457'.
[  625.632891][ T7385] fuse: Unknown parameter '0xffffffffffffffff'
[  625.648555][ T4167] usbhid 2-1:0.0: can't add hid device: -71
[  625.959056][   T28] audit: type=1400 audit(2000000143.340:1217): avc:  denied  { ioctl } for  pid=7377 comm="syz.4.1457" path="/dev/usbmon0" dev="devtmpfs" ino=139 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  625.997642][ T4167] usbhid: probe of 2-1:0.0 failed with error -71
[  626.070454][ T7367] overlayfs: './bus' not a directory
[  626.112392][ T4167] usb 2-1: USB disconnect, device number 8
[  626.296251][ T7381] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1458'.
[  628.052680][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  628.079038][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  629.816814][ T4166] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  629.827675][ T4166] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  629.876120][ T4166] bridge0: port 1(bridge_slave_0) entered blocking state
[  629.884569][ T4166] bridge0: port 1(bridge_slave_0) entered forwarding state
[  629.908531][ T4166] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  629.939351][ T4166] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  630.030623][ T7417] loop1: detected capacity change from 0 to 512
[  630.037996][ T7417] EXT4-fs: Ignoring removed bh option
[  630.044115][ T7417] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  630.179283][ T4166] bridge0: port 2(bridge_slave_1) entered blocking state
[  630.190875][ T4166] bridge0: port 2(bridge_slave_1) entered forwarding state
[  630.292770][ T7417] EXT4-fs (loop1): 1 truncate cleaned up
[  630.304039][ T7417] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  631.409436][ T4166] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  631.432348][ T4166] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  631.477097][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  631.485767][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  631.509552][ T6963] EXT4-fs (loop1): unmounting filesystem.
[  631.539279][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  631.590206][ T4131] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  631.620876][ T4131] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  632.509890][ T7362] device veth0_vlan entered promiscuous mode
[  632.576658][ T7436] syz.3.1466[7436] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  632.577124][ T7436] syz.3.1466[7436] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  633.559024][ T7362] device veth1_macvtap entered promiscuous mode
[  633.588991][ T7443] loop1: detected capacity change from 0 to 128
[  633.659847][ T4166] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  633.669156][ T4166] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  633.684955][ T4166] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  633.685818][ T7443] syz.1.1469: attempt to access beyond end of device
[  633.685818][ T7443] loop1: rw=2049, sector=145, nr_sectors = 88 limit=128
[  633.706400][ T4166] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  633.756418][ T4166] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  633.786726][ T4166] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  633.795007][ T4166] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  633.824259][ T4166] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  633.866368][ T4166] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  633.875860][ T4166] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  633.936649][ T4166] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  633.962723][ T7449] syz.1.1469: attempt to access beyond end of device
[  633.962723][ T7449] loop1: rw=34817, sector=97, nr_sectors = 32 limit=128
[  633.977296][ T7449] syz.1.1469: attempt to access beyond end of device
[  633.977296][ T7449] loop1: rw=34817, sector=145, nr_sectors = 88 limit=128
[  634.080211][ T7452] loop2: detected capacity change from 0 to 1024
[  634.189539][ T7452] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  636.421834][ T7458] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1472'.
[  636.432491][ T7459] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1472'.
[  636.676080][ T7469] xt_hashlimit: size too large, truncated to 1048576
[  637.010288][ T7467] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1473'.
[  637.229491][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  637.467094][ T7475] loop2: detected capacity change from 0 to 512
[  637.477529][ T7475] EXT4-fs: Ignoring removed bh option
[  637.515189][ T7475] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  637.688227][ T7475] EXT4-fs (loop2): 1 truncate cleaned up
[  637.696357][ T7475] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  638.755391][ T7487] input: syz0 as /devices/virtual/input/input22
[  639.819178][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  640.072253][ T7497] loop2: detected capacity change from 0 to 512
[  640.080343][ T7497] EXT4-fs: Ignoring removed oldalloc option
[  640.430204][ T7498] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1478'.
[  641.223068][ T7497] EXT4-fs (loop2): Test dummy encryption mode enabled
[  641.446401][ T7497] EXT4-fs error (device loop2): __ext4_iget:5046: inode #11: block 1: comm syz.2.1479: invalid block
[  641.461012][ T7497] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.1479: couldn't read orphan inode 11 (err -117)
[  641.479428][ T7497] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  642.051435][ T7510] loop1: detected capacity change from 0 to 512
[  642.059271][ T7510] EXT4-fs: Ignoring removed bh option
[  642.067719][ T7510] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  642.077826][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  642.102760][ T7510] EXT4-fs (loop1): 1 truncate cleaned up
[  642.108845][ T7510] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  642.646640][ T6963] EXT4-fs (loop1): unmounting filesystem.
[  642.973304][ T7528] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  643.348141][ T7532] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1487'.
[  644.321866][ T7546] loop1: detected capacity change from 0 to 512
[  644.328908][ T7546] EXT4-fs: Ignoring removed bh option
[  644.336379][ T7546] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  644.580431][ T7546] EXT4-fs (loop1): 1 truncate cleaned up
[  644.586811][ T7546] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  645.011070][ T7548] syz.3.1490[7548] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  645.011206][ T7548] syz.3.1490[7548] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  645.071185][ T7527] sch_fq: defrate 0 ignored.
[  645.146115][ T6963] EXT4-fs (loop1): unmounting filesystem.
[  645.284403][   T28] audit: type=1400 audit(2000000162.990:1218): avc:  denied  { setopt } for  pid=7545 comm="syz.3.1490" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  645.470437][ T7552] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1492'.
[  645.708166][ T7565] loop1: detected capacity change from 0 to 256
[  645.724129][ T7565] exfat: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿ01777777777777777777777*:mÄ×ØPJþO ß4­<ó}pm×?Ð'
[  645.996400][ T3945] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  646.825130][ T7574] loop1: detected capacity change from 0 to 1024
[  647.076858][ T7574] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e00cc02c, mo2=0002]
[  647.086114][ T7574] System zones: 0-1, 3-36
[  647.107167][ T7574] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  647.118500][ T7574] EXT4-fs (loop1): unmounting filesystem.
[  647.363368][ T7583] loop1: detected capacity change from 0 to 128
[  647.394888][ T7583] syz.1.1499: attempt to access beyond end of device
[  647.394888][ T7583] loop1: rw=2049, sector=145, nr_sectors = 88 limit=128
[  647.443727][ T7587] loop2: detected capacity change from 0 to 512
[  647.520659][ T7587] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  647.874254][ T7592] syz.1.1499: attempt to access beyond end of device
[  647.874254][ T7592] loop1: rw=34817, sector=97, nr_sectors = 32 limit=128
[  647.890005][ T7592] syz.1.1499: attempt to access beyond end of device
[  647.890005][ T7592] loop1: rw=34817, sector=145, nr_sectors = 88 limit=128
[  647.931949][ T7587] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038 (0x7fffffff)
[  648.705672][ T7599] EXT4-fs (loop2): resizing filesystem from 128 to 1 blocks
[  648.715656][ T7599] EXT4-fs warning (device loop2): ext4_resize_fs:2051: can't shrink FS - resize aborted
[  648.736053][   T28] audit: type=1400 audit(2000000166.390:1219): avc:  denied  { setopt } for  pid=7586 comm="syz.2.1501" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  648.847530][ T7601] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1503'.
[  648.904282][   T28] audit: type=1400 audit(2000000166.500:1220): avc:  denied  { setopt } for  pid=7586 comm="syz.2.1501" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  649.026320][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  649.075005][ T7607] loop2: detected capacity change from 0 to 128
[  649.737371][   T28] audit: type=1400 audit(2000000167.440:1221): avc:  denied  { write } for  pid=7606 comm="syz.2.1504" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  650.143176][ T7615] loop2: detected capacity change from 0 to 512
[  650.207510][ T7615] ext4: Bad value for 'max_batch_time'
[  651.532850][ T7624] loop2: detected capacity change from 0 to 16
[  651.543869][ T7624] erofs: (device loop2): mounted with root inode @ nid 36.
[  651.578335][   T47] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  651.636670][   T28] audit: type=1400 audit(2000000169.280:1222): avc:  denied  { execute } for  pid=7614 comm="syz.2.1507" name="file2" dev="loop2" ino=89 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  651.815451][ T7623] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1508'.
[  651.906023][   T28] audit: type=1400 audit(2000000169.280:1223): avc:  denied  { execute_no_trans } for  pid=7614 comm="syz.2.1507" path="/8/file1/file2" dev="loop2" ino=89 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  652.436039][ T4131] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  653.086086][ T4131] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  653.117707][ T4131] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  653.144777][ T7641] fuse: Unknown parameter 'grou00000000000000000000'
[  653.156393][ T4131] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2c03, bcdDevice= 0.00
[  653.184446][ T4131] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  653.211996][ T4131] usb 3-1: config 0 descriptor??
[  653.791091][ T7628] loop2: detected capacity change from 0 to 2048
[  653.831191][ T7649] loop1: detected capacity change from 0 to 1024
[  653.848346][ T7628] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  653.914632][ T7649] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  654.291102][ T7661] xt_hashlimit: size too large, truncated to 1048576
[  655.717514][ T7663] usb usb8: usbfs: process 7663 (syz.2.1510) did not claim interface 0 before use
[  656.081460][ T6963] EXT4-fs (loop1): unmounting filesystem.
[  656.192259][   T28] audit: type=1400 audit(2000000173.900:1224): avc:  denied  { nlmsg_write } for  pid=7653 comm="syz.3.1514" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  656.247512][ T7669] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1516'.
[  656.371841][ T7668] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1518'.
[  656.843063][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  656.896172][ T4131] usbhid 3-1:0.0: can't add hid device: -71
[  656.905710][ T4131] usbhid: probe of 3-1:0.0 failed with error -71
[  656.927199][ T4131] usb 3-1: USB disconnect, device number 13
[  656.938529][ T7679] loop2: detected capacity change from 0 to 512
[  657.005584][ T7679] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  657.015942][ T7679] ext4 filesystem being mounted at /10/bus supports timestamps until 2038 (0x7fffffff)
[  657.563552][   T28] audit: type=1400 audit(2000000175.270:1225): avc:  denied  { connect } for  pid=7684 comm="syz.1.1520" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  657.623818][   T28] audit: type=1400 audit(2000000175.320:1226): avc:  denied  { shutdown } for  pid=7684 comm="syz.1.1520" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  657.651004][ T7691] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1521'.
