last executing test programs:

16m1.31146328s ago: executing program 32 (id=4474):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00'}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_KEY_SET(r4, 0x0, 0x4000004)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
r5 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'})
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x4b)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8946, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x800, &(0x7f0000000380)=ANY=[@ANYBLOB='iocharset=maciceland,umask=00000000000010000000011,iocharset=cp948,errors=remount-ro,uid=', @ANYRESHEX=0x0, @ANYBLOB=',iocharset=cp950,gid=', @ANYRESHEX=0x0, @ANYBLOB=',errors=remount-ro,discard,errors=continue,\x00'], 0x5, 0x1510, &(0x7f00000037c0)="$eJzs3Am4TlX7MPD7Xmvt45D0dJLhsNa6N08yLCdJMiTJkCRJkmRKSDrJKwmJQ6akQxKS4ZAMh5AMJ0465nkekyTpJEmmTMn6rlN83t7qe//v/+17/a//uX/Xta9n3c/a99prP/czrL0N33UZWrNxrWoNiQj+LfjrQxIAxALAQAC4DgACACgXVy4uqz+nxKR/7yDsr/VI6tWeAbuauP7ZG9c/e+P6Z29c/+yN65+9cf2zN65/9sb1Zyw72zy94PW8Zd+N7/9nZ/z7/79IZumxX60tfWPXfyGF65+9cf3/1wr+Kztx/bM3rn/2xvXP3rj+2UGOP+3h+mdvXH/GsrOrff+Zt6u7Xe33H2OMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yx7OGsv0IBwOX21Z4XY4wxxhhjjDHG/jo+x9WeAWOMMcYYY4wxxv7/QxAgQUEAMZADYiEn5AIBANdCHrgOInA9xMENkBduhHyQHwpAQYiHQlAYNBiwQBBCESgKUbgJisHNUBxKQEkoBQ5KQwLcAmXgVigLt0E5uB3Kwx1QASpCJagMd0IVuAuqwt1QDe6B6lADakItuBdqw31QB+6HuvAA1IMHoT48BA3gYWgIj0AjeBQaw2PQBB6HptAMmkMLaPnfyn8JesDL0BN6QRL0hj7wCvSFftAfBsBAeBUGwWswGF6HZBgCQ+ENGAZvwnB4C0bASBgFb8NoeAfGwFgYB+MhBSbARHgXJsF7MBmmwFSYBqkwHWbA+zATZsFs+ADmwIcwF+bBfFgAafARLIRFkA4fw2L4BDJgCSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBbvhU9gDn8Fe+Bz2wRf/Yv6Zf8jvioCAAgUqVBiDMRiLsZgLc2FuzI15MA9GMIJxGId5MS/mw3xYAAtgPMZjYSyMBg0SEhbBIhjFKBbDYlgci2NJLIkOHSZgApbBW7EslsVyWA7LY3msgBWxIlbGylgFq2BVrIrVsBpWx+pYE2vivXgv9sY6WAfrYl2sh/Uu357ChtgQG2EjbIyNsQk2wabYFJtjc2yJLbEVtsLW2BrbYltsh+2wPbbHREzEDtgBO2JH7ISdsDN2xi7YBbtiN+yGL+UAfBlfxl5YXfTGPtgH+2Jyjv44AAfgqzgIX8PX8HVMxiE4FN/AN/BNHI6ncQSOxFE4CquId3AMjkUS4zEFU3AiTsRJOAkn4xScgtMwFafjDJyBM3EWzsIPcA5+iB/iPJyHCzAN03AhLsJ0TMfFeAYzcAkuxWW4HFfgclyFq3EVrsV1uBY34AbchJtwC27BbbgNd+AO3IUKAD/Fz/AzTMZ9uA/34348gAfwIB7ETMzEQ3gID+NhPIJH8CgexWN4HE/gcTyFp/A0nsGzeBbP43m8gC/Ef9NoV4k1ySCyKKFEjIgRsSJW5BK5RG6RW+QReURERESciBN5RV6RT+QTBUQBES/iRWFRWBhhBIkwBgBEVERFMVFMFBfFRUlRUjjhRIJIEGVEGVFWlBXlxO2ivLhDVBAVRRtXWVQWVURbV1XcLaqJaqK6qCFqilqilqgtaos6oo6oK+qKeqKeqC8eEg1Eb+yPj4isyjQWQ7CJGIpNRTMhL32DtRLDsbVoI9qKp8RIHIHtRSuXKJ4VHcQY7Cj+Jsbi86KzGI9dxIuiq+gmuouXRA/R2vUUvcRk7C36iGnYV/QT/cUAMRNriA9wTs6a4nWRLIaIoeINsQDfFMPFW2KEGClGibfFaPGOGCPGinFivEgRE8RE8a6YJN4Tk8UUMVVME6liupgh3hczxSwxW3wg5ogPxVwxT8wXC0Sa+EgsFItEuvhYLBafiAyxRCwVy8RysUKsFKvEarFGrBXrxHqxQWwUm8RmsUVsFdvEdrFD7BS7xG7xqdgjPhN7xedin/hC7BdfigPiK3FQfC0yxTfikPhWHBbfiSPie3FU/CCOiePihDgpTokfxWlxRpwV58R58ZO4IH4WF4UXIFEKKaWSgYyROWSszClzyWtkbhlcenWvl3HyBplX3ijzyfyygCwo42UhWVhqaaSVJENZRBaVUXmTLCZvlsVlCVlSlpJOlpYJ8hZZRt4qy8rbZDl5uywv75AVZEVZSVaWd8oq8i4JkV+PUV3WkDVlLXmvrC3vk3Xk/bKufEDWkw/K+vIh2UA+LBvKR2Qj+ahsLB+TTeTjsqlsJpvLFrKlfEK2kk/K1rKNbCufku3k07K9fEYmymdlB+kvvUWel53lC7KLfFF2ld1kd/mzvCi97Cl7SYDeso98RfaV/WR/OUAOlK/KQfI1OVi+LpPlEDlUviGHyTflcPmWHCFHylHybTlaviPHyLFynBwvU+QEOVG+KyfJ9+RkOUVOldNkqpwu+18aabaU/zT/3T/IH/zL0TfJzXKL3Cq3ye1yh9wpd8ndcrfcI/fIvXKv3Cf3yf1yvzwgD8iD8qDMlJnykDwkD8vD8og8Io/Ko/KYPC7PyZPylPxRnpZn5Bl5Tp6X5+WFS68BKFRCSaVUoGJUDhWrcqpc6hqVW12r8qjrVERdr+LUDSqvulHlU/lVAVVQxatCqrDSyiirSIWqiCqqouomvPSGUSVVKeVUaZWgbvlX8lUxdbMqrkr8Jv/y/JL+ZH4tVUvVSrVSrVVr1Va1Ve1UO9VetVeJKlF1UB1UR9VRdVKdVGfVWXVRXVRX1VV1V91VD9VD9VQ9VZJKUn3UK6qv6qf6qwFqoHpVDVKD1GA1WCWrZDVUDVXD1DA1XA1XI9QINUqNUqPVaDVGjVHj1DiVolLURDVRTVKT1GQ1WU1VU1WqSlUz1Aw1U81Us9VsNUfNUXPVXDVfzVdpKk0tVAtVukpXi9VilaGWqCVqmVqmVqgVapVapdaoNWqdWqc2qA0qQ21Wm9VWtVVtV9vVTrVT7Va71R61R+1Ve9U+tU/tV/vVAXVAHVQHVabKVIfUIXVYHVZH1BF1VB1Vx9QxdUKdUKfUKXVanVZn1Vl1Xp1XF9QFdVFdzFr2BSIQgQpUEBPEBLFBbJAryBXkDnIHeYI8QSSIBHFBXJA3uDHIF+QPCgQFg/igUFA40IEJbCAuFT0a3BQUC24OigclgpJBqcAFpYOE4JagTHBrUDa4LSgX3B6UD+4IKgQVg0pB5eDOoEpwV1A1uDuoFtwTVA9qBDWDWsG9Qe3gvqBOcH9QN3ggqBc8GNQPHgoaBA8HDYNHgkbBo0Hj4LGgSfB40DRoFjQPWgQt/9LxvT+d/0nXU/fSSbq37qNf0X11P91fD9AD9at6kH5ND9av62Q9RA/Vb+hh+k09XL+lR+iRepR+W4/W7+gxeqwep8frFD1BT9Tv6kn6PT1ZT9FT9TSdqqfrGfp9PVPP0rP1B3qO/lDP1fP0fL1Ap+mP9EK9SKfrj/Vi/YnO0Ev0Ur1ML9cr9Eq9Sq/Wa/RavU6v1xv0Rr1Jb9Zb9Fa9TW/XO/ROvUvv1p/qPfozvVd/rvfpL/R+/aU+oL/SB/XXOlN/ow/pb/Vh/Z0+or/XR/UP+pg+rk/ok/qU/lGf1mf0WX1On9c/6Qv6Z31R+6zFfdbPu1FGmRgTY2JNrMllcpncJrfJY/KYiImYOBNn8pq8Jp/JZwqYAibexJvCprDJQoZMEVPERE3UFDPFTHFT3JQ0JY0zziSYBFPGlDFlTVlTzpQz5U15U8FUMJVMJXOnudPcZe4yd5u7zT3mHlPD1DC1TC1T29Q2dUwdU9fUNfVMPVPf1DcNTAPT0DQ0jUwj09g0Nk1ME9PUNDXNTXPT0rQ0rUwr09q0Nm1NW9POtDPtTXuTaBJNB9PBdDQdTSfTyXQ2nU0X08V0NV1Nd9Pd9DA9TE/T0ySZJNPH9DF9TV/T3/Q3A81AM8gMMoPNYJNsks1QM9QMM8PMcDPcjDAjzaishap5x4wxY804M96kmBQz0Uw0k8wkM9lMNlPNVJNqUs0MM8PMNDPNbDPbzDFzzFwz18w3802aSTMLzUKTbtLNYrPYZJgMs9QsNcvNcrPSrDSrzWqz1qw162G92Wg2ms1ms9lqtprtZrvZaXaa3Wa32WP2mL1mr9ln9pn9Zr85YA6Yg+agyTSZ5pA5ZA6bw+aIOWKOmqPmmDlmTpgT5pQ5ZU6b0+asOWvOm/yXfi+9ibU5bS57jc1tr7V57HX2H+MCtqCNt4VsYattPpv/N7Gx1ha3JWxJW8o6W9om2Ft+F1ewFW0lW9neaavYu2zV38W17X22jr3f1rUP2Fr23t/E9eyDtr59zDZABLDNbCPbwja2j9km9nHb1DazzW0L284+bdvbZ2yifdZ2sM/9Ll5oF9nVdo1da9fZPfYze9aes4ftd/a8/cn2tL3sQPuqHWRfs4Pt6zbZDvldPMq+bUfbd+wYO9aOs+N/F0+102yqnW5n2PftTDvrd3Ga/cjOsel2rp1n59sFv8RZc0q3H9vF9hObYZfYpXaZXW5X2JV21f+d6zK7wW60m+xu+6ndarfZ7XaH3Wl3/RJnncde+7ndZ7+wh+y39oD9yh60R2ym/eaXOOv8jtjv7VH7gz1mj9sT9qQ9ZX+0p+2ZX84/69xP2p/tRestEBKQJEUBxVAOiqWclIuuodx0LeWh6yhC11Mc3UB56UbKR/mpABWkeCpEhUmTIUtEIRWhohSlm+jyOr0klSJHpSmBbqEydCuVpduoHN1O5ekOqkAVqRJVpjupCt1FVeluqkb3UHWqQTWpFt1Ltek+qkP3U116gOrRg1SfHqIG9DA1pEeoET1KjekxakKPU1NqRs2pBbWkJ6gVPUmtqQ21paeoHT1N7ekZSqRnqQM9Rx3pb9SJnqfO9AJ1oRepK3Wj7vQS9aCXqSf1oiTqTX3oFepL/ag/DaCB9CoNotdoML1OyTSEhtIbNIzepOH0Fo2gkTSK3qbR9A6NobE0jsZTCk2gifQuTaL3aDJNoak0jVJpOs2g92kmzaLZ9AHNoQ9pLs2j+bSA0ugjWkiLKJ0+psX0CWXQElpKy2g5raCVtIpW0xpaS+toPW2gjbSJNtMW2krbaDvtoJ20i3bTp7SHPqO99Dntoy9oP31JB+grOkhfUyZ9Q4foWzpM39ER+t73oh/oGB2nE3SSTtGPdJrO0Fk6R+fpJ7pAP9NF8gQhhiKUoQqDMCbMEcaGOcNc4TVh7vDaME94XRgJrw/jwhvCvOGNYb4wf1ggLBjGh4XCwqEOTWhDCsOwSFg0jIY3hcXCm8PiYYmwZFgqdGHpMCG8JSwT3hqWDW8Ly4W3h+XDO8IKYcXwsQcqh3eGVcK7wqrh3WG18J6welgjrBnWCu8Na4f3hXXC+8O64QNh2fDBsH74UNggfDhsGD4SNgofDRuHj4VNwsfDpmGzsHnYImwZPhG2Cp8MW4dtwrbhU2G78OmwffhMmBg+G3YIn/ul/8FFf96fFPYO+4SvhK+E3t8v50cXRNOiH0UXRhdF06MfRxdHP4lmRJdEl0aXRZdHV0RXRldFV0fXRNdG10XXRzdEN0Y3Rb2vlQMcOuGkUy5wMS6Hi3U5XS53jcvtrnV53HUu4q53ce4Gl9fd6PK5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd5Mr5m52xV0JV9KVcs6VdgmuhWvpWrpW7knX2rVxbd1T7in3tHvaPeOecc+6Du4519H9zXVyz7vO7gX3gnvRdXXdXHf3kuvhJuT59TOZ5Pq4Pq6v6+v6u/5uoBvoBrlBbrAb7JJdshvqhrphbpgb7oa7EW6EG+VGudFutBvjxrhxbpxLcSluopvoJrlJbrKb7Ka6qS7VpboZboab6Wa6KrN+PcpcN9fNd/NdmktzC13WmjHdLXaLXYbLcEvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O91Ot9vtdnv8db8O6va5/W6/O+AOuIPua5fpvnGH3LfusPvOHXHfu6PuB3fMHXcn3El3yv3oTrsz7qw75867n9wF97O76LxLiUyITIy8G5kUeS8yOTIlMjUyLZIamR6ZEXk/MjMyKzI78kFkTuTDyNzIvMj8yIJIWuSjyMLIokh65OPI4sgnkYzIksjSyLLI8siKiPeFtoa+iC/qo/4mX8zf7Iv7Er6kL+WdL+0T/C2+jL/Vl/W3+XL+dl/e3+Er+Iq+kn/cN/XNfHPfwrf0T/hW/knf2rfxbf1Tvp1/2rf3z/hE/6zv4J/zHf3ffCf/vO/sX/Bd/Iu+q+/mu/uXfA//su/pe/kk39v38a/4vr6f7+8H+IH+VT/Iv+YH+9d9sh/ih/o3/DD/ph/u3/Ij/Eg/KuZtP/ryJTKM9yl+gp/o3/WT/Ht+sp/ip/ppPtVP9zP8+36mn+Vn+w/8HP+hn+vn+fl+gU/zH/mFfpFP9x/7xf4Tn+GXXL6p7Ff6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+F3+l1+t//U7/Gf+b3+c7/Pf+H3+y/9Af+VP+i/9pn+G3/If+sP++/8Ef+9P+p/8Mf8cX/Cn/Sn/I/+tD/jz/pz/rz/yV/wP/uL/G/WGGOMMcb+SyZcaYo/6u/9B8+Jv9u5DwBcu61g5t/3Z60o1+f7td1PxLeLAMCzvbo8cnmrXj0pKenSvhkSgqLzAC7/SVCWGLgSL4G28DQkQhso84fz7ye6nad/Mn70doBcf5cTC1fiK+N/+SfjP/HUqIXlw7Nx/4/x5wEUL3olJydciZdAW5X12AbK/sn4+Vv9k/nn/CoFoPXf5eSGK/GV+SfAk/AcJP5mT8YYY4wxxhhj7Ff9RKVOl68/L/+Nzz+6Po9XV3JywJX4n12fM8YYY4wxxhhj7Op7vlv3Z55ITGzT6V9vVP1vZXHjf2rDe4DLzygA+DcHBPiPn8WW/8ixki99dP6xa/k5H8D/jFL+FY2r/MXEGGOMMcYY+8tdWfT/9nl1tSbEGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xlQ/+J/07sap8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdrX9nwAAAP//geYOMQ==")
rename(&(0x7f0000000040)='./file0/file0\x00', &(0x7f00000000c0)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x3a1)

11m16.445488451s ago: executing program 33 (id=4998):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0xf, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018400110800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000080)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
lchown(&(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
getdents(r3, 0x0, 0x0)
getdents64(r3, 0x0, 0x2)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x18)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)

8m45.894202354s ago: executing program 34 (id=5363):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_KEY_SET(r5, 0x0, 0x4000004)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
socket$packet(0x11, 0x2, 0x300)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x800, &(0x7f0000000380)=ANY=[@ANYBLOB='iocharset=maciceland,umask=00000000000010000000011,iocharset=cp948,errors=remount-ro,uid=', @ANYRESHEX=0x0, @ANYBLOB=',iocharset=cp950,gid=', @ANYRESHEX=0x0, @ANYBLOB=',errors=remount-ro,discard,errors=continue,\x00'], 0x5, 0x1510, &(0x7f00000037c0)="$eJzs3Am4TlX7MPD7Xmvt45D0dJLhsNa6N08yLCdJMiTJkCRJkmRKSDrJKwmJQ6akQxKS4ZAMh5AMJ0465nkekyTpJEmmTMn6rlN83t7qe//v/+17/a//uX/Xta9n3c/a99prP/czrL0N33UZWrNxrWoNiQj+LfjrQxIAxALAQAC4DgACACgXVy4uqz+nxKR/7yDsr/VI6tWeAbuauP7ZG9c/e+P6Z29c/+yN65+9cf2zN65/9sb1Zyw72zy94PW8Zd+N7/9nZ/z7/79IZumxX60tfWPXfyGF65+9cf3/1wr+Kztx/bM3rn/2xvXP3rj+2UGOP+3h+mdvXH/GsrOrff+Zt6u7Xe33H2OMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yx7OGsv0IBwOX21Z4XY4wxxhhjjDHG/jo+x9WeAWOMMcYYY4wxxv7/QxAgQUEAMZADYiEn5AIBANdCHrgOInA9xMENkBduhHyQHwpAQYiHQlAYNBiwQBBCESgKUbgJisHNUBxKQEkoBQ5KQwLcAmXgVigLt0E5uB3Kwx1QASpCJagMd0IVuAuqwt1QDe6B6lADakItuBdqw31QB+6HuvAA1IMHoT48BA3gYWgIj0AjeBQaw2PQBB6HptAMmkMLaPnfyn8JesDL0BN6QRL0hj7wCvSFftAfBsBAeBUGwWswGF6HZBgCQ+ENGAZvwnB4C0bASBgFb8NoeAfGwFgYB+MhBSbARHgXJsF7MBmmwFSYBqkwHWbA+zATZsFs+ADmwIcwF+bBfFgAafARLIRFkA4fw2L4BDJgCSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBbvhU9gDn8Fe+Bz2wRf/Yv6Zf8jvioCAAgUqVBiDMRiLsZgLc2FuzI15MA9GMIJxGId5MS/mw3xYAAtgPMZjYSyMBg0SEhbBIhjFKBbDYlgci2NJLIkOHSZgApbBW7EslsVyWA7LY3msgBWxIlbGylgFq2BVrIrVsBpWx+pYE2vivXgv9sY6WAfrYl2sh/Uu357ChtgQG2EjbIyNsQk2wabYFJtjc2yJLbEVtsLW2BrbYltsh+2wPbbHREzEDtgBO2JH7ISdsDN2xi7YBbtiN+yGL+UAfBlfxl5YXfTGPtgH+2Jyjv44AAfgqzgIX8PX8HVMxiE4FN/AN/BNHI6ncQSOxFE4CquId3AMjkUS4zEFU3AiTsRJOAkn4xScgtMwFafjDJyBM3EWzsIPcA5+iB/iPJyHCzAN03AhLsJ0TMfFeAYzcAkuxWW4HFfgclyFq3EVrsV1uBY34AbchJtwC27BbbgNd+AO3IUKAD/Fz/AzTMZ9uA/34348gAfwIB7ETMzEQ3gID+NhPIJH8CgexWN4HE/gcTyFp/A0nsGzeBbP43m8gC/Ef9NoV4k1ySCyKKFEjIgRsSJW5BK5RG6RW+QReURERESciBN5RV6RT+QTBUQBES/iRWFRWBhhBIkwBgBEVERFMVFMFBfFRUlRUjjhRIJIEGVEGVFWlBXlxO2ivLhDVBAVRRtXWVQWVURbV1XcLaqJaqK6qCFqilqilqgtaos6oo6oK+qKeqKeqC8eEg1Eb+yPj4isyjQWQ7CJGIpNRTMhL32DtRLDsbVoI9qKp8RIHIHtRSuXKJ4VHcQY7Cj+Jsbi86KzGI9dxIuiq+gmuouXRA/R2vUUvcRk7C36iGnYV/QT/cUAMRNriA9wTs6a4nWRLIaIoeINsQDfFMPFW2KEGClGibfFaPGOGCPGinFivEgRE8RE8a6YJN4Tk8UUMVVME6liupgh3hczxSwxW3wg5ogPxVwxT8wXC0Sa+EgsFItEuvhYLBafiAyxRCwVy8RysUKsFKvEarFGrBXrxHqxQWwUm8RmsUVsFdvEdrFD7BS7xG7xqdgjPhN7xedin/hC7BdfigPiK3FQfC0yxTfikPhWHBbfiSPie3FU/CCOiePihDgpTokfxWlxRpwV58R58ZO4IH4WF4UXIFEKKaWSgYyROWSszClzyWtkbhlcenWvl3HyBplX3ijzyfyygCwo42UhWVhqaaSVJENZRBaVUXmTLCZvlsVlCVlSlpJOlpYJ8hZZRt4qy8rbZDl5uywv75AVZEVZSVaWd8oq8i4JkV+PUV3WkDVlLXmvrC3vk3Xk/bKufEDWkw/K+vIh2UA+LBvKR2Qj+ahsLB+TTeTjsqlsJpvLFrKlfEK2kk/K1rKNbCufku3k07K9fEYmymdlB+kvvUWel53lC7KLfFF2ld1kd/mzvCi97Cl7SYDeso98RfaV/WR/OUAOlK/KQfI1OVi+LpPlEDlUviGHyTflcPmWHCFHylHybTlaviPHyLFynBwvU+QEOVG+KyfJ9+RkOUVOldNkqpwu+18aabaU/zT/3T/IH/zL0TfJzXKL3Cq3ye1yh9wpd8ndcrfcI/fIvXKv3Cf3yf1yvzwgD8iD8qDMlJnykDwkD8vD8og8Io/Ko/KYPC7PyZPylPxRnpZn5Bl5Tp6X5+WFS68BKFRCSaVUoGJUDhWrcqpc6hqVW12r8qjrVERdr+LUDSqvulHlU/lVAVVQxatCqrDSyiirSIWqiCqqouomvPSGUSVVKeVUaZWgbvlX8lUxdbMqrkr8Jv/y/JL+ZH4tVUvVSrVSrVVr1Va1Ve1UO9VetVeJKlF1UB1UR9VRdVKdVGfVWXVRXVRX1VV1V91VD9VD9VQ9VZJKUn3UK6qv6qf6qwFqoHpVDVKD1GA1WCWrZDVUDVXD1DA1XA1XI9QINUqNUqPVaDVGjVHj1DiVolLURDVRTVKT1GQ1WU1VU1WqSlUz1Aw1U81Us9VsNUfNUXPVXDVfzVdpKk0tVAtVukpXi9VilaGWqCVqmVqmVqgVapVapdaoNWqdWqc2qA0qQ21Wm9VWtVVtV9vVTrVT7Va71R61R+1Ve9U+tU/tV/vVAXVAHVQHVabKVIfUIXVYHVZH1BF1VB1Vx9QxdUKdUKfUKXVanVZn1Vl1Xp1XF9QFdVFdzFr2BSIQgQpUEBPEBLFBbJAryBXkDnIHeYI8QSSIBHFBXJA3uDHIF+QPCgQFg/igUFA40IEJbCAuFT0a3BQUC24OigclgpJBqcAFpYOE4JagTHBrUDa4LSgX3B6UD+4IKgQVg0pB5eDOoEpwV1A1uDuoFtwTVA9qBDWDWsG9Qe3gvqBOcH9QN3ggqBc8GNQPHgoaBA8HDYNHgkbBo0Hj4LGgSfB40DRoFjQPWgQt/9LxvT+d/0nXU/fSSbq37qNf0X11P91fD9AD9at6kH5ND9av62Q9RA/Vb+hh+k09XL+lR+iRepR+W4/W7+gxeqwep8frFD1BT9Tv6kn6PT1ZT9FT9TSdqqfrGfp9PVPP0rP1B3qO/lDP1fP0fL1Ap+mP9EK9SKfrj/Vi/YnO0Ev0Ur1ML9cr9Eq9Sq/Wa/RavU6v1xv0Rr1Jb9Zb9Fa9TW/XO/ROvUvv1p/qPfozvVd/rvfpL/R+/aU+oL/SB/XXOlN/ow/pb/Vh/Z0+or/XR/UP+pg+rk/ok/qU/lGf1mf0WX1On9c/6Qv6Z31R+6zFfdbPu1FGmRgTY2JNrMllcpncJrfJY/KYiImYOBNn8pq8Jp/JZwqYAibexJvCprDJQoZMEVPERE3UFDPFTHFT3JQ0JY0zziSYBFPGlDFlTVlTzpQz5U15U8FUMJVMJXOnudPcZe4yd5u7zT3mHlPD1DC1TC1T29Q2dUwdU9fUNfVMPVPf1DcNTAPT0DQ0jUwj09g0Nk1ME9PUNDXNTXPT0rQ0rUwr09q0Nm1NW9POtDPtTXuTaBJNB9PBdDQdTSfTyXQ2nU0X08V0NV1Nd9Pd9DA9TE/T0ySZJNPH9DF9TV/T3/Q3A81AM8gMMoPNYJNsks1QM9QMM8PMcDPcjDAjzaishap5x4wxY804M96kmBQz0Uw0k8wkM9lMNlPNVJNqUs0MM8PMNDPNbDPbzDFzzFwz18w3802aSTMLzUKTbtLNYrPYZJgMs9QsNcvNcrPSrDSrzWqz1qw162G92Wg2ms1ms9lqtprtZrvZaXaa3Wa32WP2mL1mr9ln9pn9Zr85YA6Yg+agyTSZ5pA5ZA6bw+aIOWKOmqPmmDlmTpgT5pQ5ZU6b0+asOWvOm/yXfi+9ibU5bS57jc1tr7V57HX2H+MCtqCNt4VsYattPpv/N7Gx1ha3JWxJW8o6W9om2Ft+F1ewFW0lW9neaavYu2zV38W17X22jr3f1rUP2Fr23t/E9eyDtr59zDZABLDNbCPbwja2j9km9nHb1DazzW0L284+bdvbZ2yifdZ2sM/9Ll5oF9nVdo1da9fZPfYze9aes4ftd/a8/cn2tL3sQPuqHWRfs4Pt6zbZDvldPMq+bUfbd+wYO9aOs+N/F0+102yqnW5n2PftTDvrd3Ga/cjOsel2rp1n59sFv8RZc0q3H9vF9hObYZfYpXaZXW5X2JV21f+d6zK7wW60m+xu+6ndarfZ7XaH3Wl3/RJnncde+7ndZ7+wh+y39oD9yh60R2ym/eaXOOv8jtjv7VH7gz1mj9sT9qQ9ZX+0p+2ZX84/69xP2p/tRestEBKQJEUBxVAOiqWclIuuodx0LeWh6yhC11Mc3UB56UbKR/mpABWkeCpEhUmTIUtEIRWhohSlm+jyOr0klSJHpSmBbqEydCuVpduoHN1O5ekOqkAVqRJVpjupCt1FVeluqkb3UHWqQTWpFt1Ltek+qkP3U116gOrRg1SfHqIG9DA1pEeoET1KjekxakKPU1NqRs2pBbWkJ6gVPUmtqQ21paeoHT1N7ekZSqRnqQM9Rx3pb9SJnqfO9AJ1oRepK3Wj7vQS9aCXqSf1oiTqTX3oFepL/ag/DaCB9CoNotdoML1OyTSEhtIbNIzepOH0Fo2gkTSK3qbR9A6NobE0jsZTCk2gifQuTaL3aDJNoak0jVJpOs2g92kmzaLZ9AHNoQ9pLs2j+bSA0ugjWkiLKJ0+psX0CWXQElpKy2g5raCVtIpW0xpaS+toPW2gjbSJNtMW2krbaDvtoJ20i3bTp7SHPqO99Dntoy9oP31JB+grOkhfUyZ9Q4foWzpM39ER+t73oh/oGB2nE3SSTtGPdJrO0Fk6R+fpJ7pAP9NF8gQhhiKUoQqDMCbMEcaGOcNc4TVh7vDaME94XRgJrw/jwhvCvOGNYb4wf1ggLBjGh4XCwqEOTWhDCsOwSFg0jIY3hcXCm8PiYYmwZFgqdGHpMCG8JSwT3hqWDW8Ly4W3h+XDO8IKYcXwsQcqh3eGVcK7wqrh3WG18J6welgjrBnWCu8Na4f3hXXC+8O64QNh2fDBsH74UNggfDhsGD4SNgofDRuHj4VNwsfDpmGzsHnYImwZPhG2Cp8MW4dtwrbhU2G78OmwffhMmBg+G3YIn/ul/8FFf96fFPYO+4SvhK+E3t8v50cXRNOiH0UXRhdF06MfRxdHP4lmRJdEl0aXRZdHV0RXRldFV0fXRNdG10XXRzdEN0Y3Rb2vlQMcOuGkUy5wMS6Hi3U5XS53jcvtrnV53HUu4q53ce4Gl9fd6PK5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd5Mr5m52xV0JV9KVcs6VdgmuhWvpWrpW7knX2rVxbd1T7in3tHvaPeOecc+6Du4519H9zXVyz7vO7gX3gnvRdXXdXHf3kuvhJuT59TOZ5Pq4Pq6v6+v6u/5uoBvoBrlBbrAb7JJdshvqhrphbpgb7oa7EW6EG+VGudFutBvjxrhxbpxLcSluopvoJrlJbrKb7Ka6qS7VpboZboab6Wa6KrN+PcpcN9fNd/NdmktzC13WmjHdLXaLXYbLcEvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O91Ot9vtdnv8db8O6va5/W6/O+AOuIPua5fpvnGH3LfusPvOHXHfu6PuB3fMHXcn3El3yv3oTrsz7qw75867n9wF97O76LxLiUyITIy8G5kUeS8yOTIlMjUyLZIamR6ZEXk/MjMyKzI78kFkTuTDyNzIvMj8yIJIWuSjyMLIokh65OPI4sgnkYzIksjSyLLI8siKiPeFtoa+iC/qo/4mX8zf7Iv7Er6kL+WdL+0T/C2+jL/Vl/W3+XL+dl/e3+Er+Iq+kn/cN/XNfHPfwrf0T/hW/knf2rfxbf1Tvp1/2rf3z/hE/6zv4J/zHf3ffCf/vO/sX/Bd/Iu+q+/mu/uXfA//su/pe/kk39v38a/4vr6f7+8H+IH+VT/Iv+YH+9d9sh/ih/o3/DD/ph/u3/Ij/Eg/KuZtP/ryJTKM9yl+gp/o3/WT/Ht+sp/ip/ppPtVP9zP8+36mn+Vn+w/8HP+hn+vn+fl+gU/zH/mFfpFP9x/7xf4Tn+GXXL6p7Ff6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+F3+l1+t//U7/Gf+b3+c7/Pf+H3+y/9Af+VP+i/9pn+G3/If+sP++/8Ef+9P+p/8Mf8cX/Cn/Sn/I/+tD/jz/pz/rz/yV/wP/uL/G/WGGOMMcb+SyZcaYo/6u/9B8+Jv9u5DwBcu61g5t/3Z60o1+f7td1PxLeLAMCzvbo8cnmrXj0pKenSvhkSgqLzAC7/SVCWGLgSL4G28DQkQhso84fz7ye6nad/Mn70doBcf5cTC1fiK+N/+SfjP/HUqIXlw7Nx/4/x5wEUL3olJydciZdAW5X12AbK/sn4+Vv9k/nn/CoFoPXf5eSGK/GV+SfAk/AcJP5mT8YYY4wxxhhj7Ff9RKVOl68/L/+Nzz+6Po9XV3JywJX4n12fM8YYY4wxxhhj7Op7vlv3Z55ITGzT6V9vVP1vZXHjf2rDe4DLzygA+DcHBPiPn8WW/8ixki99dP6xa/k5H8D/jFL+FY2r/MXEGGOMMcYY+8tdWfT/9nl1tSbEGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xlQ/+J/07sap8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdrX9nwAAAP//geYOMQ==")
rename(&(0x7f0000000040)='./file0/file0\x00', &(0x7f00000000c0)='./file1\x00')

7m2.531148659s ago: executing program 0 (id=5611):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r3}, 0x18)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x281c2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r4}, 0x18)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f0000000340)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4dc, &(0x7f0000000d80)="$eJzs3d9rHFsdAPDvTLK3v3JNrvpwveBtsZW0aHeTxrbBh1pB7FPBWt9rTDYhZJMN2U3bhCIpviuIqOCTT74I/gGC9E8QoaDvUkURbfXBB3VlZ2drG3eTlG52LsnnA9M5M2d3v9/TsGfmzBx2Aji2zkXEzYgYiYhLETGe70/z5Va7/k7ndS+eP5pvL0m0Wnf/mkSS7+t+VpKvz0TETkScjIiv34r4VvL/cRtb2ytztVp1I9+uNFfXK42t7cvLq3NL1aXq2szM9LXZ67NXZ6cG0s6JiLjxlT/+8Hs/++qNX33+we/v/fnit9tpjeX1r7ZjkDpNL2X/F12jEbFxGMEKMJKvS33qvzsyxGQAANhX+xz/4xHxmez8fzxGsrNTAAAA4ChpfWks/pVEtAAAAIAjK83mwCZpOZ8LMBZpWi535vB+Mk6ntXqj+bnF+ubaQmeu7ESU0sXlWnUqnys8EaWkvT2dz7Htbl/ZtT0TEe9FxA/GT2Xb5fl6baHoix8AAABwTJzZNf7/x3g2/j9RdF4AAADAgE0UnQAAAABw6Iz/AQAA4Ogz/gcAAIAj7Wu3b7eXVvf51wv3tzZX6vcvL1QbK+XVzfnyfH1jvbxUry9lv9m3ut/n1er19S/E2ubDSrPaaFYaW9v3Vuuba817y689AhsAAAAYovfOPvldEhE7XzyVLW3vFJ0UMBTJPvXZQ0Ke5Rt/GEJCwNCMFJ0AUJjRohMAClMqOgGgcPtdB+g7eefXg88FAAA4HJOf6n//37UBONrSohMAAIbO/X84vkqvzwC8WlwmQFE+tk/929//b7XeKCEAAGDgxrIlScv5vcCxSNNyOeLd7LEApWRxuVadyscHvx0vnWhvT2fvTPadMwwAAAAAAAAAAAAAAAAAAAAAAAAAdLRaSbQAAACAIy0i/VOS/Zp/xOT4hbHd1wfeSf45nq0j4sFP7v7o4VyzuTHd3v+3l/ubP873XyniCgYAAACwW3ec3h3HAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAgvXj+aL67DDPuX74cERM94589ma1ORikiTv89idFX3pdExMgA4u88joj3e8VP2mnFRHSy6BX/VIHx04g4M4D4cJw9afc/N3t9/9I4l617f/9G8+Vt9e//0uj2fyN9+p93Dxjjg6e/qPSN/zjig9He/U83ftIn/vkDxv/mN7a3+9W1fhox2fP4k7wWq9JcXa80trYvL6/OLVWXqmszM9PXZq/PXp2dqiwu16r5vz1jfP/Tv/zPXu0/3Sf+xD7tv3DA9v/76cPnn+gUS73iXzzf+/j7fp/4aX7s+2xebtdPdss7nfKrPvz5bz7cq/0Lfdr/8u/f40DbjnnxgO2/dOc7zw74UgBgCBpb2ytztVp1460Kg/qcNyykUUBQhUMqnPhopKHQKezVayTD66AAAICB+d9Jf9GZAAAAAAAAAAAAAAAAAAAAwPE1jJ8T2x1zp5imAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs6b8BAAD///JI2KQ=")
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000dc0)=@updpolicy={0xfc, 0x19, 0x1, 0x4000000, 0x0, {{@in6=@empty, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@local, 0x0, 0x3c}, 0x0, @in6=@private1}]}]}, 0xfc}}, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r7, &(0x7f0000d84000)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
sendto$inet6(r7, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0xfffe}, 0x1c)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r5, 0x1, 0x0, 0xfffffffd, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)

