last executing test programs:

7.562063234s ago: executing program 1 (id=1786):
io_setup(0x403, &(0x7f00000004c0)=<r0=>0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r2}, 0x10)
io_pgetevents(r0, 0x4, 0x4, &(0x7f0000000240)=[{}, {}, {}, {}], &(0x7f0000000080)={0x0, 0x989680}, 0x0)

7.423435755s ago: executing program 1 (id=1788):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000300)={0x28, 0x0, 0x0, @local}, 0x10)
syz_emit_ethernet(0xfdef, 0x0, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x190385, 0x9)
ppoll(&(0x7f0000000500)=[{r2}], 0x1, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[], &(0x7f0000000100)=""/223, 0x3e, 0xdf, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000001400090500000800fddbdf25020852fe", @ANYRES32=r5, @ANYBLOB="08000200ffffffff08000100000000001400060004000000dd00"], 0x3c}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

6.882558902s ago: executing program 2 (id=1791):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000300)={0x28, 0x0, 0x0, @local}, 0x10)
syz_emit_ethernet(0xfdef, 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x190385, 0x9)
ppoll(&(0x7f0000000500)=[{r1}], 0x1, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[], &(0x7f0000000100)=""/223, 0x3e, 0xdf, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000001400090500000800fddbdf25020852fe", @ANYRES32=r4, @ANYBLOB="08000200ffffffff08000100000000001400060004000000dd00"], 0x3c}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x9}, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

6.232287771s ago: executing program 4 (id=1793):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180800000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x9, &(0x7f0000000a40)=ANY=[@ANYBLOB="180000000000000000000000fcffffff851000000500000018110000837e21a46f5292accc62a53acf61c7a3d1c07f3086ad2390471605431aed05117614d56b86cebb59ae77d3e0e3977067ff15ec5f08cca46407d32f7448904c6c182115447b0ab8cbb42919f4d4c80072387ba9f352b280a078e900014e4ac243cda7e87666381fbc24478e397dee7dc28145dcb68e8d1df1c4d21596bafc72484f9b932371086e0f1b20f9ef6ecf8427d339e221b2bfcc9fb436a551", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095000000000000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_genetlink_get_family_id$wireguard(&(0x7f00000001c0), 0xffffffffffffffff)
openat$incfs(0xffffffffffffffff, &(0x7f0000000000)='.log\x00', 0x200, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
select(0x40, &(0x7f00000003c0)={0x6, 0x6, 0x5, 0x1, 0x169c, 0x80000000000000, 0x6048f42e, 0x10}, &(0x7f0000000400)={0x7, 0xffffffff00000000, 0x5, 0x6, 0xffffffffffffffff, 0x9, 0xa000000000000000, 0x3}, &(0x7f00000004c0)={0x9, 0x3, 0x1ff, 0x5, 0x1000, 0x401, 0x10000000002, 0x5}, &(0x7f00000009c0))
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=ANY=[@ANYBLOB="3c020000190001000000000000000000fc020000000000000000000000000000fe8000000000000000000000000000bb000000034e2000000a0000205e000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000800000000000000000000000000000700000000000000000000000000000000000000000000000300000000000000070000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000084010500ac1414bb000000000000000000000000000000002b00000000000000ac141408000000000000000000000000000000000000560000000000fdffffff02000000fc020000000000000000000000000000000000003200000000000000fe8000000000000000000000000000bb0235000000020000000000000000000000000000ff010000000000000000000000000001000000003c00000002000000ac1414440000000000000000000000000000000001030000000000000000000000000000ff020000000000000000000000000001000004d33c00000002000000ffffffff000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000003200000002"], 0x23c}}, 0x0)

5.117232315s ago: executing program 4 (id=1794):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000001980)={0x9, {"20e3ad214fc752f91b29090930f70e0dd038e7ff7fc6e5539b324c078b089b34383b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31310d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)

5.095387805s ago: executing program 2 (id=1795):
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000404000000002e"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r0 = socket$packet(0x11, 0x3, 0x300)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0xd4, &(0x7f0000000280)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x52, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
syz_mount_image$exfat(&(0x7f0000000100), &(0x7f0000000240)='./file0\x00', 0x800000, &(0x7f0000000600)=ANY=[], 0x2, 0x14fe, &(0x7f0000002180)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==")
r3 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
lseek(r3, 0xffffffffffffffff, 0x2)
getdents(r3, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b708000000060000008af8ff00000000bfa200000000e27d543d7c7b90cba25e07000007eee8d7c365414c42e15cb1f7020000f8ffffffb703000008000000b79500"/88], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat$uinput(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r4}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000340)=@o_path={&(0x7f0000000180)='./file0\x00', 0x0, 0x0, r5}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff})
creat(&(0x7f00000000c0)='./file0\x00', 0x40)
getpeername$packet(r6, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000240)={0x78, 0xffffffffffffffda, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x6, 0x0, 0x6c3000000, 0xd, 0x200001, 0xb0, 0xfffffffd, 0x2000, 0x8, 0x0, 0x0, 0x3000000, 0x7fff}}}, 0x78)
writev(0xffffffffffffffff, &(0x7f0000002480)=[{&(0x7f0000002400)="3151549062641a31", 0x8}], 0x1)
setsockopt$MRT_DEL_VIF(0xffffffffffffffff, 0x0, 0xcb, &(0x7f0000000300)={0xfffc, 0x8, 0x2, 0x9, @vifc_lcl_addr=@loopback, @multicast2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)

4.830588069s ago: executing program 1 (id=1798):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDSKBENT(r6, 0x4b47, &(0x7f0000000400)={0x0, 0x3f, 0xf00})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB], 0x80}}, 0x0)
sendmmsg(r5, &(0x7f0000000180), 0x400008a, 0x0)
pipe2$9p(0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
unshare(0x44040000)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000380)=ANY=[@ANYRES64], 0x1)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

4.829958559s ago: executing program 4 (id=1799):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
ioctl$SIOCSIFHWADDR(r3, 0x8943, &(0x7f0000000100)={'syzkaller0\x00'})
ioctl$SIOCSIFHWADDR(r2, 0x8943, &(0x7f0000002280)={'syzkaller0\x00', @random="110000000002"})
r5 = getpid()
getrlimit(0x0, &(0x7f0000000480))
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@bloom_filter={0x1e, 0x7, 0x1000, 0x401, 0x14820, 0xffffffffffffffff, 0xa, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x6, 0x0, 0xb, @void, @value, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffefb703000008000000b704dd000030e9578c00000003000000fe7f68cbcb3c94ad9500000000000000"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_SET(r7, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x3c, 0x3e9, 0x1, 0x70bd2d, 0x25dfdbfd, {0x14, 0x0, 0x1, r5, 0x0, 0x3, 0x5, 0x2, 0x0, 0x4, 0x9}, ["", "", "", "", "", "", "", "", ""]}, 0x3c}, 0x1, 0x0, 0x0, 0x80c0}, 0x40)

4.169771587s ago: executing program 2 (id=1800):
unshare(0x20000400)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="050000007f000000f00e000009"], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000180)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000900)='./file1\x00', 0x3000000)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r6, 0x0)
bpf$MAP_DELETE_BATCH(0x18, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, r0, 0x500}, 0xd)

4.061576779s ago: executing program 0 (id=1802):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e0000000800000000001800038014000380100001800400030008"], 0x44}}, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x802c550a, &(0x7f00000005c0)=@urb_type_iso={0x0, {0xb, 0x1}, 0x7, 0x40, 0x0, 0x0, 0x2, 0x1, 0x1, 0xfffffbff, 0x7fff, 0x0, [{0x10001, 0x6, 0x7f}]})

4.044582999s ago: executing program 0 (id=1803):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x1e, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x2010000, &(0x7f0000000100)={[{@numtail}, {@fat=@check_strict}, {@iocharset={'iocharset', 0x3d, 'cp865'}}, {@shortname_win95}, {@fat=@codepage={'codepage', 0x3d, '949'}}, {@rodir}, {@fat=@allow_utime={'allow_utime', 0x3d, 0xffff}}, {@shortname_mixed}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp949'}}, {@numtail}, {@utf8no}]}, 0x25, 0x34c, &(0x7f0000001740)="$eJzs3T9oJGUUAPC3mU12EziTQji0Wu0EOS4RC21MOE44TKEni/8aFy7nn+wqZHEhFtlLo1gqNoJWdldoebVYiNhZ2HqCnIqN1x3c4cjuTHY3mcn9EbOn3u9XhJf3fW++byZDdhKSt6+uxua52Th/9eqVqNcrUV09tRrXKrEUM5FE5kIAAP8n19I0/kgzw8RTN5v90ULMZtHcVHYHAByF4ev/a8fGidrd3A0AMA2Fn//LPVuaffvItgUAHKHC6//D+4YP/Jq/OvqbAADgv+v5l15+Zm094myjUY/ovN9r9prx5Hh87Xy8Ee3YiJOxGDcisgeF7Glh8PHpM+unTzYGflmK5qCi14zo9HvN7ElhLRnW12I5FmMpr09H9cmgfnlY34iIC/3h+tGp9JqzsZCv/+NCbMRKLMb9hfqIM+unVxr5AZqdvfp+xG7U905isP8TsRjfzww/OReD2uxYg8zOcqNxKl3fV9+7WBvOAwAAAAAAAAAAAAAAAAAAAACAo3BiPvLuOY2lUf+btNPvvXc2n9Aojg/7+2TDeX+g3aw/UFrb687zQXKwP9D+/jy9ZjVm7uqZAwAAAAAAAAAAAAAAAAAAwL9Hd3suWu32xlZ3+93NcTDX7k9k3vr2i6/n4+CcN5NxJqrZ4fbNyXMxUZXEqDwdlafJvjl5kETkkyvRunhptOPJObXRWRTKB0GtMFTJ99Rqt4899POnZVV/jjNJjIbqpUtU8vUnhjr3Zamy/dw8qHS3V24x53KapoeV73xSrIp6RLXwhfsngm+uvP7AY93jj3cr1c3WV3nTh0ceXXzh8sef/7bZakd+adrtua3ujfRvr5VM3D+V/DpXSu6E8mB3nNnd6m63kh9+f/HBD787MDkpv3/Sycw7h6/15cHMXBYMtnk7ZzpbcvOXB69cH929d34xj3+22rq089OvexfzVlUT3yQ06gAAAAAAAAAAAAAAAAAAgKmY+F/xO/DEc0e3IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYvvH7/08Eu4XM7QTX+1Ecqm1sdQ9dfH6qpwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD3srwAAAP//JT9zjQ==")
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x11, 0x20000000000001d2, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000001000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x30, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
r7 = dup(r6)
mount$9p_fd(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000140), 0xc0028, &(0x7f0000000700)=ANY=[@ANYRES32=r1, @ANYRESHEX=r5, @ANYBLOB="00000000000000f40e3c4177e7c12a2d7fcbd9e24d799e9e6b5b9a19540a0c5df92cb600e0da6a87e654594b05721d046015760ebf716db3811277245a54e14a51ee911b4b8e8f88b9e51acbf1b9fe285bb18ca86100f590716860ed1db7", @ANYRES32, @ANYBLOB])
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00'}, 0x10)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r9}, 0x10)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000300), 0x40800, 0x0)
write$FUSE_BMAP(r7, &(0x7f0000000100)={0xfffffffffffffd70, 0xfffffffffffffffe}, 0x18)