[  657.878953][ T7698] loop1: detected capacity change from 0 to 512
[  657.888170][ T7698] EXT4-fs: Ignoring removed oldalloc option
[  657.897056][ T7698] EXT4-fs (loop1): Test dummy encryption mode enabled
[  657.916802][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  658.040901][ T7698] EXT4-fs error (device loop1): __ext4_iget:5046: inode #11: block 1: comm syz.1.1522: invalid block
[  658.054338][ T7698] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.1522: couldn't read orphan inode 11 (err -117)
[  658.070303][ T7698] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  658.579650][ T7707] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1524'.
[  659.530932][ T6963] EXT4-fs (loop1): unmounting filesystem.
[  659.685694][ T7712] loop2: detected capacity change from 0 to 1024
[  659.862999][ T7712] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  659.957541][   T28] audit: type=1400 audit(2000000177.660:1227): avc:  denied  { ioctl } for  pid=7713 comm="syz.1.1526" path="socket:[46245]" dev="sockfs" ino=46245 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  660.354214][ T7725] netlink: 'syz.2.1527': attribute type 4 has an invalid length.
[  660.370775][ T7725] netlink: 'syz.2.1527': attribute type 17 has an invalid length.
[  660.382394][ T7725] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  660.470254][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  661.465783][ T7740] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1531'.
[  661.538966][ T7740] fuse: Unknown parameter '0xffffffffffffffff'
[  661.949392][ T7742] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1535'.
[  662.088147][ T7752] loop2: detected capacity change from 0 to 512
[  662.106239][ T7752] EXT4-fs: Ignoring removed oldalloc option
[  662.321077][   T28] audit: type=1400 audit(2000000180.030:1228): avc:  denied  { name_bind } for  pid=7743 comm="syz.3.1534" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  662.358539][ T7752] EXT4-fs (loop2): Test dummy encryption mode enabled
[  662.634005][ T7752] EXT4-fs error (device loop2): __ext4_iget:5046: inode #11: block 1: comm syz.2.1536: invalid block
[  662.648535][ T7752] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.1536: couldn't read orphan inode 11 (err -117)
[  662.664487][ T7752] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  662.825467][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  664.755670][ T7776] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1540'.
[  665.496854][ T7784] loop1: detected capacity change from 0 to 128
[  665.505076][ T7786] loop2: detected capacity change from 0 to 128
[  665.581489][ T7784] syz.1.1543: attempt to access beyond end of device
[  665.581489][ T7784] loop1: rw=2049, sector=145, nr_sectors = 88 limit=128
[  665.607676][ T7786] syz.2.1544: attempt to access beyond end of device
[  665.607676][ T7786] loop2: rw=2049, sector=145, nr_sectors = 88 limit=128
[  665.828711][ T7793] syz.1.1543: attempt to access beyond end of device
[  665.828711][ T7793] loop1: rw=34817, sector=97, nr_sectors = 32 limit=128
[  665.844192][ T7793] syz.1.1543: attempt to access beyond end of device
[  665.844192][ T7793] loop1: rw=34817, sector=145, nr_sectors = 88 limit=128
[  665.978191][ T7786] syz.2.1544: attempt to access beyond end of device
[  665.978191][ T7786] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[  665.993357][ T7786] syz.2.1544: attempt to access beyond end of device
[  665.993357][ T7786] loop2: rw=34817, sector=145, nr_sectors = 88 limit=128
[  666.188000][ T7798] xt_bpf: check failed: parse error
[  666.605282][   T28] audit: type=1326 audit(2000000184.310:1229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7799 comm="syz.2.1546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe000b7def9 code=0x7ffc0000
[  666.678621][   T28] audit: type=1326 audit(2000000184.350:1230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7799 comm="syz.2.1546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe000b7def9 code=0x7ffc0000
[  666.817878][ T7801] loop2: detected capacity change from 0 to 512
[  666.859479][ T7801] EXT4-fs (loop2): orphan cleanup on readonly fs
[  666.896474][   T28] audit: type=1326 audit(2000000184.350:1231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7799 comm="syz.2.1546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe000b7def9 code=0x7ffc0000
[  666.899390][ T7801] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1546: bg 0: block 97: padding at end of block bitmap is not set
[  666.920619][   T28] audit: type=1326 audit(2000000184.350:1232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7799 comm="syz.2.1546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe000b7def9 code=0x7ffc0000
[  666.955400][ T7806] loop1: detected capacity change from 0 to 1024
[  667.079425][ T7801] Quota error (device loop2): write_blk: dquota write failed
[  667.100166][   T28] audit: type=1326 audit(2000000184.350:1233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7799 comm="syz.2.1546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe000b7def9 code=0x7ffc0000
[  667.106002][ T7801] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  667.127420][   T28] audit: type=1326 audit(2000000184.350:1234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7799 comm="syz.2.1546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe000b7def9 code=0x7ffc0000
[  667.165112][   T28] audit: type=1326 audit(2000000184.350:1235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7799 comm="syz.2.1546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe000b7def9 code=0x7ffc0000
[  667.166005][ T7806] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  667.192850][   T28] audit: type=1326 audit(2000000184.350:1236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7799 comm="syz.2.1546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fe000b7c797 code=0x7ffc0000
[  667.229893][ T7801] EXT4-fs error (device loop2): ext4_acquire_dquot:6764: comm syz.2.1546: Failed to acquire dquot type 0
[  667.247527][ T7801] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2926: inode #15: comm syz.2.1546: corrupted xattr block 19
[  667.266281][ T7801] EXT4-fs warning (device loop2): ext4_evict_inode:299: xattr delete (err -117)
[  667.449143][ T7794] netlink: 'syz.0.1542': attribute type 4 has an invalid length.
[  667.466972][ T7801] EXT4-fs (loop2): 1 orphan inode deleted
[  667.647002][  T526] EXT4-fs error (device loop2): ext4_release_dquot:6787: comm kworker/u4:6: Failed to release dquot type 0
[  667.716588][  T526] EXT4-fs error (device loop2): ext4_release_dquot:6787: comm kworker/u4:6: Failed to release dquot type 1
[  667.731922][ T7811] netlink: 'syz.0.1542': attribute type 17 has an invalid length.
[  667.741771][ T7811] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  667.776191][ T7801] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  667.904991][ T7815] xt_hashlimit: size too large, truncated to 1048576
[  668.308310][ T2425] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  668.311426][ T7801] syz.2.1546 (7801) used greatest stack depth: 19128 bytes left
[  668.367573][ T6963] EXT4-fs (loop1): unmounting filesystem.
[  668.413883][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  668.624343][ T7823] loop1: detected capacity change from 0 to 512
[  668.632308][ T7823] EXT4-fs: Ignoring removed oldalloc option
[  668.639940][ T7823] EXT4-fs (loop1): Test dummy encryption mode enabled
[  668.677572][ T7824] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1549'.
[  668.694753][ T7823] EXT4-fs error (device loop1): __ext4_iget:5046: inode #11: block 1: comm syz.1.1548: invalid block
[  668.706210][ T7823] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.1548: couldn't read orphan inode 11 (err -117)
[  668.728097][ T7823] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  668.778033][ T7833] loop2: detected capacity change from 0 to 256
[  668.787366][ T7833] exfat: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿ01777777777777777777777*:mÄ×ØPJþO ß4­<ó}pm×?Ð'
[  669.293086][ T6963] EXT4-fs (loop1): unmounting filesystem.
[  671.689422][ T7855] loop2: detected capacity change from 0 to 128
[  671.775848][ T7855] syz.2.1557: attempt to access beyond end of device
[  671.775848][ T7855] loop2: rw=2049, sector=145, nr_sectors = 88 limit=128
[  671.905740][   T28] kauditd_printk_skb: 43 callbacks suppressed
[  671.905762][   T28] audit: type=1400 audit(2000000189.610:1278): avc:  denied  { mount } for  pid=7856 comm="syz.0.1558" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  672.082400][ T7862] syz.2.1557: attempt to access beyond end of device
[  672.082400][ T7862] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[  672.096440][ T7862] syz.2.1557: attempt to access beyond end of device
[  672.096440][ T7862] loop2: rw=34817, sector=145, nr_sectors = 88 limit=128
[  672.242826][   T28] audit: type=1400 audit(2000000189.650:1279): avc:  denied  { remount } for  pid=7856 comm="syz.0.1558" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  672.275061][   T28] audit: type=1400 audit(2000000189.980:1280): avc:  denied  { unmount } for  pid=5468 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  672.497174][ T7871] xt_hashlimit: size too large, truncated to 1048576
[  673.021414][ T7867] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1555'.
[  674.125558][ T7884] loop2: detected capacity change from 0 to 512
[  674.132914][ T7884] EXT4-fs: Ignoring removed oldalloc option
[  674.149370][ T7887] loop1: detected capacity change from 0 to 512
[  674.156809][ T7887] EXT4-fs: Ignoring removed oldalloc option
[  674.172376][ T7884] EXT4-fs (loop2): Test dummy encryption mode enabled
[  674.182975][ T7887] EXT4-fs (loop1): Test dummy encryption mode enabled
[  674.383820][ T7884] EXT4-fs error (device loop2): __ext4_iget:5046: inode #11: block 1: comm syz.2.1562: invalid block
[  674.396725][ T7887] EXT4-fs error (device loop1): __ext4_iget:5046: inode #11: block 1: comm syz.1.1571: invalid block
[  674.409102][ T7884] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.1562: couldn't read orphan inode 11 (err -117)
[  674.409198][ T7887] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.1571: couldn't read orphan inode 11 (err -117)
[  674.436362][ T7884] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  674.436371][ T7887] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  674.607830][ T6963] EXT4-fs (loop1): unmounting filesystem.
[  674.615006][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  674.682773][ T7896] loop1: detected capacity change from 0 to 128
[  674.807807][ T7896] syz.1.1564: attempt to access beyond end of device
[  674.807807][ T7896] loop1: rw=2049, sector=145, nr_sectors = 88 limit=128
[  674.928417][ T7902] netlink: 'syz.4.1561': attribute type 4 has an invalid length.
[  674.938896][ T7902] netlink: 'syz.4.1561': attribute type 17 has an invalid length.
[  674.989078][ T7902] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  675.494225][ T7909] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1567'.
[  675.576381][ T7914] syz.1.1564: attempt to access beyond end of device
[  675.576381][ T7914] loop1: rw=34817, sector=97, nr_sectors = 32 limit=128
[  675.591010][ T7914] syz.1.1564: attempt to access beyond end of device
[  675.591010][ T7914] loop1: rw=34817, sector=145, nr_sectors = 88 limit=128
[  675.624264][ T7908] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1566'.