6m47.723003877s ago: executing program 35 (id=5611):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r3}, 0x18)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x281c2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r4}, 0x18)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f0000000340)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4dc, &(0x7f0000000d80)="$eJzs3d9rHFsdAPDvTLK3v3JNrvpwveBtsZW0aHeTxrbBh1pB7FPBWt9rTDYhZJMN2U3bhCIpviuIqOCTT74I/gGC9E8QoaDvUkURbfXBB3VlZ2drG3eTlG52LsnnA9M5M2d3v9/TsGfmzBx2Aji2zkXEzYgYiYhLETGe70/z5Va7/k7ndS+eP5pvL0m0Wnf/mkSS7+t+VpKvz0TETkScjIiv34r4VvL/cRtb2ytztVp1I9+uNFfXK42t7cvLq3NL1aXq2szM9LXZ67NXZ6cG0s6JiLjxlT/+8Hs/++qNX33+we/v/fnit9tpjeX1r7ZjkDpNL2X/F12jEbFxGMEKMJKvS33qvzsyxGQAANhX+xz/4xHxmez8fzxGsrNTAAAA4ChpfWks/pVEtAAAAIAjK83mwCZpOZ8LMBZpWi535vB+Mk6ntXqj+bnF+ubaQmeu7ESU0sXlWnUqnys8EaWkvT2dz7Htbl/ZtT0TEe9FxA/GT2Xb5fl6baHoix8AAABwTJzZNf7/x3g2/j9RdF4AAADAgE0UnQAAAABw6Iz/AQAA4Ogz/gcAAIAj7Wu3b7eXVvf51wv3tzZX6vcvL1QbK+XVzfnyfH1jvbxUry9lv9m3ut/n1er19S/E2ubDSrPaaFYaW9v3Vuuba817y689AhsAAAAYovfOPvldEhE7XzyVLW3vFJ0UMBTJPvXZQ0Ke5Rt/GEJCwNCMFJ0AUJjRohMAClMqOgGgcPtdB+g7eefXg88FAAA4HJOf6n//37UBONrSohMAAIbO/X84vkqvzwC8WlwmQFE+tk/929//b7XeKCEAAGDgxrIlScv5vcCxSNNyOeLd7LEApWRxuVadyscHvx0vnWhvT2fvTPadMwwAAAAAAAAAAAAAAAAAAAAAAAAAdLRaSbQAAACAIy0i/VOS/Zp/xOT4hbHd1wfeSf45nq0j4sFP7v7o4VyzuTHd3v+3l/ubP873XyniCgYAAACwW3ec3h3HAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAgvXj+aL67DDPuX74cERM94589ma1ORikiTv89idFX3pdExMgA4u88joj3e8VP2mnFRHSy6BX/VIHx04g4M4D4cJw9afc/N3t9/9I4l617f/9G8+Vt9e//0uj2fyN9+p93Dxjjg6e/qPSN/zjig9He/U83ftIn/vkDxv/mN7a3+9W1fhox2fP4k7wWq9JcXa80trYvL6/OLVWXqmszM9PXZq/PXp2dqiwu16r5vz1jfP/Tv/zPXu0/3Sf+xD7tv3DA9v/76cPnn+gUS73iXzzf+/j7fp/4aX7s+2xebtdPdss7nfKrPvz5bz7cq/0Lfdr/8u/f40DbjnnxgO2/dOc7zw74UgBgCBpb2ytztVp1460Kg/qcNyykUUBQhUMqnPhopKHQKezVayTD66AAAICB+d9Jf9GZAAAAAAAAAAAAAAAAAAAAwPE1jJ8T2x1zp5imAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs6b8BAAD///JI2KQ=")
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000dc0)=@updpolicy={0xfc, 0x19, 0x1, 0x4000000, 0x0, {{@in6=@empty, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@local, 0x0, 0x3c}, 0x0, @in6=@private1}]}]}, 0xfc}}, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r7, &(0x7f0000d84000)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
sendto$inet6(r7, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0xfffe}, 0x1c)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r5, 0x1, 0x0, 0xfffffffd, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)

2m4.548956534s ago: executing program 1 (id=6274):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x2, 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}})

2m2.866476937s ago: executing program 1 (id=6278):
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="800202000a000200577f"], 0x48}}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x3, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x0, 0x9}, {0xffff, 0xffff}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x8000d8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x404}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e00000008000000000018000380140003801000018004000300080001"], 0x44}}, 0x0)

2m1.811031283s ago: executing program 1 (id=6282):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)

2m0.907949849s ago: executing program 1 (id=6285):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})

2m0.860104288s ago: executing program 1 (id=6288):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_dev$evdev(&(0x7f0000000200), 0x200, 0x0)
ioctl$EVIOCSCLOCKID(r1, 0x40084503, 0x0)

2m0.684463868s ago: executing program 1 (id=6289):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x8, 0x0, 0x4000}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r4, 0x11, 0x66, &(0x7f0000000100)=0xc6, 0x4)
setsockopt$inet6_udp_encap(r4, 0x11, 0x64, &(0x7f0000000780)=0x2, 0x4)
bind$inet6(r4, &(0x7f0000000280)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0xd2, &(0x7f0000000080)=ANY=[@ANYBLOB="ffffffffbfff00000000000086dd600489f1009c1100fc010000000000000025030000000000ff02000000000000000000000000000100000e22"], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x42004}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)

1m59.949578964s ago: executing program 36 (id=6289):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x8, 0x0, 0x4000}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r4, 0x11, 0x66, &(0x7f0000000100)=0xc6, 0x4)
setsockopt$inet6_udp_encap(r4, 0x11, 0x64, &(0x7f0000000780)=0x2, 0x4)
bind$inet6(r4, &(0x7f0000000280)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0xd2, &(0x7f0000000080)=ANY=[@ANYBLOB="ffffffffbfff00000000000086dd600489f1009c1100fc010000000000000025030000000000ff02000000000000000000000000000100000e22"], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x42004}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)

1m35.558271562s ago: executing program 7 (id=6381):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
socket$inet6(0xa, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r4 = dup(r3)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="a8"], 0xa8)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}})

1m35.16522587s ago: executing program 7 (id=6382):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
sendmsg$key(0xffffffffffffffff, 0x0, 0x4000000)
open(0x0, 0x400141042, 0x0)
r5 = gettid()
kcmp$KCMP_EPOLL_TFD(r5, r5, 0x7, 0xffffffffffffffff, 0x0)

1m33.399687133s ago: executing program 7 (id=6389):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e2793b10d10501200006010203010902120008000000000904"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000bc0)={0x34, &(0x7f0000000900)={0xa332691f6e0b1d83, 0xf, 0x5, "21a7f8f666"}, 0x0, 0x0, 0x0, 0x0, 0x0})

1m31.610420845s ago: executing program 7 (id=6402):
syz_mount_image$ext4(&(0x7f0000001280)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x208000, &(0x7f00000003c0)={[{@sysvgroups}, {@nodelalloc}]}, 0x1, 0x4fe, &(0x7f0000000540)="$eJzs3c9vI1cdAPDvTOIkm6ZNCpUKCOhSCgtarZ1426jqqVxAqKqEqDhxSEPijaLYcRQ7pQkrNfkfkKjEAcGJMwckDpV64ojgBrdeygGpwAq0QeJgNP6RzW7sJOw6tmp/PtJo5s0bz/e9teY97zeJXwBj63pEHEbEVES8HRHz7fNJe4vXW1t23f17d9eO791dS6LReOsfSbM+OxenXpN5qn3PmYj4/ncifpScjVvbP9haLZdLu+1yoV7ZKdT2D25tVlY3Shul7WJxeWl58dXbrxT71tcXKr/55Nubb/zgg9996eM/HX7zJ1mz5tp1p/vRT62u507iZCYj4o2rCDYEE+3+TA27ITyWNCI+ExEvNp//+ZhovpuX0+WxBgA+BRqN+WjMny4DAKMubebAkjTfzgXMRZrm860c3nMxm5artfrNO9W97fVWrmwhcumdzXJpsZ0rXIhckpWX3suOH5SL8XD5dkQ8GxE/nb7WLOfXLp9nAAD666lH5v9/T7fmfwBgxM1cdMHKYNoBAAzOhfM/ADByzP8AMH7M/wAwfsz/ADB+zP8AMG4+6sz/E8NuCQAwEN97881saxy3v/96/Z39va3qO7fWS7WtfGVvLb9W3d3Jb1SrG+VSfq1aueh+5Wp1Z+nl2Hu3UC/V6oXa/sFKpbq3XV9pfq/3Sik3kF4BAOd59oUP/5JExOFr15pbnFrLwVwNoy0ddgOAoZHzh/HlW7hhfPk/PnDRWp49f0X4/ccI1njvMV4E9NuNz8v/w7jqkv+XEoAxIf8P48tkD+Or0Uh6rfmfnlwCAIwUOX5goD//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBEx19wWTpXTNJ+PeDoiFiKX3NkslxYj4pmI+PN0bjorLw21xQDAk0v/lrTX/7ox/9Lco7VTyX+uNfcR8eOfv/Wzd1fr9d2l7Pw/pzvn6++3zxeH0X4A4CKdebozj3fcv3d3rbMNsj2ffKu1uGgW97i9tWomYzLb/XEmchEx+6+kVW7LPq9M9CH+4VFEfK5b/5NmbmShvfLpo/Gz2E8PNH76UPy0WdfaZ/8Wnz1z5+meMS9a6xXGxYfZ+PN6t+cvjevN/UzXxY9nmiPUk+uMf8dnxr/O8z7THGu6jX/XLxvj5d9/t2fdUcQXJrvFT07iJz3iv3RSmjo3/kdf/PKLveoav4y4Ed3jn45VqFd2CrX9g1ubldWN0kZpu1hcXlpefPX2K8VCM0dd6GSqz/r7azef6dn/X0fM9og/c0H/v3ZurxsnA/Cv/vv2D7/SK/5RxDe+2v39f+6c+Nmc+PVz4z+wOvvbnst3Z/HXW/0/+n/f/5uXjP/xXw/WL3kpADAAtf2DrdVyubTb14NcdKma7k+I5Ira7GDED7LP4096n+fbKbOu1/zhFx88n1UOvad9ORjywARcuQcP/bBbAgAAAAAAAAAAAAAA9HLlf06UDruHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjLL/BQAA//8SwcrQ")
open(&(0x7f0000000340)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
pwritev2(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000000)='$', 0x100000}], 0x2, 0x1400, 0x0, 0x3)

1m31.399325564s ago: executing program 7 (id=6404):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, 0x0, 0x0, 0x81, 0x0, 0x0, 0xe7681c38bdbee7c1, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0))
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)

1m31.040522723s ago: executing program 7 (id=6405):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)

1m30.974199593s ago: executing program 37 (id=6405):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)

1m22.592355077s ago: executing program 8 (id=6427):
r0 = open(&(0x7f00000001c0)='.\x00', 0x0, 0x0)
getdents(r0, &(0x7f0000000900)=""/4105, 0x1009)

1m22.557069307s ago: executing program 8 (id=6429):
r0 = socket$inet(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)

1m20.396159518s ago: executing program 8 (id=6433):
ioctl$F2FS_IOC_START_ATOMIC_WRITE(0xffffffffffffffff, 0xf501, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/packet\x00')
pread64(r0, 0x0, 0x0, 0x38)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getrlimit(0x3, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001000000", @ANYRES32, @ANYBLOB="0400"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
execveat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0, 0x0)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)

1m17.448996236s ago: executing program 8 (id=6443):
syz_mount_image$ext4(&(0x7f0000001280)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x208000, &(0x7f00000003c0)={[{@sysvgroups}, {@nodelalloc}]}, 0x1, 0x4fe, &(0x7f0000000540)="$eJzs3c9vI1cdAPDvTOIkm6ZNCpUKCOhSCgtarZ1426jqqVxAqKqEqDhxSEPijaLYcRQ7pQkrNfkfkKjEAcGJMwckDpV64ojgBrdeygGpwAq0QeJgNP6RzW7sJOw6tmp/PtJo5s0bz/e9teY97zeJXwBj63pEHEbEVES8HRHz7fNJe4vXW1t23f17d9eO791dS6LReOsfSbM+OxenXpN5qn3PmYj4/ncifpScjVvbP9haLZdLu+1yoV7ZKdT2D25tVlY3Shul7WJxeWl58dXbrxT71tcXKr/55Nubb/zgg9996eM/HX7zJ1mz5tp1p/vRT62u507iZCYj4o2rCDYEE+3+TA27ITyWNCI+ExEvNp//+ZhovpuX0+WxBgA+BRqN+WjMny4DAKMubebAkjTfzgXMRZrm860c3nMxm5artfrNO9W97fVWrmwhcumdzXJpsZ0rXIhckpWX3suOH5SL8XD5dkQ8GxE/nb7WLOfXLp9nAAD666lH5v9/T7fmfwBgxM1cdMHKYNoBAAzOhfM/ADByzP8AMH7M/wAwfsz/ADB+zP8AMG4+6sz/E8NuCQAwEN97881saxy3v/96/Z39va3qO7fWS7WtfGVvLb9W3d3Jb1SrG+VSfq1aueh+5Wp1Z+nl2Hu3UC/V6oXa/sFKpbq3XV9pfq/3Sik3kF4BAOd59oUP/5JExOFr15pbnFrLwVwNoy0ddgOAoZHzh/HlW7hhfPk/PnDRWp49f0X4/ccI1njvMV4E9NuNz8v/w7jqkv+XEoAxIf8P48tkD+Or0Uh6rfmfnlwCAIwUOX5goD//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBEx19wWTpXTNJ+PeDoiFiKX3NkslxYj4pmI+PN0bjorLw21xQDAk0v/lrTX/7ox/9Lco7VTyX+uNfcR8eOfv/Wzd1fr9d2l7Pw/pzvn6++3zxeH0X4A4CKdebozj3fcv3d3rbMNsj2ffKu1uGgW97i9tWomYzLb/XEmchEx+6+kVW7LPq9M9CH+4VFEfK5b/5NmbmShvfLpo/Gz2E8PNH76UPy0WdfaZ/8Wnz1z5+meMS9a6xXGxYfZ+PN6t+cvjevN/UzXxY9nmiPUk+uMf8dnxr/O8z7THGu6jX/XLxvj5d9/t2fdUcQXJrvFT07iJz3iv3RSmjo3/kdf/PKLveoav4y4Ed3jn45VqFd2CrX9g1ubldWN0kZpu1hcXlpefPX2K8VCM0dd6GSqz/r7azef6dn/X0fM9og/c0H/v3ZurxsnA/Cv/vv2D7/SK/5RxDe+2v39f+6c+Nmc+PVz4z+wOvvbnst3Z/HXW/0/+n/f/5uXjP/xXw/WL3kpADAAtf2DrdVyubTb14NcdKma7k+I5Ira7GDED7LP4096n+fbKbOu1/zhFx88n1UOvad9ORjywARcuQcP/bBbAgAAAAAAAAAAAAAA9HLlf06UDruHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjLL/BQAA//8SwcrQ")
open(&(0x7f0000000340)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x44842, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)='$', 0x100000}], 0x2, 0x1400, 0x0, 0x3)

1m17.187254455s ago: executing program 8 (id=6446):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000186000e900000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000180000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast})

1m16.875963373s ago: executing program 2 (id=6447):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000080)="390000001300090468fe0700000000000000ff3f08000000480100100000000019002b000a0001000500000000000072080003000500000000", 0x39}], 0x1)

1m16.776949003s ago: executing program 2 (id=6450):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
syz_clone3(&(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

1m16.760013503s ago: executing program 2 (id=6451):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
socket$inet6(0xa, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}})

1m16.712543923s ago: executing program 8 (id=6452):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000100)={[{@errors_remount}, {@namecase}, {@gid={'gid', 0x3d, 0xee00}}, {@errors_remount}, {@iocharset={'iocharset', 0x3d, 'euc-jp'}}, {@errors_continue}, {@gid}, {@iocharset={'iocharset', 0x3d, 'macceltic'}}, {@umask={'umask', 0x3d, 0x3ff}}, {@dmask}]}, 0x1, 0x1534, &(0x7f0000000380)="$eJzs3AucTtX6OPDnWWvtMSbpbZLLsNZ6Nm8SyyRJLklySZIkSXJLSJrkSEJiyC1pSJJch+QyhOQyMWnc7/dLQpI0SRKSW7L+H8Vfnep3zvmdfjmfM8/383k/1jNrP2s/+33ey94b83WnwdUb1qhSn4jg34I//5EMALEA0B8ArgKAAADKxJeJPz+fU2Lyv7cT9ud6MO1yV8AuJ+5/9sb9z964/9kb9z974/5nb9z/7I37n71x/xnLzjZOLXA1P7Lvg+////er+4cz/P3/XySr5OjPV5e8tjNAzD+bwv3P3rj//7WCf2Yj7n/2xv3PrmIvdwHsPwC//7ODHH84w/3P3rj/jGVnl/v+8+V+QCR7PweX+/XHGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYYyx7OOUvUQBwcXy562KMMcYYY4wxxtifx+e43BUwxhhjjDHGGGPs/x6CAAkKAoiBHBALOSEOBABcCbnhKojA1RAP10AeuBbyQj7IDwUgAQpCIdBgwAJBCIWhCEThOigK10MxuAGKQwlwUBIS4UYoBTdBabgZysAtUBZuhXJQHipARbgNKsHtUBnugCpwJ1SFalAdasBdUBPuhlpwD9SGe6EO3Ad14X6oBw9AfXgQGsBD0BAehkbwCDSGJtAUmkHz/1X+89ANXoDu0AOSoSf0ghehN/SBvtAP+sNLMABehoHwCqTAIBgMr8IQeA2GwuswDN6A4fAmjICRMApGwxgYC6kwDsbDWzAB3oaJMAkmwxRIg6kwDd6B6TADZsK7MAveg9kwB+bCPEiH92E+LIAM+AAWwoeQCYtgMSyBpbAMlsMKWAmrYDWsgbWwDtbDBtgIm2AzbIGtsA22w0ewAz6GnbALdsMnsAc+/RfzT/5dfmcEBBQoUKHCGIzBWIzFOIzDXJgLc2NujGAE4zEe82AezIt5MT/mxwRMwEJYCA0aJCQsjIUxilEsikWxGBbD4lgcHTpMxEQshTdhaSyNZbAMlsWyWA7LY3msiBWxElbCylgZq2AVrIpVsTpWx7vwLuyJtbAW1sbaWAfrXLw9hfWxPjbABtgQG2IjbISNsTE2xabYHJtjC2yBLbEltsbW2AbbYFtsi0mYhO2wHbbH9tgBO2BH7IidsBN2xi7YJev5HIAv4AvYA6uKntgLe2FvTMnRF/thP3wJB+DL+DK+gik4CAfjq/gqvoZD8QQOwzdwOA7HSmIkjsLRSGIspmIqjsfxOAEn4ESchJNwCqbhVJyG03A6zsAZ+C7OwvfwPZyDc3AepmM6zscFmIEZuBBPYiYuwsW4BJfiMlyKK3AlrsDVuAZX4zpchxtwA27CTbgFt+A23AYfoQLAj3EX7sIU3IN7cC/uxX24D/fjfszCLDyAB/AgHsRDeAgP42E8gkfxGB7F43gcT+BJPIWn8AyewbP4bMKXDT66YVUKiPOUUCJGxIhYESviRJzIJXKJ3CK3iIiIiBfxIo/II/KKvCK/yC8SRIIoJAoJI4wgEcYAgIiKqCgqiopiopgoLooLJ5xIFImilCglSovSooy4RZQVt4pyorxo5SqKiqKSaO0qiztEFVFFVBXVRHVRQ9QQNUVNUUvUErVFbVFH1BF1xf2inuiJffFBcb4zDcUgbCQGY2PRRMgLn2AtxFBsKVqJ1uJx8QYOw7aihUsST4l2YhS2F38To/EZ0VGMxU7iOdFZdBFdxfOim2jpuoseYiL2FL3EFOwt+oi+op+YjtXEuzgrZ3XxikgRg8Rg8aqYh6+JoeJ1MeynI31TjBAjxSgxWowRY0WqGCfGi7fEBPG2mCgmicliikgTU8U08Y6YLmaImeJdMUu8J2aLOWKumCfSxftivlggMsQHYqH4UGSKRWKxWCKWimViuVghVopVYrVYI9aKdWK92CA2ik1is9gitoptYrv4SOwQH4udYpfYLT4Re8SnYq/4TOwTn4v94guRJb4UB8RX4qD4WhwS34jD4ltxRBwVx8R34rj4XpwQJ8UpcVqcET+Is+JHcU54ARKlkFIqGcgYmUPGypwyTl4hc8ngwrN7tYyX18g88lqZV+aT+WUBmSALykJSSyOtJBnKwrKIjMrrZFF5vSwmb5DFZQnpZEmZKG+UpeRNsrS8WZaRt8iy8lZZTpaXFWRFeZusJG+XEPl5H1VlNVld1pB3yWS4W9aS98ja8l5ZR94n68r7ZT35gKwvH5QN5EOyoXxYNpKPyMayiWwqm8nm8lHZQj4mW8pWsrV8XLaRT8i28kmZJJ+S7aS/8BJ5RnaUz8pO8jnZWXaRXeWP8pz0srvsIaEnyF7yRdlb9pF9ZT/ZX74kB8iX5UD5ikyRg+Rg+aocIl+TQ+Xrcph8Qw6Xb8oRcqQcJUfLMXKsTJXj5Hj5lpwg35YT5SQ5WU6RaXKq7HthpZlS/sP8t34nf+BPe98gN8pNcrPcIrfKbXK7/EjukDvkTrlT7pa75R65R+6Ve+U+uU/ul/tllsySB+QBeVAelIfkIXlYHpZH5FF5Wn4nj8vv5Ql5Up6Up+UZeUaevfAcgEIllFRKBSpG5VCxKqeKU1eoXOpKlVtdpSLqahWvrlF51LUqr8qn8qsCKkEVVIWUVkZZRSpUhVURFVXX4YUXjCquSiinSqpEdeO/kq+KqutVMXXDr/Iv1pf8B/U1V81VC9VCtVQtVWvVWrVRbVRb1VYlqSTVTrVT7VV71UF1UB1VR9VJdVKdVWfVVXVV3VQ31V11V8kqWfVSL6reqo/qq/qp/uolNUANUAPVQJWiUtRgNVgNUUPUUDVUDVPD1HA1XI1QI9QoNUqNUWNUqkpV49V4NUFNUBPVRDVZTVZpKk1NU9PUdDVdzVQz1Sw1S81Ws9VcNVelq3Q1X81XGSpDLVQLVaZapBapJWqJWqaWqRVqhVqlVqk1ao1ap9apTLVRbVSb1Wa1VW1V29V2tUPtUDvVTrVb7VZ71B61V+1V+9Q+tV/tV1kqSx1QB9RBdVAdUofUYXVYHVFH1DF1TB1Xx9UJdUKdUqfUGXVGnVVn1Tl17vxpXyACEahABTFBTBAbxAZxQVyQK8gV5A5yB5EgEsQH8UGe4Nogb5AvyB8UCBKCgkGhQAcmsIG40PRocF1QNLg+KBbcEBQPSgQuKBkkBjcGpYKbgtLBzUGZ4JagbHBrUC4oH1QIKga3BZWC24PKwR1BleDOoGpQLage1AjuCmoGdwe1gnuC2sG9QZ3gvqBucH9QL3ggqB88GDQIHgoaBg8HjYJHgsZBk6Bp0Cxo/qeu7/2JfI+57rqHTtY9dS/9ou6t++i+up/ur1/SA/TLeqB+RafoQXqwflUP0a/pofp1PUy/oYfrN/UIPVKP0qP1GD1Wp+pxerx+S0/Qb+uJepKerKfoND1VT9Pv6Ol6hp6p39Wz9Ht6tp6j5+p5Ol2/r+frBTpDf6AX6g91pl6kF+sleqleppfrFXqlXqVX6zV6rV6n1+sNeqPepDfrLXqr3qa364/0Dv2x3ql36d36E71Hf6r36s/0Pv253q+/0Fn6S31Af6UP6q/1If2NPqy/1Uf0UX1Mf6eP6+/1CX1Sn9Kn9Rn9gz6rf9TntD9/cn/+690oo0yMiTGxJtbEmTiTy+QyuU1uEzERE2/iTR6Tx+Q1eU1+k98kmARTyBQy55EhU9gUNlETNUVNUVPMFDPFTXHjjDOJJtGUMqVMaVPalDFlTFlT1pQz5UwFU8HcZm4zt5vbzR3mDnOnudNUM9VMDVPD1DQ1TS1Ty9Q2tU0dU8fUNXVNPVPP1Df1TQPTwDQ0DU0j08g0No1NU9PUNDfNTQvTwrQ0LU1r09q0MW1MW9PWJJkk0860M+1Ne9PBdDAdTUfTyXQynU1n09V0Nd1MN9PddDfJJtn0Mr1Mb9Pb9DV9TX/T3wwwA8xAM9CkmBQz2Aw2Q8wQM9QMNcPMG2b4+RNVM9KMMqPNGDPWpJpUM96MNxPMBDPRTDSTzWSTZtLMNDPNTDfTzUwz08wys8xsM9vMNXNNukk38818k2EyzEKz0GSaTLPYLDZLzVKz3Cw3K81Ks9qsNmthrVlv1puNZqPZbDabrWar2W62mx1mh9lpdprdZrfZY/aYvWav2Wf2mf1mv8kyWeaAOWAOmoPmkDlkDpvD5og5Yo6ZY+a4OW5OmBPmlDllzph8F74vvYm1OW2cvcLmslfa3PYq+/dxflvAJtiCtpDVNq/N96vYWGuL2RtscVvCOlvSJtobfxOXs+VtBVvR3mYr2dtt5d/ENe3dtpa9x9a299oa9q5fxXXsfbaufdjWQwSwTWwD28w2tA/bRvYR29g2sU1tM9vGPmHb2idtkn3KtrNP/yaebxfYlXaVXW3X2J12lz1lT9uD9mt7xv5gu9setr99yQ6wL9uB9hWbYgf9Jh5u37Qj7Eg7yo62Y+zY38ST7RSbZqfaafYdO93O+E2cbt+3s2yGnW3n2Ll23k/x+Zoy7Ad2of3QZtoAFtsldqldZpfbFf+/1iV2nV1vN9gd9mO72W6xW+02u/3iibDdZXfbT+we+6k9YL+y++zndr89ZLPslz/F54/vkP3GHrbf2iP2qD1mv7PH7ffqp9yRvQHsD/Y7+6M9Z70FQgKSpCigGMpBsZST4ugKykVXUm66iiJ0NcXTNZSHrqW8lI/yUwFKoIJUiDQZskQUUmEqQlG6ji6WV5xKkKOSlEg3Uim6iUrTzVSGbqGydCuVo/JUgSrSbVSJbqfKdAdVoTupKlWj6lSD7qKadDfVonuoNt1Ldeg+qkv3Uz16gOrTg9SAHqKG9DA1okeoMTWhptSMmtOj1IIeo5bUilrT49SGnqC29CQl0VPUjp6m9vQ36kDPUEd6ljrRc9SZulBXep660QvUnXpQMvWkXvQi9aY+1Jf6UX96iQbQyzSQXqEUGkSD6VUaQq/RUHqdhtEbNJzepBE0kkbRaBpDYymVxtF4eosm0Ns0kSbRZJpCaTSVptE7NJ1m0Ex6l2bRezSb5tBcmkfp9D7NpwWUQR/QQvqQMmkRLaYltJSW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lbbRdvqIdtDHtJN20W76hPbQp7SXPqN99Dntpy8oi76kA/QVHaSv6RB943vQt3SEjtIx+o6O0/d0gk7SKTpNZ+gHOks/0jnyBCGGIpShCoMwJswRxoY5w7jwijBXeGWYO7wqjIRXh/HhNWGe8Nowb5gvzB8WCBPCgmGhUIcmtCGFYVg4LBJGw+vCouH1YbEQw+JhidCFJcPE8MawVHhTWDq8OSwT3hKWDW8Ny4Xlw4fvrRjeFlYKbw8rh3eEVcI7w6phtbB6WCO8K6wZ3h3WCu8Ja4f3hqXD+8K64f1hvfCBsH74YNggfChsGD4cNgofCRuHTcKmYbOwefho2CJ8LGwZtgpbh4+HbcInwrbhk2FS+FTYLnz6p/n7FvzxfHLYM+wVvhi+GHp/j5wbnRdNj74fnR9dEM2IfhBdGP0wmhldFF0cXRJdGl0WXR5dEV0ZXRVdHV0TXRtdF10f3RD1vkYOcOiEk065wMW4HC7W5XRx7gqXy13pcrurXMRd7eLdNS6Pu9bldflcflfAJbiCrpDTzjjryIWusCviou46V9Rd74q5G1xxV8I5V9IlumauuWvuWrjHXEvXyrV2j7vH3RPuCfeke9I95dq5p1179zfXwT3jOrpn3bPuOdfZdXFd3fOumxuX++f3ZLLr5Xq53q636+v6uv6uvxvgBriBbqBLcSlusBvshrghbqgb6oa5YW64G+5GuBFulBvlxrgxLtWluvFuvJvgJriJbqKb7Ca7NJfmprlpbrqb7irN+Hkvs91sN9fNdeku3c13588ZM9xCt9Bluky32C12S91St9wtdyvdSrfarXZr3Vq33q13G91Gt9ltdlvdVrfdbXc73A6301/186Juj9vr9rp9bp/b775wWe5Ld8B95Q66r90h94077L51R9xRd8x95467790Jd9KdcqfdGfeDO+t+dOecd6mRcZHxkbciEyJvRyZGJkUmR6ZE0iJTI9Mi70SmR2ZEZkbejcyKvBeZHZkTmRuZF0mPvB+ZH1kQyYh8EFkY+TCSGVkUWRxZElkaWRbxvuDm0Bf2RXzUX+eL+ut9MX+DL+5LeOdL+kR/oy/lb/Kl/c2+jL/Fl/W3+nK+vK/gH/GNfRPf1Dfzzf2jvoV/zLf0rXxr/7hv45/wbf2TPsk/5dv5p317/zffwT/jO/pnfSf/nO/su/iu/nnfzb/gu/sePtn39L38i7637+P7+n6+v3/JD/Av+4H+FZ/iB/nB/lU/xL/mh/rX/TD/hh8e86YfcfESGcb6VD/Oj/dv+Qn+bT/RT/KT/RSf5qf6af4dP93P8DP9u36Wf8/P9nP8XD/Pp/v3/Xy/wGf4D/xC/6HP9Isu3lT2y/0Kv9Kv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv89v9R36H/9jv9Lv8bv+J3+M/9Xv9Z36f/9zv91/4LP+lP+C/8gf91/6Q/8Yf9t/6I/6oP+a/88f99/6EP+lP+dP+jP/Bn/U/+nP8f9YYY4wxxv4p4y4Nxa9nfr6d3/N3csQvNu4FAFduKZD1y/nzZ5Rr8/487iMS2kQA4KkenR68+KhaNTk5+cK2mRKCInMALv5N0HkxcCleBK3hCUiCVlDqd+vvI7qcoX+wfvQWgLhf5MTCpfjS+p8BYPLvrP/o48Pnlw1Pxf8P688BKFbkUk5OuBQvgtY/3V9pBaX/oP58LX5Zf+xv18/5eSpAy1/k5IJL8aX6E+ExeBqSfrUlY4wxxhhjjDH2sz6iQoeL158X/8Xn712fJ6hLOTngUvyPrs8ZY4wxxhhjjDF2+T3TpeuTjyYlterwrw8q/6+y/ulBI/i/WvkvGdzxn1HGvzDwHuDiTxQA/JsLApwfyL/yKDb9JftKufDW+fuppad9AP8ZrfwzBpf5g4kxxhhjjDH2p7t00v/rn6vLVRBjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZYN/RW/TuyX++tx+Q6VMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYu2z+XwAAAP//dMcCKA==")
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0)