4.043964939s ago: executing program 3 (id=1804):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x3, &(0x7f0000000980)=[{0x3, 0x0, 0x0, 0x9}, {0x5e, 0x2a, 0x5, 0xaf}, {0x6, 0x4, 0x7, 0x9}]})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f00000000c0)={[{0x0, 0x800, 0x0, 0x0, 0x0, 0xa5, 0xbd, 0x9, 0xad, 0x4, 0x0, 0x0, 0x40000000}, {0x8, 0x4005, 0x0, 0x0, 0x41, 0x0, 0x0, 0x0, 0x99, 0xff, 0x0, 0x2, 0x6}, {0x3fe, 0x2, 0x2, 0xfd, 0x0, 0x0, 0xb3, 0x0, 0x3, 0xfe, 0x80, 0xf6, 0x7}], 0x5})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x5, 0x1, 0x8e, 0xe7c9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_BATCH(0x18, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0xe30a, r4}, 0x38)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x154}, 0x1, 0x0, 0x0, 0x4}, 0x815)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3.92031805s ago: executing program 1 (id=1805):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000300)={0x28, 0x0, 0x0, @local}, 0x10)
syz_emit_ethernet(0xfdef, 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x190385, 0x9)
ppoll(&(0x7f0000000500)=[{r1}], 0x1, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[], &(0x7f0000000100)=""/223, 0x3e, 0xdf, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000001400090500000800fddbdf25020852fe", @ANYRES32=r4, @ANYBLOB="08000200ffffffff08000100000000001400060004000000dd00"], 0x3c}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x9}, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

3.794842992s ago: executing program 4 (id=1806):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, 0x0, 0x0)
io_setup(0x6, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(0x0, 0x18b, 0x0, 0x0, &(0x7f00000000c0), 0x0)
ioctl$UI_SET_SWBIT(0xffffffffffffffff, 0x4004556d, 0xe)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=@newsa={0x13c, 0x10, 0x413, 0x0, 0x25dfdbfb, {{@in6=@dev, @in6=@ipv4={'\x00', '\xff\xff', @multicast1}, 0x0, 0x0, 0x0, 0xfffc}, {@in6=@loopback, 0x0, 0x32}, @in=@dev, {0x0, 0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x4}, {0x0, 0xb, 0x0, 0x6}, {0x0, 0x401}, 0x0, 0x0, 0x2}, [@algo_aead={0x4c, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0x0, 0x60}}]}, 0x13c}}, 0x4000080)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x40, &(0x7f0000000100), 0x0, 0x4f4, &(0x7f0000000540)="$eJzs3c9vI1cdAPDvTOKNm6ZNCpUKCOiqFBa0WjvJtlHVU7mAUFUJUXEOIfFGUew4ip3ShJWa/R+QqMQBcePMAYlDpZ44IrjBrZdyQCqwAm24GY09zoaNnWTzwxb25yONZt688Xzfi3fe83534xfA2LoZEQcRcSMifhQRs/n5JN/irc6WXffo4f3Vw4f3V5Notd79R9Kuz87Fsddkns3vWYyIH3w34sfJybiNvf3NlWq1spOXy83adrmxt39no7ayXlmvbC0uLi0szb9x9/XFnu2evEBfX6795rPvbLz9w49+95VP/3TwrZ9mzZrJ64734yp1ul44ihN529++jmBDMJH358awG8KFpBHxuYh4pf38z8bEUzxZPR5rAOD/QKs1G63i8TIAMOrSdg4sSUt5LmAm0rRU6uTwXozptFpvNG/fq+9urXVyZXNRSO9tVCvzea5wLgpJVl74IDvOy4XHnye69Xcj4oWI+NnUM+1yafUiGTwA4Co8+8T8/++pzvwPAIy44lkXLA+mHQDA4Jw5/wMAI8f8DwDjx/wPAOPH/A8A48f8DwDj5pPu/D8x7JYAAAPx/XfeybbWYf7912vv7e1u1t+7s1ZpbJZqu6ul1frOdmm9Xl+vVkqr9dpZ96vW69sLr8Xu++VmpdEsN/b2l2v13a3mcvt7vZcrhYH0CgA4zQsvf/yXJCIO3nymvcWxtRzM1TDa0mE3ABgaOX8YX76FG8aXv+MDZ63l2fe/CH94gWCtDy7wIuCq3fqi/D+MK/l/GF/y/zC+5P9hfLVaSb81/9OjSwCAkSLHDwz03/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgRMy0t7lj5TQtlSKei4i5KCT3NqqV+Yh4PiL+PFWYysoLQ20xAHB56d+SfP2vW7OvzjxZeyP5z1R7HxE/+cW7P39/pdncWcjO//PofPPD/PziMNoPAJylO0935/GuRw/vr3a3Qbbns293FhfN4h7mW6dmMiaz3R+LUYiI6X8lnXIu+7wycQXxDx5ExBd69T9p50bm8pVPn4yfxX5uoPHT/4mftus6++xn8fkTd57qG/OstV5hXHycjT9v9Xr+0rjZ3hd7Ln5cbI9Ql9cd/w5PjH/d573YHmt6jX83zxvjtd9/r2/dg4gvTfaKnxzFT/rEf/Wc8T/58ldf6VfX+lXEregd/3iscrO2XW7s7d/ZqK2sV9YrW4uLSwtL82/cfX2x3M5Rl7uZ6pP+/ubt5/v2/9cR033iF8/o/9dP7XUrH4BP/1OS/fy/+bXe7/+Lp8TP5sRvnHrnx1amf9t3+e4s/lqn/w+e9v2/fc74n/51f+2clwIAA9DY299cqVYrO1d6UIhLvXzytGuSa2qzgxE/yD6PX/Y+L+Ups57X/OGXH72UVQ69p1dyMOSBCbh2jx/6YbcEAAAAAAAAAAAAAADo59p/nSgddg8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYZf8NAAD//yVrxtg=")
openat(0xffffffffffffff9c, 0x0, 0x141842, 0x4)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)

3.752448682s ago: executing program 3 (id=1807):
r0 = timerfd_create(0x0, 0x0)
timerfd_settime(r0, 0x3, &(0x7f0000000140), 0x0)
clock_adjtime(0x0, &(0x7f0000000000)={0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3b9ac9ff, 0x0, 0x0, 0x0, 0x0, 0x5a6c100, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0xffffffffffffffff})
timerfd_settime(r0, 0x3, &(0x7f0000000000)={{0x77359400}, {0x77359400}}, 0x0)
rt_sigtimedwait(0x0, 0x0, &(0x7f0000005e80), 0x0)

2.723198106s ago: executing program 2 (id=1808):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r3}, 0x18)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="a1ab0000000000000e"], 0x40}, 0x1, 0x0, 0x0, 0x40}, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000f7ffffff0000e2ff0000000000000000000000001a40d86efd3925d4591a731bb03e64db2aef00f8098e40a4abbe7193b80bf19aeee125078f6a0237944d4cc6ec9a3744ee881f0906f09c98ff3f56cfb8e17920f1730cc9f23f33578413598e034fa600ad8137092e7a7eeb744e988b61b4f411358efdc8f8fc35d1696940da7eaae9ef01c5414e045ccfc396a2a43fe55182557c7c2b8cba6278562d4b2b4fd89eff4ca4a18687bb3a8b65990a9f222d8da16028c7ea1db644952a061e1c606d2933ebaf7a629ddb533b531365405b2c7a71cc679fc78ea5578d34544a82729506e39c62339610bfadb9d8400868f2b2c7341d4e071224d138aff53506fc0162273f13383838ff69d1079e28eeafce2dc3910698fa141100d3e8370edaa7154ae762233edf78fa5eb395690ef6"], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000bb3bdcab3452"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70200000004000085000000860000009500000000"], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r9}, 0x10)
unshare(0x64000600)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r10 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r10, 0x89f1, &(0x7f00000004c0)={'ip6tnl0\x00', &(0x7f0000000740)={'syztnl1\x00', 0x0, 0x29, 0x0, 0x3, 0x0, 0x0, @local, @local, 0x10, 0x7, 0x2, 0x8}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r10, 0x89f2, &(0x7f0000000600)={'syztnl1\x00', 0x0})
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r11, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000, 0x0, 0x0, &(0x7f0000000000), &(0x7f0000000000), 0xf}, 0x65)

2.693695336s ago: executing program 3 (id=1809):
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x6, &(0x7f0000000080)=0x8)
bind$802154_raw(0xffffffffffffffff, 0x0, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_NODE_ADDR(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r3, 0x201, 0x0, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0xfffffffb}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000080}, 0x20000010)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="00012cbd7000ffdbdf250100005b0ccac1619bad47b896d1d600000000000b0000000014001462726f61"], 0x30}}, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mkdir(0x0, 0x0)
r5 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x80000000000002, &(0x7f0000000640)=0x7a, 0x4)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r5, 0x0, 0x0, 0x240007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f0000000180)=0x30a, 0x4)
sendmmsg$inet(r5, 0x0, 0x0, 0x0)
sendto$inet(r5, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x0, 0x0, 0x21)
mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
bind$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c)

2.693221356s ago: executing program 1 (id=1810):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x3, &(0x7f0000000980)=[{0x3, 0x0, 0x0, 0x9}, {0x5e, 0x2a, 0x5, 0xaf}, {0x6, 0x4, 0x7, 0x9}]})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x5, 0x1, 0x8e, 0xe7c9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_BATCH(0x18, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0xe30a, r3}, 0x38)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x154}, 0x1, 0x0, 0x0, 0x4}, 0x815)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.528567068s ago: executing program 0 (id=1811):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x5a1400, 0x20)
r3 = dup(r1)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb})
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x21081e, &(0x7f0000000400)={[{@inlinecrypt}, {@errors_remount}, {@grpquota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
mount$9p_tcp(0x0, 0x0, 0x0, 0x0, 0x0)
timer_create(0x3, 0x0, 0x0)
close_range(r2, r5, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000080), 0x76, 0x101341)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_misc(r7, &(0x7f00000001c0), 0xed)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r7, 0x0)
ioctl$USBDEVFS_IOCTL(r6, 0x80045515, &(0x7f0000000040)=@usbdevfs_driver={0x5, 0x80000000, 0x0})
chdir(&(0x7f0000000100)='./file0\x00')
mkdir(&(0x7f0000000000)='./file0\x00', 0xbe9bac6d2d0f4e0b)

1.649518189s ago: executing program 4 (id=1812):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, &(0x7f00000001c0)={0x82, 0x0, 0x20, 0x0, 0x0, 0x4b, 0x0})
write(r1, &(0x7f0000004200)='t', 0x1)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000740), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x400, &(0x7f0000000380)={[{@default_permissions}]})
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4b, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
r5 = fsopen(&(0x7f0000000000)='bpf\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r5, 0x6, 0x0, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0x3ffff)

754.457561ms ago: executing program 2 (id=1813):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e0000000800000000001800038014000380100001800400030008"], 0x44}}, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x802c550a, &(0x7f00000005c0)=@urb_type_iso={0x0, {0xb, 0x1}, 0x7, 0x40, 0x0, 0x0, 0x2, 0x1, 0x1, 0xfffffbff, 0x7fff, 0x0, [{0x10001, 0x6, 0x7f}]})

704.697681ms ago: executing program 0 (id=1814):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
syz_clone(0x40800601, 0x0, 0x0, 0x0, 0x0, 0x0)