[  676.855818][ T7928] loop1: detected capacity change from 0 to 2048
[  677.165080][ T7928] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  677.394356][ T7927] xt_hashlimit: size too large, truncated to 1048576
[  677.692096][ T6963] EXT4-fs (loop1): unmounting filesystem.
[  678.461799][ T7958] loop2: detected capacity change from 0 to 512
[  678.525058][ T7950] loop1: detected capacity change from 0 to 40427
[  678.533723][ T7958] EXT4-fs error (device loop2): ext4_orphan_get:1422: comm syz.2.1578: bad orphan inode 17
[  678.545390][ T7950] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  678.556018][ T7950] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  678.601936][ T7958] ext4_test_bit(bit=16, block=4) = 1
[  678.608577][ T7958] is_bad_inode(inode)=0
[  678.613546][ T7958] NEXT_ORPHAN(inode)=0
[  678.626299][ T7958] max_ino=32
[  678.629488][ T7958] i_nlink=1
[  678.632809][ T7958] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  678.636582][ T7950] F2FS-fs (loop1): invalid crc value
[  679.585855][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  679.698883][ T7974] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1580'.
[  679.713099][ T7950] F2FS-fs (loop1): Found nat_bits in checkpoint
[  679.801152][ T7950] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  679.816031][ T7950] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  680.149991][ T7982] syz.1.1577: attempt to access beyond end of device
[  680.149991][ T7982] loop1: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[  680.742939][ T7988] loop2: detected capacity change from 0 to 128
[  680.798139][ T7988] syz.2.1583: attempt to access beyond end of device
[  680.798139][ T7988] loop2: rw=2049, sector=145, nr_sectors = 88 limit=128
[  680.893742][   T28] audit: type=1400 audit(2000000198.590:1281): avc:  denied  { mount } for  pid=7985 comm="syz.3.1582" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  681.441341][ T7997] syz.2.1583: attempt to access beyond end of device
[  681.441341][ T7997] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[  681.457868][ T7997] syz.2.1583: attempt to access beyond end of device
[  681.457868][ T7997] loop2: rw=34817, sector=145, nr_sectors = 88 limit=128
[  681.655509][   T28] audit: type=1400 audit(2000000199.360:1282): avc:  denied  { unmount } for  pid=6520 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  682.503987][ T8012] loop1: detected capacity change from 0 to 16
[  682.547724][ T8012] erofs: (device loop1): mounted with root inode @ nid 36.
[  682.638116][ T8012] syz.1.1585: attempt to access beyond end of device
[  682.638116][ T8012] loop1: rw=0, sector=8, nr_sectors = 16 limit=16
[  682.703835][ T8012] syz.1.1585: attempt to access beyond end of device
[  682.703835][ T8012] loop1: rw=524288, sector=16, nr_sectors = 16 limit=16
[  682.718883][ T8012] syz.1.1585: attempt to access beyond end of device
[  682.718883][ T8012] loop1: rw=524288, sector=8, nr_sectors = 16 limit=16
[  682.940069][ T8019] loop2: detected capacity change from 0 to 1024
[  683.347701][ T8019] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  683.544206][ T8028] xt_hashlimit: size too large, truncated to 1048576
[  684.189851][   T28] audit: type=1400 audit(2000000201.900:1283): avc:  denied  { bind } for  pid=8024 comm="syz.0.1591" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  684.215094][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  684.276043][   T28] audit: type=1400 audit(2000000201.900:1284): avc:  denied  { name_bind } for  pid=8024 comm="syz.0.1591" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  684.331772][ T8037] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1593'.
[  684.359470][   T28] audit: type=1400 audit(2000000201.900:1285): avc:  denied  { node_bind } for  pid=8024 comm="syz.0.1591" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  684.370867][ T8042] input: syz0 as /devices/virtual/input/input23
[  685.396833][   T28] audit: type=1400 audit(2000000203.110:1286): avc:  denied  { read } for  pid=86 comm="acpid" name="event3" dev="devtmpfs" ino=1619 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  685.465952][   T28] audit: type=1400 audit(2000000203.110:1287): avc:  denied  { open } for  pid=86 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=1619 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  685.535977][   T28] audit: type=1400 audit(2000000203.110:1288): avc:  denied  { ioctl } for  pid=86 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=1619 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  685.754018][   T28] audit: type=1326 audit(2000000203.460:1289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8046 comm="syz.1.1595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80f097def9 code=0x7ffc0000
[  685.807738][   T28] audit: type=1326 audit(2000000203.460:1290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8046 comm="syz.1.1595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80f097def9 code=0x7ffc0000
[  685.985665][ T8055] loop2: detected capacity change from 0 to 512
[  686.022966][ T8055] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  686.077334][ T8055] EXT4-fs (loop2): 1 truncate cleaned up
[  686.085106][ T8055] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  686.671229][ T8066] loop1: detected capacity change from 0 to 2048
[  686.771645][ T8066] EXT4-fs error (device loop1): ext4_orphan_get:1422: comm syz.1.1598: bad orphan inode 8192
[  686.814611][ T8066] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  686.843153][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  687.552408][ T6963] EXT4-fs (loop1): unmounting filesystem.
[  688.169870][ T8090] loop2: detected capacity change from 0 to 128
[  688.951240][ T8094] xt_hashlimit: size too large, truncated to 1048576
[  689.618505][ T8090] syz.2.1604: attempt to access beyond end of device
[  689.618505][ T8090] loop2: rw=2049, sector=145, nr_sectors = 88 limit=128
[  689.896639][ T8106] syz.2.1604: attempt to access beyond end of device
[  689.896639][ T8106] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[  689.913774][ T8106] syz.2.1604: attempt to access beyond end of device
[  689.913774][ T8106] loop2: rw=34817, sector=145, nr_sectors = 88 limit=128
[  690.038489][   T28] kauditd_printk_skb: 13 callbacks suppressed
[  690.038513][   T28] audit: type=1400 audit(2000000207.750:1304): avc:  denied  { write } for  pid=8099 comm="syz.4.1606" path="socket:[47556]" dev="sockfs" ino=47556 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  692.272696][ T8123] loop1: detected capacity change from 0 to 512
[  692.280342][ T8123] EXT4-fs: Ignoring removed bh option
[  692.891468][ T8123] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  692.916690][ T8123] EXT4-fs (loop1): 1 truncate cleaned up
[  692.922979][ T8123] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  693.063092][ T6963] EXT4-fs (loop1): unmounting filesystem.
[  693.158154][ T8130] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1611'.
[  693.512153][ T8145] device wireguard0 entered promiscuous mode
[  694.000984][ T8153] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1616'.
[  694.071353][ T8157] loop2: detected capacity change from 0 to 512
[  695.964292][ T8171] loop1: detected capacity change from 0 to 512
[  696.027101][ T8171] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  696.066039][ T8171] ext4 filesystem being mounted at /56/file0 supports timestamps until 2038 (0x7fffffff)
[  697.516981][ T8195] loop2: detected capacity change from 0 to 512
[  697.524689][ T8195] EXT4-fs: Ignoring removed bh option
[  697.532002][ T8195] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  697.790322][ T8195] EXT4-fs (loop2): 1 truncate cleaned up
[  697.796401][ T8195] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  698.242135][ T8201] EXT4-fs error (device loop1): ext4_search_dir:1548: inode #2: block 3: comm syz.1.1620: bad entry in directory: rec_len is smaller than minimal - offset=16444, inode=113, rec_len=0, size=2048 fake=0
[  698.287821][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  698.840362][ T8208] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1627'.
[  698.886573][ T6963] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 3: comm syz-executor: path /56/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0
[  698.986372][ T6963] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 12: comm syz-executor: path /56/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  699.096294][ T6963] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 13: comm syz-executor: path /56/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  699.195505][ T6963] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 14: comm syz-executor: path /56/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  699.226190][ T6963] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 15: comm syz-executor: path /56/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  699.263536][ T8216] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1630'.
[  699.286206][ T6963] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /56/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  699.336308][ T6963] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 17: comm syz-executor: path /56/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  699.397807][ T6963] EXT4-fs error (device loop1): ext4_map_blocks:607: inode #2: block 18: comm syz-executor: lblock 23 mapped to illegal pblock 18 (length 1)
[  699.529705][ T6963] EXT4-fs (loop1): unmounting filesystem.
[  700.048976][ T6306] device bridge_slave_1 left promiscuous mode
[  700.071740][ T6306] bridge0: port 2(bridge_slave_1) entered disabled state
[  700.256170][ T6306] device bridge_slave_0 left promiscuous mode
[  700.262682][ T6306] bridge0: port 1(bridge_slave_0) entered disabled state
[  700.296984][ T6306] device veth1_macvtap left promiscuous mode
[  700.308596][ T6306] device veth0_vlan left promiscuous mode
[  700.538928][ T8234] loop2: detected capacity change from 0 to 256
[  700.546438][ T8234] exfat: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿ01777777777777777777777*:mÄ×ØPJþO ß4­<ó}pm×?Ð'
[  700.642705][ T3945] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  701.033725][ T8228] bridge0: port 1(bridge_slave_0) entered blocking state
[  701.052859][ T8228] bridge0: port 1(bridge_slave_0) entered disabled state
[  701.066538][ T8228] device bridge_slave_0 entered promiscuous mode
[  701.096596][ T8228] bridge0: port 2(bridge_slave_1) entered blocking state
[  701.103601][ T8228] bridge0: port 2(bridge_slave_1) entered disabled state
[  701.146495][ T8228] device bridge_slave_1 entered promiscuous mode
[  701.735989][ T8247] tipc: Started in network mode
[  701.741900][ T8247] tipc: Node identity fe8000000000000000000000000000aa, cluster identity 4711
[  701.752666][ T8247] tipc: Enabled bearer <udp:s>, priority 10
[  701.794683][ T8247] loop2: detected capacity change from 0 to 512
[  701.946978][ T8228] bridge0: port 2(bridge_slave_1) entered blocking state
[  701.954746][ T8228] bridge0: port 2(bridge_slave_1) entered forwarding state
[  701.962213][ T8228] bridge0: port 1(bridge_slave_0) entered blocking state
[  701.969484][ T8228] bridge0: port 1(bridge_slave_0) entered forwarding state
[  701.977174][ T8247] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  701.987178][ T8247] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038 (0x7fffffff)
[  702.006623][ T1357] bridge0: port 1(bridge_slave_0) entered disabled state
[  702.019845][ T1357] bridge0: port 2(bridge_slave_1) entered disabled state
[  702.060607][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  702.075601][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  702.168448][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  702.300781][ T4062] udevd[4062]: inotify_add_watch(7, /dev/loop11, 10) failed: No such file or directory
[  702.487890][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  702.496741][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  702.506961][  T294] bridge0: port 1(bridge_slave_0) entered blocking state
[  702.514269][  T294] bridge0: port 1(bridge_slave_0) entered forwarding state
[  702.522126][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  702.531697][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  702.540362][  T294] bridge0: port 2(bridge_slave_1) entered blocking state
[  702.547534][  T294] bridge0: port 2(bridge_slave_1) entered forwarding state
[  702.569622][ T8258] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1640'.