1m16.662050282s ago: executing program 38 (id=6452):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000100)={[{@errors_remount}, {@namecase}, {@gid={'gid', 0x3d, 0xee00}}, {@errors_remount}, {@iocharset={'iocharset', 0x3d, 'euc-jp'}}, {@errors_continue}, {@gid}, {@iocharset={'iocharset', 0x3d, 'macceltic'}}, {@umask={'umask', 0x3d, 0x3ff}}, {@dmask}]}, 0x1, 0x1534, &(0x7f0000000380)="$eJzs3AucTtX6OPDnWWvtMSbpbZLLsNZ6Nm8SyyRJLklySZIkSXJLSJrkSEJiyC1pSJJch+QyhOQyMWnc7/dLQpI0SRKSW7L+H8Vfnep3zvmdfjmfM8/383k/1jNrP2s/+33ey94b83WnwdUb1qhSn4jg34I//5EMALEA0B8ArgKAAADKxJeJPz+fU2Lyv7cT9ud6MO1yV8AuJ+5/9sb9z964/9kb9z974/5nb9z/7I37n71x/xnLzjZOLXA1P7Lvg+////er+4cz/P3/XySr5OjPV5e8tjNAzD+bwv3P3rj//7WCf2Yj7n/2xv3PrmIvdwHsPwC//7ODHH84w/3P3rj/jGVnl/v+8+V+QCR7PweX+/XHGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYYyx7OOUvUQBwcXy562KMMcYYY4wxxtifx+e43BUwxhhjjDHGGGPs/x6CAAkKAoiBHBALOSEOBABcCbnhKojA1RAP10AeuBbyQj7IDwUgAQpCIdBgwAJBCIWhCEThOigK10MxuAGKQwlwUBIS4UYoBTdBabgZysAtUBZuhXJQHipARbgNKsHtUBnugCpwJ1SFalAdasBdUBPuhlpwD9SGe6EO3Ad14X6oBw9AfXgQGsBD0BAehkbwCDSGJtAUmkHz/1X+89ANXoDu0AOSoSf0ghehN/SBvtAP+sNLMABehoHwCqTAIBgMr8IQeA2GwuswDN6A4fAmjICRMApGwxgYC6kwDsbDWzAB3oaJMAkmwxRIg6kwDd6B6TADZsK7MAveg9kwB+bCPEiH92E+LIAM+AAWwoeQCYtgMSyBpbAMlsMKWAmrYDWsgbWwDtbDBtgIm2AzbIGtsA22w0ewAz6GnbALdsMnsAc+/RfzT/5dfmcEBBQoUKHCGIzBWIzFOIzDXJgLc2NujGAE4zEe82AezIt5MT/mxwRMwEJYCA0aJCQsjIUxilEsikWxGBbD4lgcHTpMxEQshTdhaSyNZbAMlsWyWA7LY3msiBWxElbCylgZq2AVrIpVsTpWx7vwLuyJtbAW1sbaWAfrXLw9hfWxPjbABtgQG2IjbISNsTE2xabYHJtjC2yBLbEltsbW2AbbYFtsi0mYhO2wHbbH9tgBO2BH7IidsBN2xi7YJev5HIAv4AvYA6uKntgLe2FvTMnRF/thP3wJB+DL+DK+gik4CAfjq/gqvoZD8QQOwzdwOA7HSmIkjsLRSGIspmIqjsfxOAEn4ESchJNwCqbhVJyG03A6zsAZ+C7OwvfwPZyDc3AepmM6zscFmIEZuBBPYiYuwsW4BJfiMlyKK3AlrsDVuAZX4zpchxtwA27CTbgFt+A23AYfoQLAj3EX7sIU3IN7cC/uxX24D/fjfszCLDyAB/AgHsRDeAgP42E8gkfxGB7F43gcT+BJPIWn8AyewbP4bMKXDT66YVUKiPOUUCJGxIhYESviRJzIJXKJ3CK3iIiIiBfxIo/II/KKvCK/yC8SRIIoJAoJI4wgEcYAgIiKqCgqiopiopgoLooLJ5xIFImilCglSovSooy4RZQVt4pyorxo5SqKiqKSaO0qiztEFVFFVBXVRHVRQ9QQNUVNUUvUErVFbVFH1BF1xf2inuiJffFBcb4zDcUgbCQGY2PRRMgLn2AtxFBsKVqJ1uJx8QYOw7aihUsST4l2YhS2F38To/EZ0VGMxU7iOdFZdBFdxfOim2jpuoseYiL2FL3EFOwt+oi+op+YjtXEuzgrZ3XxikgRg8Rg8aqYh6+JoeJ1MeynI31TjBAjxSgxWowRY0WqGCfGi7fEBPG2mCgmicliikgTU8U08Y6YLmaImeJdMUu8J2aLOWKumCfSxftivlggMsQHYqH4UGSKRWKxWCKWimViuVghVopVYrVYI9aKdWK92CA2ik1is9gitoptYrv4SOwQH4udYpfYLT4Re8SnYq/4TOwTn4v94guRJb4UB8RX4qD4WhwS34jD4ltxRBwVx8R34rj4XpwQJ8UpcVqcET+Is+JHcU54ARKlkFIqGcgYmUPGypwyTl4hc8ngwrN7tYyX18g88lqZV+aT+WUBmSALykJSSyOtJBnKwrKIjMrrZFF5vSwmb5DFZQnpZEmZKG+UpeRNsrS8WZaRt8iy8lZZTpaXFWRFeZusJG+XEPl5H1VlNVld1pB3yWS4W9aS98ja8l5ZR94n68r7ZT35gKwvH5QN5EOyoXxYNpKPyMayiWwqm8nm8lHZQj4mW8pWsrV8XLaRT8i28kmZJJ+S7aS/8BJ5RnaUz8pO8jnZWXaRXeWP8pz0srvsIaEnyF7yRdlb9pF9ZT/ZX74kB8iX5UD5ikyRg+Rg+aocIl+TQ+Xrcph8Qw6Xb8oRcqQcJUfLMXKsTJXj5Hj5lpwg35YT5SQ5WU6RaXKq7HthpZlS/sP8t34nf+BPe98gN8pNcrPcIrfKbXK7/EjukDvkTrlT7pa75R65R+6Ve+U+uU/ul/tllsySB+QBeVAelIfkIXlYHpZH5FF5Wn4nj8vv5Ql5Up6Up+UZeUaevfAcgEIllFRKBSpG5VCxKqeKU1eoXOpKlVtdpSLqahWvrlF51LUqr8qn8qsCKkEVVIWUVkZZRSpUhVURFVXX4YUXjCquSiinSqpEdeO/kq+KqutVMXXDr/Iv1pf8B/U1V81VC9VCtVQtVWvVWrVRbVRb1VYlqSTVTrVT7VV71UF1UB1VR9VJdVKdVWfVVXVV3VQ31V11V8kqWfVSL6reqo/qq/qp/uolNUANUAPVQJWiUtRgNVgNUUPUUDVUDVPD1HA1XI1QI9QoNUqNUWNUqkpV49V4NUFNUBPVRDVZTVZpKk1NU9PUdDVdzVQz1Sw1S81Ws9VcNVelq3Q1X81XGSpDLVQLVaZapBapJWqJWqaWqRVqhVqlVqk1ao1ap9apTLVRbVSb1Wa1VW1V29V2tUPtUDvVTrVb7VZ71B61V+1V+9Q+tV/tV1kqSx1QB9RBdVAdUofUYXVYHVFH1DF1TB1Xx9UJdUKdUqfUGXVGnVVn1Tl17vxpXyACEahABTFBTBAbxAZxQVyQK8gV5A5yB5EgEsQH8UGe4Nogb5AvyB8UCBKCgkGhQAcmsIG40PRocF1QNLg+KBbcEBQPSgQuKBkkBjcGpYKbgtLBzUGZ4JagbHBrUC4oH1QIKga3BZWC24PKwR1BleDOoGpQLage1AjuCmoGdwe1gnuC2sG9QZ3gvqBucH9QL3ggqB88GDQIHgoaBg8HjYJHgsZBk6Bp0Cxo/qeu7/2JfI+57rqHTtY9dS/9ou6t++i+up/ur1/SA/TLeqB+RafoQXqwflUP0a/pofp1PUy/oYfrN/UIPVKP0qP1GD1Wp+pxerx+S0/Qb+uJepKerKfoND1VT9Pv6Ol6hp6p39Wz9Ht6tp6j5+p5Ol2/r+frBTpDf6AX6g91pl6kF+sleqleppfrFXqlXqVX6zV6rV6n1+sNeqPepDfrLXqr3qa364/0Dv2x3ql36d36E71Hf6r36s/0Pv253q+/0Fn6S31Af6UP6q/1If2NPqy/1Uf0UX1Mf6eP6+/1CX1Sn9Kn9Rn9gz6rf9TntD9/cn/+690oo0yMiTGxJtbEmTiTy+QyuU1uEzERE2/iTR6Tx+Q1eU1+k98kmARTyBQy55EhU9gUNlETNUVNUVPMFDPFTXHjjDOJJtGUMqVMaVPalDFlTFlT1pQz5UwFU8HcZm4zt5vbzR3mDnOnudNUM9VMDVPD1DQ1TS1Ty9Q2tU0dU8fUNXVNPVPP1Df1TQPTwDQ0DU0j08g0No1NU9PUNDfNTQvTwrQ0LU1r09q0MW1MW9PWJJkk0860M+1Ne9PBdDAdTUfTyXQynU1n09V0Nd1MN9PddDfJJtn0Mr1Mb9Pb9DV9TX/T3wwwA8xAM9CkmBQz2Aw2Q8wQM9QMNcPMG2b4+RNVM9KMMqPNGDPWpJpUM96MNxPMBDPRTDSTzWSTZtLMNDPNTDfTzUwz08wys8xsM9vMNXNNukk38818k2EyzEKz0GSaTLPYLDZLzVKz3Cw3K81Ks9qsNmthrVlv1puNZqPZbDabrWar2W62mx1mh9lpdprdZrfZY/aYvWav2Wf2mf1mv8kyWeaAOWAOmoPmkDlkDpvD5og5Yo6ZY+a4OW5OmBPmlDllzph8F74vvYm1OW2cvcLmslfa3PYq+/dxflvAJtiCtpDVNq/N96vYWGuL2RtscVvCOlvSJtobfxOXs+VtBVvR3mYr2dtt5d/ENe3dtpa9x9a299oa9q5fxXXsfbaufdjWQwSwTWwD28w2tA/bRvYR29g2sU1tM9vGPmHb2idtkn3KtrNP/yaebxfYlXaVXW3X2J12lz1lT9uD9mt7xv5gu9setr99yQ6wL9uB9hWbYgf9Jh5u37Qj7Eg7yo62Y+zY38ST7RSbZqfaafYdO93O+E2cbt+3s2yGnW3n2Ll23k/x+Zoy7Ad2of3QZtoAFtsldqldZpfbFf+/1iV2nV1vN9gd9mO72W6xW+02u/3iibDdZXfbT+we+6k9YL+y++zndr89ZLPslz/F54/vkP3GHrbf2iP2qD1mv7PH7ffqp9yRvQHsD/Y7+6M9Z70FQgKSpCigGMpBsZST4ugKykVXUm66iiJ0NcXTNZSHrqW8lI/yUwFKoIJUiDQZskQUUmEqQlG6ji6WV5xKkKOSlEg3Uim6iUrTzVSGbqGydCuVo/JUgSrSbVSJbqfKdAdVoTupKlWj6lSD7qKadDfVonuoNt1Ldeg+qkv3Uz16gOrTg9SAHqKG9DA1okeoMTWhptSMmtOj1IIeo5bUilrT49SGnqC29CQl0VPUjp6m9vQ36kDPUEd6ljrRc9SZulBXep660QvUnXpQMvWkXvQi9aY+1Jf6UX96iQbQyzSQXqEUGkSD6VUaQq/RUHqdhtEbNJzepBE0kkbRaBpDYymVxtF4eosm0Ns0kSbRZJpCaTSVptE7NJ1m0Ex6l2bRezSb5tBcmkfp9D7NpwWUQR/QQvqQMmkRLaYltJSW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lbbRdvqIdtDHtJN20W76hPbQp7SXPqN99Dntpy8oi76kA/QVHaSv6RB943vQt3SEjtIx+o6O0/d0gk7SKTpNZ+gHOks/0jnyBCGGIpShCoMwJswRxoY5w7jwijBXeGWYO7wqjIRXh/HhNWGe8Nowb5gvzB8WCBPCgmGhUIcmtCGFYVg4LBJGw+vCouH1YbEQw+JhidCFJcPE8MawVHhTWDq8OSwT3hKWDW8Ny4Xlw4fvrRjeFlYKbw8rh3eEVcI7w6phtbB6WCO8K6wZ3h3WCu8Ja4f3hqXD+8K64f1hvfCBsH74YNggfChsGD4cNgofCRuHTcKmYbOwefho2CJ8LGwZtgpbh4+HbcInwrbhk2FS+FTYLnz6p/n7FvzxfHLYM+wVvhi+GHp/j5wbnRdNj74fnR9dEM2IfhBdGP0wmhldFF0cXRJdGl0WXR5dEV0ZXRVdHV0TXRtdF10f3RD1vkYOcOiEk065wMW4HC7W5XRx7gqXy13pcrurXMRd7eLdNS6Pu9bldflcflfAJbiCrpDTzjjryIWusCviou46V9Rd74q5G1xxV8I5V9IlumauuWvuWrjHXEvXyrV2j7vH3RPuCfeke9I95dq5p1179zfXwT3jOrpn3bPuOdfZdXFd3fOumxuX++f3ZLLr5Xq53q636+v6uv6uvxvgBriBbqBLcSlusBvshrghbqgb6oa5YW64G+5GuBFulBvlxrgxLtWluvFuvJvgJriJbqKb7Ca7NJfmprlpbrqb7irN+Hkvs91sN9fNdeku3c13588ZM9xCt9Bluky32C12S91St9wtdyvdSrfarXZr3Vq33q13G91Gt9ltdlvdVrfdbXc73A6301/186Juj9vr9rp9bp/b775wWe5Ld8B95Q66r90h94077L51R9xRd8x95467790Jd9KdcqfdGfeDO+t+dOecd6mRcZHxkbciEyJvRyZGJkUmR6ZE0iJTI9Mi70SmR2ZEZkbejcyKvBeZHZkTmRuZF0mPvB+ZH1kQyYh8EFkY+TCSGVkUWRxZElkaWRbxvuDm0Bf2RXzUX+eL+ut9MX+DL+5LeOdL+kR/oy/lb/Kl/c2+jL/Fl/W3+nK+vK/gH/GNfRPf1Dfzzf2jvoV/zLf0rXxr/7hv45/wbf2TPsk/5dv5p317/zffwT/jO/pnfSf/nO/su/iu/nnfzb/gu/sePtn39L38i7637+P7+n6+v3/JD/Av+4H+FZ/iB/nB/lU/xL/mh/rX/TD/hh8e86YfcfESGcb6VD/Oj/dv+Qn+bT/RT/KT/RSf5qf6af4dP93P8DP9u36Wf8/P9nP8XD/Pp/v3/Xy/wGf4D/xC/6HP9Isu3lT2y/0Kv9Kv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv89v9R36H/9jv9Lv8bv+J3+M/9Xv9Z36f/9zv91/4LP+lP+C/8gf91/6Q/8Yf9t/6I/6oP+a/88f99/6EP+lP+dP+jP/Bn/U/+nP8f9YYY4wxxv4p4y4Nxa9nfr6d3/N3csQvNu4FAFduKZD1y/nzZ5Rr8/487iMS2kQA4KkenR68+KhaNTk5+cK2mRKCInMALv5N0HkxcCleBK3hCUiCVlDqd+vvI7qcoX+wfvQWgLhf5MTCpfjS+p8BYPLvrP/o48Pnlw1Pxf8P688BKFbkUk5OuBQvgtY/3V9pBaX/oP58LX5Zf+xv18/5eSpAy1/k5IJL8aX6E+ExeBqSfrUlY4wxxhhjjDH2sz6iQoeL158X/8Xn712fJ6hLOTngUvyPrs8ZY4wxxhhjjDF2+T3TpeuTjyYlterwrw8q/6+y/ulBI/i/WvkvGdzxn1HGvzDwHuDiTxQA/JsLApwfyL/yKDb9JftKufDW+fuppad9AP8ZrfwzBpf5g4kxxhhjjDH2p7t00v/rn6vLVRBjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZYN/RW/TuyX++tx+Q6VMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYu2z+XwAAAP//dMcCKA==")
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0)

1m16.659551922s ago: executing program 2 (id=6454):
syz_mount_image$ext4(&(0x7f0000001280)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x208000, &(0x7f00000003c0)={[{@sysvgroups}, {@nodelalloc}]}, 0x1, 0x4fe, &(0x7f0000000540)="$eJzs3c9vI1cdAPDvTOIkm6ZNCpUKCOhSCgtarZ1426jqqVxAqKqEqDhxSEPijaLYcRQ7pQkrNfkfkKjEAcGJMwckDpV64ojgBrdeygGpwAq0QeJgNP6RzW7sJOw6tmp/PtJo5s0bz/e9teY97zeJXwBj63pEHEbEVES8HRHz7fNJe4vXW1t23f17d9eO791dS6LReOsfSbM+OxenXpN5qn3PmYj4/ncifpScjVvbP9haLZdLu+1yoV7ZKdT2D25tVlY3Shul7WJxeWl58dXbrxT71tcXKr/55Nubb/zgg9996eM/HX7zJ1mz5tp1p/vRT62u507iZCYj4o2rCDYEE+3+TA27ITyWNCI+ExEvNp//+ZhovpuX0+WxBgA+BRqN+WjMny4DAKMubebAkjTfzgXMRZrm860c3nMxm5artfrNO9W97fVWrmwhcumdzXJpsZ0rXIhckpWX3suOH5SL8XD5dkQ8GxE/nb7WLOfXLp9nAAD666lH5v9/T7fmfwBgxM1cdMHKYNoBAAzOhfM/ADByzP8AMH7M/wAwfsz/ADB+zP8AMG4+6sz/E8NuCQAwEN97881saxy3v/96/Z39va3qO7fWS7WtfGVvLb9W3d3Jb1SrG+VSfq1aueh+5Wp1Z+nl2Hu3UC/V6oXa/sFKpbq3XV9pfq/3Sik3kF4BAOd59oUP/5JExOFr15pbnFrLwVwNoy0ddgOAoZHzh/HlW7hhfPk/PnDRWp49f0X4/ccI1njvMV4E9NuNz8v/w7jqkv+XEoAxIf8P48tkD+Or0Uh6rfmfnlwCAIwUOX5goD//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBEx19wWTpXTNJ+PeDoiFiKX3NkslxYj4pmI+PN0bjorLw21xQDAk0v/lrTX/7ox/9Lco7VTyX+uNfcR8eOfv/Wzd1fr9d2l7Pw/pzvn6++3zxeH0X4A4CKdebozj3fcv3d3rbMNsj2ffKu1uGgW97i9tWomYzLb/XEmchEx+6+kVW7LPq9M9CH+4VFEfK5b/5NmbmShvfLpo/Gz2E8PNH76UPy0WdfaZ/8Wnz1z5+meMS9a6xXGxYfZ+PN6t+cvjevN/UzXxY9nmiPUk+uMf8dnxr/O8z7THGu6jX/XLxvj5d9/t2fdUcQXJrvFT07iJz3iv3RSmjo3/kdf/PKLveoav4y4Ed3jn45VqFd2CrX9g1ubldWN0kZpu1hcXlpefPX2K8VCM0dd6GSqz/r7azef6dn/X0fM9og/c0H/v3ZurxsnA/Cv/vv2D7/SK/5RxDe+2v39f+6c+Nmc+PVz4z+wOvvbnst3Z/HXW/0/+n/f/5uXjP/xXw/WL3kpADAAtf2DrdVyubTb14NcdKma7k+I5Ira7GDED7LP4096n+fbKbOu1/zhFx88n1UOvad9ORjywARcuQcP/bBbAgAAAAAAAAAAAAAA9HLlf06UDruHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjLL/BQAA//8SwcrQ")
open(&(0x7f0000000340)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x44842, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)='$', 0x100000}], 0x2, 0x1400, 0x0, 0x3)

1m16.384853411s ago: executing program 2 (id=6458):
socket$packet(0x11, 0x2, 0x300)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)

1m16.17638538s ago: executing program 2 (id=6459):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b0000000700000001000100090000", @ANYRES32, @ANYBLOB="0000000000000000000000820000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c)

1m16.16841728s ago: executing program 39 (id=6459):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b0000000700000001000100090000", @ANYRES32, @ANYBLOB="0000000000000000000000820000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c)

28.304655438s ago: executing program 3 (id=6679):
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00"/11], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_genetlink_get_family_id$tipc(&(0x7f0000000800), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYRESDEC=r1, @ANYRESDEC=r0, @ANYRES32=0x0, @ANYRES32=r0, @ANYRESHEX=r1], 0x48)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r5, &(0x7f0000000400)={0x2, 0x4e23, @multicast1}, 0x10)

26.33887175s ago: executing program 3 (id=6683):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r0}, 0x10)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x5543, 0x781, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f0000000680)={0x2c, &(0x7f0000000200)={0x0, 0x0, 0x7, {0x7, 0x0, "6469a00e32"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

24.516673663s ago: executing program 3 (id=6696):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r3}, 0x18)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), 0xffffffffffffffff)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000004c0)="c8", &(0x7f0000000380), 0x5, r4}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000180018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f0000000340)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4dc, &(0x7f0000000d80)="$eJzs3d9rHFsdAPDvTLK3v3JNrvpwveBtsZW0aHeTxrbBh1pB7FPBWt9rTDYhZJMN2U3bhCIpviuIqOCTT74I/gGC9E8QoaDvUkURbfXBB3VlZ2drG3eTlG52LsnnA9M5M2d3v9/TsGfmzBx2Aji2zkXEzYgYiYhLETGe70/z5Va7/k7ndS+eP5pvL0m0Wnf/mkSS7+t+VpKvz0TETkScjIiv34r4VvL/cRtb2ytztVp1I9+uNFfXK42t7cvLq3NL1aXq2szM9LXZ67NXZ6cG0s6JiLjxlT/+8Hs/++qNX33+we/v/fnit9tpjeX1r7ZjkDpNL2X/F12jEbFxGMEKMJKvS33qvzsyxGQAANhX+xz/4xHxmez8fzxGsrNTAAAA4ChpfWks/pVEtAAAAIAjK83mwCZpOZ8LMBZpWi535vB+Mk6ntXqj+bnF+ubaQmeu7ESU0sXlWnUqnys8EaWkvT2dz7Htbl/ZtT0TEe9FxA/GT2Xb5fl6baHoix8AAABwTJzZNf7/x3g2/j9RdF4AAADAgE0UnQAAAABw6Iz/AQAA4Ogz/gcAAIAj7Wu3b7eXVvf51wv3tzZX6vcvL1QbK+XVzfnyfH1jvbxUry9lv9m3ut/n1er19S/E2ubDSrPaaFYaW9v3Vuuba817y689AhsAAAAYovfOPvldEhE7XzyVLW3vFJ0UMBTJPvXZQ0Ke5Rt/GEJCwNCMFJ0AUJjRohMAClMqOgGgcPtdB+g7eefXg88FAAA4HJOf6n//37UBONrSohMAAIbO/X84vkqvzwC8WlwmQFE+tk/929//b7XeKCEAAGDgxrIlScv5vcCxSNNyOeLd7LEApWRxuVadyscHvx0vnWhvT2fvTPadMwwAAAAAAAAAAAAAAAAAAAAAAAAAdLRaSbQAAACAIy0i/VOS/Zp/xOT4hbHd1wfeSf45nq0j4sFP7v7o4VyzuTHd3v+3l/ubP873XyniCgYAAACwW3ec3h3HAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAgvXj+aL67DDPuX74cERM94589ma1ORikiTv89idFX3pdExMgA4u88joj3e8VP2mnFRHSy6BX/VIHx04g4M4D4cJw9afc/N3t9/9I4l617f/9G8+Vt9e//0uj2fyN9+p93Dxjjg6e/qPSN/zjig9He/U83ftIn/vkDxv/mN7a3+9W1fhox2fP4k7wWq9JcXa80trYvL6/OLVWXqmszM9PXZq/PXp2dqiwu16r5vz1jfP/Tv/zPXu0/3Sf+xD7tv3DA9v/76cPnn+gUS73iXzzf+/j7fp/4aX7s+2xebtdPdss7nfKrPvz5bz7cq/0Lfdr/8u/f40DbjnnxgO2/dOc7zw74UgBgCBpb2ytztVp1460Kg/qcNyykUUBQhUMqnPhopKHQKezVayTD66AAAICB+d9Jf9GZAAAAAAAAAAAAAAAAAAAAwPE1jJ8T2x1zp5imAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs6b8BAAD///JI2KQ=")

17.770369144s ago: executing program 3 (id=6717):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000240), 0xfa, 0x56b, &(0x7f0000000f00)="$eJzs3c9rHFUcAPDvbDb9rU2hFPQggR6s1G6axB8VPNSDB9FiQe91SaahZNMt2U1pYsH2YC9epAgi9uIf4N1j8R/wryhooUgJevCyMpvZND92s2m6bbbZzwcmeW9mdt+8mfk+3tu3ywQwsEazP4WI1yLi+yTi6Jptxcg3jq7st/z45lS2JNFofPF3Ekm+rrV/kv8/3MoUI37/NuJ0YXO5tcWl2XKlks7n+bH63LWx2uLSmStz5Zl0Jr06MTl57t3JiQ/ef69ndX3r4r8/fX7/k3PfnVz+8deHx+4mcT6O5NvW1uMZ3FqbGY3R/JwMx/kNO473oLB+kuz2AbAjQ3mcD0fWBhyNoTzqgb3vm4hoAAMqEf8woFr9gNbYvkfj4JfGo49WBkCb619c+WwkDjTHRoeWk3Ujo2y8O9KD8rMyfvvr3t1sid59DgHQ1a3bEXG2WNzc/iV5+7dzZ7exz8YytH/w4tzP+j9vt+v/FFb7P9Gm/3O4TezuRPf4LzzsQTEdZf2/Dzf2f5tTTquTViNDee6VZp9vOLl8pZJmbdurEXEqhvdn+a3mc84tP2h02ra2/5ctWfmtvuCKwsPi/vWvmS7Xy89W6yce3Y54vW3/N1m9/kmb65+dj4vr36qxv0MZJ9J7b3Qqv3v9n6/GLxFvth3/PJnRSraenxxr3g9jrbtis3/unPijU/m7Xf/s+h/auv4jydr52tpTvPnB/P+B/9JOu+z0/t+XfNlM78vX3SjX6/PjEfuSzzavn3jy2la+tX9W/1Mnt27/2t3/WdW+2uZpuHP8Tsdd++H6Tz/V9X/6xINPv/65U/nbu/7vNFOn8jXbaf+2e4DPcu4AAAAAAACg3xQi4kgkhdJqulAolVa+33E8DhUq1Vr99OXqwtXpaP5WdiSGC62Z7qNrvg8xnn8ftpWf2JCfjIhjEfHD0MFmvjRVrUzvduUBAAAAAAAAAAAAAAAAAACgTxzu8Pv/zJ9Du310wHO37pHfnuQOA6XrI/978aQnoC91jX9gzxL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9dfHChWxpLD++OZXlp68vLsxWr5+ZTmuzpbmFqdJUdf5aaaZanamkpanqXLf3q1Sr18YnYuHGWD2t1cdqi0uX5qoLV+uXrsyVZ9JL6fALqRUAAAAAAAAAAAAAAAAAAAC8XGqLS7PlSiWd7//Exzt/+VBe2z6oxZ5LFPvjMCR6nFjXTCSR7ErzBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABN/wcAAP//gY41oQ==")
r0 = openat(0xffffffffffffff9c, 0x0, 0x103042, 0x0)
open(&(0x7f0000000340)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
write$tun(r0, &(0x7f00000003c0)={@void, @void, @llc={@snap={0xaa, 0x1, "c4", "969095", 0x890d, "93f9b95efbcb0372359eb8631e760594c6296c5f8c15ae0aa33e854f757be329750435331d2c4efdfaabb5158aad54d656d290ee4efb1c8781454f16a4bf17daea1392b06cf6658cb6803105282a1053994ec7bca74af1b5b27e"}}}, 0x62)

17.247613792s ago: executing program 3 (id=6722):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, 0x0, 0x4000004)
socket$packet(0x11, 0x2, 0x300)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x800, &(0x7f0000000380)=ANY=[@ANYBLOB='iocharset=maciceland,umask=00000000000010000000011,iocharset=cp948,errors=remount-ro,uid=', @ANYRESHEX=0x0, @ANYBLOB=',iocharset=cp950,gid=', @ANYRESHEX=0x0, @ANYBLOB=',errors=remount-ro,discard,errors=continue,\x00'], 0x5, 0x1510, &(0x7f00000037c0)="$eJzs3Am4TlX7MPD7Xmvt45D0dJLhsNa6N08yLCdJMiTJkCRJkmRKSDrJKwmJQ6akQxKS4ZAMh5AMJ0465nkekyTpJEmmTMn6rlN83t7qe//v/+17/a//uX/Xta9n3c/a99prP/czrL0N33UZWrNxrWoNiQj+LfjrQxIAxALAQAC4DgACACgXVy4uqz+nxKR/7yDsr/VI6tWeAbuauP7ZG9c/e+P6Z29c/+yN65+9cf2zN65/9sb1Zyw72zy94PW8Zd+N7/9nZ/z7/79IZumxX60tfWPXfyGF65+9cf3/1wr+Kztx/bM3rn/2xvXP3rj+2UGOP+3h+mdvXH/GsrOrff+Zt6u7Xe33H2OMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yx7OGsv0IBwOX21Z4XY4wxxhhjjDHG/jo+x9WeAWOMMcYYY4wxxv7/QxAgQUEAMZADYiEn5AIBANdCHrgOInA9xMENkBduhHyQHwpAQYiHQlAYNBiwQBBCESgKUbgJisHNUBxKQEkoBQ5KQwLcAmXgVigLt0E5uB3Kwx1QASpCJagMd0IVuAuqwt1QDe6B6lADakItuBdqw31QB+6HuvAA1IMHoT48BA3gYWgIj0AjeBQaw2PQBB6HptAMmkMLaPnfyn8JesDL0BN6QRL0hj7wCvSFftAfBsBAeBUGwWswGF6HZBgCQ+ENGAZvwnB4C0bASBgFb8NoeAfGwFgYB+MhBSbARHgXJsF7MBmmwFSYBqkwHWbA+zATZsFs+ADmwIcwF+bBfFgAafARLIRFkA4fw2L4BDJgCSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBbvhU9gDn8Fe+Bz2wRf/Yv6Zf8jvioCAAgUqVBiDMRiLsZgLc2FuzI15MA9GMIJxGId5MS/mw3xYAAtgPMZjYSyMBg0SEhbBIhjFKBbDYlgci2NJLIkOHSZgApbBW7EslsVyWA7LY3msgBWxIlbGylgFq2BVrIrVsBpWx+pYE2vivXgv9sY6WAfrYl2sh/Uu357ChtgQG2EjbIyNsQk2wabYFJtjc2yJLbEVtsLW2BrbYltsh+2wPbbHREzEDtgBO2JH7ISdsDN2xi7YBbtiN+yGL+UAfBlfxl5YXfTGPtgH+2Jyjv44AAfgqzgIX8PX8HVMxiE4FN/AN/BNHI6ncQSOxFE4CquId3AMjkUS4zEFU3AiTsRJOAkn4xScgtMwFafjDJyBM3EWzsIPcA5+iB/iPJyHCzAN03AhLsJ0TMfFeAYzcAkuxWW4HFfgclyFq3EVrsV1uBY34AbchJtwC27BbbgNd+AO3IUKAD/Fz/AzTMZ9uA/34348gAfwIB7ETMzEQ3gID+NhPIJH8CgexWN4HE/gcTyFp/A0nsGzeBbP43m8gC/Ef9NoV4k1ySCyKKFEjIgRsSJW5BK5RG6RW+QReURERESciBN5RV6RT+QTBUQBES/iRWFRWBhhBIkwBgBEVERFMVFMFBfFRUlRUjjhRIJIEGVEGVFWlBXlxO2ivLhDVBAVRRtXWVQWVURbV1XcLaqJaqK6qCFqilqilqgtaos6oo6oK+qKeqKeqC8eEg1Eb+yPj4isyjQWQ7CJGIpNRTMhL32DtRLDsbVoI9qKp8RIHIHtRSuXKJ4VHcQY7Cj+Jsbi86KzGI9dxIuiq+gmuouXRA/R2vUUvcRk7C36iGnYV/QT/cUAMRNriA9wTs6a4nWRLIaIoeINsQDfFMPFW2KEGClGibfFaPGOGCPGinFivEgRE8RE8a6YJN4Tk8UUMVVME6liupgh3hczxSwxW3wg5ogPxVwxT8wXC0Sa+EgsFItEuvhYLBafiAyxRCwVy8RysUKsFKvEarFGrBXrxHqxQWwUm8RmsUVsFdvEdrFD7BS7xG7xqdgjPhN7xedin/hC7BdfigPiK3FQfC0yxTfikPhWHBbfiSPie3FU/CCOiePihDgpTokfxWlxRpwV58R58ZO4IH4WF4UXIFEKKaWSgYyROWSszClzyWtkbhlcenWvl3HyBplX3ijzyfyygCwo42UhWVhqaaSVJENZRBaVUXmTLCZvlsVlCVlSlpJOlpYJ8hZZRt4qy8rbZDl5uywv75AVZEVZSVaWd8oq8i4JkV+PUV3WkDVlLXmvrC3vk3Xk/bKufEDWkw/K+vIh2UA+LBvKR2Qj+ahsLB+TTeTjsqlsJpvLFrKlfEK2kk/K1rKNbCufku3k07K9fEYmymdlB+kvvUWel53lC7KLfFF2ld1kd/mzvCi97Cl7SYDeso98RfaV/WR/OUAOlK/KQfI1OVi+LpPlEDlUviGHyTflcPmWHCFHylHybTlaviPHyLFynBwvU+QEOVG+KyfJ9+RkOUVOldNkqpwu+18aabaU/zT/3T/IH/zL0TfJzXKL3Cq3ye1yh9wpd8ndcrfcI/fIvXKv3Cf3yf1yvzwgD8iD8qDMlJnykDwkD8vD8og8Io/Ko/KYPC7PyZPylPxRnpZn5Bl5Tp6X5+WFS68BKFRCSaVUoGJUDhWrcqpc6hqVW12r8qjrVERdr+LUDSqvulHlU/lVAVVQxatCqrDSyiirSIWqiCqqouomvPSGUSVVKeVUaZWgbvlX8lUxdbMqrkr8Jv/y/JL+ZH4tVUvVSrVSrVVr1Va1Ve1UO9VetVeJKlF1UB1UR9VRdVKdVGfVWXVRXVRX1VV1V91VD9VD9VQ9VZJKUn3UK6qv6qf6qwFqoHpVDVKD1GA1WCWrZDVUDVXD1DA1XA1XI9QINUqNUqPVaDVGjVHj1DiVolLURDVRTVKT1GQ1WU1VU1WqSlUz1Aw1U81Us9VsNUfNUXPVXDVfzVdpKk0tVAtVukpXi9VilaGWqCVqmVqmVqgVapVapdaoNWqdWqc2qA0qQ21Wm9VWtVVtV9vVTrVT7Va71R61R+1Ve9U+tU/tV/vVAXVAHVQHVabKVIfUIXVYHVZH1BF1VB1Vx9QxdUKdUKfUKXVanVZn1Vl1Xp1XF9QFdVFdzFr2BSIQgQpUEBPEBLFBbJAryBXkDnIHeYI8QSSIBHFBXJA3uDHIF+QPCgQFg/igUFA40IEJbCAuFT0a3BQUC24OigclgpJBqcAFpYOE4JagTHBrUDa4LSgX3B6UD+4IKgQVg0pB5eDOoEpwV1A1uDuoFtwTVA9qBDWDWsG9Qe3gvqBOcH9QN3ggqBc8GNQPHgoaBA8HDYNHgkbBo0Hj4LGgSfB40DRoFjQPWgQt/9LxvT+d/0nXU/fSSbq37qNf0X11P91fD9AD9at6kH5ND9av62Q9RA/Vb+hh+k09XL+lR+iRepR+W4/W7+gxeqwep8frFD1BT9Tv6kn6PT1ZT9FT9TSdqqfrGfp9PVPP0rP1B3qO/lDP1fP0fL1Ap+mP9EK9SKfrj/Vi/YnO0Ev0Ur1ML9cr9Eq9Sq/Wa/RavU6v1xv0Rr1Jb9Zb9Fa9TW/XO/ROvUvv1p/qPfozvVd/rvfpL/R+/aU+oL/SB/XXOlN/ow/pb/Vh/Z0+or/XR/UP+pg+rk/ok/qU/lGf1mf0WX1On9c/6Qv6Z31R+6zFfdbPu1FGmRgTY2JNrMllcpncJrfJY/KYiImYOBNn8pq8Jp/JZwqYAibexJvCprDJQoZMEVPERE3UFDPFTHFT3JQ0JY0zziSYBFPGlDFlTVlTzpQz5U15U8FUMJVMJXOnudPcZe4yd5u7zT3mHlPD1DC1TC1T29Q2dUwdU9fUNfVMPVPf1DcNTAPT0DQ0jUwj09g0Nk1ME9PUNDXNTXPT0rQ0rUwr09q0Nm1NW9POtDPtTXuTaBJNB9PBdDQdTSfTyXQ2nU0X08V0NV1Nd9Pd9DA9TE/T0ySZJNPH9DF9TV/T3/Q3A81AM8gMMoPNYJNsks1QM9QMM8PMcDPcjDAjzaishap5x4wxY804M96kmBQz0Uw0k8wkM9lMNlPNVJNqUs0MM8PMNDPNbDPbzDFzzFwz18w3802aSTMLzUKTbtLNYrPYZJgMs9QsNcvNcrPSrDSrzWqz1qw162G92Wg2ms1ms9lqtprtZrvZaXaa3Wa32WP2mL1mr9ln9pn9Zr85YA6Yg+agyTSZ5pA5ZA6bw+aIOWKOmqPmmDlmTpgT5pQ5ZU6b0+asOWvOm/yXfi+9ibU5bS57jc1tr7V57HX2H+MCtqCNt4VsYattPpv/N7Gx1ha3JWxJW8o6W9om2Ft+F1ewFW0lW9neaavYu2zV38W17X22jr3f1rUP2Fr23t/E9eyDtr59zDZABLDNbCPbwja2j9km9nHb1DazzW0L284+bdvbZ2yifdZ2sM/9Ll5oF9nVdo1da9fZPfYze9aes4ftd/a8/cn2tL3sQPuqHWRfs4Pt6zbZDvldPMq+bUfbd+wYO9aOs+N/F0+102yqnW5n2PftTDvrd3Ga/cjOsel2rp1n59sFv8RZc0q3H9vF9hObYZfYpXaZXW5X2JV21f+d6zK7wW60m+xu+6ndarfZ7XaH3Wl3/RJnncde+7ndZ7+wh+y39oD9yh60R2ym/eaXOOv8jtjv7VH7gz1mj9sT9qQ9ZX+0p+2ZX84/69xP2p/tRestEBKQJEUBxVAOiqWclIuuodx0LeWh6yhC11Mc3UB56UbKR/mpABWkeCpEhUmTIUtEIRWhohSlm+jyOr0klSJHpSmBbqEydCuVpduoHN1O5ekOqkAVqRJVpjupCt1FVeluqkb3UHWqQTWpFt1Ltek+qkP3U116gOrRg1SfHqIG9DA1pEeoET1KjekxakKPU1NqRs2pBbWkJ6gVPUmtqQ21paeoHT1N7ekZSqRnqQM9Rx3pb9SJnqfO9AJ1oRepK3Wj7vQS9aCXqSf1oiTqTX3oFepL/ag/DaCB9CoNotdoML1OyTSEhtIbNIzepOH0Fo2gkTSK3qbR9A6NobE0jsZTCk2gifQuTaL3aDJNoak0jVJpOs2g92kmzaLZ9AHNoQ9pLs2j+bSA0ugjWkiLKJ0+psX0CWXQElpKy2g5raCVtIpW0xpaS+toPW2gjbSJNtMW2krbaDvtoJ20i3bTp7SHPqO99Dntoy9oP31JB+grOkhfUyZ9Q4foWzpM39ER+t73oh/oGB2nE3SSTtGPdJrO0Fk6R+fpJ7pAP9NF8gQhhiKUoQqDMCbMEcaGOcNc4TVh7vDaME94XRgJrw/jwhvCvOGNYb4wf1ggLBjGh4XCwqEOTWhDCsOwSFg0jIY3hcXCm8PiYYmwZFgqdGHpMCG8JSwT3hqWDW8Ly4W3h+XDO8IKYcXwsQcqh3eGVcK7wqrh3WG18J6welgjrBnWCu8Na4f3hXXC+8O64QNh2fDBsH74UNggfDhsGD4SNgofDRuHj4VNwsfDpmGzsHnYImwZPhG2Cp8MW4dtwrbhU2G78OmwffhMmBg+G3YIn/ul/8FFf96fFPYO+4SvhK+E3t8v50cXRNOiH0UXRhdF06MfRxdHP4lmRJdEl0aXRZdHV0RXRldFV0fXRNdG10XXRzdEN0Y3Rb2vlQMcOuGkUy5wMS6Hi3U5XS53jcvtrnV53HUu4q53ce4Gl9fd6PK5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd5Mr5m52xV0JV9KVcs6VdgmuhWvpWrpW7knX2rVxbd1T7in3tHvaPeOecc+6Du4519H9zXVyz7vO7gX3gnvRdXXdXHf3kuvhJuT59TOZ5Pq4Pq6v6+v6u/5uoBvoBrlBbrAb7JJdshvqhrphbpgb7oa7EW6EG+VGudFutBvjxrhxbpxLcSluopvoJrlJbrKb7Ka6qS7VpboZboab6Wa6KrN+PcpcN9fNd/NdmktzC13WmjHdLXaLXYbLcEvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O91Ot9vtdnv8db8O6va5/W6/O+AOuIPua5fpvnGH3LfusPvOHXHfu6PuB3fMHXcn3El3yv3oTrsz7qw75867n9wF97O76LxLiUyITIy8G5kUeS8yOTIlMjUyLZIamR6ZEXk/MjMyKzI78kFkTuTDyNzIvMj8yIJIWuSjyMLIokh65OPI4sgnkYzIksjSyLLI8siKiPeFtoa+iC/qo/4mX8zf7Iv7Er6kL+WdL+0T/C2+jL/Vl/W3+XL+dl/e3+Er+Iq+kn/cN/XNfHPfwrf0T/hW/knf2rfxbf1Tvp1/2rf3z/hE/6zv4J/zHf3ffCf/vO/sX/Bd/Iu+q+/mu/uXfA//su/pe/kk39v38a/4vr6f7+8H+IH+VT/Iv+YH+9d9sh/ih/o3/DD/ph/u3/Ij/Eg/KuZtP/ryJTKM9yl+gp/o3/WT/Ht+sp/ip/ppPtVP9zP8+36mn+Vn+w/8HP+hn+vn+fl+gU/zH/mFfpFP9x/7xf4Tn+GXXL6p7Ff6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+F3+l1+t//U7/Gf+b3+c7/Pf+H3+y/9Af+VP+i/9pn+G3/If+sP++/8Ef+9P+p/8Mf8cX/Cn/Sn/I/+tD/jz/pz/rz/yV/wP/uL/G/WGGOMMcb+SyZcaYo/6u/9B8+Jv9u5DwBcu61g5t/3Z60o1+f7td1PxLeLAMCzvbo8cnmrXj0pKenSvhkSgqLzAC7/SVCWGLgSL4G28DQkQhso84fz7ye6nad/Mn70doBcf5cTC1fiK+N/+SfjP/HUqIXlw7Nx/4/x5wEUL3olJydciZdAW5X12AbK/sn4+Vv9k/nn/CoFoPXf5eSGK/GV+SfAk/AcJP5mT8YYY4wxxhhj7Ff9RKVOl68/L/+Nzz+6Po9XV3JywJX4n12fM8YYY4wxxhhj7Op7vlv3Z55ITGzT6V9vVP1vZXHjf2rDe4DLzygA+DcHBPiPn8WW/8ixki99dP6xa/k5H8D/jFL+FY2r/MXEGGOMMcYY+8tdWfT/9nl1tSbEGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xlQ/+J/07sap8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdrX9nwAAAP//geYOMQ==")
rename(&(0x7f0000000040)='./file0/file0\x00', &(0x7f00000000c0)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x3a1)
rename(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000240)='./file0\x00')