704.099621ms ago: executing program 3 (id=1815):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYRESDEC], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="fe41e905023b35489612e50e3568b1a8902a6943b9bb583603adea5d18aa0ee3d674bb49749cf24cc2149ec2ead664d020a3a7b9b433815c9f71e07c5c2f83748eeb541ae16ed40629f5d6e6fd2c32d3bc"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = open(&(0x7f0000022ff6)='./control\x00', 0x0, 0x0)
mkdirat(r1, &(0x7f0000000100)='./control\x00', 0x1)
getdents64(r1, &(0x7f0000000400)=""/50, 0x32)
rmdir(&(0x7f0000000040)='./control\x00')
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=@gettaction={0x18, 0x32, 0x6dd711a25f4cb68b, 0x0, 0xfffffffe, {}, [@action_gd=@TCA_ACT_TAB={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x48800}, 0x20040804)
write$FUSE_INTERRUPT(r1, &(0x7f00000003c0)={0x10, 0xfffffffffffffff5}, 0x10)
mmap(&(0x7f0000003000/0x3000)=nil, 0x3000, 0x0, 0x2172, 0xffffffffffffffff, 0x0)
waitid(0x0, 0x0, &(0x7f0000002ff9), 0x0, 0x0)
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000240)='./file1\x00', 0x0, &(0x7f00000000c0)=ANY=[], 0x1, 0x1516, &(0x7f0000000f80)="$eJzs3Au4TlW3OPAx5pxLm9Cb5D7HHIs3uUySJJeERJIkSZJbQpIkSUhscktCEnJPcg/JLST3+y33kHySJAkJSeb/0df3d77Td0595+sc5zl7/J5nPXuOvd4x1lh77Ofda63n2e837QdWrlulYm1mhn8J/vVLKgCkAEAfALgGACIAKJGlRBbAIZBeY+q/dhDx53poypXuQFxJMv+0Teaftsn80zaZf9om80/bZP5pm8w/bZP5C5GWbZma81rZ0u72P/f8H+T5//868vf//5DDRUZ9sa7I9R3+iRSZf9om80/bZP5pm8w/bZP5p20y///jIoAK/8lumX/aJvMXIi270s+fZbuy25X+/RNCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIkTacC5cZAPjb+kr3JYQQQgghhBBCiD9PuOpKdyCEEEIIIYQQQoj/fggKNBiIIB1cBSmQHjLA1ZARMkFmuAYScC1kgesgK1wP2SA75ICckAtyQx6wQOCAIYa8kA+ScAPkhxuhABSEQlAYPBSBonATFIObofgvzxhuhZJwG5SC0lAGysLtUA7ugPJQASrCnVAJ7oLKUAXuhqpwD1SDe6E63Ac14H6oCQ9ALXgQasNDUAcehrrwCNSDR6E+NICG0Aga/5fyX4TO8BJ0ga6QCt2gO7wMPaAn9ILe0Adegb7wKvSD16A/DICB8DoMgjdgMLwJQ2AoDIO3YDiMgJEwCkbDGBgLb8M4eAfGw7swASbCJJgMU2AqTIP3YDrMgJnwPsyCD2A2zIG5MA/mw4ewABbCIvgIFsPHsASWwjJYDitgJayC1bAG1sI6WA8bYCNsgs2wBT6BrbANtsMO2Am7YDd8CntgL+yDz2A/fP5P5p/9d/kdEBBQoUKDBtNhOkzBFMyAGTAjZsTMmBkTmMAsmAWzYlbMhtkwB+bAXJgL82AeJCRkZMyLeTGJScyP+bEAFsBCWAg9eiyKRbEY3ozFsTiWwBJYEktiKSyNpbEslsVyWA7LY3msiBWxElbCylgZ78a78R6shtWwOiIA1MCaWBNrYS2sjbWxDtbBulgX62E9rI/1sSE2xMbYGJtgE2yKTbE5NscW2AJbYktsha2wNbbGNtgG22JbbIftsD22xw7YETvii/givoQvYVespLphd+yOPbAH9sLe2Btfwb74Kr6Kr2F/HIAD8XV8Hd/AwXgGh+BQHIbDsJwagSNxFLIag2NxLI7DcTgex+MEnIgTcTJOwak4DafhdJyBM/B9nIUf4Ac4B+fgPJyP83EBLsRFuAgX41lcgktxGS7HFbgSV+BqXIOrcR2ux3W4ETfiZtyMn+AnuA234Q7cgbtwF36Kn+Je3Iv9cT/uxwN4AA/iQTyEh/AwHsYjeASP4lE8hsfwOB7HE3gST+FJPI2n8QyexXN4Ds/jebyAz+f6qs6ugmv7g7rEKKPSqXQqRaWoDCqDyqgyqswqs0qohMqisqisKqvKprKpHCqHyqVyqTwqjyJFilWs8qq8KqmSKr/KrwqoAqqQKqS88qqoKqqKqWKquCquSqhbVUl1myqlSqtmvqwqq8qp5r68qqAqqoqqkrpLVVZVVBVVVVVV1VQ1VV1VVzVUDVVTPaBqqW7YCx9SlyZTVw3Aemog1lcNVEPVSL2Bj6kmajA2Vc1Uc/WEGopDsKVq4lupp1VrNRLbqGfVKHxOtVNjsL16QXVQHVUn9aLqrJr6Lul+fQtUk7GH6ql6qd4qE9ylLk2ssnpN9VcD1ED1upqHb6jB6k01RA1Vw9RbargaoUaqUWq0GqPGqrfVOPWOGq/eVRPURDVJTVZT1FQ1Tb2npqsZaqZ6X81SH6jZao6aq+ap+epDtUAtVIvUR2qx+lgtUUvVMrVcrVAr1Sq1Wq1Ra9U6tV5tUBvVJrVZbVGfqK1qm9qudqidapfarT5Ve9RetU99pvarz9UB9Rd1UH2hDqkv1WH1lTqivlZH1TfqmPpWHVffqRPqpDqlvlen1Q/qjDqrzqkf1Xn1k7qgflYXVVCgUSuttdGRTqev0ik6vc6gr9YZdSadWV+jE/panUVfp7Pq63U2nV3n0Dl1Lp1b59FWk3aadazz6nw6qW/Q+fWNuoAuqAvpwtrrIrqovkkX0zfr4voWXULfqkvq23QpXVqX0WX17bqcvkOX1xV0RX2nrqTv0pV1FX23rqrv0dX0vbq6vk/X0PfrmvoBXUs/qGvrh3Qd/bCuqx/R9fSjur5uoBvqRrqxfkw30Y/rprqZbq6f0C30k7qlfkq30k/r1voZ3UY/q9vq53Q7/bxur1/QHXRH3Un/rC/qoLvorjpVd9Pd9cu6h+6pe+neuo9+RffVr+p++jXdXw/QA/XrepB+Qw/Wb+oheqgept/Sw/UIPVKP0qP1GD1Wv63H6Xf0eP2unqAn6kl6sp6ip+pev1aa+Qfy3/kH+f1+OfpmvUV/orfqbXq73qF36l16t96t9+g9ep/ep/fr/fqAPqAP6oP6kD6kD+vD+og+oo/qo/qYPqaP6+P6hD6pf9Tf69P6B31Gn9Vn9Y/6vD6vL/z6MwCDRhltjIlMOnOVSTHpTQZztcloMpnM5hqTMNeaLOY6k9Vcb7KZ7CaHyWlymdwmj7GGjDNsYpPX5DNJc4PJb240BUxBU8gUNt4UMUXNTf9y/u/119g0Nk1ME9PUNDXNTXPTwrQwLU1L08q0Mq1Na9PGtDFtTVvTzrQz7U1708F0MJ1MJ9PZdDZdTBeTalJNd/Oy6WF6ml6mt+ljXjF9TV/Tz/Qz/U1/M9AMNIPMIDPYDDZDzBAzzAwzw81wM9KMNKPNaDPWjDXjzDgz3ow3E8wEM8lMMlPMFDPNTDPTzXQz08w0s8wsM9vMNnPNXDPfzDcLzAKzyCwyi81is8QsNUvNcrPcrDQrzWqz2qw1a816s95sNBvNErPFbDFbzVaz3Ww3O81Os9vsNnvMHrPP7DP7zX5zwBwwB81Bc8gcMofNYXPEHDFHzVFzzBwzx81xc8KcMKfMKXPanDZnzBlzzpwz5815c8FcMBfNxUuXfZGKVGQiE6WL0kUpUUqUIcoQZYwyRpmjzFEiSkRZoixR1uj6KFuUPcoR5YxyRbmjVLARRS7iKI7yRvmiZHRDlD+6MSoQFYwKRYUjHxWJikY3RcWim6Pi0S1RiejWqGR0W1QqKh2VicpGt0flojui8lGFqGJ0Z1QpuiuqHFWJ7o6qRvdE1aJ7o+rRfVGN6P6oZvRAVCt6MKodPRTViR6O6kaPRPWiR6P6UYOoYdQoavyn1g/hTPbHfRfb1ababra7fdn2sD1tL9vb9rGv2L72VdvPvmb72wF2oH3dDrJv2MH2TTvEDrXD7Ft2uB1hR9pRdrQdY8fat+04+44db9+1E+xEO8lOtlPsVDvNvmen2xl2pn3fzrIf2Nl2jp1r59n59kO7wC60i+xHdrH92C6xS+0yu9yusCvtKrvarrFr7Tq73m6wG+0mu9lusZ/YrXab3W532J12l91tP7V77F67z35m99vP7QH7F3vQfmEP2S/tYfuVPWK/tkftN/aY/dYet9/ZE/akPWW/t6ftD/aMPWvP2R/tefuTvWB/thdtuHRxTymkyJChdJSOUiiFMlAGykgZKTNlpgQlKAtloayUlbJRNspBOSgX5aI8lIcuYWLKS3kpSUnKT/mpABWgQlSIPHkqSkWpGBWj4lScSlAJKkklqRSVojJUhm6n2+kOuoMqUAW6k+6ku+guqkJVqCpVpWpUjapTdapBNagm1aRaVItqU22qQ3WoLtWlelSP6lN9akgNqTE1pibUhJpSU2pOzakFtaCW1JJaUStqTa2pDbWhttSW2lE7ak/tqQN1oE7UiTpTZ+pCXSiVUqk7dace1IN6US/qQ32oL/WlftSP+lN/GkgDaRANosE0mIbQUBpGb9FwGkEjaRSNpjE0lsbSOBpH42k8TaAJNIkm0RSaQtNoGk2n6TSTZtIsmkWzaTbNpbk0n+bTAlpAi2gRLabFtISW0DJaRitoBa2iVbSG1tA6WkcbaANtok20hbbQVtpK22k77aSdtJt20x7aQ/toH+2n/XSADtBBOkiH6BAdpsN0hI7QUTpKx+gYHafjdIJO0Ck6RafpNJ2hM3SOztF5+oku0M90kQKlOAUZ3NUuo8vkMrtrXIpL7zK4v14wXYpzFAMAl9vlcdZlc9ldDpfT5fo1JudcAVfQFXKFnXdFXFF302/iUq60K+PKuttdOXeHK/+buKq7x1Vz97rq7j5Xxd39d3ENd7+r6R5xtdyjrrZr4Oq4Rq6ue8TVc4+6+q6Ba+gauRbuSdfSPeVauadda/fMb+IFbqFb49a6dW692+P2unPuR3fUfePOu59cF9fV9XGvuL7uVdfPveb6uwG/iYe5t9xwN8KNdKPcaDfmN/EkN9lNcVPdNPeem+5m/Cae7z50s9wiN9vNcXPdvF/iSz0tch+5xe5jt8QtdcvccrfCrXSr3Or/3+tyt9Ftcpvdbvep2+q2ue1uh9vpdv0SXzqPfe4zt9997o64r91B94U75I65w+6rX+JL53fMfeuOu+/cCXfSnXLfu9PuB3fGnf3l/C+d+/fuZ3fRBQeMrFiz4YjT8VWcwuk5A1/NGTkTZ+ZrOMHXcha+jrPy9ZyNs3MOzsm5ODfnYcvEjpljzsv5OMk3cH6+kQtwQS7EhdlzES7KN3ExvpmL8y1cgm/lknwbl+LSXIbL8u1cju/g8lyBK/KdXCkErsxV+G6uyvdwNb6Xq/N9XIPv55r8ANfiB7k2P8R1+GGuy49wPX6U63MDbsiNuDE/xk34cW7Kzbg5P8Et+EluyU9xK36aW/Mz3Iaf5bb8HLfj57k9v8AduCN34he5M7/EXbgrp3I37s4vcw/uyb24N/fhV7gvv8r9+DXuzwN4IL/Og/gNHsxv8hAeysP4LR7OI3gkj+LRPIbH8ts8jt/h8fwuT+CJPIkn8xSeytP4PZ7OM3gmv8+z+AOezXN4Ls/j+fwhL+CFvIg/4sX8MS/hpbyMl/MKXsmreDWv4bW8jtfzBt7Im3gzb+FPeCtv4+28g3fyLt7Nn/Ie3sv7+DPez5/zAf4LH+Qv+BB/yYf5Kz7CX/NR/oaP8bd8nL/jE3yST/H3fJp/4DN8ls/xj3yef+IL/DNf5MAQY6xiHZs4itPFV8Upcfo4Q3x1nDHOFGeOr4kT8bVxlvi6OGt8fZwtzh7niHPGueLccZ7YxhS7mOM4zhvni5PxDXH++Ma4QFwwLhQXjn1cJC4a3xQXi2+Oi8e3xCXiW+OS8W1xqbh0/Mh9ZePb43LxHXH5uEJcMb4zrhTfFVeOq8R3x1Xje+Jq8b1x9fi+uHh8f1wzfiCuFT8Y144fiuvED8d140fievGjcf24QdwwbhQ3jh+Lm8SPx03jZnHz+Im4Rfxk3DJ+Km4VPx23jp/53f2pcbe4e/xy/HIcwr16bnJecn7yw+SC5MLkouRHycXJj5NLkkuTy5LLkyuSK5OrkquTa5Jrk+uS65MbkhuTm5KbkyFUuQo8euW1Nz7y6fxVPsWn9xn81T6jz+Qz+2t8wl/rs/jrfFZ/vc/ms/scPqfP5XP7PN568s6zj31en88n/Q0+v7/RF/AFfSFf2HtfxBf1jXxj39g38Y/7pr6Zb+6f8E/4J/2T/in/lH/at/bP+Db+Wd/WP+fb+ef98/4F38F39J38i76zf8l38V19qk/13X1338P38L18L9/H9/F9fV/fz/fz/X1/P9AP9IP8ID/YD/ZD/BA/zA/zw/1wP9KP9KP9aD/Wj/Xj/Dg/3o/3E/wEP8lP8lP8FD/NT/PT/XQ/08/0swrM8rP9bD/Xz/Xz/Xy/wC/wi/wiv9gv9kv8Er/ML/Mr/Aq/yq/ya/wav86v8xv8Br/Jb/Jb/Ba/1W/12/12v9Pv9Lv9br/H7/H7/D6/3+/3B/wBf9Af9If8l/6w/8of8V/7o/4bf8x/64/77/wJf9Kf8t/70/4Hf8af9ef8j/68/8lf8D/7iz74sYm3E+MS7yTGJ95NTEhMTExKTE5MSUxNTEu8l5iemJGYmXg/MSvxQWJ2Yk5ibmJeYn7iw8SCxMLEosRHicWJjxNLEksTyxLLEysSKxMh5N4ah7whX0iGG0L+cGMoEAqGQqFw8KFIKBpuCsXCzaF4uCWUCLeGkuG2UCqUDmXCo6F+aBAahkahcXgsNAmPh6ahWWgenggtwpOhZXgqtApPh9bhmdAmPBvahudCu/B8aB9eCB1Cx9ApvBg6h5dCl9A1pIZuoXt4OfQIPUOv0Dv0Ca+EvuHV0C+8FvqHAWFgeD0MCm+EweHNMCQMDcPCW2F4GBFGhlFhdBgTxob0YVx4J4wP74YJYWKYFCaHKWFqmBbeC9PDjDAzvB9mhQ/C7DAnzA3zwvzwYVgQFoZF4aOwOHwcloSlYVlYHlaElWFVWB3WhLVhXVgfNoSNYVPYHLaET8LWsC1sDzvCzrAr7A6fhj1hb9gXPgv7w+fhQPhLOBi+CIfCl+Fw+CocCV+Ho+GbcCx8G46H78KJcDKcCt+H0+GHcCacDefCj+F8+ClcCD+Hi/I/a0IIIYQQf4j+nf3d/sH30gGA+nXdHQAybct5+N/X3JDtr+ueKleLBAA83bX9Q3/bKlVKTU399bVLNET55gBA4u/r/y1eCs3hSWgFzaDYP+yvp+p4nn+nfvJWgAz/JicFLseX69/8H9R/7IlhC0rG57L8J/XnABTIdzknPVyOL9cv/h/Uz97kd/pP/8VYgKb/JicjXI4v1y8Kj8Mz0OrvXvkHBiyEEEIIIYQQIk3oqcq0/b3750v357nM5Zyr4HL8e/fnQgghhBBCCCGEuPKe69jpqcdatWrW9o8t8NfnAv9c1p+2qLVt77OXDn9lji6L//ICAeB/QRuy+OOLK/zGJIQQQgghhPjTXb7ov9KdCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQadf/xMeJXelzFEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIa60/xcAAP//WlE0Og==")
r3 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x44)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000080)=<r6=>0x0)
sched_setaffinity(r6, 0x8, &(0x7f0000000380))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000004c0)='kmem_cache_free\x00', r5}, 0x18)
sendfile(r3, r3, 0x0, 0x80000080000000d)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000000)='cachefiles_ondemand_read\x00', r0}, 0x18)
pipe2$9p(&(0x7f0000000240), 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080))
r9 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYRES64, @ANYRES32=0x0, @ANYBLOB="7fff0000000000002800128009000100766c616e000000001800028006000100340200000c0002001f0000001e00000008000500", @ANYRES32=r8], 0x50}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x803, 0x0)