[  702.580068][ T8266] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1642'.
[  702.901731][ T8269] loop2: detected capacity change from 0 to 512
[  702.908793][ T8269] EXT4-fs: Ignoring removed bh option
[  703.012879][ T4167] tipc: Node number set to 4269801642
[  703.036619][ T8269] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  703.067672][ T8269] EXT4-fs (loop2): 1 truncate cleaned up
[  703.073353][ T8269] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  703.104107][ T1357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  703.116224][ T1357] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  703.131771][ T1357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  703.140699][ T1357] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  703.164727][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  703.225144][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  703.240394][ T8228] device veth0_vlan entered promiscuous mode
[  703.247344][ T1357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  703.256258][ T1357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  703.272765][ T8228] device veth1_macvtap entered promiscuous mode
[  703.280411][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  703.288096][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  703.295599][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  703.304683][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  703.314612][  T294] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  703.330445][ T8278] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1644'.
[  703.397396][ T1357] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  703.405676][ T1357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  703.426509][ T1357] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  703.435487][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  703.455573][ T1357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  703.487237][ T8283] loop2: detected capacity change from 0 to 128
[  703.513614][ T8283] syz.2.1645: attempt to access beyond end of device
[  703.513614][ T8283] loop2: rw=2049, sector=145, nr_sectors = 88 limit=128
[  703.542563][ T8285] loop1: detected capacity change from 0 to 1024
[  703.599016][ T8285] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  703.829410][ T8289] syz.2.1645: attempt to access beyond end of device
[  703.829410][ T8289] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[  703.843824][ T8289] syz.2.1645: attempt to access beyond end of device
[  703.843824][ T8289] loop2: rw=34817, sector=145, nr_sectors = 88 limit=128
[  704.746252][ T8228] EXT4-fs (loop1): unmounting filesystem.
[  705.504962][ T8309] overlayfs: failed to resolve './file0': -2
[  705.777985][ T6306] Bluetooth: hci0: Frame reassembly failed (-84)
[  706.107208][ T8324] loop1: detected capacity change from 0 to 256
[  706.119689][ T8324] exfat: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿ01777777777777777777777*:mÄ×ØPJþO ß4­<ó}pm×?Ð'
[  706.259289][ T3945] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  707.508272][ T8334] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1656'.
[  707.570674][ T8338] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1657'.
[  707.795919][ T2425] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  707.795935][ T6618] Bluetooth: hci0: command 0x1003 tx timeout
[  707.889356][ T8344] fuse: Unknown parameter 'grou00000000000000000000'
[  711.385455][ T8376] loop2: detected capacity change from 0 to 512
[  711.392398][ T8376] EXT4-fs: Ignoring removed bh option
[  711.492849][ T8376] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  711.647652][ T8376] EXT4-fs (loop2): 1 truncate cleaned up
[  711.653321][ T8376] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  711.929122][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  711.972564][ T8392] loop2: detected capacity change from 0 to 256
[  712.001510][ T8390] loop1: detected capacity change from 0 to 2048
[  712.039459][ T8392] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0xff6f124c, utbl_chksum : 0xe619d30d)
[  712.097136][ T8390] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  713.232672][ T8228] EXT4-fs (loop1): unmounting filesystem.
[  713.494262][ T8416] netlink: 'syz.0.1673': attribute type 3 has an invalid length.
[  714.427591][ T8432] loop2: detected capacity change from 0 to 512
[  714.447150][ T8432] EXT4-fs (loop2): Test dummy encryption mode enabled
[  714.638721][ T8432] EXT4-fs error (device loop2): __ext4_iget:5046: inode #11: block 1: comm syz.2.1679: invalid block
[  714.650437][ T8432] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.1679: couldn't read orphan inode 11 (err -117)
[  714.735966][ T8432] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  715.093366][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  715.176881][ T8438] syz.1.1682[8438] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  715.176974][ T8438] syz.1.1682[8438] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  716.312805][ T8453] loop1: detected capacity change from 0 to 256
[  716.363392][ T8453] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0xff6f124c, utbl_chksum : 0xe619d30d)
[  717.232804][ T8472] loop1: detected capacity change from 0 to 512
[  717.286322][ T8472] ext4: Unknown parameter 'nouser_xattr'
[  717.315987][  T325] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  717.360497][ T8472] loop1: detected capacity change from 0 to 256
[  717.585964][  T325] usb 3-1: Using ep0 maxpacket: 32
[  719.276348][ T8491] loop1: detected capacity change from 0 to 512
[  719.283537][ T8491] EXT4-fs: Ignoring removed bh option
[  719.290725][ T8491] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  719.431847][ T8491] EXT4-fs (loop1): 1 truncate cleaned up
[  719.437815][ T8491] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  719.775929][  T325] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  720.063131][  T325] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  720.082531][  T325] usb 3-1: New USB device found, idVendor=056a, idProduct=00e3, bcdDevice= 0.00
[  720.109441][  T325] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  720.139465][ T8228] EXT4-fs (loop1): unmounting filesystem.
[  720.224061][  T325] usb 3-1: config 0 descriptor??
[  720.306072][  T325] usb 3-1: can't set config #0, error -71
[  720.312437][  T325] usb 3-1: USB disconnect, device number 14
[  720.320146][ T8510] loop1: detected capacity change from 0 to 128
[  720.411135][ T8510] syz.1.1699: attempt to access beyond end of device
[  720.411135][ T8510] loop1: rw=2049, sector=145, nr_sectors = 88 limit=128
[  720.735027][ T8520] syz.1.1699: attempt to access beyond end of device
[  720.735027][ T8520] loop1: rw=34817, sector=97, nr_sectors = 32 limit=128
[  720.751110][ T8520] syz.1.1699: attempt to access beyond end of device
[  720.751110][ T8520] loop1: rw=34817, sector=145, nr_sectors = 88 limit=128
[  721.488198][ T8538] loop2: detected capacity change from 0 to 128
[  721.517407][ T8539] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  721.638583][ T8530] kvm: pic: non byte read
[  721.644408][ T8530] kvm: pic: level sensitive irq not supported
[  721.644484][ T8530] kvm: pic: non byte read
[  721.687494][ T8530] loop1: detected capacity change from 0 to 512
[  721.737133][ T8530] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  721.756124][ T8530] ext4 filesystem being mounted at /15/file1 supports timestamps until 2038 (0x7fffffff)
[  721.903313][ T8228] EXT4-fs (loop1): unmounting filesystem.
[  722.105037][ T8547] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1707'.
[  723.425567][ T8560] loop1: detected capacity change from 0 to 128
[  723.525627][ T8560] syz.1.1710: attempt to access beyond end of device
[  723.525627][ T8560] loop1: rw=2049, sector=145, nr_sectors = 88 limit=128
[  723.652541][ T8565] loop2: detected capacity change from 0 to 128
[  723.709649][ T8565] EXT4-fs (loop2): Test dummy encryption mode enabled
[  724.026116][ T8565] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  724.045989][ T8565] ext4 filesystem being mounted at /60/mnt supports timestamps until 2038 (0x7fffffff)
[  724.673099][ T8575] syz.1.1710: attempt to access beyond end of device
[  724.673099][ T8575] loop1: rw=34817, sector=97, nr_sectors = 32 limit=128
[  724.687634][ T8575] syz.1.1710: attempt to access beyond end of device
[  724.687634][ T8575] loop1: rw=34817, sector=145, nr_sectors = 88 limit=128
[  725.156581][ T5982] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  725.207119][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  726.351109][ T8585] loop2: detected capacity change from 0 to 512
[  726.363895][ T8585] EXT4-fs: Ignoring removed oldalloc option
[  726.406651][ T5982] usb 1-1: Using ep0 maxpacket: 16
[  726.650092][ T8585] EXT4-fs (loop2): Test dummy encryption mode enabled
[  726.696914][ T8585] EXT4-fs error (device loop2): __ext4_iget:5046: inode #11: block 1: comm syz.2.1716: invalid block
[  726.716466][ T8585] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.1716: couldn't read orphan inode 11 (err -117)
[  726.731990][ T8585] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  726.814093][ T8599] fuse: Unknown parameter 'grou00000000000000000000'
[  726.847123][ T5982] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  726.871740][ T8601] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1719'.
[  726.883439][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  726.890560][ T5982] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  727.046042][ T5982] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  727.069846][ T5982] usb 1-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0
[  727.126129][ T5982] usb 1-1: Product: syz
[  727.155528][ T5982] usb 1-1: Manufacturer: syz
[  727.212389][ T5982] usb 1-1: config 0 descriptor??
[  727.626025][ T5982] usbhid 1-1:0.0: can't add hid device: -71
[  727.632622][ T5982] usbhid: probe of 1-1:0.0 failed with error -71
[  727.713926][ T5982] usb 1-1: USB disconnect, device number 13
[  728.086252][   T28] audit: type=1400 audit(2000000245.720:1305): avc:  denied  { bind } for  pid=8613 comm="syz.4.1724" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  728.269620][ T8615] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1723'.
[  728.341442][ T8623] xt_hashlimit: size too large, truncated to 1048576
[  729.153373][ T8633] loop1: detected capacity change from 0 to 128
[  729.178223][ T8635] loop2: detected capacity change from 0 to 256
[  729.251085][ T8633] syz.1.1728: attempt to access beyond end of device
[  729.251085][ T8633] loop1: rw=2049, sector=145, nr_sectors = 88 limit=128
[  729.284970][ T8635] FAT-fs (loop2): Unrecognized mount option "chortnaet=macromanian" or missing value
[  729.765929][ T8641] syz.1.1728: attempt to access beyond end of device
[  729.765929][ T8641] loop1: rw=34817, sector=97, nr_sectors = 32 limit=128
[  729.781812][ T8641] syz.1.1728: attempt to access beyond end of device
[  729.781812][ T8641] loop1: rw=34817, sector=145, nr_sectors = 88 limit=128
[  731.354032][ T8655] loop1: detected capacity change from 0 to 512
[  731.361454][ T8655] EXT4-fs: Ignoring removed oldalloc option
[  731.399583][ T8655] EXT4-fs (loop1): Test dummy encryption mode enabled
[  731.574880][ T8653] syz.4.1732[8653] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  731.574987][ T8653] syz.4.1732[8653] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  731.608625][ T8655] EXT4-fs error (device loop1): __ext4_iget:5046: inode #11: block 1: comm syz.1.1731: invalid block
[  731.636868][ T8655] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.1731: couldn't read orphan inode 11 (err -117)
[  731.650188][ T8655] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  731.814142][ T8228] EXT4-fs (loop1): unmounting filesystem.