16.850418281s ago: executing program 3 (id=6723):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
pipe(0x0)
r3 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000580)=ANY=[@ANYBLOB="12010000459bb2405804035000000000000109021b0001110000000904000001", @ANYRES32], 0x0)
syz_usb_control_io$cdc_ncm(r3, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)

16.349256808s ago: executing program 40 (id=6723):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
pipe(0x0)
r3 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000580)=ANY=[@ANYBLOB="12010000459bb2405804035000000000000109021b0001110000000904000001", @ANYRES32], 0x0)
syz_usb_control_io$cdc_ncm(r3, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)

9.195133218s ago: executing program 0 (id=6724):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./file2\x00', 0x1cd02, &(0x7f0000001b80)=ANY=[], 0x1, 0x11f3, &(0x7f0000000980)="$eJzs3E+LW1UYB+C3cWrHqfNHrdV2oQfduLo0s3AlSJApyASU2gitINw6NxpyTUJuGIiI1ZVbP4e4dCeIX2A2fgZ3s3HZhXiFpLVNTdUuOpH6PJv7kvf8cu8hEDjhnBy/8c2n/W6VdfNJNE6disYoIt1KkaIRd7y0P79eu77farf3rqR0uXW1+XpKaevlHz/4/LtXfpqcff/7rR/OxNHOh8e/7v5ydP7owvHvVz/pValXpcFwkvJ0Yzic5DfKIh30qn6W0rtlkVdF6g2qYrzQ75bD0Wia8sHB5sZoXFRVygfT1C+maTJMk/E05R/nvUHKsixtbgQPdPqfh3S+vVXXdURdn44no67r+qnYiLPxdGzGVnwZEc/Es/FcnIvn43y8EC/Ghdmok3h8AAAAAAAAAAAAAAAAAAAA+P/4u/P/27Hj/D8AAAAAAAAAAAAAAAAAAACcgPeuXd9vtdt7V1Jajyi/PuwcdubXeb/VjV6UUcSl2I7fYnb6f25eX367vXcpzezEV+XN2/mbh50nFvPN2d8J3M6vzXp38s15Pi3mz8TGvfnd2I5zy++/uzS/Hq+9ek8+i+34+aMYRhkHs3vfzX/RTOmtd9r35S/OxgEAAMDjIEt/Wrp+z7IH9ef5h/h94L719VpcXFvt3Imopp/187IsxovF+l9eUfz7ovGI3rkR/5EJKh7/YtXfTJyEux/6qp8EAAAAAAAAAACAh/GIdxGuxZKdZW+uZqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//99CzUo=")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b00)={&(0x7f0000000ac0)='mm_page_free_batched\x00', r1}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000100)={'sit0\x00', &(0x7f00000002c0)={'tunl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x8, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x29, 0x0, @broadcast, @remote, {[@timestamp_addr={0x44, 0xc, 0x38, 0x1, 0x4, [{@rand_addr=0x64010102, 0xf}]}]}}}}})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r4, 0x0)
r5 = dup(r3)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000040)={'ip_vti0\x00', 0x0})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r6, 0xae9a)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

6.688774538s ago: executing program 5 (id=6744):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
pipe(0x0)
r3 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000580)=ANY=[@ANYBLOB="12010000459bb2405804035000000000000109021b0001110000000904000001", @ANYRES32], 0x0)
syz_usb_control_io$cdc_ncm(r3, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)

6.681491108s ago: executing program 0 (id=6745):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, 0x0, 0x0)
bind$inet(r0, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000640)='ext3\x00', &(0x7f0000000000)='./bus\x00', 0xa0080e, &(0x7f0000001100), 0x3, 0x443, &(0x7f0000000a40)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQuFWp26AmSLSqICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckGMLDG05ckYldE/B4Ro7VsY4Hx2j83ly/P/r18eTaJSuXNv5JquRvLl2fzovn7duaZoYjCp0kcaFHvwsVLaYnShSw/uXjuvcmFi5eePXNu5nTpdOn89IkTx45OPX98+rmexJnGdWP/h/MH97369tXXZ09efefnb5M8/qY4emS808HHK5UeV9dfu+vSyVAfG0JXirVuGsPV/j8axVg9eaPxyid9bRywqSqVSuW+9oeXKsBdLIl+twDoj/yHPp3/5tsWDT3uCNdfrE2A0rhvZlvtyFAUsjLDTfPbXhqPiJNL/3yVbrE59yEAABp8n45/nmk1/itE/X2h/2drKGMRcU9E7ImI4xGxNyLujaiWvT8iHuiy/uZFkrXjn8K1DQW2Tun474Vsbatx/JeP/mKsmOV2V+MfTk6dKZeOZJ/J4RjeluanOtTxw8u/fd7uWP34L93S+vOxYNaOa0PbGt8zN7M4czsx17v+ccT+oVbxJysrAUlE7IuI/Rus48xT3xxsd+zW8XfQg3WmytcRT9TO/1I0xZ9LOq9PTv4vyqUjk/lVsdYvv155o139txV/D6Tnf0fL638l/rGktl57dqZcLl1Y6OZ///LJ9PXKH5+1ndNs9PofSd5q2PfBzOLihamIkeS1WqPr9083lZteLZ/Gf/hQ6/6/J1Y/iQMRkV7ED0bEQxHxcNb2RyLi0Yg41OFT+Omlx97dePybK41/rqvzv5oYieY9rRPFsz9+11DpWDfxp+f/WDV1ONuznu+/9bSr26sZAAAA/qsKEbErksLESrpQmJio/Q3/3thRKM8vLD59av7983O1ZwTGYriQ3+karbsfOpVN6/P8dFP+aHbf+Ivi9mp+Yna+PNfv4GHA7WzT/1N/FvvdOmDTeV4LBpf+D4NL/4fBpf/D4GrR/7f3ox3A1mv1+/9RH9oBbL2m/m/ZDwaI+T8Mro30f98ZcHfo2JdHtq4dwJZa2B63fkheQmJNIgp3RDMkNinR728mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA3vg3AAD//5US5f8=")
socket$inet6_tcp(0xa, 0x1, 0x0)

5.924257985s ago: executing program 4 (id=6748):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, 0x0, 0x0, 0x81, 0x0, 0x0, 0xe7681c38bdbee7c1, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0))
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)

5.119859021s ago: executing program 0 (id=6749):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
pipe(0x0)
r3 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000580)=ANY=[@ANYBLOB="12010000459bb2405804035000000000000109021b0001110000000904000001", @ANYRES32], 0x0)
syz_usb_control_io$cdc_ncm(r3, 0x0, 0x0)

5.034088221s ago: executing program 4 (id=6750):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r2}, 0x18)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000180018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f0000000340)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4dc, &(0x7f0000000d80)="$eJzs3d9rHFsdAPDvTLK3v3JNrvpwveBtsZW0aHeTxrbBh1pB7FPBWt9rTDYhZJMN2U3bhCIpviuIqOCTT74I/gGC9E8QoaDvUkURbfXBB3VlZ2drG3eTlG52LsnnA9M5M2d3v9/TsGfmzBx2Aji2zkXEzYgYiYhLETGe70/z5Va7/k7ndS+eP5pvL0m0Wnf/mkSS7+t+VpKvz0TETkScjIiv34r4VvL/cRtb2ytztVp1I9+uNFfXK42t7cvLq3NL1aXq2szM9LXZ67NXZ6cG0s6JiLjxlT/+8Hs/++qNX33+we/v/fnit9tpjeX1r7ZjkDpNL2X/F12jEbFxGMEKMJKvS33qvzsyxGQAANhX+xz/4xHxmez8fzxGsrNTAAAA4ChpfWks/pVEtAAAAIAjK83mwCZpOZ8LMBZpWi535vB+Mk6ntXqj+bnF+ubaQmeu7ESU0sXlWnUqnys8EaWkvT2dz7Htbl/ZtT0TEe9FxA/GT2Xb5fl6baHoix8AAABwTJzZNf7/x3g2/j9RdF4AAADAgE0UnQAAAABw6Iz/AQAA4Ogz/gcAAIAj7Wu3b7eXVvf51wv3tzZX6vcvL1QbK+XVzfnyfH1jvbxUry9lv9m3ut/n1er19S/E2ubDSrPaaFYaW9v3Vuuba817y689AhsAAAAYovfOPvldEhE7XzyVLW3vFJ0UMBTJPvXZQ0Ke5Rt/GEJCwNCMFJ0AUJjRohMAClMqOgGgcPtdB+g7eefXg88FAAA4HJOf6n//37UBONrSohMAAIbO/X84vkqvzwC8WlwmQFE+tk/929//b7XeKCEAAGDgxrIlScv5vcCxSNNyOeLd7LEApWRxuVadyscHvx0vnWhvT2fvTPadMwwAAAAAAAAAAAAAAAAAAAAAAAAAdLRaSbQAAACAIy0i/VOS/Zp/xOT4hbHd1wfeSf45nq0j4sFP7v7o4VyzuTHd3v+3l/ubP873XyniCgYAAACwW3ec3h3HAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAgvXj+aL67DDPuX74cERM94589ma1ORikiTv89idFX3pdExMgA4u88joj3e8VP2mnFRHSy6BX/VIHx04g4M4D4cJw9afc/N3t9/9I4l617f/9G8+Vt9e//0uj2fyN9+p93Dxjjg6e/qPSN/zjig9He/U83ftIn/vkDxv/mN7a3+9W1fhox2fP4k7wWq9JcXa80trYvL6/OLVWXqmszM9PXZq/PXp2dqiwu16r5vz1jfP/Tv/zPXu0/3Sf+xD7tv3DA9v/76cPnn+gUS73iXzzf+/j7fp/4aX7s+2xebtdPdss7nfKrPvz5bz7cq/0Lfdr/8u/f40DbjnnxgO2/dOc7zw74UgBgCBpb2ytztVp1460Kg/qcNyykUUBQhUMqnPhopKHQKezVayTD66AAAICB+d9Jf9GZAAAAAAAAAAAAAAAAAAAAwPE1jJ8T2x1zp5imAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs6b8BAAD///JI2KQ=")

4.96273233s ago: executing program 6 (id=6752):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r3}, 0x18)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00'})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000004c0)="c8", &(0x7f0000000380), 0x5, r4}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000180018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f0000000340)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4dc, &(0x7f0000000d80)="$eJzs3d9rHFsdAPDvTLK3v3JNrvpwveBtsZW0aHeTxrbBh1pB7FPBWt9rTDYhZJMN2U3bhCIpviuIqOCTT74I/gGC9E8QoaDvUkURbfXBB3VlZ2drG3eTlG52LsnnA9M5M2d3v9/TsGfmzBx2Aji2zkXEzYgYiYhLETGe70/z5Va7/k7ndS+eP5pvL0m0Wnf/mkSS7+t+VpKvz0TETkScjIiv34r4VvL/cRtb2ytztVp1I9+uNFfXK42t7cvLq3NL1aXq2szM9LXZ67NXZ6cG0s6JiLjxlT/+8Hs/++qNX33+we/v/fnit9tpjeX1r7ZjkDpNL2X/F12jEbFxGMEKMJKvS33qvzsyxGQAANhX+xz/4xHxmez8fzxGsrNTAAAA4ChpfWks/pVEtAAAAIAjK83mwCZpOZ8LMBZpWi535vB+Mk6ntXqj+bnF+ubaQmeu7ESU0sXlWnUqnys8EaWkvT2dz7Htbl/ZtT0TEe9FxA/GT2Xb5fl6baHoix8AAABwTJzZNf7/x3g2/j9RdF4AAADAgE0UnQAAAABw6Iz/AQAA4Ogz/gcAAIAj7Wu3b7eXVvf51wv3tzZX6vcvL1QbK+XVzfnyfH1jvbxUry9lv9m3ut/n1er19S/E2ubDSrPaaFYaW9v3Vuuba817y689AhsAAAAYovfOPvldEhE7XzyVLW3vFJ0UMBTJPvXZQ0Ke5Rt/GEJCwNCMFJ0AUJjRohMAClMqOgGgcPtdB+g7eefXg88FAAA4HJOf6n//37UBONrSohMAAIbO/X84vkqvzwC8WlwmQFE+tk/929//b7XeKCEAAGDgxrIlScv5vcCxSNNyOeLd7LEApWRxuVadyscHvx0vnWhvT2fvTPadMwwAAAAAAAAAAAAAAAAAAAAAAAAAdLRaSbQAAACAIy0i/VOS/Zp/xOT4hbHd1wfeSf45nq0j4sFP7v7o4VyzuTHd3v+3l/ubP873XyniCgYAAACwW3ec3h3HAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAgvXj+aL67DDPuX74cERM94589ma1ORikiTv89idFX3pdExMgA4u88joj3e8VP2mnFRHSy6BX/VIHx04g4M4D4cJw9afc/N3t9/9I4l617f/9G8+Vt9e//0uj2fyN9+p93Dxjjg6e/qPSN/zjig9He/U83ftIn/vkDxv/mN7a3+9W1fhox2fP4k7wWq9JcXa80trYvL6/OLVWXqmszM9PXZq/PXp2dqiwu16r5vz1jfP/Tv/zPXu0/3Sf+xD7tv3DA9v/76cPnn+gUS73iXzzf+/j7fp/4aX7s+2xebtdPdss7nfKrPvz5bz7cq/0Lfdr/8u/f40DbjnnxgO2/dOc7zw74UgBgCBpb2ytztVp1460Kg/qcNyykUUBQhUMqnPhopKHQKezVayTD66AAAICB+d9Jf9GZAAAAAAAAAAAAAAAAAAAAwPE1jJ8T2x1zp5imAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs6b8BAAD///JI2KQ=")

4.485079668s ago: executing program 5 (id=6753):
r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r1, <r2=>0xffffffffffffffff}, 0x0, &(0x7f0000000300)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1000002}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x17, 0x0, 0x0, &(0x7f0000000740)='syzkaller\x00', 0x80000000, 0x5e, &(0x7f00000008c0)=""/94, 0x40f00, 0x22, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, r3, 0x0, 0x0, &(0x7f00000009c0), 0x10, 0xe, @void, @value}, 0x94)
clock_gettime(0x0, &(0x7f0000000140))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x18)
write$evdev(r0, &(0x7f0000000000), 0x100000008)

4.140697517s ago: executing program 4 (id=6754):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r3 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000001000), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}})
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="a8"], 0xa8)
write$FUSE_BMAP(r3, &(0x7f0000000000)={0x18}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}})
openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)

3.653863015s ago: executing program 0 (id=6755):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@allocspi={0xf8, 0x16, 0x1, 0x0, 0x0, {{{@in6=@private1, @in=@remote}, {@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x33}, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0xf8}}, 0x0)
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, &(0x7f00000002c0)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000180)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000001200)={0x84, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x20, 0x0, 0x4, {0x3}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000a40)={0x84, 0x0, 0x0, 0x0, &(0x7f0000000700)={0x20, 0x0, 0x4, {0x3, 0x2}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

3.526394215s ago: executing program 6 (id=6756):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x4, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000000c0)='mm_page_alloc\x00', r0}, 0x10)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x6e, &(0x7f0000000080)={@broadcast, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x38, 0x3a, 0x0, @local, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x7d0, {0x0, 0x6, "8cb02b", 0x0, 0x2f, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, @local, [@srh]}}}}}}}, 0x0)

3.442445904s ago: executing program 4 (id=6757):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./file2\x00', 0x1cd02, &(0x7f0000001b80)=ANY=[], 0x1, 0x11f3, &(0x7f0000000980)="$eJzs3E+LW1UYB+C3cWrHqfNHrdV2oQfduLo0s3AlSJApyASU2gitINw6NxpyTUJuGIiI1ZVbP4e4dCeIX2A2fgZ3s3HZhXiFpLVNTdUuOpH6PJv7kvf8cu8hEDjhnBy/8c2n/W6VdfNJNE6disYoIt1KkaIRd7y0P79eu77farf3rqR0uXW1+XpKaevlHz/4/LtXfpqcff/7rR/OxNHOh8e/7v5ydP7owvHvVz/pValXpcFwkvJ0Yzic5DfKIh30qn6W0rtlkVdF6g2qYrzQ75bD0Wia8sHB5sZoXFRVygfT1C+maTJMk/E05R/nvUHKsixtbgQPdPqfh3S+vVXXdURdn44no67r+qnYiLPxdGzGVnwZEc/Es/FcnIvn43y8EC/Ghdmok3h8AAAAAAAAAAAAAAAAAAAA+P/4u/P/27Hj/D8AAAAAAAAAAAAAAAAAAACcgPeuXd9vtdt7V1Jajyi/PuwcdubXeb/VjV6UUcSl2I7fYnb6f25eX367vXcpzezEV+XN2/mbh50nFvPN2d8J3M6vzXp38s15Pi3mz8TGvfnd2I5zy++/uzS/Hq+9ek8+i+34+aMYRhkHs3vfzX/RTOmtd9r35S/OxgEAAMDjIEt/Wrp+z7IH9ef5h/h94L719VpcXFvt3Imopp/187IsxovF+l9eUfz7ovGI3rkR/5EJKh7/YtXfTJyEux/6qp8EAAAAAAAAAACAh/GIdxGuxZKdZW+uZqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//99CzUo=")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b00)={&(0x7f0000000ac0)='mm_page_free_batched\x00', r1}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000100)={'sit0\x00', &(0x7f00000002c0)={'tunl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x8, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x29, 0x0, @broadcast, @remote, {[@timestamp_addr={0x44, 0xc, 0x38, 0x1, 0x4, [{@rand_addr=0x64010102, 0xf}]}]}}}}})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r4, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r4, 0x0, 0x0, 0x2}, 0x20)
r5 = dup(r3)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r6, 0xae9a)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

3.428049464s ago: executing program 6 (id=6758):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3.229439393s ago: executing program 6 (id=6761):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000640)='ext3\x00', &(0x7f0000000000)='./bus\x00', 0xa0080e, &(0x7f0000001100), 0x3, 0x443, &(0x7f0000000a40)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQuFWp26AmSLSqICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckGMLDG05ckYldE/B4Ro7VsY4Hx2j83ly/P/r18eTaJSuXNv5JquRvLl2fzovn7duaZoYjCp0kcaFHvwsVLaYnShSw/uXjuvcmFi5eePXNu5nTpdOn89IkTx45OPX98+rmexJnGdWP/h/MH97369tXXZ09efefnb5M8/qY4emS808HHK5UeV9dfu+vSyVAfG0JXirVuGsPV/j8axVg9eaPxyid9bRywqSqVSuW+9oeXKsBdLIl+twDoj/yHPp3/5tsWDT3uCNdfrE2A0rhvZlvtyFAUsjLDTfPbXhqPiJNL/3yVbrE59yEAABp8n45/nmk1/itE/X2h/2drKGMRcU9E7ImI4xGxNyLujaiWvT8iHuiy/uZFkrXjn8K1DQW2Tun474Vsbatx/JeP/mKsmOV2V+MfTk6dKZeOZJ/J4RjeluanOtTxw8u/fd7uWP34L93S+vOxYNaOa0PbGt8zN7M4czsx17v+ccT+oVbxJysrAUlE7IuI/Rus48xT3xxsd+zW8XfQg3WmytcRT9TO/1I0xZ9LOq9PTv4vyqUjk/lVsdYvv155o139txV/D6Tnf0fL638l/rGktl57dqZcLl1Y6OZ///LJ9PXKH5+1ndNs9PofSd5q2PfBzOLihamIkeS1WqPr9083lZteLZ/Gf/hQ6/6/J1Y/iQMRkV7ED0bEQxHxcNb2RyLi0Yg41OFT+Omlx97dePybK41/rqvzv5oYieY9rRPFsz9+11DpWDfxp+f/WDV1ONuznu+/9bSr26sZAAAA/qsKEbErksLESrpQmJio/Q3/3thRKM8vLD59av7983O1ZwTGYriQ3+karbsfOpVN6/P8dFP+aHbf+Ivi9mp+Yna+PNfv4GHA7WzT/1N/FvvdOmDTeV4LBpf+D4NL/4fBpf/D4GrR/7f3ox3A1mv1+/9RH9oBbL2m/m/ZDwaI+T8Mro30f98ZcHfo2JdHtq4dwJZa2B63fkheQmJNIgp3RDMkNinR728mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA3vg3AAD//5US5f8=")
socket$inet6_tcp(0xa, 0x1, 0x0)

3.196101993s ago: executing program 5 (id=6762):
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001c00110c0000", @ANYRES32=r4, @ANYBLOB="800202000a000200577f"], 0x48}}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x3, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x0, 0x9}, {0xffff, 0xffff}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x8000d8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x404}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e00000008000000000018000380140003801000018004000300080001"], 0x44}}, 0x0)

2.43814165s ago: executing program 4 (id=6764):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480), 0x2880, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r0, 0x400448dd, &(0x7f0000000100))

2.38214947s ago: executing program 9 (id=6765):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYRES32=r1], 0x4c}}, 0x0)

2.36853493s ago: executing program 9 (id=6766):
r0 = open(0x0, 0x801, 0x4b)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\t\x00'/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
timer_create(0x1, &(0x7f0000000280)={0x0, 0x38, 0x4, @thr={&(0x7f0000000580)="2c6e1158225066450d26957ef0ea4135b9d589415ce0e12f8fcca86cf4612443e3158279ca3b03780a8fc40a7ac44c5b384686196439b62a011a39ff073fd77a881a08968854bebc11ffefe5b3567b5f2657d1f499c0e04c7587a941dbb90d021684d989ab8a39b0b945b877d25d299020d466284bc9074c41dad6c079e716d92e3c8fd187967df919d2a28b0f3b8cff10d431170931310563a4c1a22ed0aff940b08c10e12cb2cd2810ee6cffdf52c1df21412b263891d5d4471b17d216629699baa96412", &(0x7f0000000340)="e3d69c9fb36a363c03a5ec35718e24a2cbd6f6d022a09db6aca8c2"}}, &(0x7f0000000380))
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x11, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000100000000001c00090008000000", @ANYRES32=r7], 0x4c}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x248, &(0x7f0000000100), 0xfd, 0x48f, &(0x7f0000000940)="$eJzs3M1rHOUfAPDvzG6SX1+TX60vrdVGq1h8SZq0akHBFxA8KAh6qCeJSVpq00aaCLYEG6XUi6AF7yJ4EfwLPHkS9SR41bsUivTS6mllMrPrJtnNSzfJptnPB6aZJ/vMPt/vzDwzz8xkGkDH6s/+SSJ2RsTvEdEbEWl9hW35lNW7dWNm9O8bM6NJVCpv/pVki8XNGzOj1apJ8XNHXihnX5ReTuLFBu1OXbh4ZmRiYvx8UR6cPvv+4NSFi0+dPjtyavzU+Lnh48ePHR169pnhp9ckzyymm/s/mjyw79W3r74+euLquz9/l9QFXZ9Hi57rrc3O1NbJQo+uUWObxa66+aTcxkBYlZ6IyDZX11z/743S5d21z3rjlU/aGhywriqVSmW4+cezFWALS6LdEQDtUT3RZ9e/1WmDhh6bwvWX8gugLO9bxZR/Us7vg/Tk10a71qn9/og4MfvPV9kUq74P0bVOUQEAW9kP2fjnyQbjv3LEPXX1dhfPhvoi4v8RsSci7oqIvRFxd+R1742I+xo30/9Ok/b7F5QXj3/Say2kt6xs/Pd88Wxr/viv9hSsr1SUds3l35WcPD0xfqRYJ4ejqycrDzX89iRiNvv52+fN2q8f/2VT1n51LFjEca3cM3+ZsZHpkZYTL1z/OGJ/uVH+SZT/yyL2RcT+22zj9OPfHpj/m1Jtbvn8l7AGz5kqX0c8lm//2ViQf1Wy9PPJwf/FxPiRwepesdgvv155o1n7ef5pLJ3/ttYTbSLb/tsb7f8v1PLvS+qf104t+oru5dq48senTa9pbnf/707emtf4hyPT0+eHIrqT1xb/vu4Gd7VcrZ/lf/hQ4/6/p1gmy//+iMh24gci4sGIOFjE/lBEPBwRh5bI/6eXH3mvaf4HW9j/10CW/1jD41+z7b/6mdKZH79v1v7Ktv+xamEuqJUc/1YaYCvrDgAAAO4UaUTsjCQdqM2n6cBA/vfye2N7OjE5Nf3EyckPzo3l7wj0RVdavdPVW3c/dKi4N1wtDxflS0X5aHHf+MvStrnywOjkxFi7k4cOt6NJ/8/8WWp3dMC6874WdC79HzrX7fd/Rw640y3Ti9ONigPYeM7i0Lka9f9L9YUk8r+SB7Yc53/oXLX+/8UKKte97rXw5U3gzrPU+b/Su4GBABvO+B86Uivv9W+KmfgmYuk6yWYJdVUzn7WyeHkDIoy0jeunuy0bZbgU0cZdorzS/9UiLlQutdxou49MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAa+PfAAAA///67uRi")
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r0, 0x8008f511, &(0x7f00000001c0))
r8 = openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0)
write$cgroup_pid(r8, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

2.280133399s ago: executing program 5 (id=6767):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r3}, 0x18)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00'})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000004c0)="c8", &(0x7f0000000380), 0x5, r4}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000180018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f0000000340)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4dc, &(0x7f0000000d80)="$eJzs3d9rHFsdAPDvTLK3v3JNrvpwveBtsZW0aHeTxrbBh1pB7FPBWt9rTDYhZJMN2U3bhCIpviuIqOCTT74I/gGC9E8QoaDvUkURbfXBB3VlZ2drG3eTlG52LsnnA9M5M2d3v9/TsGfmzBx2Aji2zkXEzYgYiYhLETGe70/z5Va7/k7ndS+eP5pvL0m0Wnf/mkSS7+t+VpKvz0TETkScjIiv34r4VvL/cRtb2ytztVp1I9+uNFfXK42t7cvLq3NL1aXq2szM9LXZ67NXZ6cG0s6JiLjxlT/+8Hs/++qNX33+we/v/fnit9tpjeX1r7ZjkDpNL2X/F12jEbFxGMEKMJKvS33qvzsyxGQAANhX+xz/4xHxmez8fzxGsrNTAAAA4ChpfWks/pVEtAAAAIAjK83mwCZpOZ8LMBZpWi535vB+Mk6ntXqj+bnF+ubaQmeu7ESU0sXlWnUqnys8EaWkvT2dz7Htbl/ZtT0TEe9FxA/GT2Xb5fl6baHoix8AAABwTJzZNf7/x3g2/j9RdF4AAADAgE0UnQAAAABw6Iz/AQAA4Ogz/gcAAIAj7Wu3b7eXVvf51wv3tzZX6vcvL1QbK+XVzfnyfH1jvbxUry9lv9m3ut/n1er19S/E2ubDSrPaaFYaW9v3Vuuba817y689AhsAAAAYovfOPvldEhE7XzyVLW3vFJ0UMBTJPvXZQ0Ke5Rt/GEJCwNCMFJ0AUJjRohMAClMqOgGgcPtdB+g7eefXg88FAAA4HJOf6n//37UBONrSohMAAIbO/X84vkqvzwC8WlwmQFE+tk/929//b7XeKCEAAGDgxrIlScv5vcCxSNNyOeLd7LEApWRxuVadyscHvx0vnWhvT2fvTPadMwwAAAAAAAAAAAAAAAAAAAAAAAAAdLRaSbQAAACAIy0i/VOS/Zp/xOT4hbHd1wfeSf45nq0j4sFP7v7o4VyzuTHd3v+3l/ubP873XyniCgYAAACwW3ec3h3HAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAgvXj+aL67DDPuX74cERM94589ma1ORikiTv89idFX3pdExMgA4u88joj3e8VP2mnFRHSy6BX/VIHx04g4M4D4cJw9afc/N3t9/9I4l617f/9G8+Vt9e//0uj2fyN9+p93Dxjjg6e/qPSN/zjig9He/U83ftIn/vkDxv/mN7a3+9W1fhox2fP4k7wWq9JcXa80trYvL6/OLVWXqmszM9PXZq/PXp2dqiwu16r5vz1jfP/Tv/zPXu0/3Sf+xD7tv3DA9v/76cPnn+gUS73iXzzf+/j7fp/4aX7s+2xebtdPdss7nfKrPvz5bz7cq/0Lfdr/8u/f40DbjnnxgO2/dOc7zw74UgBgCBpb2ytztVp1460Kg/qcNyykUUBQhUMqnPhopKHQKezVayTD66AAAICB+d9Jf9GZAAAAAAAAAAAAAAAAAAAAwPE1jJ8T2x1zp5imAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs6b8BAAD///JI2KQ=")

979.779274ms ago: executing program 6 (id=6768):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r3 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000001000), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}})
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="a8"], 0xa8)
write$FUSE_BMAP(r3, &(0x7f0000000000)={0x18}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}})
openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)

759.485843ms ago: executing program 9 (id=6769):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r2}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})

683.846993ms ago: executing program 6 (id=6770):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00'})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000004c0)="c8", &(0x7f0000000380), 0x5, r2}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000180018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f0000000340)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4dc, &(0x7f0000000d80)="$eJzs3d9rHFsdAPDvTLK3v3JNrvpwveBtsZW0aHeTxrbBh1pB7FPBWt9rTDYhZJMN2U3bhCIpviuIqOCTT74I/gGC9E8QoaDvUkURbfXBB3VlZ2drG3eTlG52LsnnA9M5M2d3v9/TsGfmzBx2Aji2zkXEzYgYiYhLETGe70/z5Va7/k7ndS+eP5pvL0m0Wnf/mkSS7+t+VpKvz0TETkScjIiv34r4VvL/cRtb2ytztVp1I9+uNFfXK42t7cvLq3NL1aXq2szM9LXZ67NXZ6cG0s6JiLjxlT/+8Hs/++qNX33+we/v/fnit9tpjeX1r7ZjkDpNL2X/F12jEbFxGMEKMJKvS33qvzsyxGQAANhX+xz/4xHxmez8fzxGsrNTAAAA4ChpfWks/pVEtAAAAIAjK83mwCZpOZ8LMBZpWi535vB+Mk6ntXqj+bnF+ubaQmeu7ESU0sXlWnUqnys8EaWkvT2dz7Htbl/ZtT0TEe9FxA/GT2Xb5fl6baHoix8AAABwTJzZNf7/x3g2/j9RdF4AAADAgE0UnQAAAABw6Iz/AQAA4Ogz/gcAAIAj7Wu3b7eXVvf51wv3tzZX6vcvL1QbK+XVzfnyfH1jvbxUry9lv9m3ut/n1er19S/E2ubDSrPaaFYaW9v3Vuuba817y689AhsAAAAYovfOPvldEhE7XzyVLW3vFJ0UMBTJPvXZQ0Ke5Rt/GEJCwNCMFJ0AUJjRohMAClMqOgGgcPtdB+g7eefXg88FAAA4HJOf6n//37UBONrSohMAAIbO/X84vkqvzwC8WlwmQFE+tk/929//b7XeKCEAAGDgxrIlScv5vcCxSNNyOeLd7LEApWRxuVadyscHvx0vnWhvT2fvTPadMwwAAAAAAAAAAAAAAAAAAAAAAAAAdLRaSbQAAACAIy0i/VOS/Zp/xOT4hbHd1wfeSf45nq0j4sFP7v7o4VyzuTHd3v+3l/ubP873XyniCgYAAACwW3ec3h3HAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAgvXj+aL67DDPuX74cERM94589ma1ORikiTv89idFX3pdExMgA4u88joj3e8VP2mnFRHSy6BX/VIHx04g4M4D4cJw9afc/N3t9/9I4l617f/9G8+Vt9e//0uj2fyN9+p93Dxjjg6e/qPSN/zjig9He/U83ftIn/vkDxv/mN7a3+9W1fhox2fP4k7wWq9JcXa80trYvL6/OLVWXqmszM9PXZq/PXp2dqiwu16r5vz1jfP/Tv/zPXu0/3Sf+xD7tv3DA9v/76cPnn+gUS73iXzzf+/j7fp/4aX7s+2xebtdPdss7nfKrPvz5bz7cq/0Lfdr/8u/f40DbjnnxgO2/dOc7zw74UgBgCBpb2ytztVp1460Kg/qcNyykUUBQhUMqnPhopKHQKezVayTD66AAAICB+d9Jf9GZAAAAAAAAAAAAAAAAAAAAwPE1jJ8T2x1zp5imAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs6b8BAAD///JI2KQ=")