703.671931ms ago: executing program 4 (id=1816):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x1e, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x2010000, &(0x7f0000000100)={[{@numtail}, {@fat=@check_strict}, {@iocharset={'iocharset', 0x3d, 'cp865'}}, {@shortname_win95}, {@fat=@codepage={'codepage', 0x3d, '949'}}, {@rodir}, {@fat=@allow_utime={'allow_utime', 0x3d, 0xffff}}, {@shortname_mixed}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp949'}}, {@numtail}, {@utf8no}]}, 0x25, 0x34c, &(0x7f0000001740)="$eJzs3T9oJGUUAPC3mU12EziTQji0Wu0EOS4RC21MOE44TKEni/8aFy7nn+wqZHEhFtlLo1gqNoJWdldoebVYiNhZ2HqCnIqN1x3c4cjuTHY3mcn9EbOn3u9XhJf3fW++byZDdhKSt6+uxua52Th/9eqVqNcrUV09tRrXKrEUM5FE5kIAAP8n19I0/kgzw8RTN5v90ULMZtHcVHYHAByF4ev/a8fGidrd3A0AMA2Fn//LPVuaffvItgUAHKHC6//D+4YP/Jq/OvqbAADgv+v5l15+Zm094myjUY/ovN9r9prx5Hh87Xy8Ee3YiJOxGDcisgeF7Glh8PHpM+unTzYGflmK5qCi14zo9HvN7ElhLRnW12I5FmMpr09H9cmgfnlY34iIC/3h+tGp9JqzsZCv/+NCbMRKLMb9hfqIM+unVxr5AZqdvfp+xG7U905isP8TsRjfzww/OReD2uxYg8zOcqNxKl3fV9+7WBvOAwAAAAAAAAAAAAAAAAAAAACAo3BiPvLuOY2lUf+btNPvvXc2n9Aojg/7+2TDeX+g3aw/UFrb687zQXKwP9D+/jy9ZjVm7uqZAwAAAAAAAAAAAAAAAAAAwL9Hd3suWu32xlZ3+93NcTDX7k9k3vr2i6/n4+CcN5NxJqrZ4fbNyXMxUZXEqDwdlafJvjl5kETkkyvRunhptOPJObXRWRTKB0GtMFTJ99Rqt4899POnZVV/jjNJjIbqpUtU8vUnhjr3Zamy/dw8qHS3V24x53KapoeV73xSrIp6RLXwhfsngm+uvP7AY93jj3cr1c3WV3nTh0ceXXzh8sef/7bZakd+adrtua3ujfRvr5VM3D+V/DpXSu6E8mB3nNnd6m63kh9+f/HBD787MDkpv3/Sycw7h6/15cHMXBYMtnk7ZzpbcvOXB69cH929d34xj3+22rq089OvexfzVlUT3yQ06gAAAAAAAAAAAAAAAAAAgKmY+F/xO/DEc0e3IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYvvH7/08Eu4XM7QTX+1Ecqm1sdQ9dfH6qpwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD3srwAAAP//JT9zjQ==")
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x11, 0x20000000000001d2, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000001000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x30, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
r7 = dup(r6)
mount$9p_fd(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000140), 0xc0028, &(0x7f0000000700)=ANY=[@ANYRES32=r1, @ANYRESHEX=r5, @ANYBLOB="00000000000000f40e3c4177e7c12a2d7fcbd9e24d799e9e6b5b9a19540a0c5df92cb600e0da6a87e654594b05721d046015760ebf716db3811277245a54e14a51ee911b4b8e8f88b9e51acbf1b9fe285bb18ca86100f590716860ed1db7", @ANYRES32, @ANYBLOB])
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00', r9}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
write$FUSE_BMAP(r7, &(0x7f0000000100)={0xfffffffffffffd70, 0xfffffffffffffffe}, 0x18)

663.741882ms ago: executing program 3 (id=1817):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x3, &(0x7f0000000980)=[{0x3, 0x0, 0x0, 0x9}, {0x5e, 0x2a, 0x5, 0xaf}, {0x6, 0x4, 0x7, 0x9}]})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f00000000c0)={[{0x0, 0x800, 0x0, 0x0, 0x0, 0xa5, 0xbd, 0x9, 0xad, 0x4, 0x0, 0x0, 0x40000000}, {0x8, 0x4005, 0x0, 0x0, 0x41, 0x0, 0x0, 0x0, 0x99, 0xff, 0x0, 0x2, 0x6}, {0x3fe, 0x2, 0x2, 0xfd, 0x0, 0x0, 0xb3, 0x0, 0x3, 0xfe, 0x80, 0xf6, 0x7}], 0x5})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x5, 0x1, 0x8e, 0xe7c9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_BATCH(0x18, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0xe30a, r4}, 0x38)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x154}, 0x1, 0x0, 0x0, 0x4}, 0x815)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