[  731.867470][ T8660] loop1: detected capacity change from 0 to 128
[  731.935781][ T8660] syz.1.1733: attempt to access beyond end of device
[  731.935781][ T8660] loop1: rw=2049, sector=145, nr_sectors = 88 limit=128
[  731.981624][ T8664] fuse: Unknown parameter 'grou00000000000000000000'
[  732.163850][ T8635] loop2: detected capacity change from 0 to 40427
[  732.190358][ T8667] syz.1.1733: attempt to access beyond end of device
[  732.190358][ T8667] loop1: rw=34817, sector=97, nr_sectors = 32 limit=128
[  732.204979][ T8667] syz.1.1733: attempt to access beyond end of device
[  732.204979][ T8667] loop1: rw=34817, sector=145, nr_sectors = 88 limit=128
[  732.894707][ T8673] loop1: detected capacity change from 0 to 256
[  733.088970][ T8677] overlayfs: missing 'lowerdir'
[  733.094193][   T28] audit: type=1400 audit(2000000250.800:1306): avc:  denied  { mounton } for  pid=8672 comm="syz.1.1737" path="/22/file0/bus" dev="loop1" ino=1048967 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1
[  734.413038][ T8691] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1740'.
[  734.742483][ T8695] loop2: detected capacity change from 0 to 128
[  734.796284][ T8695] syz.2.1741: attempt to access beyond end of device
[  734.796284][ T8695] loop2: rw=2049, sector=145, nr_sectors = 88 limit=128
[  735.675245][ T8704] loop1: detected capacity change from 0 to 512
[  735.683138][ T8704] EXT4-fs: Ignoring removed oldalloc option
[  735.692194][ T8704] EXT4-fs (loop1): Test dummy encryption mode enabled
[  735.832682][ T8695] syz.2.1741: attempt to access beyond end of device
[  735.832682][ T8695] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[  735.848040][ T8695] syz.2.1741: attempt to access beyond end of device
[  735.848040][ T8695] loop2: rw=34817, sector=145, nr_sectors = 88 limit=128
[  735.867955][ T8704] EXT4-fs error (device loop1): __ext4_iget:5046: inode #11: block 1: comm syz.1.1743: invalid block
[  735.887818][ T8704] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.1743: couldn't read orphan inode 11 (err -117)
[  735.901282][ T8704] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  736.055132][ T8228] EXT4-fs (loop1): unmounting filesystem.
[  736.063959][ T8711] loop2: detected capacity change from 0 to 256
[  736.103103][ T8713] loop1: detected capacity change from 0 to 128
[  736.105149][ T8711] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0xff6f124c, utbl_chksum : 0xe619d30d)
[  736.133772][ T8713] syz.1.1746: attempt to access beyond end of device
[  736.133772][ T8713] loop1: rw=2049, sector=145, nr_sectors = 88 limit=128
[  736.489550][ T8717] syz.1.1746: attempt to access beyond end of device
[  736.489550][ T8717] loop1: rw=34817, sector=97, nr_sectors = 32 limit=128
[  736.504473][ T8717] syz.1.1746: attempt to access beyond end of device
[  736.504473][ T8717] loop1: rw=34817, sector=145, nr_sectors = 88 limit=128
[  737.479258][ T3945] udevd[3945]: inotify_add_watch(7, /dev/loop11, 10) failed: No such file or directory
[  738.666037][   T28] audit: type=1326 audit(2000000001.670:1307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8728 comm="syz.0.1749" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0a6d77def9 code=0x0
[  740.033492][ T8744] loop1: detected capacity change from 0 to 512
[  740.041413][ T8744] EXT4-fs: Ignoring removed bh option
[  740.081100][ T8744] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  740.202736][ T8744] EXT4-fs (loop1): 1 truncate cleaned up
[  740.209208][ T8744] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  740.468871][ T8228] EXT4-fs (loop1): unmounting filesystem.
[  741.762740][ T8771] 9pnet_fd: Insufficient options for proto=fd
[  742.488539][ T8775] loop1: detected capacity change from 0 to 128
[  742.577807][ T8775] syz.1.1759: attempt to access beyond end of device
[  742.577807][ T8775] loop1: rw=2049, sector=145, nr_sectors = 88 limit=128
[  742.836545][ T8785] syz.1.1759: attempt to access beyond end of device
[  742.836545][ T8785] loop1: rw=34817, sector=97, nr_sectors = 32 limit=128
[  742.851157][ T8785] syz.1.1759: attempt to access beyond end of device
[  742.851157][ T8785] loop1: rw=34817, sector=145, nr_sectors = 88 limit=128
[  744.188196][ T8791] loop1: detected capacity change from 0 to 512
[  744.215760][ T8793] loop2: detected capacity change from 0 to 256
[  744.318758][ T8793] FAT-fs (loop2): Unrecognized mount option "00000000000000000004ÿÿ" or missing value
[  744.436340][ T8791] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  744.506136][ T8791] ext4 filesystem being mounted at /29/file0 supports timestamps until 2038 (0x7fffffff)
[  745.429993][ T8804] I/O error, dev loop2, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 1
[  745.440107][ T8804] EXT4-fs (loop2): unable to read superblock
[  745.554868][ T8806] sch_tbf: burst 5 is lower than device lo mtu (65550) !
[  745.951211][ T8228] EXT4-fs (loop1): unmounting filesystem.
[  746.070252][ T8809] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1766'.
[  746.246146][ T8818] loop2: detected capacity change from 0 to 256
[  746.253903][ T8818] exfat: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿ01777777777777777777777*:mÄ×ØPJþO ß4­<ó}pm×?Ð'
[  748.154798][ T8830] xt_time: unknown flags 0x4
[  748.266873][ T8830] netlink: 'syz.1.1771': attribute type 12 has an invalid length.
[  748.286512][ T8829] fuse: Unknown parameter 'grou00000000000000000000'
[  748.305914][ T8830] netlink: 'syz.1.1771': attribute type 29 has an invalid length.
[  748.436258][ T8830] netlink: 'syz.1.1771': attribute type 2 has an invalid length.
[  748.533223][ T8830] netlink: 'syz.1.1771': attribute type 2 has an invalid length.
[  748.657278][ T8830] netlink: 'syz.1.1771': attribute type 1 has an invalid length.
[  748.675095][ T8830] netlink: 'syz.1.1771': attribute type 37 has an invalid length.
[  748.697528][ T8830] netlink: 'syz.1.1771': attribute type 2 has an invalid length.
[  748.725120][ T8830] bridge0: port 1(bridge_slave_0) entered disabled state
[  749.813530][ T8853] loop2: detected capacity change from 0 to 128
[  749.883243][ T8853] syz.2.1776: attempt to access beyond end of device
[  749.883243][ T8853] loop2: rw=2049, sector=145, nr_sectors = 88 limit=128
[  749.900365][ T8848] loop1: detected capacity change from 0 to 40427
[  749.974434][ T8848] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  749.982879][ T8848] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  749.992692][ T8848] F2FS-fs (loop1): invalid crc value
[  750.102439][ T8858] xt_hashlimit: size too large, truncated to 1048576
[  750.566706][ T8860] syz.2.1776: attempt to access beyond end of device
[  750.566706][ T8860] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[  750.583345][ T8860] syz.2.1776: attempt to access beyond end of device
[  750.583345][ T8860] loop2: rw=34817, sector=145, nr_sectors = 88 limit=128
[  750.990293][ T8848] F2FS-fs (loop1): Found nat_bits in checkpoint
[  751.048439][ T8848] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  751.055690][ T8848] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  751.379556][ T8867] binder: 8865:8867 ioctl c018620c 20000740 returned -22
[  752.697699][  T629] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  752.786978][  T629] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  755.137126][ T8898] input: syz1 as /devices/virtual/input/input25
[  755.647169][ T8904] loop1: detected capacity change from 0 to 256
[  755.655944][ T8904] exfat: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿ01777777777777777777777*:mÄ×ØPJþO ß4­<ó}pm×?Ð'
[  756.730016][ T3945] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  757.777941][ T8935] netlink: 'syz.1.1793': attribute type 2 has an invalid length.
[  758.111077][ T8942] loop1: detected capacity change from 0 to 128
[  758.151238][ T8940] loop2: detected capacity change from 0 to 256
[  758.151708][ T8942] syz.1.1795: attempt to access beyond end of device
[  758.151708][ T8942] loop1: rw=2049, sector=145, nr_sectors = 88 limit=128
[  758.159596][ T8940] exfat: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿ01777777777777777777777*:mÄ×ØPJþO ß4­<ó}pm×?Ð'
[  758.282408][ T3945] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  758.422199][   T28] audit: type=1400 audit(2000000021.990:1308): avc:  denied  { connect } for  pid=8924 comm="syz.4.1792" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  758.706062][ T8948] syz.1.1795: attempt to access beyond end of device
[  758.706062][ T8948] loop1: rw=34817, sector=97, nr_sectors = 32 limit=128
[  758.721709][ T8948] syz.1.1795: attempt to access beyond end of device
[  758.721709][ T8948] loop1: rw=34817, sector=145, nr_sectors = 88 limit=128
[  758.885213][ T8950] loop2: detected capacity change from 0 to 512
[  758.917239][ T8950] ext4: Unknown parameter 'fsmagic'
[  758.957960][ T8950] loop2: detected capacity change from 0 to 512
[  758.991372][ T8950] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  759.056762][ T8950] EXT4-fs (loop2): 1 truncate cleaned up
[  759.062666][ T8950] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  760.053192][ T8958] input: syz1 as /devices/virtual/input/input26
[  760.347533][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  761.124245][ T8975] loop1: detected capacity change from 0 to 512
[  761.132973][ T8975] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  761.164817][ T8975] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.1801: invalid block
[  761.391158][ T8975] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.1801: invalid indirect mapped block 4294967295 (level 1)
[  761.409851][ T8975] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.1801: invalid indirect mapped block 4294967295 (level 1)
[  761.431967][ T8975] EXT4-fs (loop1): 2 truncates cleaned up
[  761.439634][ T8975] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  761.512345][   T28] audit: type=1400 audit(2000000025.060:1309): avc:  denied  { map } for  pid=8971 comm="syz.1.1801" path="/38/file0/bus" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  761.624921][ T8980] input: syz0 as /devices/virtual/input/input27
[  761.645166][   T28] audit: type=1400 audit(2000000025.070:1310): avc:  denied  { rename } for  pid=8971 comm="syz.1.1801" name="file2" dev="loop1" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  761.875474][ T8228] EXT4-fs (loop1): unmounting filesystem.