624.392803ms ago: executing program 0 (id=6771):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x10e, &(0x7f0000000280)={[{@errors_remount}, {@nodelalloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10000}}, {@block_validity}, {@quota}]}, 0x3, 0x44d, &(0x7f0000000a40)="$eJzs28tvG8UfAPDvrpP219cvoZRHH0CgICIeSZMW6IEDIJA4gITEpRxDklalboOaINGqgoBQOaJK3BFHJP4CTnBBwAmJK9xRpQrlQuFktPZu/IjtJsGJS/35SNvM7I498/Xs2LM73QAG1lj2TxKxNyJ+jYiRWra5wFjtz82VK7N/rVyZTaJSefOPpFruz5Urs0XR4nV78sx4GpF+ksThNvUuXrp8bqZcnr+Y5yeXzr87uXjp8tNnz8+cmT8zf2H65MkTx6eee3b6mZ7EeVfW1kMfLBw5+Opb116fPXXt7R+/Tor4W+LokbFuBx+rVHpcXX/ta0gnQ31sCBtSioisu4ar438kSlHvvJF45eO+Ng7YUpVch8PLFeAOlkS/WwD0R/FDn13/Ftv2zT7678aLtQugLO6b+VY7MhRp1C6Mhluub3tpLCJOLf/9RbbF1tyHAABo8m02/3mq3fwvjXsbyv0/XxsazddS9kfE3RFxICLuiaiWvS8i7t9g/a2LJGvnP+n1TQW2Ttn87/l8bat5/pcWRUZLeW5fNTOcnD5bnj+WfybjMbwzy091qeO7l3/5rNOxxvlftmX1F3PBvB3Xh3Y2v2ZuZmnm38Tc6MZHEYeG2sWfrK4EJBFxMCIObbKOs098daTTsdb4K0m3d3qhOduDdabKlxGP1/p/OVriLyTd1ycn/xfl+WOTxVmx1k8/X32jU/237v+tlfX/7rbn/2r8o0njeu3ixuu4+tunHa9pJjZ1/td37Mj/vj+ztHRxKmJH8lqt0Y37p+uvLfJF+Sz+8aPtx//+qH8ShyMiO4kfiIgHI+KhvO8ejohHIuJol/h/eOnRdzodux36f66l/0ebi7T0fz2xI1r3tE+Uzn3/TfM71pPr+/47UU2N53vW8/23nnZt7mwGAACA/540IvZGkk6sptN0YqL2f/gPxO60vLC49OTphfcuzNWeERiN4bS401W7H1y7HzqVX9YX+emW/PH8vvHnpV3V/MTsQnmu38HDgNvTYfxnfi/1u3XAlvO8Fgwu4x8Gl/EPg8v4h8HVZvzv6kc7gO3X7vf/w3qyMrKdjQG2Vcv4t+wHA8T1Pwwu4x8GV+P47/r8PXAnWdwVt35IXkJiTSLS26IZvUkkWzwK9vY7wI0n+v3NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bv/BAAA///oO+WP")
chdir(&(0x7f0000000000)='./file0\x00')
getsockopt$packet_int(0xffffffffffffffff, 0x107, 0xe, 0x0, 0xfffffffffffffffe)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x110, &(0x7f0000000480)=ANY=[@ANYBLOB='iocharset=macromanian,dmask=00000000000000000000000,errors=remount-ro,errors=continue,fmask=00000000000000000122753,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c696f636861727365743d6d6163726f6d616e69616e2c646973636172642c757466382c6572726f72733d636f6e74696e75652c00b24a414a138ea1f090829675858b"], 0x1, 0x1528, &(0x7f00000037c0)="$eJzs3AuYT9X6OPD3XWvtMSS+TXIZ1lrv5ptclkmSXJLkkiRJkuSWkDTJkYTEEJI0JCG5DEkMIblMTBr3+/2SkCRNkoTklqz/M+FxOnX+p/M7/XKe37yf59mP9X73ftd+9/f9XvbeZubbrkNrNaldvRERwX8EL/yTBACxADAQAPICQAAA5ePKx2Wtzykx6T/bCftzPZh6pStgVxL3P3vj/mdv3P/sjfufvXH/szfuf/bG/c/euP+MZWebphW6hpfsu/D9/+yMv///D8ksM/bLNWWu6wYQ80dTuP/ZG/f//6zgj2zE/c/euP/ZVeyVLoD9F+D3f3aQ45+u4f5nb9x/xrKzK33/+UovEPkvew6O5LzQmL/q+BljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsb/AaX+ZAoBL4ytdF2OMMcYYY4wxxv48PseVroAxxhhjjDHGGGP/+xAESFAQQAzkgFjICblAAMDVkAfyQgSugTi4FvLBdZAfCkBBKATxUBiKgAYDFghCKArFIArXQ3G4AUpASSgFpcFBGUiAG6Es3ATl4GYoD7dABbgVKkIlqAxV4DaoCrdDNbgDqsOdUANqQi2oDXdBHbgb6sI9UA/uhfpwHzSA+6EhPACN4EFoDA9BE3gYmsIj0AyaQwtoCa3+R/nPQ094AXpBb0iCPtAXXoR+0B8GwEswEF6GQfAKDIZXIRmGwFB4DYbB6zAc3oARMBJGwZswGt6CMTAWxsF4SIEJMBHehknwDkyGd2EKTIVUmAbT4T2YATNhFrwPs+EDmANzYR7MhzT4EBbAQkiHj2ARfAwZsBiWwFJYBsthBayEVbAa1sBaWAfrYQNshE2wGbbAVtgG22EHfAI74VPYBbthD3wGe+HzfzP/1D/kd0NAQIECFSqMwRiMxVjMhbkwN+bGPJgHIxjBOIzDfJgP82N+LIgFMR7jsQgWQYMGCQmLYlGMYhSLY3EsgSWwFJZChw4TMAHL4k1YDstheSyPFbACVsRKWAmrYBWsilWxGlbD6lgda2ANrIW18C68C/tgXayL9bAe1sf6l25PYSNshI2xMTbBJtgUm2IzbIYtsAW2wlbYGltjG2yD7bAdtsf22AE7YCImYkfsiJ2wE3bGztgFu2BX7IrdsDt2z3w+B+AL+AL2xhqiD/bFvtgPk3MMwJfwJXwZB+Er+Aq+isk4BIfia/gavo7D8SSOwJE4CkdhVfEWjsGxSGI8pmAKTsSJOAknYVah7+JUTMVpOB2n4wyciTPxfZyNH+AHOBfn4nxMwzRcgAsxHdNxEZ7CDFyMS3ApLsPluAxX4ipciWtwLa7B9bgeN+JG3IybcStuxe24HT9BBYCf4m7cjcm4F/fiPtyH+3E/HsADmImZeBAP4iE8hIfxMB7BI3gUj+FxPIYn8ASexFN4Gk/jWTyL5/DZ+K8bf1JydTKILEooESNiRKyIFblELpFb5BZ5RB4RERERJ+JEPpFP5Bf5RUFRUMSLeFFEFBFGGEEijAEAERVRUVwUFyVECVFKlBJOOJEgEkRZUVaUE+VEeXGLqCBuFRVFJdHWVRFVRFXRzlUTd4jqorqoIWqKWqK2qC3qiDqirqgr6ol6or6oLxqI+0VD0QcH4IMiqzNNxBBsKoZiM9FcyIufYK3FcGwj2op24nExEkdgB9HaJYqnREcxBjuJv4mx+IzoIsZjV/Gc6Ca6ix7iedFTtHG9RG8xGfuIvmIq9hP9xQDxkpiBNcX7ODtnLfGqSBZDxFDxmpiPr4vh4g0xQowUo8SbYrR4S4wRY8U4MV6kiAlionhbTBLviMniXTFFTBWpYpqYLt4TM8RMMUu8L2aLD8QcMVfME/NFmvhQLBALRbr4SCwSH4sMsVgsEUvFMrFcrBArxSqxWqwRa8U6sV5sEBvFJrFZbBFbxTaxXewQn4id4lOxS+wWe8RnYq/4XOwTX4j94ktxQHwlMsXX4qD4RhwS34rD4jtxRHwvjopj4rj4QZwQP4qT4pQ4Lc6Is+IncU78LM4LL0CiFFJKJQMZI3PIWJlT5pJXydwyuPjsXiPj5LUyn7xO5pcFZEFZSMbLwrKI1NJIK0mGsqgsJqPyellc3iBLyJKylCwtnSwjE+SNsqy8SZaTN8vy8hZZQd4qK8pKsrKsIm+TVeXtEiIX9lFD1pS1ZG15l0yCu2VdeY+sJ++V9eV9soG8XzaUD8hG8kHZWD4km8iHZVP5iGwmm8sWsqVsJR+VreVjso1sK9vJx2V7+YTsIJ+UifIp2VH6iy+RZ2QX+azsKp+T3WR32UP+LM9LL3vJ3hL6gOwrX5T9ZH85IBYA5MtykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZviunyKkyVU6TA+TAX2aaJeW/zH/7d/IH/7L3jXKT3Cy3yK1ym9wud8hP5E65U+6Su+QeuUfulXvlPrlP7pf75QF5QGbKTHlQHpSH5CF5WB6WR+QReVQek2fkD/KE/FGelKfkKXlGnpVn5bmLzwEoVEJJpVSgYlQOFatyqlzqKpVbXa3yqLwqoq5RcepalU9dp/KrAqqgKqTiVWFVRGlllFWkQlVUFVNRdT1efMGoUqq0cqqMSlA3/jv5qri6QZVQJX+Vf6m+pH9SXyvVSrVWrVUb1Ua1U+1Ue9VedVAdVKJKVB1VR9VJdVKdVWfVRXVRXVVX1U11Uz1UD9VT9VS9VC+VpJJUX/Wi6qf6qwHqJTVQvawGqUFqsBqsklWyGqqGqmFqmBquhqsRaoQapUap0Wq0GqPGqHFqnEpRKWqimqgmqUlqspqspqgpKlWlqulqupqhZqhZapaarWarOWqOmqfmqTSVphaoBSpdpatFapHKUIvVYrVULVXL1XK1Uq1Uq9VqtVatVevVepWhNqlNaovaorapbWqH2qF2qp1ql9ql9qg9aq/aq/apfWq/2q8OqAMqU2Wqg+qgOqQOqcPqsDqijqij6qg6ro6rE+qEOqlOqtPqtDqrzqpz6pw6r85nnfYFIhCBClQQE8QEsUFskCvIFeQOcgd5gjxBJIgEcUFckC+4LsgfFAgKBoWC+KBwUCTQgQlsIC42PRpcHxQPbghKBCWDUkHpwAVlgoTgxqBscFNQLrg5KB/cElQIbg0qBpWCykGV4LaganB7UC24I6ge3BnUCGoGtYLawV1BneDuoG5wT1AvuDeoH9wXNAjuDxoGDwSNggeDxsFDQZPg4aBp8EjQLGgetAhaBq3+1Pm9P1ngMddL99ZJuo/uq1/U/XR/PUC/pAfql/Ug/YoerF/VyXqIHqpf08P063q4fkOP0CP1KP2mHq3f0mP0WD1Oj9cpeoKeqN/Wk/Q7erJ+V0/RU3Wqnqan6/f0DD1Tz9Lv69n6Az1Hz9Xz9Hydpj/UC/RCna4/0ov0xzpDL9ZL9FK9TC/XK/RKvUqv1mv0Wr1Or9cb9Ea9SW/WW/RWvU1v1zv0J3qn/lTv0rv1Hv2Z3qs/1/v0F3q//lIf0F/pTP21Pqi/0Yf0t/qw/k4f0d/ro/qYPq5/0Cf0j/qkPqVP6zP6rP5Jn9M/6/PaZ53cZ329G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emn8ln8pv8pqApaOJNvCliipgsZMgUNUVN1ERNcVPclDAlTClTyjjjTIJJMGVNWVPOlDPlTXlTwVQwFU1FU9lUNreZ28zt5nZzh7nD3GnuNDVNTVPb1DZ1TB1T19Q19Uw9U9/UNw1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1MM9PCtDCtTCvT2rQ2bUwb0860M+1Ne9PBdDCJJtF0NB1NJ9PJdDadTRfTxXQ1XU030830MD1MT9PT9DK9TJJJMn1NX9PP9DMDzAAz0Aw0g8wgM9gMNskm2Qw1Q80wM8wMN8PNCDPSjMo6UTVvmTFmrBlnxpsUk2ImmolmkplkJpvJZoqZYlJNqpluppsZZoaZZWaZ2Wa2mWPmmHlmnkkzaWaBWWDSTbpZZBaZDJNhlpglZplZZlaYFWaVWWXWmDVmHawzG8wGs8lsMlvMFrPNbDM7zA6z0+w0u8wus8fsMXvNXrPP7DP7zX5zwBwwmSbTHDQHzSFzyBw2h80Rc8QcNUfNcXPcnDAnzElz0pw2p81ZU+Di96U3sTanzWWvsrnt1TaPzWv/MS5oC9l4W9gWsdrmtwV+FRtrbQlb0paypa2zZWyCvfE3cUVbyVa2Vexttqq93Vb7TVzH3m3r2ntsPXuvrW3v+lVc395nG9iHbUNEANvcNrYtbRP7sG1qH7HNbHPbwra07e0TtoN90ibap2xH+/Rv4gV2oV1lV9s1dq3dZXfb0/aMPWS/tWftT7aX7W0H2pftIPuKHWxftcl2yG/iUfZNO9q+ZcfYsXacHf+beIqdalPtNDvdvmdn2Jm/idPsh3a2Tbdz7Fw7z87/Jc6qKd1+ZBfZj22GDWCJXWqX2eV2hV15qVaf1663G+xGu9N+arfYrXab3W53XDoRtrvtHvuZ3Ws/twftN3a//dIesIdtpv36lzjr+A7b7+wR+709ao/Z4/YHe8L+qC5lZx37D/Zne956C4QEJElRQDGUg2IpJ+Wiqyg3XU15KC9F6BqKo2spH11H+akAFaRCFE+FqQhpMmSJKKSiVIyidD1dKq8UlSZHZSiBbqSydBOVo5upPN1CFehWqkiVqDJVoduoKt1O1egOqk53Ug2qSbWoNt1Fdehuqkv3UD26l+rTfdSA7qeG9AA1ogepMT1ETehhakqPUDNqTi2oJbWiR6k1PUZtqC21o8epPT1BHehJSqSnqCM9TZ3ob9SZnqEu9Cx1peeoG3WnHvQ89aQXqBf1piTqQ33pRepH/WkAvUQD6WUaRK/QYHqVkmkIDaXXaBi9TsPpDRpBI2kUvUmj6S0aQ2NpHI2nFJpAE+ltmkTv0GR6l6bQVEqlaTSd3qMZNJNm0fs0mz6gOTSX5tF8SqMPaQEtpHT6iBbRx5RBi2kJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQJ7STPqVdtJv20Ge0lz6nffQF7acv6QB9RZn0NR2kb+gQfUuH6Tvfm76no3SMjtMPdIJ+pJN0ik7TGTpLP9E5+pnOkycIMRShDFUYhDFhjjA2zBnmCq8Kc4dXh3nCvGEkvCaMC68N84XXhfnDAmHBsFAYHxYOi4Q6NKENKQzDomGxMBpeHxYPbwhLhCXDUmHp0IVlwoTwxrBseFNYLrw5LB/eElYIbw0rhpXCh++tEt4WVg1vD6uFd4TVwzvDGmHNsFZYO7wrrBPeHdYN7wnrhfeG5cL7wgbh/WHD8IGwUfhg2Dh8KGwSPhw2DR8Jm4XNwxZhy7BV+GjYOnwsbBO2DduFj4ftwyfCDuGTYWL4VNgxfPqX9fct/Ofrk8I+Yd/wxfDF0Pt75Lzo/Gha9MPogujCaHr0o+ii6MfRjOji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iboxqj3tXOAQyecdMoFLsblcLEup8vlrnK53dUuj8vrIu4aF+eudfncdS6/K+AKukIu3hV2RZx2xllHLnRFXTEXdde74u4GV8KVdKVcaedcGZfgWrpWrpVr7R5zbVxb18497h53T7gn3JPuSfeU6+iedp3c31xn94zr4p51z7rnXDfX3fVwz7uebkKeC+/JJNfX9XX9XD83wA1wA91AN8gNcoPdYJfskt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NciktxE91EN8lNcpPdZDfFTXGpLtVNd9PdDDfDVZ15YS9z3Bw3z81zaS7NLXBZ54zpbpFb5DJchlvilrhlbplb4Va4VW6VW+PWuHVundvgNrhNbpPb4ra4bW6b2+F2uJ1up9vl816Y1O11+9w+t9/tdwfcVy7Tfe0Oum/cIfetO+y+c0fc9+6oO+aOux/cCfejO+lOudPujDvrfnLn3M/uvPMuJTIhMjHydmRS5J3I5Mi7kSmRqZHUyLTI9Mh7kRmRmZFZkfcjsyMfROZE5kbmReZH0iIfRhZEFkbSIx9FFkU+jmREFkeWRJZGlkWWR7wvvCX0RX0xH/XX++L+Bl/Cl/SlfGnvfBmf4G/0Zf1Nvpy/2Zf3t/gK/lZf0Vfylf0jvplv7lv4lr6Vf9S39o/5Nr6tb+cf9+39E76Df9In+qd8R/+07+T/5jv7Z3wX/6zv6p/z3Xx338M/73v6F3wv39sn+T6+r3/R9/P9/QD/kh/oX/aD/Ct+sH/VJ/shfqh/zQ/zr/vh/g0/wo/0o2Le9KMvXSLDeJ/iJ/iJ/m0/yb/jJ/t3/RQ/1af6aX66f8/P8DP9LP++n+0/8HP8XD/Pz/dp/kO/wC/06f4jv8h/7DP84ks3lf0Kv9Kv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv89v9Dv+J3+k/9bv8br/Hf+b3+s/9Pv+F3++/9Af8Vz7Tf+0P+m/8If+tP+y/80f89/6oP+aP+x/8Cf+jP+lP+dP+jD/rf/Ln/M/+PP/OGmOMMcbYHzLh8lD8es2F2/l9fidH/N3GfQHg6q2FMv9+fdYZ5br8F8b9RXz7CAA81bvrg5eWGjWSkpIubpshISg2F+DS/wRliYHL8WJoB09AIrSFsr9bf3/R/Sz9i/mjtwDk+rucWLgcX57/CwBM+p35H3181IIK4em4/8/8cwFKFLuckxMux4uh3S/3V9pCuX9Sf4HW/6L+nF+mALT5u5zccDm+XH8CPAZPQ+KvtmSMMcYYY4wxxi7oLyp3vnT9eeknPn/v+jxeXc7JAZfjf3V9zhhjjDHGGGOMsSvvme49nnw0MbFt539/UO1/lPWHB03hf2tmHvzuwHuAS48oAPgPJwTIGsi/8ig2/yX7Sr741vnHVcvO+AD+O1r5Zwyu8AcTY4wxxhhj7E93+aT/14+rK1UQY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDGWDf0Vf07sSh8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9vwAAAP//kfb+pw==")
recvmmsg(0xffffffffffffffff, &(0x7f000000ae80)=[{{&(0x7f0000000340)=@qipcrtr, 0x80, &(0x7f0000000440)=[{&(0x7f00000001c0)=""/7, 0x7}, {&(0x7f00000003c0)=""/83, 0x53}, {&(0x7f0000000ec0)=""/4096, 0x1000}], 0x3}, 0x1ff}, {{0x0, 0x0, &(0x7f0000002180)}, 0x8}, {{&(0x7f00000009c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @private}}}, 0x80, &(0x7f00000034c0)=[{&(0x7f0000002240)=""/230, 0xe6}, {&(0x7f0000002340)=""/4096, 0x1000}, {&(0x7f0000003440)=""/123, 0x7b}, {&(0x7f0000004d00)=""/4096, 0x1000}], 0x4}, 0xa24f}, {{&(0x7f0000003540)=@generic, 0x80, &(0x7f0000001f80)=[{&(0x7f00000035c0)=""/252, 0xfc}], 0x1, &(0x7f00000036c0)=""/12, 0xc}, 0xc}, {{&(0x7f0000003700)=@xdp, 0x80, &(0x7f0000003780)=[{&(0x7f0000005d00)=""/116, 0x74}, {&(0x7f0000005e80)=""/4096, 0x1000}], 0x2, &(0x7f0000006e80)}, 0x3}, {{&(0x7f0000006ec0)=@nfc, 0x80, &(0x7f00000073c0)=[{&(0x7f0000006f40)=""/143, 0x8f}, {&(0x7f0000007000)=""/207, 0xcf}, {&(0x7f0000007100)=""/64, 0x40}, {&(0x7f0000007140)=""/206, 0xce}, {&(0x7f0000007240)=""/145, 0x91}, {&(0x7f0000007300)=""/155, 0x9b}], 0x6, &(0x7f0000007440)=""/134, 0x86}, 0x401}, {{0x0, 0x0, &(0x7f0000007580), 0x0, &(0x7f00000075c0)=""/175, 0xaf}, 0x5}, {{&(0x7f0000007680)=@nfc_llcp, 0x80, &(0x7f0000008c40)=[{&(0x7f0000007700)=""/4096, 0x1000}, {&(0x7f0000008700)=""/89, 0x59}, {&(0x7f0000008780)=""/138, 0x8a}, {&(0x7f0000008840)=""/150, 0x96}, {&(0x7f0000008900)=""/107, 0x6b}, {&(0x7f0000008980)=""/254, 0xfe}, {&(0x7f0000008a80)=""/196, 0xc4}, {&(0x7f0000008b80)=""/29, 0x1d}, {&(0x7f0000008bc0)=""/112, 0x70}], 0x9, &(0x7f0000008d00)=""/105, 0x69}, 0xc}, {{&(0x7f0000008d80)=@hci, 0x80, &(0x7f0000009e40)=[{&(0x7f0000008e00)=""/53, 0x35}, {&(0x7f0000008e40)=""/4096, 0x1000}], 0x2, &(0x7f0000009e80)=""/4096, 0x1000}, 0x9}], 0x9, 0x2020, &(0x7f000000b0c0)={0x0, 0x989680})
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r4, &(0x7f0000001fc0)=""/184, 0xb8)

550.971712ms ago: executing program 9 (id=6772):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

278.300281ms ago: executing program 9 (id=6773):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}})

125.75282ms ago: executing program 9 (id=6774):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, 0x0, 0x0, 0x81, 0x0, 0x0, 0xe7681c38bdbee7c1, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0))
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)

106.2506ms ago: executing program 4 (id=6775):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000402609333340000000000109022400010000000009040000010301010009210000000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001640)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_usb_control_io(r0, 0x0, 0x0)

102.59158ms ago: executing program 5 (id=6776):
mknodat$loop(0xffffffffffffff9c, 0x0, 0x6004, 0x1)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r3}, 0x10)
r4 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [], 0x6b}})

0s ago: executing program 5 (id=6777):
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001c00110c0000", @ANYRES32=r4, @ANYBLOB="800202000a000200577f"], 0x48}}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x3, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x0, 0x9}, {0xffff, 0xffff}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x8000d8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x404}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e00000008000000000018000380140003801000018004000300080001"], 0x44}}, 0x0)

kernel console output (not intermixed with test programs):