661.986082ms ago: executing program 1 (id=1818):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDSKBENT(r6, 0x4b47, &(0x7f0000000400)={0x0, 0x3f, 0xf00})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB], 0x80}}, 0x0)
sendmmsg(r5, &(0x7f0000000180), 0x400008a, 0x0)
pipe2$9p(0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
unshare(0x44040000)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000380)=ANY=[@ANYRES64], 0x1)
socket$inet6_udplite(0xa, 0x2, 0x88)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r7, 0x1, 0x3c, &(0x7f00000002c0)=0x1, 0x4)
sendmmsg$inet(r7, 0x0, 0x0, 0x2400c041)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', 0xcc04, &(0x7f00000000c0)=ANY=[], 0x1, 0x207, &(0x7f0000000500)="$eJzs3b9uUmEUAPBDS/ljHLqZmJhc46BToz5BjamJkcSkhkG3JnYqEyzA0j6Gr+B7+QCmE4v5DF5uQUoRiRe0/n5LTznfufc73HBh4ZAi9+Xep2g0KrFzGIcxqsR+7EThIgCA22SUUnxNud+vrpaxJQCgZCu8/3/b8JYAgJK9e//hzYtW6+g4yxoRlxf9dr+d/83zr163jp5mP+xPqy77/fbuVf5ZNv/ZYZzfizuT/PO8PrtK1yKiXYsnj/L8OPfybSv7ub4eH0vuHQAAAAAAAAAAAAAAAAAAAAAAtuVBZIWF830ODubzzUk+/29mPtDc/J5q3C/GA0/HA6XzTTQFAAAAAAAAAAAAAAAAAAAA/5jeYHh20umcdqdBPSJmH6kuWHNzUJkceKXF2w92Yr3y5qTNNU5amTxF5TbYXHxxVwmi+rdcnXWD7E8dsF5c5uupZlSWlKc0Dha/CoqxGDeW1yJi+cYeH6/b1yil1Pn8sNsbRFq6eHqPqG/sbgQAAAAAAAAAAAAAAAAAAP+3mW99X9PY3caOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDzeoNh8Sv/w7OTTue02xusHJxHxN345eLiXHvR2F6jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3GrfAwAA//8nTRyq")

590.010523ms ago: executing program 2 (id=1819):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
ioctl$USBDEVFS_REAPURB(r1, 0x4008550c, &(0x7f0000000700))
ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x7, 0x80, 0x0, 0x1, 0x101, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=r0, @ANYRESOCT], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
syz_mount_image$erofs(&(0x7f0000000200), &(0x7f0000000100)='./file0\x00', 0x1000801, &(0x7f00000001c0)=ANY=[@ANYRESHEX=r5, @ANYRES32=r4], 0x2, 0x243, &(0x7f0000000740)="$eJzsmL9rFEEUx78zt7d3CRqw0MLmUgSMYPZ291TSWMReEBJRy8NswukmFy5XJAEhwUYQa/EPsLO2SGVhp5W1hQqChSltFByZH5udub09PU8r3wdu7jvz5s28mX33Fg4EQfy3fPzw9f3jq4srFwCcwBxqZvxzJZ/DrfnvnlaqRr7anLl/aJnqsmEAhMgHvV/s7wN4uVQB9vWyQuTez823XHMFHHOmfwMc542+CYYgi1Xk3gkYbpvhu1vi+DTdKSPShN3ppqtrnTQJZRPJJl7rPKs68cn4jw4YVs0B5Q7Msm/v7t1rp0BPizTJRFVk+xRMmdAnA4aYHDHq/lR8SxxXrCuQz+vWwwcHsh+Y8dC6vwgckdEtMCwbvYgagiBomG4SWec/6+XrV/Rj0+yXx10U9XEm/7nwoMWpBcc0Cylkho92n0oTedq/Fs8PMWJObewFmckq30nBCSJ8NPlJZRzje/FG0csvrlM3B1UjiTbJzHM2xe/fBhscYXZKnDk6fF30+vTPk3ZiIcpMMBdom57Ii3o7nabXhnqddkZm3Z8My56Fj5OqJJSmhK4fzAPOWfXJs94Kzf7GVnN7d2+hs9FeT9aTzThuXQ4vhuGluKlqs27tcjdQ/+qqPk1b61dLaqXPfOy0+/1etAP0e9FxP9atVXGXX3S/KB+u6h/H/HchsteL+uFlL0rm7sHMh6tvqeYrzgReEhxBEARBEARBEARBEARBEMRQvlm6AYY3M+ZvyZb561cM4sXXleFnAAAA//+I3EUy")

163.117708ms ago: executing program 0 (id=1820):
unshare(0x28000600)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000ab82f5e00000000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc4}, &(0x7f0000000100)={0x0, "de442bfc7910e10ac69ac014b0fa7807b11d2c99ed1f40d47a6edb3367b5cc888e1fd5102ae2d3d05f251f8d49025ceab4152b6e6d87cd6088e97a9d06d29143"}, 0x48, 0xffffffffffffffff)
keyctl$chown(0x4, r2, 0xee01, 0xee00)
keyctl$chown(0x4, r2, 0x0, 0x0)
open(0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
r5 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_timeval(r5, 0x1, 0x42, &(0x7f0000000080), 0x10)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
sendfile(r6, r0, 0x0, 0x3)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r4, 0x201, 0x400000, 0x0, {{}, {}, {0x8, 0x11, 0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x40800}, 0x0)
close(0x3)
r7 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
connect$802154_dgram(r7, &(0x7f0000000000)={0x10, @short}, 0x2)

36.04814ms ago: executing program 0 (id=1821):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x1e, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x2010000, &(0x7f0000000100)={[{@numtail}, {@fat=@check_strict}, {@iocharset={'iocharset', 0x3d, 'cp865'}}, {@shortname_win95}, {@fat=@codepage={'codepage', 0x3d, '949'}}, {@rodir}, {@fat=@allow_utime={'allow_utime', 0x3d, 0xffff}}, {@shortname_mixed}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp949'}}, {@numtail}, {@utf8no}]}, 0x25, 0x34c, &(0x7f0000001740)="$eJzs3T9oJGUUAPC3mU12EziTQji0Wu0EOS4RC21MOE44TKEni/8aFy7nn+wqZHEhFtlLo1gqNoJWdldoebVYiNhZ2HqCnIqN1x3c4cjuTHY3mcn9EbOn3u9XhJf3fW++byZDdhKSt6+uxua52Th/9eqVqNcrUV09tRrXKrEUM5FE5kIAAP8n19I0/kgzw8RTN5v90ULMZtHcVHYHAByF4ev/a8fGidrd3A0AMA2Fn//LPVuaffvItgUAHKHC6//D+4YP/Jq/OvqbAADgv+v5l15+Zm094myjUY/ovN9r9prx5Hh87Xy8Ee3YiJOxGDcisgeF7Glh8PHpM+unTzYGflmK5qCi14zo9HvN7ElhLRnW12I5FmMpr09H9cmgfnlY34iIC/3h+tGp9JqzsZCv/+NCbMRKLMb9hfqIM+unVxr5AZqdvfp+xG7U905isP8TsRjfzww/OReD2uxYg8zOcqNxKl3fV9+7WBvOAwAAAAAAAAAAAAAAAAAAAACAo3BiPvLuOY2lUf+btNPvvXc2n9Aojg/7+2TDeX+g3aw/UFrb687zQXKwP9D+/jy9ZjVm7uqZAwAAAAAAAAAAAAAAAAAAwL9Hd3suWu32xlZ3+93NcTDX7k9k3vr2i6/n4+CcN5NxJqrZ4fbNyXMxUZXEqDwdlafJvjl5kETkkyvRunhptOPJObXRWRTKB0GtMFTJ99Rqt4899POnZVV/jjNJjIbqpUtU8vUnhjr3Zamy/dw8qHS3V24x53KapoeV73xSrIp6RLXwhfsngm+uvP7AY93jj3cr1c3WV3nTh0ceXXzh8sef/7bZakd+adrtua3ujfRvr5VM3D+V/DpXSu6E8mB3nNnd6m63kh9+f/HBD787MDkpv3/Sycw7h6/15cHMXBYMtnk7ZzpbcvOXB69cH929d34xj3+22rq089OvexfzVlUT3yQ06gAAAAAAAAAAAAAAAAAAgKmY+F/xO/DEc0e3IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYvvH7/08Eu4XM7QTX+1Ecqm1sdQ9dfH6qpwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD3srwAAAP//JT9zjQ==")
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x11, 0x20000000000001d2, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000001000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x30, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
r7 = dup(r6)
mount$9p_fd(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000140), 0xc0028, &(0x7f0000000700)=ANY=[@ANYRES32=r1, @ANYRESHEX=r5, @ANYBLOB="00000000000000f40e3c4177e7c12a2d7fcbd9e24d799e9e6b5b9a19540a0c5df92cb600e0da6a87e654594b05721d046015760ebf716db3811277245a54e14a51ee911b4b8e8f88b9e51acbf1b9fe285bb18ca86100f590716860ed1db7", @ANYRES32, @ANYBLOB])
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00'}, 0x10)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r9}, 0x10)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000300), 0x40800, 0x0)
write$FUSE_BMAP(r7, &(0x7f0000000100)={0xfffffffffffffd70, 0xfffffffffffffffe}, 0x18)

0s ago: executing program 3 (id=1822):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x5ad00ea84eb3ba9a, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r3}, 0x10)
socket$can_raw(0x1d, 0x3, 0x1)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r4, 0xffffffffffffffff, 0x0) (fail_nth: 1)

kernel console output (not intermixed with test programs):