[  763.373381][ T9006] loop2: detected capacity change from 0 to 1024
[  763.765747][ T9006] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  763.774297][ T3945] udevd[3945]: inotify_add_watch(7, /dev/loop11, 10) failed: No such file or directory
[  764.051725][ T9010] xt_hashlimit: size too large, truncated to 1048576
[  764.431576][ T9016] loop1: detected capacity change from 0 to 128
[  764.487195][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  764.535897][   T28] audit: type=1400 audit(2000000028.100:1311): avc:  denied  { mount } for  pid=9015 comm="syz.1.1811" name="/" dev="ramfs" ino=50146 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  764.604943][ T9016] device pim6reg1 entered promiscuous mode
[  764.885582][ T9024] loop2: detected capacity change from 0 to 256
[  765.298656][ T9028] loop1: detected capacity change from 0 to 2048
[  765.366426][ T9028]  loop1: p2 < > p4
[  765.372068][ T9028] loop1: p4 size 8192 extends beyond EOD, truncated
[  765.487375][ T3945] udevd[3945]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  765.615351][ T9035] loop2: detected capacity change from 0 to 1024
[  765.684280][ T9035] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  766.137499][ T9038] xt_hashlimit: size too large, truncated to 1048576
[  766.795175][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  767.400302][ T9050] 9pnet_fd: Insufficient options for proto=fd
[  769.697217][ T9071] xt_hashlimit: size too large, truncated to 1048576
[  770.222278][ T9077] loop2: detected capacity change from 0 to 16
[  770.256678][ T9077] erofs: (device loop2): mounted with root inode @ nid 36.
[  770.277788][ T9077] erofs: (device loop2): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0
[  770.287488][ T9077] erofs: (device loop2): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0
[  770.297489][ T9077] erofs: (device loop2): z_erofs_read_folio: failed to read, err [-117]
[  770.503541][ T3945] udevd[3945]: inotify_add_watch(7, /dev/loop11, 10) failed: No such file or directory
[  772.095423][ T9092] xt_hashlimit: size too large, truncated to 1048576
[  777.383712][ T9126] bridge0: port 1(bridge_slave_0) entered blocking state
[  777.392144][ T9126] bridge0: port 1(bridge_slave_0) entered disabled state
[  777.401434][ T9126] device bridge_slave_0 entered promiscuous mode
[  777.415949][ T9126] bridge0: port 2(bridge_slave_1) entered blocking state
[  777.423660][ T9126] bridge0: port 2(bridge_slave_1) entered disabled state
[  777.432567][ T9126] device bridge_slave_1 entered promiscuous mode
[  778.274782][ T9126] bridge0: port 2(bridge_slave_1) entered blocking state
[  778.283628][ T9126] bridge0: port 2(bridge_slave_1) entered forwarding state
[  778.291129][ T9126] bridge0: port 1(bridge_slave_0) entered blocking state
[  778.298789][ T9126] bridge0: port 1(bridge_slave_0) entered forwarding state
[  779.021612][ T9163] loop2: detected capacity change from 0 to 512
[  779.035232][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  779.046200][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  779.109770][  T318] device bridge_slave_1 left promiscuous mode
[  779.119102][  T318] bridge0: port 2(bridge_slave_1) entered disabled state
[  779.156471][  T318] device bridge_slave_0 left promiscuous mode
[  779.170923][ T9163] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  779.232529][  T318] bridge0: port 1(bridge_slave_0) entered disabled state
[  779.239192][ T9163] ext4 filesystem being mounted at /96/file0 supports timestamps until 2038 (0x7fffffff)
[  779.257282][  T318] device veth1_macvtap left promiscuous mode
[  780.519938][ T9172] sch_tbf: burst 5 is lower than device lo mtu (18) !
[  780.567929][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  780.575925][ T9178] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1847'.
[  780.643425][ T4166] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  780.657158][ T4166] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  780.697244][ T4131] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  780.708561][ T4131] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  780.720346][ T9184] loop2: detected capacity change from 0 to 128
[  780.747437][ T4131] bridge0: port 1(bridge_slave_0) entered blocking state
[  780.754606][ T4131] bridge0: port 1(bridge_slave_0) entered forwarding state
[  780.769251][ T4131] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  780.780023][ T9184] syz.2.1848: attempt to access beyond end of device
[  780.780023][ T9184] loop2: rw=2049, sector=145, nr_sectors = 88 limit=128
[  780.816492][ T4131] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  780.827970][ T4131] bridge0: port 2(bridge_slave_1) entered blocking state
[  780.837849][ T4131] bridge0: port 2(bridge_slave_1) entered forwarding state
[  780.885969][ T9175] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1846'.
[  780.974920][ T4166] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  780.995263][ T4166] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  781.026289][ T4166] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  781.056408][ T4166] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  781.188980][ T9126] device veth0_vlan entered promiscuous mode
[  781.207727][ T9185] syz.2.1848: attempt to access beyond end of device
[  781.207727][ T9185] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[  781.241824][ T4131] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  781.251373][ T4131] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  781.266294][ T4131] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  781.275806][ T4131] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  781.279726][ T9185] syz.2.1848: attempt to access beyond end of device
[  781.279726][ T9185] loop2: rw=34817, sector=145, nr_sectors = 88 limit=128
[  781.309081][ T4131] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  781.321726][ T4131] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  781.363569][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  781.377307][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  781.411283][ T9126] device veth1_macvtap entered promiscuous mode
[  781.441527][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  781.460656][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  781.482368][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  781.526016][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  781.572399][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  781.602849][ T9192] loop1: detected capacity change from 0 to 1024
[  781.656082][ T9192] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  781.797043][ T9192] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  782.918569][ T9215] loop2: detected capacity change from 0 to 512
[  782.927205][ T9215] EXT4-fs: Ignoring removed bh option
[  782.935219][ T9215] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  783.217385][ T9218] syz.3.1855[9218] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  783.217765][ T9218] syz.3.1855[9218] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  784.195742][ T9215] EXT4-fs (loop2): 1 truncate cleaned up
[  784.215151][ T9215] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  784.297865][ T9126] EXT4-fs (loop1): unmounting filesystem.
[  784.359306][ T9227] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1858'.
[  784.363324][ T9224] loop1: detected capacity change from 0 to 2048
[  784.437400][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  784.496645][ T9224] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  785.594274][ T9126] EXT4-fs (loop1): unmounting filesystem.
[  785.748252][ T9247] loop1: detected capacity change from 0 to 128
[  785.877007][ T9248] netlink: 'syz.0.1860': attribute type 2 has an invalid length.
[  785.995452][ T9247] syz.1.1861: attempt to access beyond end of device
[  785.995452][ T9247] loop1: rw=2049, sector=145, nr_sectors = 88 limit=128
[  786.151523][ T9243] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1862'.
[  786.241945][ T9247] syz.1.1861: attempt to access beyond end of device
[  786.241945][ T9247] loop1: rw=34817, sector=97, nr_sectors = 32 limit=128
[  786.257121][ T9247] syz.1.1861: attempt to access beyond end of device
[  786.257121][ T9247] loop1: rw=34817, sector=145, nr_sectors = 88 limit=128
[  788.777443][ T9280] loop2: detected capacity change from 0 to 128
[  788.833408][ T9280] syz.2.1870: attempt to access beyond end of device
[  788.833408][ T9280] loop2: rw=2049, sector=145, nr_sectors = 88 limit=128
[  788.908946][ T9286] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1872'.
[  789.141584][ T9294] syz.2.1870: attempt to access beyond end of device
[  789.141584][ T9294] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[  789.156564][ T9294] syz.2.1870: attempt to access beyond end of device
[  789.156564][ T9294] loop2: rw=34817, sector=145, nr_sectors = 88 limit=128
[  789.426524][ T9283] loop1: detected capacity change from 0 to 40427
[  789.448590][ T9283] F2FS-fs (loop1): invalid crc value
[  789.464971][ T9283] F2FS-fs (loop1): Found nat_bits in checkpoint
[  789.550434][ T9283] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  789.759360][ T9301] loop2: detected capacity change from 0 to 128
[  789.799412][ T9301] syz.2.1884: attempt to access beyond end of device
[  789.799412][ T9301] loop2: rw=2049, sector=145, nr_sectors = 88 limit=128
[  790.503556][ T9312] sch_tbf: burst 5 is lower than device lo mtu (18) !
[  791.001129][ T9314] syz.2.1884: attempt to access beyond end of device
[  791.001129][ T9314] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[  791.027810][ T9314] syz.2.1884: attempt to access beyond end of device
[  791.027810][ T9314] loop2: rw=34817, sector=145, nr_sectors = 88 limit=128
[  791.191121][ T9319] loop1: detected capacity change from 0 to 256
[  791.234878][ T9319] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[  791.294343][   T28] audit: type=1400 audit(2000000054.860:1312): avc:  denied  { write } for  pid=9318 comm="syz.1.1876" path="/5/file0/bus" dev="loop1" ino=1048986 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  791.524725][   T28] audit: type=1400 audit(2000000055.090:1313): avc:  denied  { mounton } for  pid=9318 comm="syz.1.1876" path="/5/file0/bus" dev="loop1" ino=1048986 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  792.280847][ T9326] loop2: detected capacity change from 0 to 256
[  792.287884][ T9326] exfat: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿ01777777777777777777777*:mÄ×ØPJþO ß4­<ó}pm×?Ð'
[  792.368792][ T3945] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  792.568350][ T9333] loop2: detected capacity change from 0 to 512
[  792.576886][ T9333] EXT4-fs: Ignoring removed bh option
[  792.585541][ T9333] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  792.791594][ T9333] EXT4-fs (loop2): 1 truncate cleaned up
[  792.797868][ T9333] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  793.154166][  T526] device bridge_slave_1 left promiscuous mode
[  793.174231][  T526] bridge0: port 2(bridge_slave_1) entered disabled state
[  793.231973][  T526] device bridge_slave_0 left promiscuous mode
[  793.258376][  T526] bridge0: port 1(bridge_slave_0) entered disabled state
[  793.317530][  T526] device veth1_macvtap left promiscuous mode
[  793.324333][  T526] device veth0_vlan left promiscuous mode
[  793.387667][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  794.419227][ T9339] bridge0: port 1(bridge_slave_0) entered blocking state
[  794.442002][ T9339] bridge0: port 1(bridge_slave_0) entered disabled state
[  794.464952][ T9339] device bridge_slave_0 entered promiscuous mode
[  794.509683][ T9339] bridge0: port 2(bridge_slave_1) entered blocking state
[  794.531741][ T9339] bridge0: port 2(bridge_slave_1) entered disabled state
[  794.581649][ T9365] loop2: detected capacity change from 0 to 512
[  794.591691][ T9365] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  794.701100][ T9365] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.1890: invalid indirect mapped block 4294967295 (level 1)
[  794.721015][ T9365] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.1890: invalid indirect mapped block 4294967295 (level 1)
[  794.738159][ T9365] EXT4-fs (loop2): 2 truncates cleaned up
[  794.745485][ T9365] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  794.850545][ T9339] device bridge_slave_1 entered promiscuous mode
[  795.301675][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  795.862621][ T9377] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1891'.