=05d1, idProduct=2001, bcdDevice= 6.00
[ 2258.429906][T22790] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2258.442691][T22790] usb 7-1: Product: syz
[ 2258.446690][T22790] usb 7-1: Manufacturer: syz
[ 2258.451616][T22790] usb 7-1: SerialNumber: syz
[ 2258.460495][T22790] usb 7-1: config 0 descriptor??
[ 2258.467736][  T312] hid-steam: probe of 0003:28DE:1142.00FD failed with error -22
[ 2258.468724][T22790] ftdi_sio 7-1:0.0: FTDI USB Serial Device converter detected
[ 2258.482041][T25610] netlink: 12 bytes leftover after parsing attributes in process `syz.9.6364'.
[ 2258.498165][T22790] usb 7-1: Detected FT232R
[ 2258.799509][T25613] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6366'.
[ 2258.933703][T22790] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[ 2258.948472][T18281] usb 3-1: USB disconnect, device number 9
[ 2259.141535][T22790] ftdi_sio 7-1:0.0: GPIO initialisation failed: -71
[ 2259.149906][T22790] usb 7-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 2259.160155][T22790] usb 7-1: USB disconnect, device number 32
[ 2259.167304][T22790] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 2259.177047][T22790] ftdi_sio 7-1:0.0: device disconnected
[ 2259.328592][T25621] loop8: detected capacity change from 0 to 512
[ 2259.374687][T25621] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[ 2259.553288][T25621] EXT4-fs (loop8): 1 orphan inode deleted
[ 2259.571980][T25624] loop9: detected capacity change from 0 to 512
[ 2259.592154][T25621] EXT4-fs (loop8): 1 truncate cleaned up
[ 2259.597645][T25621] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[ 2259.652426][T25624] __quota_error: 8 callbacks suppressed
[ 2259.652447][T25624] Quota error (device loop9): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2259.810081][T25624] Quota error (device loop9): qtree_read_dquot: Can't read quota structure for id 0
[ 2259.819457][T25624] EXT4-fs error (device loop9): ext4_acquire_dquot:6788: comm syz.9.6367: Failed to acquire dquot type 0
[ 2259.842134][T25624] EXT4-fs (loop9): Remounting filesystem read-only
[ 2259.848677][T25624] Quota error (device loop9): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2259.894984][T25624] Quota error (device loop9): qtree_read_dquot: Can't read quota structure for id 0
[ 2259.913265][T25624] EXT4-fs error (device loop9): ext4_acquire_dquot:6788: comm syz.9.6367: Failed to acquire dquot type 0
[ 2259.928933][T25624] EXT4-fs (loop9): Remounting filesystem read-only
[ 2259.942495][T25624] Quota error (device loop9): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2259.952897][T25624] Quota error (device loop9): qtree_read_dquot: Can't read quota structure for id 0
[ 2259.966393][T25624] EXT4-fs error (device loop9): ext4_acquire_dquot:6788: comm syz.9.6367: Failed to acquire dquot type 0
[ 2259.979866][T25624] EXT4-fs (loop9): Remounting filesystem read-only
[ 2259.986480][T25624] EXT4-fs (loop9): 1 orphan inode deleted
[ 2259.995205][T25624] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 2260.012630][T25624] ext4 filesystem being mounted at /12/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2260.195588][T22656] EXT4-fs (loop8): unmounting filesystem.
[ 2261.241206][T25646] 9pnet_fd: Insufficient options for proto=fd
[ 2262.121785][T25649] 9pnet_fd: Insufficient options for proto=fd
[ 2262.436111][T25654] loop6: detected capacity change from 0 to 1024
[ 2262.483702][T25659] loop8: detected capacity change from 0 to 512
[ 2262.654335][T25659] Quota error (device loop8): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2262.664682][T25659] Quota error (device loop8): qtree_read_dquot: Can't read quota structure for id 0
[ 2262.673970][T25659] EXT4-fs error (device loop8): ext4_acquire_dquot:6788: comm syz.8.6377: Failed to acquire dquot type 0
[ 2262.686953][T25659] EXT4-fs (loop8): Remounting filesystem read-only
[ 2262.693599][T25659] Quota error (device loop8): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2262.703924][T25659] Quota error (device loop8): qtree_read_dquot: Can't read quota structure for id 0
[ 2262.713232][T25659] EXT4-fs error (device loop8): ext4_acquire_dquot:6788: comm syz.8.6377: Failed to acquire dquot type 0
[ 2262.726341][T25659] EXT4-fs (loop8): Remounting filesystem read-only
[ 2262.734933][T25659] EXT4-fs error (device loop8): ext4_acquire_dquot:6788: comm syz.8.6377: Failed to acquire dquot type 0
[ 2262.747201][T25659] EXT4-fs (loop8): Remounting filesystem read-only
[ 2262.753685][T25659] EXT4-fs (loop8): 1 orphan inode deleted
[ 2262.759272][T25659] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[ 2262.768346][T25659] ext4 filesystem being mounted at /143/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2262.973962][T22699] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 2263.228117][T22656] EXT4-fs (loop8): unmounting filesystem.
[ 2263.282889][T25672] netlink: 'syz.6.6378': attribute type 4 has an invalid length.
[ 2263.540931][T25684] loop8: detected capacity change from 0 to 256
[ 2263.652706][T25686] loop2: detected capacity change from 0 to 512
[ 2263.751582][T25686] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 2263.761255][T25686] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities
[ 2263.782873][T25684] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 2264.578524][T25330] EXT4-fs (loop9): unmounting filesystem.
[ 2264.701004][  T326] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[ 2264.913450][T25700] loop8: detected capacity change from 0 to 512
[ 2265.134732][  T326] usb 8-1: Using ep0 maxpacket: 16
[ 2265.140077][T25700] __quota_error: 2 callbacks suppressed
[ 2265.140094][T25700] Quota error (device loop8): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2265.156367][T25700] Quota error (device loop8): qtree_read_dquot: Can't read quota structure for id 0
[ 2265.166104][T25700] EXT4-fs error (device loop8): ext4_acquire_dquot:6788: comm syz.8.6391: Failed to acquire dquot type 0
[ 2265.179066][T25700] EXT4-fs (loop8): Remounting filesystem read-only
[ 2265.185667][T25700] Quota error (device loop8): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2265.195964][T25700] Quota error (device loop8): qtree_read_dquot: Can't read quota structure for id 0
[ 2265.205222][T25700] EXT4-fs error (device loop8): ext4_acquire_dquot:6788: comm syz.8.6391: Failed to acquire dquot type 0
[ 2265.218618][T25700] EXT4-fs (loop8): Remounting filesystem read-only
[ 2265.226235][T25700] Quota error (device loop8): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2265.236490][T25700] Quota error (device loop8): qtree_read_dquot: Can't read quota structure for id 0
[ 2265.245651][T25700] EXT4-fs error (device loop8): ext4_acquire_dquot:6788: comm syz.8.6391: Failed to acquire dquot type 0
[ 2265.259959][T25700] EXT4-fs (loop8): Remounting filesystem read-only
[ 2265.266587][T25700] EXT4-fs (loop8): 1 orphan inode deleted
[ 2265.272232][T25700] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[ 2265.281178][T25700] ext4 filesystem being mounted at /147/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2265.315624][  T326] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 8
[ 2265.368880][  T326] usb 8-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[ 2265.378830][  T326] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2265.387733][  T326] usb 8-1: Product: syz
[ 2265.393876][  T326] usb 8-1: Manufacturer: syz
[ 2265.399372][  T326] usb 8-1: SerialNumber: syz
[ 2265.570364][  T326] usb 8-1: config 0 descriptor??
[ 2265.667401][  T326] ftdi_sio 8-1:0.0: FTDI USB Serial Device converter detected
[ 2265.675099][  T326] usb 8-1: Detected FT232R
[ 2265.740421][T25711] loop9: detected capacity change from 0 to 1024
[ 2265.755714][T18174] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[ 2265.773119][T22713] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 2265.792005][  T326] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[ 2265.828937][T25713] loop6: detected capacity change from 0 to 512
[ 2265.852980][T25713] Quota error (device loop6): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2265.863286][T25713] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0
[ 2265.872522][T25713] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6395: Failed to acquire dquot type 0
[ 2265.884193][T25713] EXT4-fs (loop6): Remounting filesystem read-only
[ 2265.890601][T25713] Quota error (device loop6): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2265.900918][T25713] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0
[ 2265.910106][T25713] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6395: Failed to acquire dquot type 0
[ 2265.922313][T25713] EXT4-fs (loop6): Remounting filesystem read-only
[ 2265.929065][T25713] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6395: Failed to acquire dquot type 0
[ 2265.940466][T25713] EXT4-fs (loop6): Remounting filesystem read-only
[ 2265.946866][T25713] EXT4-fs (loop6): 1 orphan inode deleted
[ 2265.952386][T25713] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 2265.961106][T25713] ext4 filesystem being mounted at /281/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2265.999595][  T326] ftdi_sio 8-1:0.0: GPIO initialisation failed: -71
[ 2266.009441][  T326] usb 8-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 2266.026702][  T326] usb 8-1: USB disconnect, device number 17
[ 2266.040437][  T326] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 2266.053080][  T326] ftdi_sio 8-1:0.0: device disconnected
[ 2266.065190][T22656] EXT4-fs (loop8): unmounting filesystem.
[ 2266.154040][T25711] netlink: 'syz.9.6396': attribute type 4 has an invalid length.
[ 2266.162755][T25720] loop8: detected capacity change from 0 to 512
[ 2266.169543][T25720] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[ 2266.181415][T25720] EXT4-fs (loop8): 1 orphan inode deleted
[ 2266.187028][T25720] EXT4-fs (loop8): 1 truncate cleaned up
[ 2266.188386][T18174] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2266.192828][T25720] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[ 2266.238026][T18174] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2266.247870][T18174] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 2266.256984][T18174] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2266.277453][T18174] usb 3-1: config 0 descriptor??
[ 2266.329103][T22656] EXT4-fs (loop8): unmounting filesystem.
[ 2266.411873][T25726] loop8: detected capacity change from 0 to 512
[ 2266.418521][T25726] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[ 2266.428195][T25726] EXT4-fs (loop8): couldn't mount as ext3 due to feature incompatibilities
[ 2266.537148][T25732] loop7: detected capacity change from 0 to 512
[ 2266.551007][T22790] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[ 2266.553304][T25732] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[ 2266.567601][T25732] ext4 filesystem being mounted at /208/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2266.595346][T20269] EXT4-fs (loop6): unmounting filesystem.
[ 2266.626784][T25736] loop8: detected capacity change from 0 to 512
[ 2266.686042][T25705] syz.2.6393[25705] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2266.686148][T25705] syz.2.6393[25705] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2266.707246][T21719] EXT4-fs error (device loop7): ext4_ext_check_inode:520: inode #11: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic 0, entries 0, max 0(0), depth 0(0)
[ 2266.736482][T18174] keytouch 0003:0926:3333.00FE: fixing up Keytouch IEC report descriptor
[ 2266.746760][T25736] EXT4-fs error (device loop8): ext4_acquire_dquot:6788: comm syz.8.6401: Failed to acquire dquot type 0
[ 2266.758050][T22790] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2266.778838][T18174] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.00FE/input/input165
[ 2266.790405][T22790] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2266.800621][T25736] EXT4-fs (loop8): Remounting filesystem read-only
[ 2266.807078][T25736] EXT4-fs error (device loop8): ext4_acquire_dquot:6788: comm syz.8.6401: Failed to acquire dquot type 0
[ 2266.818309][T22790] usb 10-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 2266.841125][T21719] EXT4-fs error (device loop7): ext4_ext_check_inode:520: inode #11: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic 0, entries 0, max 0(0), depth 0(0)
[ 2266.858130][T22790] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2266.866304][T25736] EXT4-fs (loop8): Remounting filesystem read-only
[ 2266.886385][T25736] EXT4-fs error (device loop8): ext4_acquire_dquot:6788: comm syz.8.6401: Failed to acquire dquot type 0
[ 2266.900369][T18174] keytouch 0003:0926:3333.00FE: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0
[ 2266.916958][T22790] usb 10-1: config 0 descriptor??
[ 2266.946874][T25736] EXT4-fs (loop8): Remounting filesystem read-only
[ 2266.968338][T25736] EXT4-fs (loop8): 1 orphan inode deleted
[ 2266.975097][T25736] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[ 2266.995425][T25736] ext4 filesystem being mounted at /151/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2267.006151][T18174] usb 3-1: USB disconnect, device number 10
[ 2267.015611][T21719] EXT4-fs (loop7): unmounting filesystem.
[ 2267.338688][T22790] hid (null): bogus close delimiter
[ 2267.404052][T25744] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2267.410971][T25744] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2267.418242][T25744] device bridge_slave_0 entered promiscuous mode
[ 2267.428493][T25744] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2267.435528][T25744] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2267.443058][T25744] device bridge_slave_1 entered promiscuous mode
[ 2267.500359][ T1312] device bridge_slave_1 left promiscuous mode
[ 2267.506734][ T1312] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2267.515005][ T1312] device bridge_slave_0 left promiscuous mode
[ 2267.521052][ T1312] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2267.535876][ T1312] device veth0_vlan left promiscuous mode
[ 2267.544525][T22790] usb 10-1: language id specifier not provided by device, defaulting to English
[ 2267.559837][T25750] loop6: detected capacity change from 0 to 512
[ 2267.603032][T25750] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 2267.612115][T25750] ext4 filesystem being mounted at /283/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2267.801180][T25756] loop2: detected capacity change from 0 to 512
[ 2267.887244][T20269] EXT4-fs (loop6): unmounting filesystem.
[ 2267.977652][T25756] EXT4-fs error (device loop2): ext4_acquire_dquot:6788: comm syz.2.6408: Failed to acquire dquot type 0
[ 2267.989592][T25756] EXT4-fs (loop2): Remounting filesystem read-only
[ 2267.996231][T25756] EXT4-fs error (device loop2): ext4_acquire_dquot:6788: comm syz.2.6408: Failed to acquire dquot type 0
[ 2268.010205][T25756] EXT4-fs (loop2): Remounting filesystem read-only
[ 2268.018512][T25756] EXT4-fs error (device loop2): ext4_acquire_dquot:6788: comm syz.2.6408: Failed to acquire dquot type 0
[ 2268.031371][T25756] EXT4-fs (loop2): Remounting filesystem read-only
[ 2268.037996][T25756] EXT4-fs (loop2): 1 orphan inode deleted
[ 2268.043631][T25756] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 2268.052648][T25756] ext4 filesystem being mounted at /83/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2268.233285][T22790] uclogic 0003:256C:006D.00FF: failed retrieving string descriptor #100: -71
[ 2268.263345][T22790] uclogic 0003:256C:006D.00FF: failed retrieving pen parameters: -71
[ 2268.354330][T22790] uclogic 0003:256C:006D.00FF: failed probing pen v1 parameters: -71
[ 2268.507134][T22790] uclogic 0003:256C:006D.00FF: failed probing parameters: -71
[ 2268.530920][T22790] uclogic: probe of 0003:256C:006D.00FF failed with error -71
[ 2268.569296][T22790] usb 10-1: USB disconnect, device number 3
[ 2268.609447][T18279] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2268.619257][T18279] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2268.656024][T18279] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2268.671327][T18279] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2268.689577][T18279] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2268.696506][T18279] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2268.721041][T18279] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2268.731412][T18279] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2268.749688][T18279] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2268.756576][T18279] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2268.789309][T18279] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2268.819743][T18279] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2268.837977][T18279] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2268.848233][T18279] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2268.868610][T18279] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2268.899058][T24097] EXT4-fs (loop2): unmounting filesystem.
[ 2268.925487][T18279] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2268.962027][T25762] loop9: detected capacity change from 0 to 512
[ 2268.970392][T18279] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2268.993437][T25762] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 2269.004095][T18279] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2269.012365][T18279] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2269.021273][T25762] EXT4-fs (loop9): 1 orphan inode deleted
[ 2269.026827][T25762] EXT4-fs (loop9): 1 truncate cleaned up
[ 2269.043311][T25744] device veth0_vlan entered promiscuous mode
[ 2269.054917][T25762] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 2269.065684][T18279] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2269.075894][T25744] device veth1_macvtap entered promiscuous mode
[ 2269.528636][T25330] EXT4-fs (loop9): unmounting filesystem.
[ 2269.555551][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2269.568205][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2269.599028][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2269.641330][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2269.712614][T25774] loop9: detected capacity change from 0 to 512
[ 2269.720282][T25774] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 2269.730051][T25774] EXT4-fs (loop9): couldn't mount as ext3 due to feature incompatibilities
[ 2269.780329][T22656] EXT4-fs (loop8): unmounting filesystem.
[ 2269.861780][T22699] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 2269.941948][T25781] syz.9.6414[25781] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2269.942029][T25781] syz.9.6414[25781] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2269.959124][T25781] syz.9.6414[25781] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2269.971455][T25781] syz.9.6414[25781] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2270.044568][T25786] loop6: detected capacity change from 0 to 256
[ 2270.071223][T25786] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 2270.167928][   T28] kauditd_printk_skb: 17 callbacks suppressed
[ 2270.168962][   T28] audit: type=1400 audit(1734590991.235:1401): avc:  denied  { mounton } for  pid=25779 comm="syz.9.6414" path="/19/file0" dev="tmpfs" ino=123 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 2270.350961][   T28] audit: type=1400 audit(1734590991.415:1402): avc:  denied  { unlink } for  pid=25330 comm="syz-executor" name="file0" dev="tmpfs" ino=123 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 2271.316894][T25793] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 2271.323949][T25793] IPv6: NLM_F_CREATE should be set when creating new route
[ 2271.343902][T25793] loop3: detected capacity change from 0 to 512
[ 2271.392344][T25793] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2759: inode #11: comm syz.3.6418: corrupted xattr block 95
[ 2271.431123][T25793] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm syz.3.6418: bg 0: block 7: invalid block bitmap
[ 2271.452903][T25793] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 2271.480930][T25793] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2925: inode #11: comm syz.3.6418: corrupted xattr block 95
[ 2271.499065][T25793] EXT4-fs warning (device loop3): ext4_evict_inode:299: xattr delete (err -117)
[ 2271.500945][T24145] usb 7-1: new high-speed USB device number 33 using dummy_hcd
[ 2271.520296][T25793] EXT4-fs (loop3): 1 orphan inode deleted
[ 2271.526464][T25793] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 2272.503902][T25809] loop2: detected capacity change from 0 to 256
[ 2273.497085][T25810] loop9: detected capacity change from 0 to 512
[ 2273.533484][T24145] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2273.545009][T25809] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 2273.780736][T25810] Quota error (device loop9): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2273.793729][T25810] Quota error (device loop9): qtree_read_dquot: Can't read quota structure for id 0
[ 2273.804501][T25810] EXT4-fs error (device loop9): ext4_acquire_dquot:6788: comm syz.9.6422: Failed to acquire dquot type 0
[ 2273.828166][T25810] EXT4-fs (loop9): Remounting filesystem read-only
[ 2273.835126][T25810] Quota error (device loop9): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2273.847184][T25810] Quota error (device loop9): qtree_read_dquot: Can't read quota structure for id 0
[ 2273.858264][T25810] EXT4-fs error (device loop9): ext4_acquire_dquot:6788: comm syz.9.6422: Failed to acquire dquot type 0
[ 2273.880338][T25810] EXT4-fs (loop9): Remounting filesystem read-only
[ 2273.890312][T25810] Quota error (device loop9): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2273.902071][T25810] Quota error (device loop9): qtree_read_dquot: Can't read quota structure for id 0
[ 2273.912379][T25810] EXT4-fs error (device loop9): ext4_acquire_dquot:6788: comm syz.9.6422: Failed to acquire dquot type 0
[ 2273.927994][T25810] EXT4-fs (loop9): Remounting filesystem read-only
[ 2273.934927][T25810] EXT4-fs (loop9): 1 orphan inode deleted
[ 2273.940694][T25810] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 2273.952715][T25810] ext4 filesystem being mounted at /21/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2274.375702][T24145] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2275.399573][T25330] EXT4-fs (loop9): unmounting filesystem.
[ 2275.400137][T24145] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2275.412321][T25819] loop6: detected capacity change from 0 to 512
[ 2275.424419][T25819] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 2275.441822][T25819] EXT4-fs (loop6): 1 orphan inode deleted
[ 2275.457524][T25819] EXT4-fs (loop6): 1 truncate cleaned up
[ 2275.463260][T25819] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 2275.470040][T24145] usb 7-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[ 2275.489838][T20269] EXT4-fs (loop6): unmounting filesystem.
[ 2275.525903][T24145] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2275.585967][T24145] usb 7-1: config 0 descriptor??
[ 2275.605013][T24145] usb 7-1: can't set config #0, error -71
[ 2275.619282][T24145] usb 7-1: USB disconnect, device number 33
[ 2276.616398][T25842] loop6: detected capacity change from 0 to 256
[ 2276.711374][T25842] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 2277.170992][T24145] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[ 2277.381965][T24145] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2277.400884][T24145] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2277.440917][T24145] usb 10-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 2277.449975][T24145] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2277.523010][T24145] usb 10-1: config 0 descriptor??
[ 2277.800893][T25744] EXT4-fs (loop3): unmounting filesystem.
[ 2277.932247][T25844] syz.9.6431[25844] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2277.932591][T25844] syz.9.6431[25844] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2278.724163][T25861] loop3: detected capacity change from 0 to 256
[ 2279.368076][T25862] loop2: detected capacity change from 0 to 512
[ 2279.412599][T25861] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 2279.513502][T24145] keytouch 0003:0926:3333.0100: fixing up Keytouch IEC report descriptor
[ 2279.848594][T25862] Quota error (device loop2): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2279.859032][T25862] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[ 2279.868301][T25862] EXT4-fs error (device loop2): ext4_acquire_dquot:6788: comm syz.2.6436: Failed to acquire dquot type 0
[ 2279.880872][T25862] EXT4-fs (loop2): Remounting filesystem read-only
[ 2279.887473][T25862] Quota error (device loop2): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2279.897749][T25862] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[ 2279.907007][T25862] EXT4-fs error (device loop2): ext4_acquire_dquot:6788: comm syz.2.6436: Failed to acquire dquot type 0
[ 2279.919745][T25862] EXT4-fs (loop2): Remounting filesystem read-only
[ 2279.927180][T25851] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[ 2279.935820][T25862] Quota error (device loop2): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2279.946281][T25862] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[ 2279.955567][T25862] EXT4-fs error (device loop2): ext4_acquire_dquot:6788: comm syz.2.6436: Failed to acquire dquot type 0
[ 2279.968938][T25862] EXT4-fs (loop2): Remounting filesystem read-only
[ 2279.975558][T25862] EXT4-fs (loop2): 1 orphan inode deleted
[ 2279.981187][T25862] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 2279.990172][T25862] ext4 filesystem being mounted at /87/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2280.099666][T24145] input: HID 0926:3333 as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:0926:3333.0100/input/input166
[ 2280.488600][T24097] EXT4-fs (loop2): unmounting filesystem.
[ 2280.553347][T24145] keytouch 0003:0926:3333.0100: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.9-1/input0
[ 2280.584003][T24145] usb 10-1: USB disconnect, device number 4
[ 2280.712513][T25887] loop8: detected capacity change from 0 to 512
[ 2280.776690][T25887] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[ 2280.828631][T25887] ext4 filesystem being mounted at /157/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2280.855832][T25885] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 2280.862883][T25885] IPv6: NLM_F_CREATE should be set when creating new route
[ 2280.872807][T25885] loop2: detected capacity change from 0 to 512
[ 2280.903293][T25885] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2759: inode #11: comm syz.2.6442: corrupted xattr block 95
[ 2280.916167][T25885] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz.2.6442: bg 0: block 7: invalid block bitmap
[ 2280.928406][T25885] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 2280.937246][T25885] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2925: inode #11: comm syz.2.6442: corrupted xattr block 95
[ 2280.937724][T22656] EXT4-fs error (device loop8): ext4_readdir:260: inode #2: block 3: comm syz-executor: path /157/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0
[ 2280.969933][T25885] EXT4-fs warning (device loop2): ext4_evict_inode:299: xattr delete (err -117)
[ 2280.979128][T25885] EXT4-fs (loop2): 1 orphan inode deleted
[ 2280.984791][T25885] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 2281.262015][T24097] EXT4-fs (loop2): unmounting filesystem.
[ 2281.287160][T25899] netlink: 'syz.2.6447': attribute type 1 has an invalid length.
[ 2281.304864][T22656] EXT4-fs (loop8): unmounting filesystem.
[ 2281.305202][T25899] netlink: 1 bytes leftover after parsing attributes in process `syz.2.6447'.
[ 2281.315424][T25901] loop6: detected capacity change from 0 to 512
[ 2281.334998][T25901] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 2281.370517][T25901] EXT4-fs (loop6): 1 orphan inode deleted
[ 2281.387968][T25909] 9pnet_fd: Insufficient options for proto=fd
[ 2281.391577][T25901] EXT4-fs (loop6): 1 truncate cleaned up
[ 2281.402415][T25901] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 2281.422368][T25907] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6449'.
[ 2281.502537][T25913] loop2: detected capacity change from 0 to 512
[ 2281.545580][T25913] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 2281.562616][T25913] ext4 filesystem being mounted at /94/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2281.703127][T24097] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 3: comm syz-executor: path /94/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0
[ 2281.729672][T25922] EXT4-fs error (device loop6): ext4_inlinedir_to_tree:1432: inode #12: block 7: comm syz.6.6448: path /295/bus/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0
[ 2281.764335][T25922] EXT4-fs (loop6): Remounting filesystem read-only
[ 2281.799464][T24097] EXT4-fs (loop2): unmounting filesystem.
[ 2281.840989][T21858] usb 4-1: new high-speed USB device number 92 using dummy_hcd
[ 2281.869703][T25921] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2281.876615][T25921] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2281.883901][T25921] device bridge_slave_0 entered promiscuous mode
[ 2281.892311][T25921] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2281.899198][T25921] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2281.906781][T25921] device bridge_slave_1 entered promiscuous mode
[ 2281.985543][T25921] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2281.992460][T25921] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2281.999535][T25921] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2282.006351][T25921] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2282.034216][  T545] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2282.041733][T21858] usb 4-1: Using ep0 maxpacket: 16
[ 2282.047827][T21858] usb 4-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2282.059012][  T545] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2282.066012][T21858] usb 4-1: config 0 interface 0 has no altsetting 0
[ 2282.072566][T21858] usb 4-1: New USB device found, idVendor=044f, idProduct=b654, bcdDevice= 0.00
[ 2282.072658][  T545] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2282.081478][T21858] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2282.096168][T24145] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[ 2282.113051][T21858] usb 4-1: config 0 descriptor??
[ 2282.113135][  T545] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2282.126290][  T545] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2282.133197][  T545] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2282.140459][  T545] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2282.148933][  T545] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2282.155846][  T545] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2282.173342][  T545] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2282.181286][  T545] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2282.189712][T14474] device bridge_slave_1 left promiscuous mode
[ 2282.196086][T14474] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2282.203950][T14474] device bridge_slave_0 left promiscuous mode
[ 2282.210097][T14474] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2282.212890][T20269] EXT4-fs (loop6): unmounting filesystem.
[ 2282.223352][T14474] device veth0_vlan left promiscuous mode
[ 2282.301919][T24145] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2282.313377][T24145] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2282.323099][T24145] usb 10-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 2282.341918][T12011] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2282.349981][T24145] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2282.358837][T24145] usb 10-1: config 0 descriptor??
[ 2282.362521][T12011] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2282.373368][T12011] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2282.380724][T12011] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2282.390663][T25921] device veth0_vlan entered promiscuous mode
[ 2282.422414][T12011] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2282.430418][T12011] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2282.442308][T25929] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2282.449216][T25929] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2282.456616][T25929] device bridge_slave_0 entered promiscuous mode
[ 2282.463901][T25929] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2282.470747][T25929] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2282.478197][T25929] device bridge_slave_1 entered promiscuous mode
[ 2282.496879][T25921] device veth1_macvtap entered promiscuous mode
[ 2282.524064][T12011] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2282.531831][T12011] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2282.539890][T12011] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2282.541003][T18281] usb 7-1: new high-speed USB device number 34 using dummy_hcd
[ 2282.556676][T12011] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2282.565061][T12011] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2282.604556][T25939] loop4: detected capacity change from 0 to 128
[ 2282.635724][T12011] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2282.645457][T12011] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2282.654200][T12011] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2282.655320][T22713] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 2282.661086][T12011] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2282.662418][T12011] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2282.694984][T12011] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2282.703139][T12011] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2282.709973][T12011] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2282.724948][T12011] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2282.737352][T12011] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2282.745743][T18281] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2282.757197][T18281] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2282.767769][T18281] usb 7-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[ 2282.778003][T25924] syz.9.6457[25924] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2282.778097][T25924] syz.9.6457[25924] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2282.779976][T25941] netlink: 472 bytes leftover after parsing attributes in process `syz.4.6453'.
[ 2282.789449][T21858] usbhid 4-1:0.0: can't add hid device: -71
[ 2282.815202][T18281] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2282.844035][T12011] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2282.851828][T18281] usb 7-1: config 0 descriptor??
[ 2282.856866][T21858] usbhid: probe of 4-1:0.0 failed with error -71
[ 2282.869607][T25929] device veth0_vlan entered promiscuous mode
[ 2282.873358][T21858] usb 4-1: USB disconnect, device number 92
[ 2282.876722][T12011] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2282.897403][T12011] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2282.906915][T12011] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2282.926405][T12011] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2282.936563][T25929] device veth1_macvtap entered promiscuous mode
[ 2282.960009][T12011] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2282.988800][T12011] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2283.025834][T24145] usbhid 10-1:0.0: can't add hid device: -71
[ 2283.032511][T24145] usbhid: probe of 10-1:0.0 failed with error -71
[ 2283.040620][T24145] usb 10-1: USB disconnect, device number 5
[ 2283.208732][T25946] 9pnet_fd: Insufficient options for proto=fd
[ 2283.235279][T25948] loop5: detected capacity change from 0 to 1024
[ 2283.256626][T25948] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 2283.266654][T18281] uclogic 0003:5543:0781.0101: item fetching failed at offset 5/7
[ 2283.283853][T18281] uclogic 0003:5543:0781.0101: parse failed
[ 2283.289698][T18281] uclogic: probe of 0003:5543:0781.0101 failed with error -22
[ 2283.313090][T25929] EXT4-fs (loop5): unmounting filesystem.
[ 2283.320207][   T28] audit: type=1400 audit(1734591004.375:1403): avc:  denied  { rmdir } for  pid=25929 comm="syz-executor" name="lost+found" dev="loop5" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 2283.357819][   T28] audit: type=1400 audit(1734591004.375:1404): avc:  denied  { unlink } for  pid=25929 comm="syz-executor" name="file0" dev="loop5" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 2283.380366][   T28] audit: type=1400 audit(1734591004.375:1405): avc:  denied  { unlink } for  pid=25929 comm="syz-executor" name="file1" dev="loop5" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[ 2283.405761][   T28] audit: type=1400 audit(1734591004.385:1406): avc:  denied  { unmount } for  pid=25929 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[ 2283.432255][T14474] device bridge_slave_1 left promiscuous mode
[ 2283.441718][T14474] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2283.459347][T14474] device bridge_slave_0 left promiscuous mode
[ 2283.478278][T24145] usb 7-1: USB disconnect, device number 34
[ 2283.495694][T14474] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2283.513035][T25955] loop3: detected capacity change from 0 to 8192
[ 2283.521706][T14474] device veth1_macvtap left promiscuous mode
[ 2283.544656][T25955] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2283.563068][T14474] device veth0_vlan left promiscuous mode
[ 2283.665609][T25966] loop9: detected capacity change from 0 to 512
[ 2283.716480][T25966] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 2283.735626][T25966] ext4 filesystem being mounted at /29/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2284.141407][T25978] loop6: detected capacity change from 0 to 512
[ 2284.185875][T25978] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 2284.256043][T25978] EXT4-fs (loop6): 1 orphan inode deleted
[ 2284.292089][T25978] EXT4-fs (loop6): 1 truncate cleaned up
[ 2284.326404][T25978] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 2284.649691][T25330] EXT4-fs (loop9): unmounting filesystem.
[ 2284.712528][T25985] 9pnet_fd: Insufficient options for proto=fd
[ 2284.985316][T25994] EXT4-fs error (device loop6): ext4_find_dest_de:2115: inode #12: block 7: comm syz.6.6472: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=784, size=56 fake=0
[ 2285.084826][T25994] EXT4-fs (loop6): Remounting filesystem read-only
[ 2285.420892][  T312] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[ 2285.422370][T20269] EXT4-fs (loop6): unmounting filesystem.
[ 2285.454415][T26004] loop6: detected capacity change from 0 to 128
[ 2285.526120][T26005] netlink: 472 bytes leftover after parsing attributes in process `syz.6.6480'.
[ 2285.620905][  T312] usb 10-1: Using ep0 maxpacket: 16
[ 2285.627183][  T312] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 8
[ 2285.639936][  T312] usb 10-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[ 2285.649467][  T312] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2285.657979][  T312] usb 10-1: Product: syz
[ 2285.662567][  T312] usb 10-1: Manufacturer: syz
[ 2285.667506][  T312] usb 10-1: SerialNumber: syz
[ 2285.680616][  T312] usb 10-1: config 0 descriptor??
[ 2285.696047][  T312] ftdi_sio 10-1:0.0: FTDI USB Serial Device converter detected
[ 2285.708601][  T312] usb 10-1: Detected FT232R
[ 2285.873318][T26008] loop6: detected capacity change from 0 to 512
[ 2285.889135][  T312] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[ 2285.919641][T26008] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 2285.931239][T26008] ext4 filesystem being mounted at /301/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2285.948542][T26013] loop3: detected capacity change from 0 to 8192
[ 2285.967662][T26013] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2286.036728][T20269] EXT4-fs (loop6): unmounting filesystem.
[ 2286.141662][T26021] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6482'.
[ 2286.211142][  T312] usb 10-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 2286.423333][T18281] usb 10-1: USB disconnect, device number 6
[ 2286.434279][T18281] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 2286.444171][T18281] ftdi_sio 10-1:0.0: device disconnected
[ 2286.531087][  T312] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[ 2286.722113][  T312] usb 7-1: config 0 has an invalid interface number: 64 but max is 0
[ 2286.735088][  T312] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2286.783594][  T312] usb 7-1: config 0 has no interface number 0
[ 2286.809968][  T312] usb 7-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[ 2286.850512][  T312] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2286.883245][  T312] usb 7-1: Product: syz
[ 2286.895730][  T312] usb 7-1: Manufacturer: syz
[ 2286.900575][  T312] usb 7-1: SerialNumber: syz
[ 2286.909063][T26030] loop4: detected capacity change from 0 to 512
[ 2286.910272][  T312] usb 7-1: config 0 descriptor??
[ 2286.934457][T26030] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2286.944833][T26030] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 2286.954080][T26030] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6486: Failed to acquire dquot type 0
[ 2286.965641][T26030] EXT4-fs (loop4): Remounting filesystem read-only
[ 2286.972062][T26030] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2286.982190][T26030] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 2286.991371][T26030] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6486: Failed to acquire dquot type 0
[ 2287.006306][T26030] EXT4-fs (loop4): Remounting filesystem read-only
[ 2287.013192][T26030] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2287.023522][T26030] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 2287.032676][T26030] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6486: Failed to acquire dquot type 0
[ 2287.051107][T26030] EXT4-fs (loop4): Remounting filesystem read-only
[ 2287.057501][T26030] EXT4-fs (loop4): 1 orphan inode deleted
[ 2287.063084][T26030] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 2287.071830][T26030] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2287.134612][  T312] usb 7-1: Found UVC 0.08 device syz (046d:0823)
[ 2287.148268][  T312] usb 7-1: No valid video chain found.
[ 2287.176415][  T312] usb 7-1: USB disconnect, device number 35
[ 2287.283565][T26038] loop3: detected capacity change from 0 to 512
[ 2287.312380][T26038] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2287.322992][T26038] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[ 2287.332217][T26038] EXT4-fs error (device loop3): ext4_acquire_dquot:6788: comm syz.3.6488: Failed to acquire dquot type 0
[ 2287.343693][T26038] EXT4-fs (loop3): Remounting filesystem read-only
[ 2287.350076][T26038] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2287.360257][T26038] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[ 2287.368561][T26042] loop5: detected capacity change from 0 to 512
[ 2287.369478][T26038] EXT4-fs error (device loop3): ext4_acquire_dquot:6788: comm syz.3.6488: Failed to acquire dquot type 0
[ 2287.386945][T26038] EXT4-fs (loop3): Remounting filesystem read-only
[ 2287.393719][T26038] EXT4-fs error (device loop3): ext4_acquire_dquot:6788: comm syz.3.6488: Failed to acquire dquot type 0
[ 2287.398112][T26042] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 2287.406292][T26038] EXT4-fs (loop3): Remounting filesystem read-only
[ 2287.420777][T26038] EXT4-fs (loop3): 1 orphan inode deleted
[ 2287.426310][T26038] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 2287.435064][T26038] ext4 filesystem being mounted at /10/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2287.450999][T26042] EXT4-fs (loop5): 1 orphan inode deleted
[ 2287.456664][T26042] EXT4-fs (loop5): 1 truncate cleaned up