0000000000000 R11: 0000000000000246 R12: 0000000000000001
[  452.606034][ T6126] R13: 0000000000000000 R14: 00007f18d91b5fa0 R15: 00007ffe21f11b98
[  452.606054][ T6126]  </TASK>
[  452.613230][   T10] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  452.642434][   T28] audit: type=1400 audit(1748435949.212:2688): avc:  denied  { mount } for  pid=6121 comm="syz.4.1521" name="/" dev="9p" ino=4294967298 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  452.725664][   T28] audit: type=1400 audit(1748435949.212:2689): avc:  denied  { read write } for  pid=6127 comm="syz.0.1522" name="raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  452.749530][   T28] audit: type=1400 audit(1748435949.212:2690): avc:  denied  { open } for  pid=6127 comm="syz.0.1522" path="/dev/raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  452.773201][   T28] audit: type=1400 audit(1748435949.212:2691): avc:  denied  { ioctl } for  pid=6127 comm="syz.0.1522" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  452.798714][  T305] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  452.817471][   T28] audit: type=1400 audit(1748435949.652:2692): avc:  denied  { unmount } for  pid=287 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  452.901845][   T28] audit: type=1400 audit(1748435949.732:2693): avc:  denied  { write } for  pid=6136 comm="syz.3.1527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  452.927599][ T6137] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1527'.
[  453.048292][ T6147] loop2: detected capacity change from 0 to 1024
[  453.062626][ T6147] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  453.086606][  T286] EXT4-fs (loop2): unmounting filesystem.
[  453.131303][  T305] usb 1-1: Using ep0 maxpacket: 16
[  453.139982][  T305] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  453.544293][  T305] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  453.555366][  T305] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  453.714474][  T305] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  454.324264][  T305] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  454.332815][  T305] usb 1-1: Product: syz
[  454.336991][  T305] usb 1-1: Manufacturer: syz
[  454.365935][ T1823] udevd[1823]: symlink '../../loop2' '/dev/disk/by-diskseq/1172.tmp-b7:2' failed: Read-only file system
[  454.379521][  T331] udevd[331]: symlink '../../loop3' '/dev/disk/by-diskseq/1150.tmp-b7:3' failed: Read-only file system
[  454.391068][  T305] usb 1-1: SerialNumber: syz
[  454.605819][  T331] udevd[331]: symlink '../../loop1' '/dev/disk/by-diskseq/1170.tmp-b7:1' failed: Read-only file system
[  454.646736][  T331] udevd[331]: symlink '../../loop4' '/dev/disk/by-diskseq/1162.tmp-b7:4' failed: Read-only file system
[  454.662705][ T6165] loop4: detected capacity change from 0 to 256
[  454.672181][ T6163] loop2: detected capacity change from 0 to 256
[  454.694737][  T411] udevd[411]: symlink '../../loop2' '/dev/disk/by-diskseq/1174.tmp-b7:2' failed: Read-only file system
[  454.709770][ T6162] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1532'.
[  454.743811][ T6165] FAT-fs (loop4): Directory bread(block 64) failed
[  454.757308][  T331] udevd[331]: symlink '../../loop4' '/dev/disk/by-diskseq/1173.tmp-b7:4' failed: Read-only file system
[  454.784068][ T6165] FAT-fs (loop4): Directory bread(block 65) failed
[  454.820576][ T6165] FAT-fs (loop4): Directory bread(block 66) failed
[  454.846978][  T305] usb 1-1: 0:2 : does not exist
[  454.853913][ T6165] FAT-fs (loop4): Directory bread(block 67) failed
[  454.857255][  T305] usb 1-1: USB disconnect, device number 16
[  454.878253][ T6165] FAT-fs (loop4): Directory bread(block 68) failed
[  454.885909][ T6159] loop3: detected capacity change from 0 to 40427
[  454.892473][ T6165] FAT-fs (loop4): Directory bread(block 69) failed
[  454.899338][ T6165] FAT-fs (loop4): Directory bread(block 70) failed
[  454.907588][ T6159] F2FS-fs (loop3): fault_injection options not supported
[  454.915982][ T6159] F2FS-fs (loop3): invalid crc value
[  454.921659][ T6165] FAT-fs (loop4): Directory bread(block 71) failed
[  454.928531][ T6165] FAT-fs (loop4): Directory bread(block 72) failed
[  454.935249][ T6165] FAT-fs (loop4): Directory bread(block 73) failed
[  454.943267][ T6159] F2FS-fs (loop3): Found nat_bits in checkpoint
[  454.967840][  T331] udevd[331]: symlink '../../loop3' '/dev/disk/by-diskseq/1175.tmp-b7:3' failed: Read-only file system
[  454.978297][ T1823] udevd[1823]: symlink '../../loop4' '/dev/disk/by-diskseq/1173.tmp-b7:4' failed: Read-only file system
[  455.026212][ T6159] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  455.035206][  T331] udevd[331]: symlink '../../loop3' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:3' failed: Read-only file system
[  455.090302][ T6159] syz.3.1530: attempt to access beyond end of device
[  455.090302][ T6159] loop3: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  455.516818][  T331] udevd[331]: symlink '../../loop3' '/dev/disk/by-diskseq/1175.tmp-b7:3' failed: Read-only file system
[  455.545769][ T6175] loop1: detected capacity change from 0 to 256
[  455.609784][ T6175] FAT-fs (loop1): Directory bread(block 64) failed
[  455.617248][ T6177] loop4: detected capacity change from 0 to 256
[  455.623751][ T6175] FAT-fs (loop1): Directory bread(block 65) failed
[  455.657997][ T6175] FAT-fs (loop1): Directory bread(block 66) failed
[  455.673761][ T6175] FAT-fs (loop1): Directory bread(block 67) failed
[  455.674347][ T6179] loop0: detected capacity change from 0 to 128
[  455.680500][ T6175] FAT-fs (loop1): Directory bread(block 68) failed
[  455.702457][ T6177] FAT-fs (loop4): Directory bread(block 64) failed
[  455.709091][ T6177] FAT-fs (loop4): Directory bread(block 65) failed
[  455.717651][ T6175] FAT-fs (loop1): Directory bread(block 69) failed
[  455.743222][ T6177] FAT-fs (loop4): Directory bread(block 66) failed
[  455.755374][ T6175] FAT-fs (loop1): Directory bread(block 70) failed
[  455.763707][ T6175] FAT-fs (loop1): Directory bread(block 71) failed
[  455.770320][ T6177] FAT-fs (loop4): Directory bread(block 67) failed
[  455.773104][ T6179] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1537'.
[  455.777114][ T6175] FAT-fs (loop1): Directory bread(block 72) failed
[  455.792648][ T6177] FAT-fs (loop4): Directory bread(block 68) failed
[  455.799380][ T6177] FAT-fs (loop4): Directory bread(block 69) failed
[  455.806524][ T6177] FAT-fs (loop4): Directory bread(block 70) failed
[  455.812790][ T6179] syz.0.1537: attempt to access beyond end of device
[  455.812790][ T6179] loop0: rw=2049, sector=153, nr_sectors = 3 limit=128
[  455.813202][ T6175] FAT-fs (loop1): Directory bread(block 73) failed
[  455.833310][ T6177] FAT-fs (loop4): Directory bread(block 71) failed
[  455.839911][ T6177] FAT-fs (loop4): Directory bread(block 72) failed
[  455.848011][ T6177] FAT-fs (loop4): Directory bread(block 73) failed
[  456.035116][ T6191] loop0: detected capacity change from 0 to 16
[  456.060106][ T6191] erofs: Unknown parameter '0xffffffffffffffff'
[  456.691482][ T6193] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1540'.
[  456.737917][ T6193] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1540'.
[  456.748941][ T6181] loop3: detected capacity change from 0 to 40427
[  456.757761][ T6181] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  456.772189][ T6181] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  456.780755][ T6202] loop0: detected capacity change from 0 to 256
[  456.805246][ T6202] FAT-fs (loop0): Directory bread(block 64) failed
[  456.811912][ T6202] FAT-fs (loop0): Directory bread(block 65) failed
[  456.818878][ T6202] FAT-fs (loop0): Directory bread(block 66) failed
[  456.825830][ T6202] FAT-fs (loop0): Directory bread(block 67) failed
[  456.834414][ T6202] FAT-fs (loop0): Directory bread(block 68) failed
[  456.840954][ T6202] FAT-fs (loop0): Directory bread(block 69) failed
[  456.848448][ T6202] FAT-fs (loop0): Directory bread(block 70) failed
[  456.856503][ T6202] FAT-fs (loop0): Directory bread(block 71) failed
[  456.863418][ T6202] FAT-fs (loop0): Directory bread(block 72) failed
[  456.869951][ T6202] FAT-fs (loop0): Directory bread(block 73) failed
[  456.896000][ T6181] F2FS-fs (loop3): invalid crc value
[  456.953218][ T6181] F2FS-fs (loop3): Found nat_bits in checkpoint
[  456.993524][ T6181] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  457.000712][ T6181] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  457.051275][  T527] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  457.337875][ T6180] syz.3.1534: attempt to access beyond end of device
[  457.337875][ T6180] loop3: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  457.358743][ T6213] loop2: detected capacity change from 0 to 256
[  457.385766][ T6213] FAT-fs (loop2): Directory bread(block 64) failed
[  457.392490][ T6213] FAT-fs (loop2): Directory bread(block 65) failed
[  457.394430][  T359] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  457.399404][ T6213] FAT-fs (loop2): Directory bread(block 66) failed
[  457.415078][ T6213] FAT-fs (loop2): Directory bread(block 67) failed
[  457.415622][  T359] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  457.422014][ T6213] FAT-fs (loop2): Directory bread(block 68) failed
[  457.437423][ T6213] FAT-fs (loop2): Directory bread(block 69) failed
[  457.444163][ T6213] FAT-fs (loop2): Directory bread(block 70) failed
[  457.450499][  T359] kworker/u4:5: attempt to access beyond end of device
[  457.450499][  T359] loop3: rw=1, sector=45104, nr_sectors = 8 limit=40427
[  457.450747][ T6213] FAT-fs (loop2): Directory bread(block 71) failed
[  457.471429][ T6213] FAT-fs (loop2): Directory bread(block 72) failed
[  457.478001][ T6213] FAT-fs (loop2): Directory bread(block 73) failed
[  457.596664][ T6216] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1546'.
[  457.630322][  T527] usb 5-1: Using ep0 maxpacket: 16
[  457.637584][  T527] usb 5-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  457.646719][  T527] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  458.677739][  T527] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  458.747349][ T6224] loop3: detected capacity change from 0 to 256
[  458.761738][  T527] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  458.767047][ T6224] FAT-fs (loop3): Directory bread(block 64) failed
[  458.770819][  T527] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  458.777963][ T6224] FAT-fs (loop3): Directory bread(block 65) failed
[  458.785774][  T527] usb 5-1: Product: syz
[  458.785794][  T527] usb 5-1: Manufacturer: syz
[  458.785808][  T527] usb 5-1: SerialNumber: syz
[  458.805885][ T6224] FAT-fs (loop3): Directory bread(block 66) failed
[  458.812656][ T6224] FAT-fs (loop3): Directory bread(block 67) failed
[  458.820355][ T6224] FAT-fs (loop3): Directory bread(block 68) failed
[  458.828272][ T6224] FAT-fs (loop3): Directory bread(block 69) failed
[  458.905650][   T28] kauditd_printk_skb: 6 callbacks suppressed