[  796.369033][ T5982] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  796.389011][ T5982] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  796.420109][ T4167] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  796.429700][ T4167] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  796.448530][ T4167] bridge0: port 1(bridge_slave_0) entered blocking state
[  796.456531][ T4167] bridge0: port 1(bridge_slave_0) entered forwarding state
[  796.474113][ T4167] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  796.496254][ T4167] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  796.517200][ T4167] bridge0: port 2(bridge_slave_1) entered blocking state
[  796.524859][ T4167] bridge0: port 2(bridge_slave_1) entered forwarding state
[  796.532347][ T4167] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  796.547962][ T4167] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  796.577487][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  796.585570][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  796.616297][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  796.636369][ T4167] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  796.667150][ T4167] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  796.689039][ T9339] device veth0_vlan entered promiscuous mode
[  796.706323][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  796.714612][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  796.733670][ T9339] device veth1_macvtap entered promiscuous mode
[  796.747846][ T4167] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  796.756999][ T4167] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  796.765749][ T4167] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  796.785809][ T4167] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  796.816365][ T4167] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  796.840371][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  796.856339][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  796.886652][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  796.895564][ T1811] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  796.937537][ T9392] loop1: detected capacity change from 0 to 128
[  796.961725][ T9392] syz.1.1882: attempt to access beyond end of device
[  796.961725][ T9392] loop1: rw=2049, sector=145, nr_sectors = 88 limit=128
[  797.201159][ T9394] syz.1.1882: attempt to access beyond end of device
[  797.201159][ T9394] loop1: rw=34817, sector=97, nr_sectors = 32 limit=128
[  797.215573][ T9394] syz.1.1882: attempt to access beyond end of device
[  797.215573][ T9394] loop1: rw=34817, sector=145, nr_sectors = 88 limit=128
[  799.500427][ T9410] loop2: detected capacity change from 0 to 512
[  799.507661][ T9410] EXT4-fs: Ignoring removed oldalloc option
[  799.524139][ T9410] EXT4-fs (loop2): Test dummy encryption mode enabled
[  799.577648][ T9410] EXT4-fs error (device loop2): __ext4_iget:5046: inode #11: block 1: comm syz.2.1897: invalid block
[  799.589021][ T9410] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.1897: couldn't read orphan inode 11 (err -117)
[  799.602785][ T9410] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  799.663720][ T9420] loop1: detected capacity change from 0 to 128
[  799.695232][ T9420] syz.1.1902: attempt to access beyond end of device
[  799.695232][ T9420] loop1: rw=2049, sector=145, nr_sectors = 88 limit=128
[  799.754615][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  800.099114][ T9429] syz.1.1902: attempt to access beyond end of device
[  800.099114][ T9429] loop1: rw=34817, sector=97, nr_sectors = 32 limit=128
[  800.128457][ T9429] syz.1.1902: attempt to access beyond end of device
[  800.128457][ T9429] loop1: rw=34817, sector=145, nr_sectors = 88 limit=128
[  800.396006][ T5982] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  800.725884][ T5982] usb 4-1: Using ep0 maxpacket: 16
[  800.758528][ T9437] loop2: detected capacity change from 0 to 256
[  800.766894][ T9437] exfat: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿ01777777777777777777777*:mÄ×ØPJþO ß4­<ó}pm×?Ð'
[  800.817698][ T3945] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  800.980618][ T9448] loop2: detected capacity change from 0 to 512
[  800.989349][ T9448] EXT4-fs: Ignoring removed bh option
[  801.004733][ T9448] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  801.055961][ T5982] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  801.103552][ T9452] input: syz1 as /devices/virtual/input/input28
[  802.278183][ T5982] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  802.305920][ T5982] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  802.317070][ T9448] EXT4-fs (loop2): 1 truncate cleaned up
[  802.323089][ T9448] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  802.375938][ T5982] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  802.388959][ T5982] usb 4-1: config 0 descriptor??
[  802.569573][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  803.692716][ T5982] usbhid 4-1:0.0: can't add hid device: -71
[  803.739859][ T5982] usbhid: probe of 4-1:0.0 failed with error -71
[  803.893346][ T5982] usb 4-1: USB disconnect, device number 11
[  804.731068][ T9468] loop2: detected capacity change from 0 to 40427
[  804.754860][ T9468] F2FS-fs (loop2): invalid crc value
[  804.768573][ T9468] F2FS-fs (loop2): Found nat_bits in checkpoint
[  804.948529][ T9493] loop1: detected capacity change from 0 to 128
[  804.976481][ T9468] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  804.997027][ T9493] syz.1.1919: attempt to access beyond end of device
[  804.997027][ T9493] loop1: rw=2049, sector=145, nr_sectors = 88 limit=128
[  805.793681][ T9509] xt_hashlimit: size too large, truncated to 1048576
[  806.104374][ T9506] syz.1.1919: attempt to access beyond end of device
[  806.104374][ T9506] loop1: rw=34817, sector=97, nr_sectors = 32 limit=128
[  806.237692][ T9506] syz.1.1919: attempt to access beyond end of device
[  806.237692][ T9506] loop1: rw=34817, sector=145, nr_sectors = 88 limit=128
[  807.933257][ T9526] loop2: detected capacity change from 0 to 256
[  807.940478][ T9526] exfat: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿ01777777777777777777777*:mÄ×ØPJþO ß4­<ó}pm×?Ð'
[  808.054647][ T9528] loop2: detected capacity change from 0 to 1024
[  808.103774][ T9528] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  808.340331][ T9534] xt_hashlimit: size too large, truncated to 1048576
[  808.907696][ T7362] EXT4-fs (loop2): unmounting filesystem.
[  810.302673][ T9555] loop1: detected capacity change from 0 to 2048
[  810.435836][    C0] sched: RT throttling activated
[  810.647021][ T9555] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  810.708586][ T9555] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1930: bg 0: block 136: padding at end of block bitmap is not set
[  811.218263][ T9339] EXT4-fs (loop1): unmounting filesystem.
[  811.308425][ T9570] loop1: detected capacity change from 0 to 512
[  811.330350][ T9570] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.1934: casefold flag without casefold feature
[  811.358694][ T9570] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #2: comm syz.1.1934: missing EA_INODE flag
[  811.376388][ T9570] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.1934: error while reading EA inode 2 err=-117
[  811.416184][ T9570] EXT4-fs (loop1): 1 orphan inode deleted
[  811.422399][ T9570] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  811.532845][   T28] audit: type=1400 audit(2000000075.100:1314): avc:  denied  { create } for  pid=9569 comm="syz.1.1934" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  812.032886][ T9576] syz.1.1934[9576] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  812.034343][ T9576] syz.1.1934[9576] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  812.204252][   T28] audit: type=1400 audit(2000000075.480:1315): avc:  denied  { connect } for  pid=9569 comm="syz.1.1934" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  812.406651][ T9339] EXT4-fs (loop1): unmounting filesystem.
[  812.470391][ T9582] loop1: detected capacity change from 0 to 128
[  812.507354][ T9582] syz.1.1937: attempt to access beyond end of device
[  812.507354][ T9582] loop1: rw=2049, sector=145, nr_sectors = 88 limit=128
[  813.687485][ T9589] syz.1.1937: attempt to access beyond end of device
[  813.687485][ T9589] loop1: rw=34817, sector=97, nr_sectors = 32 limit=128
[  813.756349][ T9589] syz.1.1937: attempt to access beyond end of device
[  813.756349][ T9589] loop1: rw=34817, sector=145, nr_sectors = 88 limit=128
[  814.588946][ T9615] loop2: detected capacity change from 0 to 256
[  814.625512][ T9615] exfat: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿ01777777777777777777777*:mÄ×ØPJþO ß4­<ó}pm×?Ð'
[  814.887040][ T9617] xt_hashlimit: size too large, truncated to 1048576
[  815.119047][ T3945] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  815.161654][ T9622] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1956'.
[  819.136373][ T9648] loop1: detected capacity change from 0 to 512
[  819.143777][ T9648] EXT4-fs: Ignoring removed bh option
[  819.348781][ T9648] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  819.412878][ T9656] loop2: detected capacity change from 0 to 128
[  819.427599][ T9648] EXT4-fs (loop1): 1 truncate cleaned up
[  819.433902][ T9648] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  819.470579][ T9656] syz.2.1954: attempt to access beyond end of device
[  819.470579][ T9656] loop2: rw=2049, sector=145, nr_sectors = 88 limit=128
[  819.601290][ T9339] EXT4-fs (loop1): unmounting filesystem.
[  819.623155][ T9656] syz.2.1954: attempt to access beyond end of device
[  819.623155][ T9656] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[  819.638210][ T9656] syz.2.1954: attempt to access beyond end of device
[  819.638210][ T9656] loop2: rw=34817, sector=145, nr_sectors = 88 limit=128
[  819.761674][ T9666] loop1: detected capacity change from 0 to 1024
[  819.857321][ T9666] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  820.298386][ T9671] xt_hashlimit: size too large, truncated to 1048576
[  821.166607][ T9676] xt_hashlimit: size too large, truncated to 1048576
[  821.174835][  T561] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  821.435192][ T9681] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1961'.