[ 2287.462430][T26042] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 2287.677665][T25921] EXT4-fs (loop4): unmounting filesystem.
[ 2287.736758][T26046] loop6: detected capacity change from 0 to 512
[ 2288.054443][T26051] EXT4-fs error (device loop5): ext4_inlinedir_to_tree:1432: inode #12: block 7: comm syz.5.6489: path /8/bus/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0
[ 2288.114228][T25744] EXT4-fs (loop3): unmounting filesystem.
[ 2288.120005][T26046] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 2288.179000][T26046] ext4 filesystem being mounted at /303/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2288.266526][T26051] EXT4-fs (loop5): Remounting filesystem read-only
[ 2288.439921][T26063] loop3: detected capacity change from 0 to 512
[ 2288.461415][T20269] EXT4-fs (loop6): unmounting filesystem.
[ 2288.663670][T26063] EXT4-fs error (device loop3): ext4_acquire_dquot:6788: comm syz.3.6492: Failed to acquire dquot type 0
[ 2288.675757][T26063] EXT4-fs (loop3): Remounting filesystem read-only
[ 2288.682519][T26063] EXT4-fs error (device loop3): ext4_acquire_dquot:6788: comm syz.3.6492: Failed to acquire dquot type 0
[ 2288.694934][T26063] EXT4-fs (loop3): Remounting filesystem read-only
[ 2288.703282][T26063] EXT4-fs error (device loop3): ext4_acquire_dquot:6788: comm syz.3.6492: Failed to acquire dquot type 0
[ 2288.715527][T26063] EXT4-fs (loop3): Remounting filesystem read-only
[ 2288.722127][T26063] EXT4-fs (loop3): 1 orphan inode deleted
[ 2288.727732][T26063] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 2288.736751][T26063] ext4 filesystem being mounted at /11/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2289.184415][T26069] loop6: detected capacity change from 0 to 512
[ 2289.385746][T26069] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 2289.404754][T26069] ext4 filesystem being mounted at /304/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2289.533334][T20269] EXT4-fs (loop6): unmounting filesystem.
[ 2289.577921][T25744] EXT4-fs (loop3): unmounting filesystem.
[ 2289.646053][T25929] EXT4-fs (loop5): unmounting filesystem.
[ 2289.819867][T26082] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6497'.
[ 2290.126862][T26084] loop6: detected capacity change from 0 to 8192
[ 2290.150728][T26084] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2290.201950][T26090] loop5: detected capacity change from 0 to 512
[ 2290.245006][T26090] EXT4-fs error (device loop5): ext4_acquire_dquot:6788: comm syz.5.6500: Failed to acquire dquot type 0
[ 2290.266437][T26090] EXT4-fs (loop5): Remounting filesystem read-only
[ 2290.273163][T26090] EXT4-fs error (device loop5): ext4_acquire_dquot:6788: comm syz.5.6500: Failed to acquire dquot type 0
[ 2290.284715][T26090] EXT4-fs (loop5): Remounting filesystem read-only
[ 2290.291650][T26090] EXT4-fs error (device loop5): ext4_acquire_dquot:6788: comm syz.5.6500: Failed to acquire dquot type 0
[ 2290.310935][T26090] EXT4-fs (loop5): Remounting filesystem read-only
[ 2290.317461][T26090] EXT4-fs (loop5): 1 orphan inode deleted
[ 2290.327526][T26090] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 2290.336476][T26090] ext4 filesystem being mounted at /10/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2290.643252][T26100] loop6: detected capacity change from 0 to 512
[ 2291.661192][T26100] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6501: Failed to acquire dquot type 0
[ 2291.677656][T26100] EXT4-fs (loop6): Remounting filesystem read-only
[ 2291.684200][T26100] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6501: Failed to acquire dquot type 0
[ 2291.695816][T26100] EXT4-fs (loop6): Remounting filesystem read-only
[ 2291.702609][T26100] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6501: Failed to acquire dquot type 0
[ 2291.713926][T26100] EXT4-fs (loop6): Remounting filesystem read-only
[ 2291.720301][T26100] EXT4-fs (loop6): 1 orphan inode deleted
[ 2291.725839][T26100] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 2291.734618][T26100] ext4 filesystem being mounted at /307/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2291.881339][T26114] loop4: detected capacity change from 0 to 512
[ 2291.919885][T26114] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6504: Failed to acquire dquot type 0
[ 2291.931297][T26114] EXT4-fs (loop4): Remounting filesystem read-only
[ 2291.937668][T26114] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6504: Failed to acquire dquot type 0
[ 2292.124770][T26118] loop9: detected capacity change from 0 to 256
[ 2292.133852][T26114] EXT4-fs (loop4): Remounting filesystem read-only
[ 2292.140601][T26114] __quota_error: 24 callbacks suppressed
[ 2292.140620][T26114] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2292.156464][T26114] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 2292.165785][T26114] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6504: Failed to acquire dquot type 0
[ 2292.177437][T26114] EXT4-fs (loop4): Remounting filesystem read-only
[ 2292.183983][T26114] EXT4-fs (loop4): 1 orphan inode deleted
[ 2292.189600][T26114] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 2292.198739][T26114] ext4 filesystem being mounted at /8/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2292.217006][T26118] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 2292.248440][T20269] EXT4-fs (loop6): unmounting filesystem.
[ 2292.412590][T26121] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 2292.419649][T26121] IPv6: NLM_F_CREATE should be set when creating new route
[ 2292.522153][T25921] EXT4-fs (loop4): unmounting filesystem.
[ 2292.696725][T26124] loop4: detected capacity change from 0 to 512
[ 2293.863607][T26128] loop6: detected capacity change from 0 to 512
[ 2294.516416][T26128] Quota error (device loop6): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2294.526689][T26128] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0
[ 2294.535832][T26128] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6508: Failed to acquire dquot type 0
[ 2294.547555][T26128] EXT4-fs (loop6): Remounting filesystem read-only
[ 2294.554392][T26128] Quota error (device loop6): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2294.564608][T26128] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0
[ 2294.573777][T26128] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6508: Failed to acquire dquot type 0
[ 2294.602354][T26128] EXT4-fs (loop6): Remounting filesystem read-only
[ 2294.609175][T26128] Quota error (device loop6): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2294.619514][T26128] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0
[ 2294.628700][T26128] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6508: Failed to acquire dquot type 0
[ 2294.628817][T26124] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 2294.649041][T26128] EXT4-fs (loop6): Remounting filesystem read-only
[ 2294.655508][T26128] EXT4-fs (loop6): 1 orphan inode deleted
[ 2294.661110][T26128] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 2294.669816][T26128] ext4 filesystem being mounted at /309/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2294.680967][T26124] ext4 filesystem being mounted at /9/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2294.825584][T20269] EXT4-fs (loop6): unmounting filesystem.
[ 2295.046915][T26145] netlink: 24 bytes leftover after parsing attributes in process `syz.9.6512'.
[ 2295.084712][T26146] loop6: detected capacity change from 0 to 512
[ 2295.223488][T26146] Quota error (device loop6): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2295.233945][T26146] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0
[ 2295.243317][T26146] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6511: Failed to acquire dquot type 0
[ 2295.256143][T26146] EXT4-fs (loop6): Remounting filesystem read-only
[ 2295.262841][T26146] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6511: Failed to acquire dquot type 0
[ 2295.274775][T26146] EXT4-fs (loop6): Remounting filesystem read-only
[ 2295.281541][T26146] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6511: Failed to acquire dquot type 0
[ 2295.292969][T26146] EXT4-fs (loop6): Remounting filesystem read-only
[ 2295.299372][T26146] EXT4-fs (loop6): 1 orphan inode deleted
[ 2295.304929][T26146] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 2295.313696][T26146] ext4 filesystem being mounted at /310/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2295.445830][T25929] EXT4-fs (loop5): unmounting filesystem.
[ 2296.140907][T19182] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[ 2296.343108][T19182] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2296.409278][T19182] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2296.505407][T19182] usb 10-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 2296.552397][T19182] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2296.596227][T19182] usb 10-1: config 0 descriptor??
[ 2296.929639][T26172] loop3: detected capacity change from 0 to 1024
[ 2296.972916][T22713] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 2297.060106][T19182] hid (null): bogus close delimiter
[ 2297.148626][T26173] netlink: 'syz.3.6519': attribute type 4 has an invalid length.
[ 2297.260410][T19182] usb 10-1: language id specifier not provided by device, defaulting to English
[ 2297.363767][T25921] EXT4-fs (loop4): unmounting filesystem.
[ 2297.461627][T19182] uclogic 0003:256C:006D.0102: failed retrieving Huion firmware version: -71
[ 2297.472381][T19182] uclogic 0003:256C:006D.0102: failed probing parameters: -71
[ 2297.475068][T26180] loop4: detected capacity change from 0 to 512
[ 2297.479731][T19182] uclogic: probe of 0003:256C:006D.0102 failed with error -71
[ 2297.499038][T26180] __quota_error: 4 callbacks suppressed
[ 2297.499055][T26180] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2297.514667][T26180] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 2297.518074][T19182] usb 10-1: USB disconnect, device number 7
[ 2297.523993][T26180] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6522: Failed to acquire dquot type 0
[ 2297.534519][T20269] EXT4-fs (loop6): unmounting filesystem.
[ 2297.541143][T26180] EXT4-fs (loop4): Remounting filesystem read-only
[ 2297.552723][T26180] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2297.562847][T26180] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 2297.572029][T26180] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6522: Failed to acquire dquot type 0
[ 2297.583165][T24145] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[ 2297.590578][T26180] EXT4-fs (loop4): Remounting filesystem read-only
[ 2297.597465][T26180] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2297.607755][T26180] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 2297.613001][T26185] loop6: detected capacity change from 0 to 512
[ 2297.617183][T26180] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6522: Failed to acquire dquot type 0
[ 2297.634601][T26180] EXT4-fs (loop4): Remounting filesystem read-only
[ 2297.641716][T26180] EXT4-fs (loop4): 1 orphan inode deleted
[ 2297.647347][T26180] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 2297.656258][T26180] ext4 filesystem being mounted at /11/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2297.658236][T26185] Quota error (device loop6): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2297.676621][T26185] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0
[ 2297.685804][T26185] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6523: Failed to acquire dquot type 0
[ 2297.697108][T26185] EXT4-fs (loop6): Remounting filesystem read-only
[ 2297.703515][T26185] Quota error (device loop6): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2297.713613][T26185] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0
[ 2297.722825][T26185] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6523: Failed to acquire dquot type 0
[ 2297.734127][T26185] EXT4-fs (loop6): Remounting filesystem read-only
[ 2297.740787][T26185] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6523: Failed to acquire dquot type 0
[ 2297.752324][T26185] EXT4-fs (loop6): Remounting filesystem read-only
[ 2297.758699][T26185] EXT4-fs (loop6): 1 orphan inode deleted
[ 2297.764258][T26185] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 2297.772974][T26185] ext4 filesystem being mounted at /311/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2297.793657][T20269] EXT4-fs (loop6): unmounting filesystem.
[ 2297.822119][T26191] loop3: detected capacity change from 0 to 512
[ 2297.832663][T24145] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2297.845941][T24145] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2297.857035][T26191] EXT4-fs error (device loop3): ext4_acquire_dquot:6788: comm syz.3.6526: Failed to acquire dquot type 0
[ 2297.868336][T26191] EXT4-fs (loop3): Remounting filesystem read-only
[ 2297.874833][T26191] EXT4-fs error (device loop3): ext4_acquire_dquot:6788: comm syz.3.6526: Failed to acquire dquot type 0
[ 2297.886101][T26191] EXT4-fs (loop3): Remounting filesystem read-only
[ 2297.892948][T26191] EXT4-fs error (device loop3): ext4_acquire_dquot:6788: comm syz.3.6526: Failed to acquire dquot type 0
[ 2297.904428][T26191] EXT4-fs (loop3): Remounting filesystem read-only
[ 2297.908259][T26199] loop6: detected capacity change from 0 to 512
[ 2297.910887][T26191] EXT4-fs (loop3): 1 orphan inode deleted
[ 2297.922434][T26191] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 2297.931175][T26191] ext4 filesystem being mounted at /21/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2297.936372][T26199] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 2297.949489][T24145] usb 6-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[ 2297.953726][T26199] EXT4-fs (loop6): 1 orphan inode deleted
[ 2297.966060][T26199] EXT4-fs (loop6): 1 truncate cleaned up
[ 2297.968265][T24145] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2297.972592][T26199] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 2297.985952][T24145] usb 6-1: config 0 descriptor??
[ 2298.001973][T25744] EXT4-fs (loop3): unmounting filesystem.
[ 2298.057450][T26206] loop9: detected capacity change from 0 to 512
[ 2298.149937][T26206] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 2298.158975][T26199] EXT4-fs error (device loop6): ext4_inlinedir_to_tree:1432: inode #12: block 7: comm syz.6.6528: path /314/bus/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0
[ 2298.181998][T26199] EXT4-fs (loop6): Remounting filesystem read-only
[ 2298.185775][T26206] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2298.238867][T20269] EXT4-fs (loop6): unmounting filesystem.
[ 2298.253556][T25921] EXT4-fs (loop4): unmounting filesystem.
[ 2298.291552][T26219] loop6: detected capacity change from 0 to 512
[ 2298.318661][T26219] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6536: Failed to acquire dquot type 0
[ 2298.330070][T26219] EXT4-fs (loop6): Remounting filesystem read-only
[ 2298.336940][T26219] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6536: Failed to acquire dquot type 0
[ 2298.348429][T26219] EXT4-fs (loop6): Remounting filesystem read-only
[ 2298.355687][T26219] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6536: Failed to acquire dquot type 0
[ 2298.367263][T26219] EXT4-fs (loop6): Remounting filesystem read-only
[ 2298.373691][T26219] EXT4-fs (loop6): 1 orphan inode deleted
[ 2298.379185][T26219] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 2298.387960][T26219] ext4 filesystem being mounted at /315/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2298.420732][T24145] hid-steam 0003:28DE:1142.0103: unknown main item tag 0x7
[ 2298.434726][T24145] hid-steam 0003:28DE:1142.0103: item fetching failed at offset 1/5
[ 2298.451844][  T326] usb 4-1: new high-speed USB device number 93 using dummy_hcd
[ 2298.462304][T26229] loop4: detected capacity change from 0 to 256
[ 2298.475956][T26229] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 2298.516636][T20269] EXT4-fs (loop6): unmounting filesystem.
[ 2298.533077][T24145] hid-steam 0003:28DE:1142.0103: steam_probe:parse of hid interface failed
[ 2298.593214][T24145] hid-steam: probe of 0003:28DE:1142.0103 failed with error -22
[ 2298.779460][T24145] usb 6-1: USB disconnect, device number 19
[ 2298.842916][  T326] usb 4-1: Using ep0 maxpacket: 16
[ 2298.873136][  T326] usb 4-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2298.880132][T26234] loop6: detected capacity change from 0 to 512
[ 2298.931723][  T326] usb 4-1: config 0 interface 0 has no altsetting 0
[ 2299.063220][  T326] usb 4-1: New USB device found, idVendor=044f, idProduct=b654, bcdDevice= 0.00
[ 2299.076723][  T326] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2299.242251][T26234] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6539: Failed to acquire dquot type 0
[ 2299.253948][T26234] EXT4-fs (loop6): Remounting filesystem read-only
[ 2299.260318][T26234] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6539: Failed to acquire dquot type 0
[ 2299.291068][T26234] EXT4-fs (loop6): Remounting filesystem read-only
[ 2299.308018][T26234] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6539: Failed to acquire dquot type 0
[ 2299.351144][T26234] EXT4-fs (loop6): Remounting filesystem read-only
[ 2299.367841][T26234] EXT4-fs (loop6): 1 orphan inode deleted
[ 2299.390959][T26234] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 2299.411485][T26234] ext4 filesystem being mounted at /316/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2299.463477][T20269] EXT4-fs (loop6): unmounting filesystem.
[ 2299.527594][T26243] loop5: detected capacity change from 0 to 256
[ 2299.572583][  T326] usb 4-1: config 0 descriptor??
[ 2299.609694][T26243] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 2299.686500][T26249] device pim6reg1 entered promiscuous mode
[ 2299.778697][T26254] loop4: detected capacity change from 0 to 512
[ 2299.815736][T26254] EXT4-fs: Invalid want_extra_isize 6
[ 2299.871358][T26254] loop4: detected capacity change from 0 to 1024
[ 2299.909175][T26254] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 2300.020951][T21858] usb 7-1: new high-speed USB device number 36 using dummy_hcd
[ 2300.182930][  T326] usbhid 4-1:0.0: can't add hid device: -71
[ 2300.188803][  T326] usbhid: probe of 4-1:0.0 failed with error -71
[ 2300.214446][  T326] usb 4-1: USB disconnect, device number 93
[ 2300.231989][T21858] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2300.257408][T21858] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2300.296754][T21858] usb 7-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[ 2300.325951][T21858] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2300.352263][T21858] usb 7-1: config 0 descriptor??
[ 2300.710576][T25921] EXT4-fs (loop4): unmounting filesystem.
[ 2300.730473][T25330] EXT4-fs (loop9): unmounting filesystem.
[ 2300.771143][T21858] uclogic 0003:5543:0781.0104: item fetching failed at offset 5/7
[ 2300.781646][T21858] uclogic 0003:5543:0781.0104: parse failed
[ 2300.787405][T21858] uclogic: probe of 0003:5543:0781.0104 failed with error -22
[ 2300.803178][T26263] loop9: detected capacity change from 0 to 512
[ 2300.822882][T26263] EXT4-fs error (device loop9): ext4_acquire_dquot:6788: comm syz.9.6549: Failed to acquire dquot type 0
[ 2300.834592][T26263] EXT4-fs (loop9): Remounting filesystem read-only
[ 2300.841384][T26263] EXT4-fs error (device loop9): ext4_acquire_dquot:6788: comm syz.9.6549: Failed to acquire dquot type 0
[ 2300.853370][T26263] EXT4-fs (loop9): Remounting filesystem read-only
[ 2300.860070][T26263] EXT4-fs error (device loop9): ext4_acquire_dquot:6788: comm syz.9.6549: Failed to acquire dquot type 0
[ 2300.865632][T26266] loop4: detected capacity change from 0 to 512
[ 2300.877609][T26263] EXT4-fs (loop9): Remounting filesystem read-only
[ 2300.884113][T26263] EXT4-fs (loop9): 1 orphan inode deleted
[ 2300.889665][T26263] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 2300.898432][T26263] ext4 filesystem being mounted at /41/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2300.917547][T25330] EXT4-fs (loop9): unmounting filesystem.
[ 2300.923451][T26266] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6548: Failed to acquire dquot type 0
[ 2300.934928][T26266] EXT4-fs (loop4): Remounting filesystem read-only
[ 2300.941429][T26266] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6548: Failed to acquire dquot type 0
[ 2300.953058][T26266] EXT4-fs (loop4): Remounting filesystem read-only
[ 2300.959778][T26266] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6548: Failed to acquire dquot type 0
[ 2300.975845][T26266] EXT4-fs (loop4): Remounting filesystem read-only
[ 2300.975868][T24145] usb 7-1: USB disconnect, device number 36
[ 2300.982248][T26266] EXT4-fs (loop4): 1 orphan inode deleted
[ 2300.993498][T26266] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 2301.002323][T26266] ext4 filesystem being mounted at /17/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2301.020899][  T312] usb 4-1: new high-speed USB device number 94 using dummy_hcd
[ 2301.153524][T26272] 9pnet_fd: Insufficient options for proto=fd
[ 2301.159911][T26272] 9pnet_fd: Insufficient options for proto=fd
[ 2301.179264][T26274] loop5: detected capacity change from 0 to 512
[ 2301.186177][T26274] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 2301.197987][T26274] EXT4-fs (loop5): 1 orphan inode deleted
[ 2301.203732][T26274] EXT4-fs (loop5): 1 truncate cleaned up
[ 2301.209235][T26274] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 2301.221960][  T312] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2301.232839][  T312] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2301.233783][T25929] EXT4-fs (loop5): unmounting filesystem.
[ 2301.242472][  T312] usb 4-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[ 2301.242499][  T312] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2301.243914][  T312] usb 4-1: config 0 descriptor??
[ 2301.300954][T21858] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[ 2301.398265][T26279] loop5: detected capacity change from 0 to 256
[ 2301.424896][T26279] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 2301.603618][T21858] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2301.681950][T25921] EXT4-fs (loop4): unmounting filesystem.
[ 2301.744177][T21858] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2301.775335][T21858] usb 10-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 2301.785622][T21858] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2301.841481][T21858] usb 10-1: config 0 descriptor??
[ 2301.989182][T26285] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6554'.
[ 2302.268376][T26270] syz.9.6550[26270] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2302.268461][T26270] syz.9.6550[26270] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2302.420272][  T312] uclogic 0003:5543:0781.0105: item fetching failed at offset 5/7
[ 2302.446357][  T312] uclogic 0003:5543:0781.0105: parse failed
[ 2302.452222][  T312] uclogic: probe of 0003:5543:0781.0105 failed with error -22
[ 2302.487704][T21858] usbhid 10-1:0.0: can't add hid device: -71
[ 2302.495488][T21858] usbhid: probe of 10-1:0.0 failed with error -71
[ 2302.512090][T21858] usb 10-1: USB disconnect, device number 8
[ 2302.515451][T26292] loop6: detected capacity change from 0 to 8192
[ 2302.525052][T26292] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2302.578233][T26299] loop5: detected capacity change from 0 to 512
[ 2302.612862][T26299] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 2302.621926][T26299] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2302.663503][T24145] usb 4-1: USB disconnect, device number 94
[ 2302.847307][  T312] usb 5-1: new high-speed USB device number 109 using dummy_hcd
[ 2303.102914][  T312] usb 5-1: config 0 has an invalid interface number: 64 but max is 0
[ 2303.188625][  T312] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2303.230045][  T312] usb 5-1: config 0 has no interface number 0
[ 2303.237686][  T312] usb 5-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[ 2303.319982][T26312] loop9: detected capacity change from 0 to 512
[ 2303.326751][  T312] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2303.338811][T26314] loop3: detected capacity change from 0 to 512
[ 2303.364303][  T312] usb 5-1: Product: syz
[ 2303.383910][T26312] __quota_error: 32 callbacks suppressed
[ 2303.383943][T26312] Quota error (device loop9): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2303.402432][T26314] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 2303.411271][  T312] usb 5-1: Manufacturer: syz
[ 2303.415693][  T312] usb 5-1: SerialNumber: syz
[ 2303.420571][T26314] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2303.431791][T26312] Quota error (device loop9): qtree_read_dquot: Can't read quota structure for id 0
[ 2303.441571][  T312] usb 5-1: config 0 descriptor??
[ 2303.447437][T26312] EXT4-fs error (device loop9): ext4_acquire_dquot:6788: comm syz.9.6561: Failed to acquire dquot type 0
[ 2303.542055][T26312] EXT4-fs (loop9): Remounting filesystem read-only
[ 2303.548646][T26312] Quota error (device loop9): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2303.559190][T26312] Quota error (device loop9): qtree_read_dquot: Can't read quota structure for id 0
[ 2303.568633][T26312] EXT4-fs error (device loop9): ext4_acquire_dquot:6788: comm syz.9.6561: Failed to acquire dquot type 0
[ 2303.580137][T26312] EXT4-fs (loop9): Remounting filesystem read-only
[ 2303.587264][T26312] Quota error (device loop9): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2303.597771][T26312] Quota error (device loop9): qtree_read_dquot: Can't read quota structure for id 0
[ 2303.608158][T26312] EXT4-fs error (device loop9): ext4_acquire_dquot:6788: comm syz.9.6561: Failed to acquire dquot type 0
[ 2303.649375][  T312] usb 5-1: Found UVC 0.08 device syz (046d:0823)
[ 2303.692064][  T312] usb 5-1: No valid video chain found.
[ 2303.692721][T26312] EXT4-fs (loop9): Remounting filesystem read-only
[ 2303.698196][  T312] usb 5-1: USB disconnect, device number 109
[ 2303.723630][T26312] EXT4-fs (loop9): 1 orphan inode deleted
[ 2303.729313][T26312] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 2303.732763][T26321] loop6: detected capacity change from 0 to 512
[ 2303.738803][T26312] ext4 filesystem being mounted at /43/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2303.764575][T26321] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 2303.783955][T26321] EXT4-fs (loop6): 1 orphan inode deleted
[ 2303.789610][T26321] EXT4-fs (loop6): 1 truncate cleaned up
[ 2303.795409][T26321] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 2303.828300][T20269] EXT4-fs (loop6): unmounting filesystem.
[ 2303.938427][T25929] EXT4-fs (loop5): unmounting filesystem.
[ 2304.079149][T25330] EXT4-fs (loop9): unmounting filesystem.
[ 2304.368926][T25744] EXT4-fs (loop3): unmounting filesystem.
[ 2304.438287][T26334] loop9: detected capacity change from 0 to 512
[ 2304.449535][T26337] syz.4.6567[26337] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2304.449622][T26337] syz.4.6567[26337] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2304.472615][T26334] EXT4-fs: Invalid want_extra_isize 6
[ 2304.493789][T26337] syz.4.6567[26337] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2304.493869][T26337] syz.4.6567[26337] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2304.560997][T26341] loop4: detected capacity change from 0 to 1024
[ 2304.613235][T26334] loop9: detected capacity change from 0 to 1024
[ 2304.673153][T26341] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 2304.682214][T26334] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 2304.711295][T25921] EXT4-fs (loop4): unmounting filesystem.
[ 2305.073534][T26358] loop3: detected capacity change from 0 to 512
[ 2305.366901][T26363] loop4: detected capacity change from 0 to 512
[ 2305.439614][T26363] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2305.450025][T26363] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 2305.459377][T26363] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6574: Failed to acquire dquot type 0
[ 2305.471411][T26363] EXT4-fs (loop4): Remounting filesystem read-only
[ 2305.477860][T26363] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2305.488254][T26363] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 2305.539012][T26363] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6574: Failed to acquire dquot type 0
[ 2305.555748][T26363] EXT4-fs (loop4): Remounting filesystem read-only
[ 2305.562562][T26363] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6574: Failed to acquire dquot type 0
[ 2305.573968][T26363] EXT4-fs (loop4): Remounting filesystem read-only
[ 2305.580354][T26363] EXT4-fs (loop4): 1 orphan inode deleted
[ 2305.585942][T26363] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 2305.594656][T26363] ext4 filesystem being mounted at /21/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2305.607709][T26358] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 2305.630631][T26358] ext4 filesystem being mounted at /30/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2305.672216][T25330] EXT4-fs (loop9): unmounting filesystem.
[ 2305.793210][T26372] loop5: detected capacity change from 0 to 512
[ 2306.744706][T26372] EXT4-fs error (device loop5): ext4_acquire_dquot:6788: comm syz.5.6577: Failed to acquire dquot type 0
[ 2306.756375][T26372] EXT4-fs (loop5): Remounting filesystem read-only
[ 2306.762961][T26372] EXT4-fs error (device loop5): ext4_acquire_dquot:6788: comm syz.5.6577: Failed to acquire dquot type 0
[ 2306.775203][T26372] EXT4-fs (loop5): Remounting filesystem read-only
[ 2306.783298][T26372] EXT4-fs error (device loop5): ext4_acquire_dquot:6788: comm syz.5.6577: Failed to acquire dquot type 0
[ 2306.795151][T26372] EXT4-fs (loop5): Remounting filesystem read-only
[ 2306.801747][T26372] EXT4-fs (loop5): 1 orphan inode deleted
[ 2306.807616][T26372] ext4 filesystem being mounted at /26/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2307.457882][T26390] xt_TCPMSS: Only works on TCP SYN packets
[ 2308.650269][T26392] loop6: detected capacity change from 0 to 128
[ 2308.742200][T26393] netlink: 12 bytes leftover after parsing attributes in process `syz.9.6582'.
[ 2308.786661][T26402] netlink: 472 bytes leftover after parsing attributes in process `syz.6.6581'.
[ 2310.313804][T26414] loop5: detected capacity change from 0 to 512
[ 2310.367151][T26414] ext4 filesystem being mounted at /29/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2310.387939][T26426] loop4: detected capacity change from 0 to 512
[ 2310.499136][T26426] __quota_error: 8 callbacks suppressed
[ 2310.499163][T26426] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2310.514849][T26426] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 2310.524137][T26426] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6589: Failed to acquire dquot type 0
[ 2310.535542][T26426] EXT4-fs (loop4): Remounting filesystem read-only
[ 2310.542033][T26426] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2310.553086][T26426] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 2310.562430][T26426] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6589: Failed to acquire dquot type 0
[ 2310.574387][T26426] EXT4-fs (loop4): Remounting filesystem read-only
[ 2310.582175][T26426] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2310.592463][T26426] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 2310.601880][T26426] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6589: Failed to acquire dquot type 0
[ 2310.614402][T26426] EXT4-fs (loop4): Remounting filesystem read-only
[ 2310.616636][T26433] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6594'.
[ 2310.629862][T26426] EXT4-fs (loop4): 1 orphan inode deleted
[ 2310.635899][T26426] ext4 filesystem being mounted at /26/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2311.817692][T26441] loop4: detected capacity change from 0 to 512
[ 2311.888046][T26441] ext4 filesystem being mounted at /27/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2312.321531][T26457] device pim6reg1 entered promiscuous mode
[ 2313.267787][T26470] 9pnet_fd: Insufficient options for proto=fd
[ 2313.274287][T26470] 9pnet_fd: Insufficient options for proto=fd
[ 2314.101014][T26477] xt_TCPMSS: Only works on TCP SYN packets
[ 2315.123484][T26481] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6606'.
[ 2315.363896][T26485] loop5: detected capacity change from 0 to 512
[ 2315.423517][T26485] EXT4-fs mount: 10 callbacks suppressed
[ 2315.423541][T26485] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 2315.469548][T26485] ext4 filesystem being mounted at /34/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2315.811010][T24145] usb 4-1: new high-speed USB device number 95 using dummy_hcd
[ 2316.821603][T24145] usb 4-1: Using ep0 maxpacket: 16
[ 2316.878580][T24145] usb 4-1: device descriptor read/all, error -71
[ 2317.882144][T25929] EXT4-fs (loop5): unmounting filesystem.
[ 2317.949477][T26518] loop3: detected capacity change from 0 to 512
[ 2317.956145][T26515] 9pnet_fd: Insufficient options for proto=fd
[ 2317.976008][T26515] 9pnet_fd: Insufficient options for proto=fd
[ 2318.018569][T26518] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 2318.050981][T26518] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2318.926962][T25744] EXT4-fs (loop3): unmounting filesystem.
[ 2319.743774][T26550] loop5: detected capacity change from 0 to 512
[ 2319.808579][T26550] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 2319.844387][T26550] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2320.364276][T26558] device macsec0 entered promiscuous mode
[ 2321.059054][T26553] device macsec0 left promiscuous mode
[ 2321.124514][T26566] 9pnet_fd: Insufficient options for proto=fd
[ 2321.131273][T26566] 9pnet_fd: Insufficient options for proto=fd
[ 2321.510962][ T3728] usb 7-1: new high-speed USB device number 37 using dummy_hcd
[ 2321.971986][ T3728] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2321.990892][ T3728] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2322.000471][ T3728] usb 7-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[ 2322.070881][ T3728] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2322.111309][ T3728] usb 7-1: config 0 descriptor??
[ 2322.521680][ T3728] hid-steam 0003:28DE:1142.0106: unknown main item tag 0x7
[ 2322.531100][ T3728] hid-steam 0003:28DE:1142.0106: item fetching failed at offset 1/5
[ 2322.540013][ T3728] hid-steam 0003:28DE:1142.0106: steam_probe:parse of hid interface failed
[ 2322.550406][ T3728] hid-steam: probe of 0003:28DE:1142.0106 failed with error -22
[ 2322.596990][T26596] loop3: detected capacity change from 0 to 512
[ 2322.769531][T26596] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2322.779832][T26596] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[ 2322.789143][T26596] EXT4-fs error (device loop3): ext4_acquire_dquot:6788: comm syz.3.6638: Failed to acquire dquot type 0
[ 2322.801793][T26596] EXT4-fs (loop3): Remounting filesystem read-only
[ 2322.808372][T26596] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2322.818793][T26596] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[ 2322.828046][T26596] EXT4-fs error (device loop3): ext4_acquire_dquot:6788: comm syz.3.6638: Failed to acquire dquot type 0
[ 2322.841032][T26596] EXT4-fs (loop3): Remounting filesystem read-only
[ 2322.849033][T26596] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2322.859336][T26596] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[ 2322.868597][T26596] EXT4-fs error (device loop3): ext4_acquire_dquot:6788: comm syz.3.6638: Failed to acquire dquot type 0
[ 2322.881144][T26596] EXT4-fs (loop3): Remounting filesystem read-only
[ 2322.887723][T26596] EXT4-fs (loop3): 1 orphan inode deleted
[ 2322.893362][T26596] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 2322.902369][T26596] ext4 filesystem being mounted at /44/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2322.983724][ T3728] usb 7-1: USB disconnect, device number 37
[ 2323.417017][T26604] loop4: detected capacity change from 0 to 512
[ 2323.500287][T26608] syz.9.6642[26608] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2323.500365][T26608] syz.9.6642[26608] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2323.522609][T26604] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2323.645393][T26604] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 2323.696162][T26604] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6640: Failed to acquire dquot type 0
[ 2323.710006][T26604] EXT4-fs (loop4): Remounting filesystem read-only
[ 2323.711411][T25744] EXT4-fs (loop3): unmounting filesystem.
[ 2323.722147][T26604] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2323.791482][T26604] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 2323.857185][T26604] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6640: Failed to acquire dquot type 0
[ 2323.894623][T26619] loop9: detected capacity change from 0 to 8192
[ 2323.905153][T26604] EXT4-fs (loop4): Remounting filesystem read-only
[ 2323.919433][T25929] EXT4-fs (loop5): unmounting filesystem.
[ 2323.938419][T26604] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6640: Failed to acquire dquot type 0
[ 2323.949754][T26619] FAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2323.992934][T26604] EXT4-fs (loop4): Remounting filesystem read-only
[ 2324.021902][T26604] EXT4-fs (loop4): 1 orphan inode deleted
[ 2324.027471][T26604] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 2324.084302][T26604] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2324.190932][  T326] usb 4-1: new high-speed USB device number 97 using dummy_hcd
[ 2324.411950][  T326] usb 4-1: config 0 has an invalid interface number: 64 but max is 0
[ 2324.419966][  T326] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2324.462560][  T326] usb 4-1: config 0 has no interface number 0
[ 2324.471094][  T326] usb 4-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[ 2324.480026][  T326] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2324.558625][  T326] usb 4-1: Product: syz
[ 2324.603907][  T326] usb 4-1: Manufacturer: syz
[ 2324.661769][  T326] usb 4-1: SerialNumber: syz
[ 2324.727802][  T326] usb 4-1: config 0 descriptor??
[ 2324.972037][  T326] usb 4-1: Found UVC 0.08 device syz (046d:0823)
[ 2324.981723][  T326] usb 4-1: No valid video chain found.
[ 2324.998535][  T326] usb 4-1: USB disconnect, device number 97
[ 2325.025889][T26643] loop6: detected capacity change from 0 to 8192
[ 2325.033124][T26643] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2325.183130][T26649] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6654'.
[ 2325.828130][T26661] loop5: detected capacity change from 0 to 512
[ 2325.922707][T26666] loop3: detected capacity change from 0 to 512
[ 2326.228169][T26661] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 2326.252401][T26666] EXT4-fs error (device loop3): ext4_acquire_dquot:6788: comm syz.3.6656: Failed to acquire dquot type 0
[ 2326.264568][T26666] EXT4-fs (loop3): Remounting filesystem read-only
[ 2326.271158][T26666] EXT4-fs error (device loop3): ext4_acquire_dquot:6788: comm syz.3.6656: Failed to acquire dquot type 0
[ 2326.283618][T26666] EXT4-fs (loop3): Remounting filesystem read-only
[ 2326.291492][T26666] EXT4-fs error (device loop3): ext4_acquire_dquot:6788: comm syz.3.6656: Failed to acquire dquot type 0
[ 2326.303480][T26666] EXT4-fs (loop3): Remounting filesystem read-only
[ 2326.310066][T26666] EXT4-fs (loop3): 1 orphan inode deleted
[ 2326.315740][T26666] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 2326.324799][T26666] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2326.414533][T26661] ext4 filesystem being mounted at /44/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2327.568502][T25921] EXT4-fs (loop4): unmounting filesystem.
[ 2327.678169][T25744] EXT4-fs (loop3): unmounting filesystem.
[ 2327.710950][T18329] usb 7-1: new high-speed USB device number 38 using dummy_hcd
[ 2327.825207][T26687] loop4: detected capacity change from 0 to 512
[ 2327.840129][T26687] EXT4-fs: Invalid want_extra_isize 6
[ 2327.962863][T26687] loop4: detected capacity change from 0 to 1024
[ 2327.997513][T26687] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 2328.254707][T18329] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2328.273107][T18329] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2328.282815][T18329] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2328.295626][T18329] usb 7-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[ 2328.304580][T18329] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2328.313814][T18329] usb 7-1: config 0 descriptor??
[ 2328.740999][T18329] gt683r_led 0003:1770:FF00.0107: unknown main item tag 0x0
[ 2328.748157][T18329] gt683r_led 0003:1770:FF00.0107: unknown main item tag 0x0
[ 2328.765498][T18329] gt683r_led 0003:1770:FF00.0107: unknown main item tag 0x0
[ 2328.781312][T18329] gt683r_led 0003:1770:FF00.0107: unknown main item tag 0x0
[ 2328.798881][T18329] gt683r_led 0003:1770:FF00.0107: unknown main item tag 0x0
[ 2328.820811][T18329] gt683r_led 0003:1770:FF00.0107: hidraw0: USB HID v0.00 Device [HID 1770:ff00] on usb-dummy_hcd.6-1/input0
[ 2328.935496][T24145] usb 7-1: USB disconnect, device number 38
[ 2328.946992][T26494] gt683r_led 0003:1770:FF00.0107: failed to send set report request: -19
[ 2329.016636][T25921] EXT4-fs (loop4): unmounting filesystem.
[ 2329.128877][T25929] EXT4-fs (loop5): unmounting filesystem.
[ 2329.210075][T18329] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[ 2329.403245][T18329] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2329.434809][T18329] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2329.596291][T18329] usb 10-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 2329.618822][T18329] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2329.632541][T18329] usb 10-1: config 0 descriptor??
[ 2329.700207][T26726] loop4: detected capacity change from 0 to 512
[ 2329.767975][T26726] __quota_error: 8 callbacks suppressed
[ 2329.767997][T26726] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2329.815280][T26726] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 2329.853126][T26726] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6676: Failed to acquire dquot type 0
[ 2329.917944][T26726] EXT4-fs (loop4): Remounting filesystem read-only
[ 2329.933731][T26726] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2329.944173][T26726] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 2329.953550][T26726] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6676: Failed to acquire dquot type 0
[ 2329.965119][T26726] EXT4-fs (loop4): Remounting filesystem read-only
[ 2329.972017][T26726] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2329.991730][T26726] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 2330.041118][T26726] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6676: Failed to acquire dquot type 0
[ 2330.042417][T18329] hid (null): bogus close delimiter
[ 2330.101773][T26726] EXT4-fs (loop4): Remounting filesystem read-only
[ 2330.148144][T26726] EXT4-fs (loop4): 1 orphan inode deleted
[ 2330.167673][T26726] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 2330.198475][T26726] ext4 filesystem being mounted at /40/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2330.242159][T18329] usb 10-1: language id specifier not provided by device, defaulting to English
[ 2330.363364][  T545] Bluetooth: hci0: Frame reassembly failed (-84)
[ 2330.453806][T18329] uclogic 0003:256C:006D.0108: failed retrieving Huion firmware version: -71
[ 2330.469132][T18329] uclogic 0003:256C:006D.0108: failed probing parameters: -71
[ 2330.485780][T18329] uclogic: probe of 0003:256C:006D.0108 failed with error -71
[ 2330.511964][T18329] usb 10-1: USB disconnect, device number 9
[ 2330.688942][T26743] loop6: detected capacity change from 0 to 256
[ 2330.783108][T26743] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 2331.771006][T25921] EXT4-fs (loop4): unmounting filesystem.