[  458.906036][   T28] audit: type=1400 audit(1748435955.702:2700): avc:  denied  { write } for  pid=6221 comm="syz.1.1548" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  458.945351][ T6224] FAT-fs (loop3): Directory bread(block 70) failed
[  458.953466][ T6224] FAT-fs (loop3): Directory bread(block 71) failed
[  458.960450][ T6224] FAT-fs (loop3): Directory bread(block 72) failed
[  458.968564][   T28] audit: type=1400 audit(1748435955.702:2701): avc:  denied  { nlmsg_write } for  pid=6221 comm="syz.1.1548" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  459.017028][ T6224] FAT-fs (loop3): Directory bread(block 73) failed
[  459.047893][ T6228] loop2: detected capacity change from 0 to 128
[  459.060753][ T6228] EXT4-fs (loop2): Test dummy encryption mode enabled
[  459.081126][ T2162] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  459.090885][ T6228] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  459.099985][ T6228] ext4 filesystem being mounted at /302/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  459.641116][ T1823] udevd[1823]: symlink '../../loop1' '/dev/disk/by-diskseq/1187.tmp-b7:1' failed: Read-only file system
[  459.652704][ T2162] usb 1-1: Using ep0 maxpacket: 16
[  459.662854][ T2162] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  459.708161][ T2162] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  459.718651][ T2162] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  459.733402][ T6237] loop1: detected capacity change from 0 to 128
[  459.742376][ T2162] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  459.744044][  T527] usb 5-1: 0:2 : does not exist
[  459.754862][  T411] udevd[411]: symlink '../../loop1' '/dev/disk/by-diskseq/1195.tmp-b7:1' failed: Read-only file system
[  459.760740][  T527] usb 5-1: USB disconnect, device number 19
[  459.782281][  T409] udevd[409]: symlink '../../loop3' '/dev/disk/by-diskseq/1192.tmp-b7:3' failed: Read-only file system
[  459.789153][   T28] audit: type=1400 audit(1748435956.622:2702): avc:  denied  { wake_alarm } for  pid=6238 comm="syz.3.1552" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  459.804902][ T6237] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1551'.
[  459.823412][ T2162] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  459.826282][ T1823] udevd[1823]: symlink '../../loop3' '/dev/disk/by-diskseq/1192.tmp-b7:3' failed: Read-only file system
[  459.843754][ T2162] usb 1-1: Product: syz
[  459.847997][ T2162] usb 1-1: Manufacturer: syz
[  459.855769][ T2162] usb 1-1: SerialNumber: syz
[  459.857806][ T6237] syz.1.1551: attempt to access beyond end of device
[  459.857806][ T6237] loop1: rw=2049, sector=153, nr_sectors = 3 limit=128
[  459.878062][   T28] audit: type=1400 audit(1748435956.702:2703): avc:  denied  { setopt } for  pid=6238 comm="syz.3.1552" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  459.917541][ T1823] udevd[1823]: symlink '../../loop3' '/dev/disk/by-diskseq/1196.tmp-b7:3' failed: Read-only file system
[  459.940612][  T286] EXT4-fs (loop2): unmounting filesystem.
[  459.957951][  T411] udevd[411]: symlink '../../loop2' '/dev/disk/by-diskseq/1194.tmp-b7:2' failed: Read-only file system
[  459.980456][  T409] udevd[409]: symlink '../../loop1' '/dev/disk/by-diskseq/1195.tmp-b7:1' failed: Read-only file system
[  459.997198][  T411] udevd[411]: symlink '../../loop2' '/dev/disk/by-diskseq/1194.tmp-b7:2' failed: Read-only file system
[  460.014973][  T409] udevd[409]: symlink '../../loop1' '/dev/disk/by-diskseq/1195.tmp-b7:1' failed: Read-only file system
[  460.016966][  T411] udevd[411]: symlink '../../loop2' '/dev/disk/by-diskseq/1197.tmp-b7:2' failed: Read-only file system
[  460.130506][   T28] audit: type=1400 audit(1748435956.962:2704): avc:  denied  { create } for  pid=6245 comm="syz.1.1555" anonclass=[userfaultfd] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  460.174045][   T28] audit: type=1400 audit(1748435957.002:2705): avc:  denied  { ioctl } for  pid=6245 comm="syz.1.1555" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=41838 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  461.217391][ T2162] usb 1-1: 0:2 : does not exist
[  461.243069][ T2162] usb 1-1: USB disconnect, device number 17
[  461.963609][ T6264] loop3: detected capacity change from 0 to 256
[  462.687374][   T28] audit: type=1400 audit(1748435959.522:2706): avc:  denied  { mounton } for  pid=6245 comm="syz.1.1555" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  462.796770][ T6273] loop0: detected capacity change from 0 to 256
[  463.167331][ T6273] FAT-fs (loop0): Directory bread(block 64) failed
[  463.260329][ T6273] FAT-fs (loop0): Directory bread(block 65) failed
[  463.329009][ T6273] FAT-fs (loop0): Directory bread(block 66) failed
[  463.379251][ T6273] FAT-fs (loop0): Directory bread(block 67) failed
[  463.385984][ T6273] FAT-fs (loop0): Directory bread(block 68) failed
[  463.392640][ T6273] FAT-fs (loop0): Directory bread(block 69) failed
[  463.399261][ T6273] FAT-fs (loop0): Directory bread(block 70) failed
[  463.406295][ T6273] FAT-fs (loop0): Directory bread(block 71) failed
[  463.413414][ T6273] FAT-fs (loop0): Directory bread(block 72) failed
[  463.421438][ T6273] FAT-fs (loop0): Directory bread(block 73) failed
[  463.433872][   T28] audit: type=1400 audit(1748435960.272:2707): avc:  denied  { watch } for  pid=6283 comm="syz.4.1565" path="/310/file0" dev="tmpfs" ino=1817 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  463.576077][ T6290] loop2: detected capacity change from 0 to 256
[  463.582241][ T6292] loop1: detected capacity change from 0 to 256
[  463.598743][ T6290] FAT-fs (loop2): Directory bread(block 64) failed
[  463.606522][ T6290] FAT-fs (loop2): Directory bread(block 65) failed
[  463.613197][ T6292] FAT-fs (loop1): Directory bread(block 64) failed
[  463.618531][ T6290] FAT-fs (loop2): Directory bread(block 66) failed
[  463.627394][ T6292] FAT-fs (loop1): Directory bread(block 65) failed
[  463.954806][ T6290] FAT-fs (loop2): Directory bread(block 67) failed
[  463.965537][ T6292] FAT-fs (loop1): Directory bread(block 66) failed
[  463.982073][ T6290] FAT-fs (loop2): Directory bread(block 68) failed
[  463.988671][ T6290] FAT-fs (loop2): Directory bread(block 69) failed
[  463.995353][ T6290] FAT-fs (loop2): Directory bread(block 70) failed
[  464.001940][ T6290] FAT-fs (loop2): Directory bread(block 71) failed
[  464.008558][ T6290] FAT-fs (loop2): Directory bread(block 72) failed
[  464.015096][ T6290] FAT-fs (loop2): Directory bread(block 73) failed
[  464.023071][ T6292] FAT-fs (loop1): Directory bread(block 67) failed
[  464.029647][ T6292] FAT-fs (loop1): Directory bread(block 68) failed
[  464.038314][ T6292] FAT-fs (loop1): Directory bread(block 69) failed
[  464.045575][ T6292] FAT-fs (loop1): Directory bread(block 70) failed
[  464.053415][ T6292] FAT-fs (loop1): Directory bread(block 71) failed
[  464.060114][ T6292] FAT-fs (loop1): Directory bread(block 72) failed
[  464.074953][ T6292] FAT-fs (loop1): Directory bread(block 73) failed
[  464.120623][   T28] audit: type=1400 audit(1748435960.952:2708): avc:  denied  { create } for  pid=6298 comm="syz.0.1571" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  464.140996][   T28] audit: type=1400 audit(1748435960.952:2709): avc:  denied  { bind } for  pid=6298 comm="syz.0.1571" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  464.202780][   T28] audit: type=1400 audit(1748435960.952:2710): avc:  denied  { write } for  pid=6298 comm="syz.0.1571" path="socket:[41899]" dev="sockfs" ino=41899 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  466.244792][  T331] udevd[331]: symlink '../../loop0' '/dev/disk/by-diskseq/1204.tmp-b7:0' failed: Read-only file system
[  466.911081][   T24] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  467.121061][   T24] usb 1-1: Using ep0 maxpacket: 16
[  467.128004][   T24] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  467.146028][   T24] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  467.166415][   T24] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  467.186259][   T24] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  467.203979][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  467.220355][   T24] usb 1-1: Product: syz
[  467.229053][   T24] usb 1-1: Manufacturer: syz
[  467.238601][   T24] usb 1-1: SerialNumber: syz
[  467.292913][  T331] udevd[331]: symlink '../../loop2' '/dev/disk/by-diskseq/1202.tmp-b7:2' failed: Read-only file system
[  467.336834][ T1823] udevd[1823]: symlink '../../loop1' '/dev/disk/by-diskseq/1203.tmp-b7:1' failed: Read-only file system
[  467.351618][   T28] audit: type=1400 audit(1748435964.152:2711): avc:  denied  { watch } for  pid=6296 comm="syz.3.1570" path="/298/control" dev="tmpfs" ino=1720 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  467.390059][ T1823] udevd[1823]: symlink '../../loop1' '/dev/disk/by-diskseq/1203.tmp-b7:1' failed: Read-only file system
[  467.405166][ T1823] udevd[1823]: symlink '../../loop1' '/dev/disk/by-diskseq/1206.tmp-b7:1' failed: Read-only file system
[  467.417851][  T331] udevd[331]: symlink '../../loop2' '/dev/disk/by-diskseq/1202.tmp-b7:2' failed: Read-only file system
[  467.420929][ T1823] udevd[1823]: symlink '../../loop4' '/dev/disk/by-diskseq/1184.tmp-b7:4' failed: Read-only file system
[  467.460088][  T331] udevd[331]: symlink '../../loop1' '/dev/disk/by-diskseq/1206.tmp-b7:1' failed: Read-only file system
[  467.489746][  T409] udevd[409]: symlink '../../loop2' '/dev/disk/by-diskseq/1205.tmp-b7:2' failed: Read-only file system
[  467.510077][   T28] audit: type=1400 audit(1748435964.342:2712): avc:  denied  { write } for  pid=6324 comm="syz.2.1578" name="ipv6_route" dev="proc" ino=4026532581 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  467.558884][  T331] udevd[331]: symlink '../../loop2' '/dev/disk/by-diskseq/1205.tmp-b7:2' failed: Read-only file system
[  467.614008][ T6329] loop2: detected capacity change from 0 to 2048
[  467.643610][ T6329] EXT4-fs: Ignoring removed mblk_io_submit option
[  467.650136][ T6329] EXT4-fs: dax option not supported
[  467.802670][   T24] usb 1-1: 0:2 : does not exist
[  467.813917][   T24] usb 1-1: USB disconnect, device number 18
[  468.655123][ T6341] loop4: detected capacity change from 0 to 256
[  468.670177][ T6344] loop1: detected capacity change from 0 to 16
[  468.688343][ T6341] FAT-fs (loop4): Directory bread(block 64) failed
[  468.707310][ T6344] erofs: Unknown parameter '0xffffffffffffffff'
[  468.722819][ T6341] FAT-fs (loop4): Directory bread(block 65) failed
[  468.729479][ T6341] FAT-fs (loop4): Directory bread(block 66) failed
[  468.736743][ T6341] FAT-fs (loop4): Directory bread(block 67) failed
[  468.744133][ T6341] FAT-fs (loop4): Directory bread(block 68) failed
[  468.744658][  T331] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  468.751512][ T6341] FAT-fs (loop4): Directory bread(block 69) failed
[  468.776189][ T6341] FAT-fs (loop4): Directory bread(block 70) failed
[  468.783026][ T6341] FAT-fs (loop4): Directory bread(block 71) failed
[  468.789642][ T6341] FAT-fs (loop4): Directory bread(block 72) failed