[  821.546864][ T9339] EXT4-fs (loop1): unmounting filesystem.
[  821.645968][  T561] usb 1-1: Using ep0 maxpacket: 16
[  822.155091][  T561] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  822.165388][ T9693] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1962'.
[  822.168792][  T561] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  822.215962][  T561] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  822.245951][  T561] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  822.276839][  T561] usb 1-1: config 0 descriptor??
[  823.097562][  T561] microsoft 0003:045E:07DA.000C: No inputs registered, leaving
[  823.106688][  T561] microsoft 0003:045E:07DA.000C: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[  823.119927][  T561] microsoft 0003:045E:07DA.000C: no inputs found
[  823.136402][  T561] microsoft 0003:045E:07DA.000C: could not initialize ff, continuing anyway
[  824.240901][ T9717] loop2: detected capacity change from 0 to 128
[  824.270359][ T9719] loop1: detected capacity change from 0 to 512
[  824.293565][ T9717] syz.2.1969: attempt to access beyond end of device
[  824.293565][ T9717] loop2: rw=2049, sector=145, nr_sectors = 88 limit=128
[  824.330014][ T4131] usb 1-1: USB disconnect, device number 14
[  824.442504][ T9719] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.1971: casefold flag without casefold feature
[  824.476317][ T9719] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #2: comm syz.1.1971: missing EA_INODE flag
[  824.515417][ T4593] general protection fault, probably for non-canonical address 0xdffffc0000000007: 0000 [#1] PREEMPT SMP KASAN
[  824.515450][ T4593] KASAN: null-ptr-deref in range [0x0000000000000038-0x000000000000003f]
[  824.515466][ T4593] CPU: 0 PID: 4593 Comm: syz.0.852 Not tainted 6.1.99-syzkaller-00075-g2cd8ac816de5 #0
[  824.515489][ T4593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  824.515501][ T4593] RIP: 0010:__ext4_journal_get_write_access+0xb0/0x690
[  824.515541][ T4593] Code: 88 ff 49 8d 5e 30 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 ae 0b d0 ff 48 8b 1b 48 83 c3 38 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 91 0b d0 ff 4c 8b 23 4d 85 e4 4c
[  824.515565][ T4593] RSP: 0018:ffffc90000a86fe0 EFLAGS: 00010202
[  824.515588][ T4593] RAX: 0000000000000007 RBX: 0000000000000038 RCX: 0000000000040000
[  824.515603][ T4593] RDX: ffffc90006eea000 RSI: 000000000003ffff RDI: 0000000000040000
[  824.515617][ T4593] RBP: ffffc90000a870b0 R08: ffff888111372dc8 R09: 0000000000000001
[  824.515633][ T4593] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff110200bdd10
[  824.515647][ T4593] R13: dffffc0000000000 R14: ffff888111372dc8 R15: 0000000000000001
[  824.515661][ T4593] FS:  00007f423a5da6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  824.515680][ T4593] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  824.515696][ T4593] CR2: 0000001b2fe1eff8 CR3: 000000012f0e6000 CR4: 00000000003506b0
[  824.515716][ T4593] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  824.515729][ T4593] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  824.515743][ T4593] Call Trace:
[  824.515749][ T4593]  <TASK>
[  824.515759][ T4593]  ? __die_body+0x62/0xb0
[  824.515779][ T4593]  ? die_addr+0x9f/0xd0
[  824.515799][ T4593]  ? exc_general_protection+0x317/0x4c0
[  824.515825][ T4593]  ? asm_exc_general_protection+0x27/0x30
[  824.515848][ T4593]  ? __ext4_journal_get_write_access+0xb0/0x690
[  824.515877][ T4593]  ? __ext4_journal_ensure_credits+0x470/0x470
[  824.515904][ T4593]  ? __kasan_check_write+0x14/0x20
[  824.515927][ T4593]  ext4_reserve_inode_write+0x26d/0x360
[  824.515955][ T4593]  ? ext4_mark_iloc_dirty+0x1970/0x1970
[  824.515982][ T4593]  ? _raw_spin_trylock_bh+0x190/0x190
[  824.516013][ T4593]  ? ext4_dirty_inode+0xbd/0x100
[  824.516040][ T4593]  __ext4_mark_inode_dirty+0x12e/0x7d0
[  824.516067][ T4593]  ? sb_end_intwrite+0x130/0x130
[  824.516090][ T4593]  ? __dquot_alloc_space+0x267/0xc10
[  824.516120][ T4593]  ? __kasan_check_read+0x11/0x20
[  824.516139][ T4593]  ? __ext4_journal_start_sb+0x2f1/0x4b0
[  824.516169][ T4593]  ext4_dirty_inode+0xbd/0x100
[  824.516193][ T4593]  ? __ext4_expand_extra_isize+0x420/0x420
[  824.516221][ T4593]  __mark_inode_dirty+0x200/0xa60
[  824.516249][ T4593]  ext4_xattr_block_set+0x1f8e/0x37d0
[  824.516275][ T4593]  ? ext4_xattr_block_find+0x320/0x320
[  824.516297][ T4593]  ? ext4_reserve_inode_write+0x2b3/0x360
[  824.516325][ T4593]  ? ext4_mark_iloc_dirty+0x1970/0x1970
[  824.516352][ T4593]  ? ext4_xattr_ibody_find+0x102/0x530
[  824.516373][ T4593]  ext4_xattr_set_handle+0xdac/0x1560
[  824.516397][ T4593]  ? ext4_xattr_set_entry+0x3ef0/0x3ef0
[  824.516423][ T4593]  ? selinux_inode_free_security+0x210/0x210
[  824.516457][ T4593]  ext4_initxattrs+0xa7/0x120
[  824.516481][ T4593]  security_inode_init_security+0x252/0x390
[  824.516513][ T4593]  ? ext4_init_security+0x40/0x40
[  824.516536][ T4593]  ? security_dentry_create_files_as+0xc0/0xc0
[  824.516571][ T4593]  ? __ext4_set_acl+0x5e0/0x5e0
[  824.516595][ T4593]  ? _raw_spin_unlock+0x4c/0x70
[  824.516614][ T4593]  ext4_init_security+0x34/0x40
[  824.516636][ T4593]  __ext4_new_inode+0x31ef/0x40a0
[  824.516665][ T4593]  ? ext4_has_group_desc_csum+0x1f0/0x1f0
[  824.516687][ T4593]  ? dquot_initialize+0x20/0x20
[  824.516715][ T4593]  ? ext4_get_dummy_policy+0x1b/0x60
[  824.516737][ T4593]  ? ext4_set_context+0x560/0x560
[  824.516760][ T4593]  ? fscrypt_policy_to_inherit+0xba/0x160
[  824.516786][ T4593]  ext4_symlink+0x396/0xc10
[  824.516813][ T4593]  ? ext4_unlink+0x3f0/0x3f0
[  824.516838][ T4593]  ? security_inode_symlink+0xb8/0x100
[  824.516869][ T4593]  vfs_symlink+0x24e/0x3e0
[  824.516894][ T4593]  do_symlinkat+0x1ea/0x5a0
[  824.516916][ T4593]  ? __check_object_size+0x48e/0x650
[  824.516940][ T4593]  ? vfs_symlink+0x3e0/0x3e0
[  824.516964][ T4593]  ? getname_flags+0x1fd/0x520
[  824.516984][ T4593]  __x64_sys_symlinkat+0x99/0xb0
[  824.517015][ T4593]  x64_sys_call+0x6fe/0x9a0
[  824.517038][ T4593]  do_syscall_64+0x3b/0xb0
[  824.517057][ T4593]  ? clear_bhb_loop+0x55/0xb0
[  824.517081][ T4593]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  824.517102][ T4593] RIP: 0033:0x7f423977def9
[  824.517121][ T4593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  824.517138][ T4593] RSP: 002b:00007f423a5da038 EFLAGS: 00000246 ORIG_RAX: 000000000000010a
[  824.517161][ T4593] RAX: ffffffffffffffda RBX: 00007f4239936058 RCX: 00007f423977def9
[  824.517177][ T4593] RDX: 00000000200003c0 RSI: 000000000000000c RDI: 0000000020000240
[  824.517191][ T4593] RBP: 00007f42397f0b76 R08: 0000000000000000 R09: 0000000000000000
[  824.517205][ T4593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  824.517217][ T4593] R13: 0000000000000000 R14: 00007f4239936058 R15: 00007ffcee538b28
[  824.517237][ T4593]  </TASK>
[  824.517244][ T4593] Modules linked in:
[  824.555466][ T9719] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.1971: error while reading EA inode 2 err=-117
[  824.555662][ T9719] EXT4-fs (loop1): 1 orphan inode deleted
[  824.555689][ T9719] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  824.563522][ T9717] syz.2.1969: attempt to access beyond end of device
[  824.563522][ T9717] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[  824.563617][ T9717] syz.2.1969: attempt to access beyond end of device
[  824.563617][ T9717] loop2: rw=34817, sector=145, nr_sectors = 88 limit=128
[  824.609081][ T4593] ---[ end trace 0000000000000000 ]---
[  824.609112][ T4593] RIP: 0010:__ext4_journal_get_write_access+0xb0/0x690
[  824.609157][ T4593] Code: 88 ff 49 8d 5e 30 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 ae 0b d0 ff 48 8b 1b 48 83 c3 38 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 91 0b d0 ff 4c 8b 23 4d 85 e4 4c
[  824.609177][ T4593] RSP: 0018:ffffc90000a86fe0 EFLAGS: 00010202
[  824.609199][ T4593] RAX: 0000000000000007 RBX: 0000000000000038 RCX: 0000000000040000
[  824.609215][ T4593] RDX: ffffc90006eea000 RSI: 000000000003ffff RDI: 0000000000040000
[  824.609230][ T4593] RBP: ffffc90000a870b0 R08: ffff888111372dc8 R09: 0000000000000001
[  824.609246][ T4593] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff110200bdd10
[  824.609261][ T4593] R13: dffffc0000000000 R14: ffff888111372dc8 R15: 0000000000000001
[  824.609276][ T4593] FS:  00007f423a5da6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  824.609296][ T4593] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  824.609312][ T4593] CR2: 0000000000000000 CR3: 000000012f0e6000 CR4: 00000000003506b0
[  824.609333][ T4593] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  824.609346][ T4593] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  824.609364][ T4593] Kernel panic - not syncing: Fatal exception
[  824.609830][ T4593] Kernel Offset: disabled
[  825.408808][ T4593] Rebooting in 86400 seconds..