[ 2331.815393][T26750] loop4: detected capacity change from 0 to 512
[ 2331.833180][T26750] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 2331.857667][T26750] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2331.876127][T26758] syz.9.6688[26758] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2331.876207][T26758] syz.9.6688[26758] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2331.893655][T26758] 9pnet_fd: Insufficient options for proto=fd
[ 2331.958091][   T28] audit: type=1400 audit(1734591053.025:1407): avc:  denied  { getopt } for  pid=26760 comm="syz.9.6689" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 2332.100889][  T312] usb 4-1: new high-speed USB device number 98 using dummy_hcd
[ 2332.283570][  T312] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2332.328962][  T312] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2332.380535][  T312] usb 4-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[ 2332.392954][  T312] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2332.431754][  T312] usb 4-1: config 0 descriptor??
[ 2332.440898][T25853] Bluetooth: hci0: command 0x1003 tx timeout
[ 2332.441014][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 2332.844152][  T312] uclogic 0003:5543:0781.0109: item fetching failed at offset 5/7
[ 2332.902411][  T312] uclogic 0003:5543:0781.0109: parse failed
[ 2332.908535][  T312] uclogic: probe of 0003:5543:0781.0109 failed with error -22
[ 2333.030278][T26779] loop6: detected capacity change from 0 to 512
[ 2333.048208][ T3728] usb 4-1: USB disconnect, device number 98
[ 2333.101693][T26779] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 2333.132225][T26779] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[ 2333.461416][T26782] loop5: detected capacity change from 0 to 512
[ 2333.485432][T26782] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 2333.534607][T26782] EXT4-fs (loop5): 1 orphan inode deleted
[ 2333.550888][T26782] EXT4-fs (loop5): 1 truncate cleaned up
[ 2333.556390][T26782] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 2333.828988][T26793] loop6: detected capacity change from 0 to 256
[ 2333.856283][T26788] EXT4-fs error (device loop5): ext4_inlinedir_to_tree:1432: inode #12: block 7: comm syz.5.6695: path /49/bus/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0
[ 2333.922300][T26788] EXT4-fs (loop5): Remounting filesystem read-only
[ 2333.945778][T26793] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 2334.092151][T25921] EXT4-fs (loop4): unmounting filesystem.
[ 2334.196096][T26796] loop3: detected capacity change from 0 to 512
[ 2334.453198][T24145] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[ 2334.470586][T25929] EXT4-fs (loop5): unmounting filesystem.
[ 2334.614400][T26796] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2334.634007][T26796] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[ 2334.661515][T26796] EXT4-fs error (device loop3): ext4_acquire_dquot:6788: comm syz.3.6696: Failed to acquire dquot type 0
[ 2334.694680][T26796] EXT4-fs (loop3): Remounting filesystem read-only
[ 2334.702293][T24145] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2334.723517][T24145] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2334.735826][T26796] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2334.762748][T24145] usb 10-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 2334.775094][T26796] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[ 2334.798234][T24145] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2334.810112][T26796] EXT4-fs error (device loop3): ext4_acquire_dquot:6788: comm syz.3.6696: Failed to acquire dquot type 0
[ 2334.837862][T24145] usb 10-1: config 0 descriptor??
[ 2334.851717][T26796] EXT4-fs (loop3): Remounting filesystem read-only
[ 2334.873949][T26796] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2334.889904][T26796] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[ 2334.899178][T26796] EXT4-fs error (device loop3): ext4_acquire_dquot:6788: comm syz.3.6696: Failed to acquire dquot type 0
[ 2334.920958][T26796] EXT4-fs (loop3): Remounting filesystem read-only
[ 2334.927448][T26796] EXT4-fs (loop3): 1 orphan inode deleted
[ 2334.939795][T26796] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 2334.955126][T26796] ext4 filesystem being mounted at /51/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2334.964782][T26808] syz.4.6699[26808] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2334.970278][T26808] syz.4.6699[26808] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2334.991261][T26808] 9pnet_fd: Insufficient options for proto=fd
[ 2335.239505][T26819] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6704'.
[ 2335.503370][T26820] xt_TCPMSS: Only works on TCP SYN packets
[ 2335.696760][T24145] hid (null): bogus close delimiter
[ 2337.074268][T26831] xt_TCPMSS: Only works on TCP SYN packets
[ 2337.526144][T26835] loop9: detected capacity change from 0 to 512
[ 2338.121212][T24145] usb 10-1: string descriptor 0 read error: -71
[ 2338.135401][T24145] uclogic 0003:256C:006D.010A: failed retrieving string descriptor #200: -71
[ 2338.144668][T24145] uclogic 0003:256C:006D.010A: failed retrieving pen parameters: -71
[ 2338.271814][T24145] uclogic 0003:256C:006D.010A: failed probing pen v2 parameters: -71
[ 2338.298416][T26835] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 2338.462552][T26835] ext4 filesystem being mounted at /81/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2338.602891][T24145] uclogic 0003:256C:006D.010A: failed probing parameters: -71
[ 2338.610317][T24145] uclogic: probe of 0003:256C:006D.010A failed with error -71
[ 2338.620233][T24145] usb 10-1: USB disconnect, device number 10
[ 2338.643621][T26846] loop5: detected capacity change from 0 to 512
[ 2338.650173][T26846] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 2338.680883][T26846] EXT4-fs (loop5): couldn't mount as ext3 due to feature incompatibilities
[ 2338.703502][T26845] loop6: detected capacity change from 0 to 8192
[ 2338.731907][T26845] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2339.510360][T26856] loop4: detected capacity change from 0 to 256
[ 2339.528456][T26856] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 2340.025244][T26858] syz.6.6713[26858] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2340.025322][T26858] syz.6.6713[26858] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2340.071069][T26858] 9pnet_fd: Insufficient options for proto=fd
[ 2340.147222][T25330] EXT4-fs (loop9): unmounting filesystem.
[ 2340.172291][T26861] loop6: detected capacity change from 0 to 512
[ 2340.206476][T26861] EXT4-fs (loop6): invalid journal inode
[ 2340.217573][T26861] EXT4-fs (loop6): can't get journal size
[ 2340.240747][T26861] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a81ec118, mo2=0002]
[ 2340.259728][T26861] System zones: 1-12, 13-13, 570624-570624
[ 2340.290064][T26861] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2186: inode #15: comm syz.6.6714: corrupted in-inode xattr
[ 2340.321285][T26861] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.6714: couldn't read orphan inode 15 (err -117)
[ 2340.337844][T26861] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 2340.364105][T25744] EXT4-fs (loop3): unmounting filesystem.
[ 2340.378553][T20269] EXT4-fs (loop6): unmounting filesystem.
[ 2340.438497][T26864] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6716'.
[ 2340.489944][T26872] loop3: detected capacity change from 0 to 1024
[ 2340.531392][T12011] Bluetooth: hci0: Frame reassembly failed (-84)
[ 2340.598187][T26872] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 2340.818645][T26883] xt_TCPMSS: Only works on TCP SYN packets
[ 2340.839477][T25744] EXT4-fs error (device loop3): ext4_map_blocks:634: inode #2: block 16: comm syz-executor: lblock 0 mapped to illegal pblock 16 (length 1)
[ 2340.856130][T25744] EXT4-fs error (device loop3): __ext4_get_inode_loc:4508: comm syz-executor: Invalid inode table block 5 in block_group 0
[ 2340.874442][T25744] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5887: Corrupt filesystem
[ 2340.885840][T25744] EXT4-fs error (device loop3): ext4_dirty_inode:6091: inode #2: comm syz-executor: mark_inode_dirty error
[ 2340.953293][   T10] EXT4-fs error (device loop3): __ext4_get_inode_loc:4508: comm kworker/u4:1: Invalid inode table block 5 in block_group 0
[ 2340.973420][T25744] EXT4-fs (loop3): unmounting filesystem.
[ 2342.169405][T26899] syz.6.6729[26899] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2342.169490][T26899] syz.6.6729[26899] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2342.464546][T26901] loop9: detected capacity change from 0 to 512
[ 2342.532395][T26901] Quota error (device loop9): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2342.542737][T26901] Quota error (device loop9): qtree_read_dquot: Can't read quota structure for id 0
[ 2342.551914][T26901] EXT4-fs error (device loop9): ext4_acquire_dquot:6788: comm syz.9.6728: Failed to acquire dquot type 0
[ 2342.564387][T26901] EXT4-fs (loop9): Remounting filesystem read-only
[ 2342.570757][T26901] Quota error (device loop9): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2342.580946][T26901] Quota error (device loop9): qtree_read_dquot: Can't read quota structure for id 0
[ 2342.590076][T26901] EXT4-fs error (device loop9): ext4_acquire_dquot:6788: comm syz.9.6728: Failed to acquire dquot type 0
[ 2342.602503][T26901] EXT4-fs (loop9): Remounting filesystem read-only
[ 2342.609248][T26901] Quota error (device loop9): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2342.619555][T26901] Quota error (device loop9): qtree_read_dquot: Can't read quota structure for id 0
[ 2342.628745][T26901] EXT4-fs error (device loop9): ext4_acquire_dquot:6788: comm syz.9.6728: Failed to acquire dquot type 0
[ 2342.640028][T25852] Bluetooth: hci0: command 0x1003 tx timeout
[ 2342.640075][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 2342.652873][T26901] EXT4-fs (loop9): Remounting filesystem read-only
[ 2342.659258][T26901] EXT4-fs (loop9): 1 orphan inode deleted
[ 2342.664830][T26901] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 2342.673619][T26901] ext4 filesystem being mounted at /85/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2342.718810][   T10] device bridge_slave_1 left promiscuous mode
[ 2342.730267][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2342.786602][   T10] device bridge_slave_0 left promiscuous mode
[ 2342.806341][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2343.650500][T26914] loop6: detected capacity change from 0 to 256
[ 2344.432748][T26914] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 2344.497630][   T10] device veth1_macvtap left promiscuous mode
[ 2344.515878][   T10] device veth0_vlan left promiscuous mode
[ 2344.638942][T26918] loop5: detected capacity change from 0 to 512
[ 2344.655130][T26920] loop6: detected capacity change from 0 to 512
[ 2344.708108][T26918] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 2344.761402][T26920] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 2344.780078][T26918] EXT4-fs (loop5): couldn't mount as ext3 due to feature incompatibilities
[ 2344.804751][T26920] ext4 filesystem being mounted at /356/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2344.962369][T25330] EXT4-fs (loop9): unmounting filesystem.
[ 2348.108191][T26928] loop9: detected capacity change from 0 to 256
[ 2348.114971][T20269] EXT4-fs (loop6): unmounting filesystem.
[ 2348.335333][T26904] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2348.351027][T26904] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2348.358379][T26904] device bridge_slave_0 entered promiscuous mode
[ 2348.381940][T26904] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2348.388801][T26904] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2348.411372][T26904] device bridge_slave_1 entered promiscuous mode
[ 2348.506242][T26904] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2348.513129][T26904] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2348.520392][T26904] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2348.527203][T26904] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2348.554150][  T545] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2348.563451][  T545] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2348.570570][  T545] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2348.597956][  T545] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2348.606746][  T545] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2348.613628][  T545] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2348.622351][  T545] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2348.630395][  T545] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2348.637270][  T545] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2348.646169][  T545] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2348.654118][  T545] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2348.670553][  T545] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2348.684430][T26904] device veth0_vlan entered promiscuous mode
[ 2348.691821][  T545] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2348.700103][  T545] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2348.707809][  T545] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2348.722375][T26904] device veth1_macvtap entered promiscuous mode
[ 2348.729176][  T545] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2348.748118][  T545] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2348.769916][  T545] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2348.788084][T26933] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 2348.903703][T26938] loop6: detected capacity change from 0 to 1024
[ 2348.941518][T26935] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 2350.016029][T26949] netlink: 'syz.6.6734': attribute type 4 has an invalid length.
[ 2350.097524][T26945] loop0: detected capacity change from 0 to 8192
[ 2350.292694][T26945] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2350.350452][T26954] syz.4.6739[26954] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2350.350552][T26954] syz.4.6739[26954] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2350.386408][T26958] loop6: detected capacity change from 0 to 512
[ 2350.415634][T26951] loop9: detected capacity change from 0 to 8192
[ 2350.420050][T26961] loop4: detected capacity change from 0 to 1024
[ 2350.449328][T26951] FAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2350.460164][T26958] EXT4-fs: Invalid want_extra_isize 6
[ 2350.471697][T26935] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 2351.075359][T26969] netlink: 'syz.4.6741': attribute type 4 has an invalid length.
[ 2351.375414][T26958] loop6: detected capacity change from 0 to 1024
[ 2351.455402][T26958] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 2351.580074][T26977] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6743'.
[ 2351.885783][T26983] loop9: detected capacity change from 0 to 512
[ 2351.920928][T26984] loop0: detected capacity change from 0 to 512
[ 2351.971871][T26983] Quota error (device loop9): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2352.014591][T26984] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 2352.049140][T26983] Quota error (device loop9): qtree_read_dquot: Can't read quota structure for id 0
[ 2352.077581][T26984] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[ 2352.127662][T26983] EXT4-fs error (device loop9): ext4_acquire_dquot:6788: comm syz.9.6746: Failed to acquire dquot type 0
[ 2352.164428][T26983] EXT4-fs (loop9): Remounting filesystem read-only
[ 2352.174732][T26983] Quota error (device loop9): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2352.188282][T20269] EXT4-fs (loop6): unmounting filesystem.
[ 2352.208507][T26983] Quota error (device loop9): qtree_read_dquot: Can't read quota structure for id 0
[ 2352.311743][T26983] EXT4-fs error (device loop9): ext4_acquire_dquot:6788: comm syz.9.6746: Failed to acquire dquot type 0
[ 2352.357687][T26983] EXT4-fs (loop9): Remounting filesystem read-only
[ 2352.491449][T19182] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[ 2352.502749][T26983] Quota error (device loop9): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2352.616181][T26983] Quota error (device loop9): qtree_read_dquot: Can't read quota structure for id 0
[ 2352.722922][T19182] usb 6-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config
[ 2352.728849][T26983] EXT4-fs error (device loop9): ext4_acquire_dquot:6788: comm syz.9.6746: Failed to acquire dquot type 0
[ 2352.750581][T26983] EXT4-fs (loop9): Remounting filesystem read-only
[ 2352.759139][T19182] usb 6-1: config 17 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 2352.761069][T26983] EXT4-fs (loop9): 1 orphan inode deleted
[ 2352.788263][T19182] usb 6-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 2352.798868][T26983] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[ 2352.808448][T19182] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2352.819420][T26983] ext4 filesystem being mounted at /89/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2353.032548][T19182] usb 6-1: string descriptor 0 read error: -71
[ 2353.042660][T19182] aiptek 6-1:17.0: interface has no int in endpoints, but must have minimum 1
[ 2353.063719][T19182] usb 6-1: USB disconnect, device number 20
[ 2353.149768][T27003] syz.6.6751[27003] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2353.149857][T27003] syz.6.6751[27003] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2353.203222][T27006] loop4: detected capacity change from 0 to 512
[ 2353.237273][T27006] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2353.247530][T27006] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 2353.256977][T27006] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6750: Failed to acquire dquot type 0
[ 2353.269141][T27006] EXT4-fs (loop4): Remounting filesystem read-only
[ 2353.275799][T27006] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2353.286035][T27006] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 2353.295343][T27006] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6750: Failed to acquire dquot type 0
[ 2353.311963][T27010] loop6: detected capacity change from 0 to 512
[ 2353.323560][T27006] EXT4-fs (loop4): Remounting filesystem read-only
[ 2353.330954][T27006] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.6750: Failed to acquire dquot type 0
[ 2353.343816][T27006] EXT4-fs (loop4): Remounting filesystem read-only
[ 2353.350221][T27006] EXT4-fs (loop4): 1 orphan inode deleted
[ 2353.355762][T27006] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 2353.364536][T27006] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2353.400935][T18329] usb 1-1: new high-speed USB device number 113 using dummy_hcd
[ 2353.424116][T27010] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6752: Failed to acquire dquot type 0
[ 2353.435989][T27010] EXT4-fs (loop6): Remounting filesystem read-only
[ 2353.442430][T27010] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6752: Failed to acquire dquot type 0
[ 2353.454025][T27010] EXT4-fs (loop6): Remounting filesystem read-only
[ 2353.460922][T27010] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6752: Failed to acquire dquot type 0
[ 2353.473488][T27010] EXT4-fs (loop6): Remounting filesystem read-only
[ 2353.479869][T27010] EXT4-fs (loop6): 1 orphan inode deleted
[ 2353.485408][T27010] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 2353.494147][T27010] ext4 filesystem being mounted at /361/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2353.612483][T18329] usb 1-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config
[ 2353.681754][T18329] usb 1-1: config 17 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 2353.695098][T18329] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 2353.711860][T18329] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2353.951741][T18329] usb 1-1: string descriptor 0 read error: -71
[ 2353.978378][T18329] aiptek 1-1:17.0: interface has no int in endpoints, but must have minimum 1
[ 2353.993313][T25921] EXT4-fs (loop4): unmounting filesystem.
[ 2354.604077][T18329] usb 1-1: USB disconnect, device number 113
[ 2354.607958][T20269] EXT4-fs (loop6): unmounting filesystem.
[ 2354.734500][T25330] EXT4-fs (loop9): unmounting filesystem.
[ 2354.762766][T27024] loop4: detected capacity change from 0 to 8192
[ 2354.769941][T27024] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2355.033115][T18329] usb 1-1: new full-speed USB device number 114 using dummy_hcd
[ 2355.253835][T18329] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2355.297802][T18329] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2355.369347][T18329] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 2355.386597][T18329] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2355.420687][T18329] usb 1-1: config 0 descriptor??
[ 2355.466697][T27041] loop6: detected capacity change from 0 to 512
[ 2355.513403][T27041] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 2355.565674][T27041] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[ 2355.720575][T27044] syz.9.6763[27044] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2355.720657][T27044] syz.9.6763[27044] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2355.880519][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[ 2356.002969][T27055] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 2356.010003][T27055] IPv6: NLM_F_CREATE should be set when creating new route
[ 2356.040274][T27055] loop9: detected capacity change from 0 to 512
[ 2356.896669][T27056] loop5: detected capacity change from 0 to 512
[ 2356.928043][T27055] EXT4-fs error (device loop9): ext4_expand_extra_isize_ea:2759: inode #11: comm syz.9.6766: corrupted xattr block 95
[ 2356.940916][T27055] EXT4-fs error (device loop9): ext4_validate_block_bitmap:429: comm syz.9.6766: bg 0: block 7: invalid block bitmap
[ 2356.954259][T27055] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 2356.963507][T27055] EXT4-fs error (device loop9): ext4_xattr_delete_inode:2925: inode #11: comm syz.9.6766: corrupted xattr block 95
[ 2356.977069][T27055] EXT4-fs warning (device loop9): ext4_evict_inode:299: xattr delete (err -117)
[ 2356.986093][T27055] EXT4-fs (loop9): 1 orphan inode deleted
[ 2356.991681][T27055] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[ 2357.062717][T27056] __quota_error: 8 callbacks suppressed
[ 2357.062737][T27056] Quota error (device loop5): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2357.078436][T27056] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[ 2357.087967][T27056] EXT4-fs error (device loop5): ext4_acquire_dquot:6788: comm syz.5.6767: Failed to acquire dquot type 0
[ 2357.100468][T27056] EXT4-fs (loop5): Remounting filesystem read-only
[ 2357.106874][T27056] Quota error (device loop5): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2357.117002][T27056] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[ 2357.206576][T27056] EXT4-fs error (device loop5): ext4_acquire_dquot:6788: comm syz.5.6767: Failed to acquire dquot type 0
[ 2357.289304][T27056] EXT4-fs (loop5): Remounting filesystem read-only
[ 2357.296321][T27056] Quota error (device loop5): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2357.306534][T27056] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[ 2357.315697][T27056] EXT4-fs error (device loop5): ext4_acquire_dquot:6788: comm syz.5.6767: Failed to acquire dquot type 0
[ 2357.327804][T27056] EXT4-fs (loop5): Remounting filesystem read-only
[ 2357.334211][T27056] EXT4-fs (loop5): 1 orphan inode deleted
[ 2357.339802][T27056] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 2357.348530][T27056] ext4 filesystem being mounted at /62/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2357.363163][T25330] EXT4-fs (loop9): unmounting filesystem.
[ 2357.441452][T27067] device pim6reg1 entered promiscuous mode
[ 2357.494261][T12891] usb 1-1: USB disconnect, device number 114
[ 2357.520701][T27071] loop0: detected capacity change from 0 to 512
[ 2357.543242][T27071] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 2357.596182][T27071] EXT4-fs (loop0): 1 orphan inode deleted
[ 2357.608827][T27075] loop6: detected capacity change from 0 to 512
[ 2357.623645][T27071] EXT4-fs (loop0): 1 truncate cleaned up
[ 2357.639745][T27071] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 2357.686591][T27075] Quota error (device loop6): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2357.842152][T27075] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0
[ 2357.853028][T27075] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6770: Failed to acquire dquot type 0
[ 2357.864725][T27075] EXT4-fs (loop6): Remounting filesystem read-only
[ 2357.871171][T27075] Quota error (device loop6): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[ 2357.881437][T25853] Bluetooth: hci0: command 0x1003 tx timeout
[ 2357.887260][T26907] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 2357.896567][T27075] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0
[ 2357.908053][T27082] EXT4-fs error (device loop0): ext4_inlinedir_to_tree:1432: inode #12: block 7: comm syz.0.6771: path /4/bus/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0
[ 2357.931328][T27082] EXT4-fs (loop0): Remounting filesystem read-only
[ 2357.970026][T27075] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6770: Failed to acquire dquot type 0
[ 2357.982408][T27049] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[ 2358.027401][T27075] EXT4-fs (loop6): Remounting filesystem read-only
[ 2358.028103][T25929] EXT4-fs (loop5): unmounting filesystem.
[ 2358.040314][T27075] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.6770: Failed to acquire dquot type 0
[ 2358.058611][T27075] EXT4-fs (loop6): Remounting filesystem read-only
[ 2358.078593][T27075] EXT4-fs (loop6): 1 orphan inode deleted
[ 2358.096572][T27075] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 2358.100049][T27090] syz.5.6776[27090] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2358.105520][T27090] syz.5.6776[27090] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2358.124424][T27075] ext4 filesystem being mounted at /366/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 2358.601359][T24327] usb 5-1: new high-speed USB device number 110 using dummy_hcd
[ 2358.609545][  T325] ==================================================================
[ 2358.617439][  T325] BUG: KASAN: use-after-free in detach_if_pending+0x1ab/0x390
[ 2358.624724][  T325] Write of size 8 at addr ffff8881126f89f8 by task kworker/u4:4/325
[ 2358.632530][  T325] 
[ 2358.634702][  T325] CPU: 0 PID: 325 Comm: kworker/u4:4 Not tainted 6.1.118-syzkaller-00073-ge50cf165f4e7 #0
[ 2358.644426][  T325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 2358.654318][  T325] Workqueue: wg-kex-wg0 wg_packet_handshake_send_worker
[ 2358.661088][  T325] Call Trace:
[ 2358.664216][  T325]  <TASK>
[ 2358.667004][  T325]  dump_stack_lvl+0x151/0x1b7
[ 2358.671501][  T325]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[ 2358.676795][  T325]  ? _printk+0xd1/0x111
[ 2358.680807][  T325]  ? __virt_addr_valid+0x242/0x2f0
[ 2358.685735][  T325]  print_report+0x158/0x4e0
[ 2358.690073][  T325]  ? __virt_addr_valid+0x242/0x2f0
[ 2358.695021][  T325]  ? kasan_complete_mode_report_info+0x90/0x1b0
[ 2358.701095][  T325]  ? detach_if_pending+0x1ab/0x390
[ 2358.706042][  T325]  kasan_report+0x13c/0x170
[ 2358.710382][  T325]  ? detach_if_pending+0x1ab/0x390
[ 2358.715332][  T325]  __asan_report_store8_noabort+0x17/0x20
[ 2358.720885][  T325]  detach_if_pending+0x1ab/0x390
[ 2358.725679][  T325]  __mod_timer+0x2ea/0xcf0
[ 2358.729912][  T325]  ? make_cookie+0x670/0x670
[ 2358.734342][  T325]  ? mod_timer_pending+0x30/0x30
[ 2358.739113][  T325]  mod_timer+0x1f/0x30
[ 2358.743016][  T325]  ? wg_timers_any_authenticated_packet_traversal+0x7f/0x1a0
[ 2358.750221][  T325]  wg_timers_any_authenticated_packet_traversal+0x136/0x1a0
[ 2358.757339][  T325]  wg_packet_handshake_send_worker+0x182/0x240
[ 2358.763325][  T325]  ? wg_prev_queue_dequeue+0x260/0x260
[ 2358.768623][  T325]  ? _raw_spin_lock_irq+0xa5/0x1b0
[ 2358.773573][  T325]  ? __kasan_check_read+0x11/0x20
[ 2358.778426][  T325]  ? read_word_at_a_time+0x12/0x20
[ 2358.783382][  T325]  ? strscpy+0x9c/0x260
[ 2358.787368][  T325]  process_one_work+0x73d/0xcb0
[ 2358.792056][  T325]  worker_thread+0xa60/0x1260
[ 2358.796575][  T325]  kthread+0x26d/0x300
[ 2358.800473][  T325]  ? worker_clr_flags+0x1a0/0x1a0
[ 2358.805333][  T325]  ? kthread_blkcg+0xd0/0xd0
[ 2358.809761][  T325]  ret_from_fork+0x1f/0x30
[ 2358.814035][  T325]  </TASK>
[ 2358.816881][  T325] 
[ 2358.819063][  T325] Allocated by task 27049:
[ 2358.823307][  T325]  kasan_set_track+0x4b/0x70
[ 2358.827727][  T325]  kasan_save_alloc_info+0x1f/0x30
[ 2358.832817][  T325]  __kasan_kmalloc+0x9c/0xb0
[ 2358.837221][  T325]  __kmalloc+0xb4/0x1e0
[ 2358.841225][  T325]  hci_alloc_dev_priv+0x27/0x1c00
[ 2358.846074][  T325]  hci_uart_tty_ioctl+0x401/0xa70
[ 2358.850956][  T325]  tty_ioctl+0x903/0xc50
[ 2358.855017][  T325]  __se_sys_ioctl+0x114/0x190
[ 2358.859613][  T325]  __x64_sys_ioctl+0x7b/0x90
[ 2358.864041][  T325]  x64_sys_call+0x98/0x9a0
[ 2358.868293][  T325]  do_syscall_64+0x3b/0xb0
[ 2358.872546][  T325]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2358.878277][  T325] 
[ 2358.880473][  T325] Freed by task 27049:
[ 2358.884352][  T325]  kasan_set_track+0x4b/0x70
[ 2358.888776][  T325]  kasan_save_free_info+0x2b/0x40
[ 2358.893637][  T325]  ____kasan_slab_free+0x131/0x180
[ 2358.898584][  T325]  __kasan_slab_free+0x11/0x20
[ 2358.903183][  T325]  __kmem_cache_free+0x21d/0x410
[ 2358.907973][  T325]  kfree+0x7a/0xf0
[ 2358.911515][  T325]  hci_release_dev+0x14d3/0x1640
[ 2358.916301][  T325]  bt_host_release+0x83/0xa0
[ 2358.920725][  T325]  device_release+0x95/0x1c0
[ 2358.925141][  T325]  kobject_put+0x178/0x260
[ 2358.929414][  T325]  put_device+0x1f/0x30
[ 2358.933385][  T325]  hci_dev_cmd+0x2be/0x9b0
[ 2358.937652][  T325]  hci_sock_ioctl+0x415/0x7f0
[ 2358.942261][  T325]  sock_do_ioctl+0x152/0x450
[ 2358.946665][  T325]  sock_ioctl+0x455/0x740
[ 2358.950833][  T325]  __se_sys_ioctl+0x114/0x190
[ 2358.955344][  T325]  __x64_sys_ioctl+0x7b/0x90
[ 2358.960118][  T325]  x64_sys_call+0x98/0x9a0
[ 2358.964375][  T325]  do_syscall_64+0x3b/0xb0
[ 2358.968631][  T325]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2358.974355][  T325] 
[ 2358.976526][  T325] Last potentially related work creation:
[ 2358.982081][  T325]  kasan_save_stack+0x3b/0x60
[ 2358.986590][  T325]  __kasan_record_aux_stack+0xb4/0xc0
[ 2358.991803][  T325]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 2358.997450][  T325]  insert_work+0x56/0x310
[ 2359.001627][  T325]  __queue_work+0x9b6/0xd70
[ 2359.005947][  T325]  queue_work_on+0x105/0x170
[ 2359.010371][  T325]  __hci_cmd_sync_sk+0xc2a/0xf70
[ 2359.015148][  T325]  hci_cmd_sync_status+0x52/0x130
[ 2359.020008][  T325]  hci_dev_cmd+0x39e/0x9b0
[ 2359.024260][  T325]  hci_sock_ioctl+0x415/0x7f0
[ 2359.028867][  T325]  sock_do_ioctl+0x152/0x450
[ 2359.033286][  T325]  sock_ioctl+0x455/0x740
[ 2359.037452][  T325]  __se_sys_ioctl+0x114/0x190
[ 2359.041966][  T325]  __x64_sys_ioctl+0x7b/0x90
[ 2359.046403][  T325]  x64_sys_call+0x98/0x9a0
[ 2359.050646][  T325]  do_syscall_64+0x3b/0xb0
[ 2359.055007][  T325]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2359.060737][  T325] 
[ 2359.062919][  T325] Second to last potentially related work creation:
[ 2359.069343][  T325]  kasan_save_stack+0x3b/0x60
[ 2359.073840][  T325]  __kasan_record_aux_stack+0xb4/0xc0
[ 2359.079046][  T325]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 2359.084689][  T325]  insert_work+0x56/0x310
[ 2359.088859][  T325]  __queue_work+0x9b6/0xd70
[ 2359.093284][  T325]  queue_work_on+0x105/0x170
[ 2359.097706][  T325]  hci_cmd_timeout+0x199/0x200
[ 2359.102307][  T325]  process_one_work+0x73d/0xcb0
[ 2359.106994][  T325]  worker_thread+0xa60/0x1260
[ 2359.111508][  T325]  kthread+0x26d/0x300
[ 2359.115423][  T325]  ret_from_fork+0x1f/0x30
[ 2359.119756][  T325] 
[ 2359.121924][  T325] The buggy address belongs to the object at ffff8881126f8000
[ 2359.121924][  T325]  which belongs to the cache kmalloc-8k of size 8192
[ 2359.135920][  T325] The buggy address is located 2552 bytes inside of
[ 2359.135920][  T325]  8192-byte region [ffff8881126f8000, ffff8881126fa000)
[ 2359.149202][  T325] 
[ 2359.151372][  T325] The buggy address belongs to the physical page:
[ 2359.157622][  T325] page:ffffea000449be00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1126f8
[ 2359.167702][  T325] head:ffffea000449be00 order:3 compound_mapcount:0 compound_pincount:0
[ 2359.175846][  T325] flags: 0x4000000000010200(slab|head|zone=1)
[ 2359.181777][  T325] raw: 4000000000010200 ffffea0004be0c00 dead000000000005 ffff888100043500
[ 2359.190173][  T325] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000
[ 2359.198585][  T325] page dumped because: kasan: bad access detected
[ 2359.204844][  T325] page_owner tracks the page as allocated
[ 2359.210388][  T325] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 24866, tgid 24865 (syz.7.6172), ts 2195261323164, free_ts 2195259978397
[ 2359.233320][  T325]  post_alloc_hook+0x213/0x220
[ 2359.237902][  T325]  prep_new_page+0x1b/0x110
[ 2359.242256][  T325]  get_page_from_freelist+0x2f41/0x2fc0
[ 2359.247622][  T325]  __alloc_pages+0x234/0x610
[ 2359.252050][  T325]  alloc_slab_page+0x6c/0xf0
[ 2359.256474][  T325]  new_slab+0x90/0x3e0
[ 2359.260380][  T325]  ___slab_alloc+0x6f9/0xb80
[ 2359.264807][  T325]  __slab_alloc+0x5d/0xa0
[ 2359.268981][  T325]  __kmem_cache_alloc_node+0x207/0x2a0
[ 2359.274275][  T325]  __kmalloc+0xa3/0x1e0
[ 2359.278262][  T325]  mb_cache_create+0x171/0x620
[ 2359.282861][  T325]  ext4_xattr_create_cache+0x13/0x20
[ 2359.287983][  T325]  ext4_fill_super+0x61c9/0x8460
[ 2359.292840][  T325]  get_tree_bdev+0x440/0x680
[ 2359.297268][  T325]  ext4_get_tree+0x1c/0x20
[ 2359.301522][  T325]  vfs_get_tree+0x88/0x290
[ 2359.305776][  T325] page last free stack trace:
[ 2359.310290][  T325]  free_unref_page_prepare+0x83d/0x850
[ 2359.315582][  T325]  free_unref_page+0xb2/0x5c0
[ 2359.320095][  T325]  free_compound_page+0x9d/0xd0
[ 2359.324790][  T325]  destroy_large_folio+0x56/0x90
[ 2359.329555][  T325]  __folio_put+0xcf/0xe0
[ 2359.333634][  T325]  skb_release_data+0x3c1/0x840
[ 2359.338321][  T325]  __kfree_skb+0x50/0x70
[ 2359.342401][  T325]  tcp_rtx_queue_unlink_and_free+0x3d5/0x610
[ 2359.348215][  T325]  tcp_ack+0x2437/0x6a30
[ 2359.352293][  T325]  tcp_rcv_established+0xe31/0x1c60
[ 2359.357327][  T325]  tcp_v4_do_rcv+0x430/0xa20
[ 2359.361754][  T325]  tcp_v4_rcv+0x20d7/0x2a30
[ 2359.366093][  T325]  ip_protocol_deliver_rcu+0x32f/0x720
[ 2359.371389][  T325]  ip_local_deliver_finish+0x246/0x400
[ 2359.376682][  T325]  ip_local_deliver+0x1b3/0x3b0
[ 2359.381370][  T325]  ip_sublist_rcv+0x7e5/0x990
[ 2359.385910][  T325] 
[ 2359.388054][  T325] Memory state around the buggy address:
[ 2359.393529][  T325]  ffff8881126f8880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2359.401422][  T325]  ffff8881126f8900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2359.409318][  T325] >ffff8881126f8980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2359.417216][  T325]                                                                 ^
[ 2359.425030][  T325]  ffff8881126f8a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2359.432927][  T325]  ffff8881126f8a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2359.440824][  T325] ==================================================================
[ 2359.448728][  T325] Disabling lock debugging due to kernel taint
[ 2359.473001][T26904] EXT4-fs (loop0): unmounting filesystem.
[ 2359.661924][T24327] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2359.672650][T24327] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2359.682459][T24327] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 2359.691479][T24327] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2359.711092][T24327] usb 5-1: config 0 descriptor??
[ 2360.040908][    C0] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[ 2360.052450][    C0] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[ 2360.060714][    C0] CPU: 0 PID: 27072 Comm: syz.6.6770 Tainted: G    B              6.1.118-syzkaller-00073-ge50cf165f4e7 #0
[ 2360.071891][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 2360.081789][    C0] RIP: 0010:__queue_work+0x4f1/0xd70
[ 2360.086906][    C0] Code: 39 03 0f 84 40 01 00 00 e8 fc 6b 2a 00 4c 89 e7 e8 e4 d3 d6 03 49 bd 00 00 00 00 00 fc ff df 4c 8b 65 d0 4c 89 f0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 f7 e8 30 df 71 00 49 8b 3e e8 98 cc d6
[ 2360.106348][    C0] RSP: 0018:ffffc90000007c78 EFLAGS: 00010046
[ 2360.112246][    C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff888130f35100
[ 2360.120066][    C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[ 2360.127875][    C0] RBP: ffffc90000007d00 R08: ffffffff814b186b R09: 0000000000000007
[ 2360.135683][    C0] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff8881126f89c8
[ 2360.143492][    C0] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff8881126f89e0
[ 2360.151310][    C0] FS:  00007fb72402c6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 2360.160073][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2360.166494][    C0] CR2: 0000000020fa0030 CR3: 00000001256ba000 CR4: 00000000003506b0
[ 2360.174307][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2360.182133][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2360.189948][    C0] Call Trace:
[ 2360.193056][    C0]  <IRQ>
[ 2360.195745][    C0]  ? __die_body+0x62/0xb0
[ 2360.199913][    C0]  ? die_addr+0x9f/0xd0
[ 2360.203902][    C0]  ? exc_general_protection+0x317/0x4c0
[ 2360.209287][    C0]  ? asm_exc_general_protection+0x27/0x30
[ 2360.214839][    C0]  ? __queue_work+0x28b/0xd70
[ 2360.219356][    C0]  ? __queue_work+0x4f1/0xd70
[ 2360.223865][    C0]  ? __queue_work+0x29c/0xd70
[ 2360.228382][    C0]  delayed_work_timer_fn+0x61/0x80
[ 2360.233330][    C0]  ? queue_work_node+0x1d0/0x1d0
[ 2360.238206][    C0]  call_timer_fn+0x3b/0x2d0
[ 2360.242542][    C0]  ? queue_work_node+0x1d0/0x1d0
[ 2360.247314][    C0]  __run_timers+0x756/0xa10
[ 2360.251676][    C0]  ? calc_index+0x270/0x270
[ 2360.255992][    C0]  ? sched_clock+0x9/0x10
[ 2360.260160][    C0]  ? sched_clock_cpu+0x71/0x2b0
[ 2360.264844][    C0]  run_timer_softirq+0x69/0xf0
[ 2360.269450][    C0]  handle_softirqs+0x1db/0x650
[ 2360.274050][    C0]  __irq_exit_rcu+0x52/0xf0
[ 2360.278404][    C0]  irq_exit_rcu+0x9/0x10
[ 2360.282469][    C0]  sysvec_apic_timer_interrupt+0xa9/0xc0
[ 2360.287939][    C0]  </IRQ>
[ 2360.290725][    C0]  <TASK>
[ 2360.293486][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 2360.299307][    C0] RIP: 0010:__sanitizer_cov_trace_const_cmp8+0x7c/0x80
[ 2360.305989][    C0] Code: c1 e1 05 48 8d 41 28 4c 39 c8 77 1e 49 ff c2 4c 89 12 48 c7 44 11 08 07 00 00 00 48 89 7c 11 10 48 89 74 11 18 4c 89 44 11 20 <5d> c3 66 90 55 48 89 e5 41 57 41 56 41 54 53 48 8b 46 08 48 83 c0
[ 2360.325427][    C0] RSP: 0018:ffffc900011df590 EFLAGS: 00000297
[ 2360.331328][    C0] RAX: 0000000000000002 RBX: 0000000007b4f225 RCX: ffff888130f35100
[ 2360.339139][    C0] RDX: ffffc9000bef2000 RSI: 0000000000000001 RDI: 0000000000000000
[ 2360.346950][    C0] RBP: ffffc900011df590 R08: ffffffff81b169b8 R09: ffffc900011df730
[ 2360.354759][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff9200023bee8
[ 2360.362573][    C0] R13: ffffc900011df758 R14: 1ffff9200023beeb R15: ffffc900011df700
[ 2360.370387][    C0]  ? handle_mm_fault+0x1418/0x30e0
[ 2360.375332][    C0]  handle_mm_fault+0x1418/0x30e0
[ 2360.380109][    C0]  ? numa_migrate_prep+0xe0/0xe0
[ 2360.384894][    C0]  ? down_read_trylock+0x319/0x7d0
[ 2360.389829][    C0]  ? lock_mm_and_find_vma+0x9c/0x310
[ 2360.394951][    C0]  exc_page_fault+0x24d/0x6d0
[ 2360.399463][    C0]  asm_exc_page_fault+0x27/0x30
[ 2360.404147][    C0] RIP: 0010:__put_user_nocheck_4+0x3/0x11
[ 2360.409712][    C0] Code: 00 00 48 39 d9 73 54 0f 01 cb 66 89 01 31 c9 0f 01 ca c3 0f 1f 44 00 00 48 bb fd ef ff ff ff 7f 00 00 48 39 d9 73 34 0f 01 cb <89> 01 31 c9 0f 01 ca c3 66 0f 1f 44 00 00 48 bb f9 ef ff ff ff 7f
[ 2360.429143][    C0] RSP: 0018:ffffc900011df918 EFLAGS: 00050202
[ 2360.435046][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000020fa0030
[ 2360.442855][    C0] RDX: ffff888130f35100 RSI: 0000000000000002 RDI: 00000000ffffffff
[ 2360.450667][    C0] RBP: ffffc900011dfa90 R08: ffffffff84028b5d R09: fffff5200023bed5
[ 2360.458477][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000002
[ 2360.466291][    C0] R13: 0000000020fa0000 R14: 0000000000000000 R15: ffffffff8474d930
[ 2360.474102][    C0]  ? unix_dgram_sendmsg+0x2050/0x2050
[ 2360.479310][    C0]  ? ____sys_recvmsg+0x34d/0x530
[ 2360.484083][    C0]  ? ____sys_recvmsg+0x363/0x530
[ 2360.488856][    C0]  ? __sys_recvmsg_sock+0x50/0x50
[ 2360.493723][    C0]  ? ____sys_recvmsg+0x423/0x530
[ 2360.498491][    C0]  do_recvmmsg+0x46d/0xab0
[ 2360.502745][    C0]  ? __sys_recvmmsg+0x270/0x270
[ 2360.507432][    C0]  ? memcg_rstat_updated+0x4f/0x110
[ 2360.512462][    C0]  ? __count_memcg_events+0x91/0xe0
[ 2360.517496][    C0]  ? handle_mm_fault+0x2b2d/0x30e0
[ 2360.522451][    C0]  ? numa_migrate_prep+0xe0/0xe0
[ 2360.527221][    C0]  ? __fget_files+0x2cb/0x330
[ 2360.531733][    C0]  __x64_sys_recvmmsg+0x195/0x240
[ 2360.536593][    C0]  ? debug_smp_processor_id+0x17/0x20
[ 2360.541798][    C0]  ? do_recvmmsg+0xab0/0xab0
[ 2360.546227][    C0]  ? irqentry_exit_to_user_mode+0xe/0x10
[ 2360.551698][    C0]  ? irqentry_exit+0x12/0x40
[ 2360.556119][    C0]  x64_sys_call+0x7e5/0x9a0
[ 2360.560461][    C0]  do_syscall_64+0x3b/0xb0
[ 2360.564723][    C0]  ? clear_bhb_loop+0x55/0xb0
[ 2360.569226][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2360.574956][    C0] RIP: 0033:0x7fb723185d29
[ 2360.579206][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2360.598742][    C0] RSP: 002b:00007fb72402c038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 2360.607005][    C0] RAX: ffffffffffffffda RBX: 00007fb723376080 RCX: 00007fb723185d29
[ 2360.614790][    C0] RDX: 03fffffffffffcb5 RSI: 00000000200000c0 RDI: 0000000000000003
[ 2360.622608][    C0] RBP: 00007fb723201a20 R08: 0000000000000000 R09: 0000000000000000
[ 2360.630415][    C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[ 2360.638225][    C0] R13: 0000000000000001 R14: 00007fb723376080 R15: 00007ffee348dce8
[ 2360.646129][    C0]  </TASK>
[ 2360.648988][    C0] Modules linked in:
[ 2360.652728][    C0] ---[ end trace 0000000000000000 ]---
[ 2360.658013][    C0] RIP: 0010:__queue_work+0x4f1/0xd70
[ 2360.663135][    C0] Code: 39 03 0f 84 40 01 00 00 e8 fc 6b 2a 00 4c 89 e7 e8 e4 d3 d6 03 49 bd 00 00 00 00 00 fc ff df 4c 8b 65 d0 4c 89 f0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 f7 e8 30 df 71 00 49 8b 3e e8 98 cc d6
[ 2360.682575][    C0] RSP: 0018:ffffc90000007c78 EFLAGS: 00010046
[ 2360.688478][    C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff888130f35100
[ 2360.696293][    C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[ 2360.704103][    C0] RBP: ffffc90000007d00 R08: ffffffff814b186b R09: 0000000000000007
[ 2360.711913][    C0] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff8881126f89c8
[ 2360.719723][    C0] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff8881126f89e0
[ 2360.727538][    C0] FS:  00007fb72402c6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 2360.736319][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2360.742730][    C0] CR2: 0000000020fa0030 CR3: 00000001256ba000 CR4: 00000000003506b0
[ 2360.750556][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2360.758351][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2360.766161][    C0] Kernel panic - not syncing: Fatal exception in interrupt
[ 2360.773568][    C0] Kernel Offset: disabled
[ 2360.777697][    C0] Rebooting in 86400 seconds..