[  468.797057][   T28] audit: type=1400 audit(1748435965.642:2713): avc:  denied  { create } for  pid=6346 comm="syz.2.1584" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  468.797127][ T6341] FAT-fs (loop4): Directory bread(block 73) failed
[  468.824097][ T6349] FAULT_INJECTION: forcing a failure.
[  468.824097][ T6349] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  468.840943][ T6349] CPU: 0 PID: 6349 Comm: syz.2.1584 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  468.847539][   T28] audit: type=1400 audit(1748435965.672:2714): avc:  denied  { connect } for  pid=6346 comm="syz.2.1584" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  468.850792][ T6349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  468.850808][ T6349] Call Trace:
[  468.850815][ T6349]  <TASK>
[  468.886718][ T6349]  __dump_stack+0x21/0x24
[  468.891102][ T6349]  dump_stack_lvl+0xee/0x150
[  468.895741][ T6349]  ? __cfi_dump_stack_lvl+0x8/0x8
[  468.900812][ T6349]  ? kasan_save_stack+0x4c/0x60
[  468.905688][ T6349]  ? kasan_save_stack+0x3a/0x60
[  468.910572][ T6349]  ? __kasan_record_aux_stack+0xb6/0xc0
[  468.916168][ T6349]  ? call_rcu+0xd4/0xf90
[  468.920444][ T6349]  ? __fput+0x66a/0x8f0
[  468.924636][ T6349]  ? ____fput+0x15/0x20
[  468.928823][ T6349]  dump_stack+0x15/0x24
[  468.933013][ T6349]  should_fail_ex+0x3d4/0x520
[  468.937741][ T6349]  should_fail_alloc_page+0x61/0x90
[  468.942970][ T6349]  prepare_alloc_pages+0x148/0x5f0
[  468.948127][ T6349]  ? __alloc_pages_bulk+0x9c0/0x9c0
[  468.953358][ T6349]  __alloc_pages+0x115/0x3a0
[  468.957956][ T6349]  ? __cfi___alloc_pages+0x10/0x10
[  468.963071][ T6349]  ? __kasan_check_read+0x11/0x20
[  468.968097][ T6349]  ? call_rcu+0xb83/0xf90
[  468.972428][ T6349]  __folio_alloc+0x12/0x40
[  468.976843][ T6349]  handle_mm_fault+0x18ef/0x2640
[  468.981789][ T6349]  ? __cfi_handle_mm_fault+0x10/0x10
[  468.987076][ T6349]  ? lock_vma_under_rcu+0x3eb/0x4d0
[  468.992324][ T6349]  ? ksys_read+0x71/0x240
[  468.996658][ T6349]  ? ksys_read+0x110/0x240
[  469.001081][ T6349]  do_user_addr_fault+0x905/0x1050
[  469.006253][ T6349]  exc_page_fault+0x51/0xb0
[  469.010755][ T6349]  asm_exc_page_fault+0x27/0x30
[  469.015600][ T6349] RIP: 0033:0x7f578933bf6b
[  469.020012][ T6349] Code: c0 8b 87 c0 00 00 00 66 0f 6c c0 85 c0 0f 85 44 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 21 00 00 48 8d 7c 24 20 <0f> 29 44 24 40 49 89 e4 48 89 44 24 50 8b 43 74 48 89 9c 24 00 01
[  469.039703][ T6349] RSP: 002b:00007f578a139e10 EFLAGS: 00010246
[  469.045774][ T6349] RAX: 00007f578a13bf30 RBX: 00007f5789583620 RCX: 0000000000000000
[  469.053746][ T6349] RDX: 00007f578a13bf78 RSI: 00007f57893edbf8 RDI: 00007f578a139e30
[  469.061713][ T6349] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
[  469.069684][ T6349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  469.077652][ T6349] R13: 0000000000000000 R14: 00007f57895b6080 R15: 00007ffcf987b318
[  469.085638][ T6349]  </TASK>
[  469.089050][ T6349] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  469.232158][ T6355] loop0: detected capacity change from 0 to 256
[  469.264324][   T28] audit: type=1400 audit(1748435966.102:2715): avc:  denied  { mounton } for  pid=6353 comm="syz.0.1585" path="/321/file1" dev="tmpfs" ino=1844 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  470.706160][ T6377] loop1: detected capacity change from 0 to 256
[  470.716484][ T6377] FAT-fs (loop1): Directory bread(block 64) failed
[  470.728284][ T6377] FAT-fs (loop1): Directory bread(block 65) failed
[  470.728345][ T6377] FAT-fs (loop1): Directory bread(block 66) failed
[  470.728367][ T6377] FAT-fs (loop1): Directory bread(block 67) failed
[  470.728403][ T6377] FAT-fs (loop1): Directory bread(block 68) failed
[  470.728423][ T6377] FAT-fs (loop1): Directory bread(block 69) failed
[  470.728457][ T6377] FAT-fs (loop1): Directory bread(block 70) failed
[  470.728478][ T6377] FAT-fs (loop1): Directory bread(block 71) failed
[  470.728513][ T6377] FAT-fs (loop1): Directory bread(block 72) failed
[  470.728532][ T6377] FAT-fs (loop1): Directory bread(block 73) failed
[  471.700157][  T331] udevd[331]: symlink '../../loop1' '/dev/disk/by-diskseq/1215.tmp-b7:1' failed: Read-only file system
[  471.715285][  T331] udevd[331]: symlink '../../loop2' '/dev/disk/by-diskseq/1208.tmp-b7:2' failed: Read-only file system
[  471.720886][   T28] audit: type=1400 audit(1748435968.552:2716): avc:  denied  { getopt } for  pid=6382 comm="syz.2.1594" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  471.736315][  T331] udevd[331]: symlink '../../loop3' '/dev/disk/by-diskseq/1200.tmp-b7:3' failed: Read-only file system
[  473.053278][  T331] udevd[331]: symlink '../../loop2' '/dev/disk/by-diskseq/1208.tmp-b7:2' failed: Read-only file system
[  473.056794][  T331] udevd[331]: symlink '../../loop2' '/dev/disk/by-diskseq/1208.tmp-b7:2' failed: Read-only file system
[  473.087042][ T6390] loop3: detected capacity change from 0 to 256
[  473.126966][  T331] udevd[331]: symlink '../../loop3' '/dev/disk/by-diskseq/1216.tmp-b7:3' failed: Read-only file system
[  473.143339][  T331] udevd[331]: symlink '../../loop3' '/dev/disk/by-diskseq/1216.tmp-b7:3' failed: Read-only file system
[  473.155560][ T1823] udevd[1823]: symlink '../../loop0' '/dev/disk/by-diskseq/1214.tmp-b7:0' failed: Read-only file system
[  473.192790][ T6395] loop0: detected capacity change from 0 to 256
[  473.323416][ T1823] udevd[1823]: symlink '../../loop4' '/dev/disk/by-diskseq/1213.tmp-b7:4' failed: Read-only file system
[  473.361877][  T331] udevd[331]: symlink '../../loop0' '/dev/disk/by-diskseq/1217.tmp-b7:0' failed: Read-only file system
[  473.361874][ T6399] loop4: detected capacity change from 0 to 128
[  473.372518][ T6399] EXT4-fs (loop4): Test dummy encryption mode enabled
[  473.387817][ T6395] FAT-fs (loop0): Directory bread(block 64) failed
[  473.398622][ T6395] FAT-fs (loop0): Directory bread(block 65) failed
[  473.408497][ T6407] loop1: detected capacity change from 0 to 128
[  473.416336][ T6399] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  473.426272][ T6395] FAT-fs (loop0): Directory bread(block 66) failed
[  473.433247][ T6395] FAT-fs (loop0): Directory bread(block 67) failed
[  473.440006][ T6395] FAT-fs (loop0): Directory bread(block 68) failed
[  473.440048][ T6399] ext4 filesystem being mounted at /316/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  473.446718][ T6395] FAT-fs (loop0): Directory bread(block 69) failed
[  473.472658][ T6407] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1599'.
[  473.501153][ T6395] FAT-fs (loop0): Directory bread(block 70) failed
[  473.507860][ T6395] FAT-fs (loop0): Directory bread(block 71) failed
[  473.516151][ T6395] FAT-fs (loop0): Directory bread(block 72) failed
[  473.529761][ T6395] FAT-fs (loop0): Directory bread(block 73) failed
[  473.556169][ T6407] syz.1.1599: attempt to access beyond end of device
[  473.556169][ T6407] loop1: rw=2049, sector=153, nr_sectors = 3 limit=128
[  473.702286][ T6417] loop1: detected capacity change from 0 to 128
[  473.867187][ T6417] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  473.876485][ T6417] ext4 filesystem being mounted at /340/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  473.965521][ T6427] FAULT_INJECTION: forcing a failure.
[  473.965521][ T6427] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  473.980559][ T6427] CPU: 0 PID: 6427 Comm: syz.2.1608 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  473.990407][ T6427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  474.000483][ T6427] Call Trace:
[  474.003783][ T6427]  <TASK>
[  474.006730][ T6427]  __dump_stack+0x21/0x24
[  474.011094][ T6427]  dump_stack_lvl+0xee/0x150
[  474.015721][ T6427]  ? __cfi_dump_stack_lvl+0x8/0x8
[  474.020780][ T6427]  dump_stack+0x15/0x24
[  474.024977][ T6427]  should_fail_ex+0x3d4/0x520
[  474.029681][ T6427]  should_fail+0xb/0x10
[  474.033860][ T6427]  should_fail_usercopy+0x1a/0x20
[  474.038913][ T6427]  copyout+0x20/0xa0
[  474.042830][ T6427]  _copy_to_iter+0x3f0/0xe50
[  474.047456][ T6427]  ? __cfi__copy_to_iter+0x10/0x10
[  474.052595][ T6427]  ? check_stack_object+0x81/0x140
[  474.057744][ T6427]  ? __check_object_size+0x45a/0x600
[  474.063069][ T6427]  seq_read_iter+0xbeb/0xdd0
[  474.067717][ T6427]  seq_read+0x159/0x1f0
[  474.071913][ T6427]  ? __cfi_seq_read+0x10/0x10
[  474.076634][ T6427]  ? kstrtoull+0x137/0x1d0
[  474.081091][ T6427]  ? avc_policy_seqno+0x1b/0x70
[  474.085991][ T6427]  ? __kasan_check_read+0x11/0x20
[  474.086887][   T28] audit: type=1400 audit(1748435970.922:2717): avc:  denied  { mount } for  pid=6424 comm="syz.3.1607" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  474.091050][ T6427]  ? __cfi_seq_read+0x10/0x10
[  474.091089][ T6427]  proc_reg_read+0x1e4/0x2d0
[  474.091112][ T6427]  do_iter_read+0x4b0/0xb30
[  474.091140][ T6427]  ? _copy_from_user+0x8f/0xc0
[  474.091165][ T6427]  ? vfs_iter_read+0xa0/0xa0
[  474.091195][ T6427]  ? import_iovec+0x7c/0xb0
[  474.091221][ T6427]  do_preadv+0x1f6/0x330
[  474.091242][ T6427]  ? vfs_writev+0x590/0x590
[  474.091265][ T6427]  ? __kasan_check_write+0x14/0x20
[  474.091295][ T6427]  ? fput+0x154/0x1a0
[  474.091320][ T6427]  __x64_sys_preadv+0x9e/0xb0
[  474.091350][ T6427]  x64_sys_call+0x370/0x9a0
[  474.091375][ T6427]  do_syscall_64+0x4c/0xa0
[  474.091402][ T6427]  ? clear_bhb_loop+0x15/0x70
[  474.091421][ T6427]  ? clear_bhb_loop+0x15/0x70
[  474.182269][ T6427]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  474.188176][ T6427] RIP: 0033:0x7f578938e969
[  474.192588][ T6427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  474.212190][ T6427] RSP: 002b:00007f578a15d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  474.220623][ T6427] RAX: ffffffffffffffda RBX: 00007f57895b5fa0 RCX: 00007f578938e969
[  474.228691][ T6427] RDX: 0000000000000001 RSI: 0000200000000140 RDI: 0000000000000003
[  474.236838][ T6427] RBP: 00007f578a15d090 R08: 0000000000000005 R09: 0000000000000000
[  474.244813][ T6427] R10: 0000000000000096 R11: 0000000000000246 R12: 0000000000000001
[  474.252786][ T6427] R13: 0000000000000000 R14: 00007f57895b5fa0 R15: 00007ffcf987b318
[  474.260813][ T6427]  </TASK>
[  474.307478][   T28] audit: type=1400 audit(1748435970.922:2718): avc:  denied  { remount } for  pid=6424 comm="syz.3.1607" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  474.339602][  T287] EXT4-fs (loop4): unmounting filesystem.
[  474.385862][   T28] audit: type=1400 audit(1748435971.222:2719): avc:  denied  { getopt } for  pid=6416 comm="syz.1.1605" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  474.472512][   T28] audit: type=1400 audit(1748435971.272:2720): avc:  denied  { sqpoll } for  pid=6434 comm="syz.4.1609" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  474.538254][   T28] audit: type=1400 audit(1748435971.272:2721): avc:  denied  { create } for  pid=6434 comm="syz.4.1609" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  474.587193][ T6435] loop4: detected capacity change from 0 to 40427
[  474.651127][   T28] audit: type=1400 audit(1748435971.372:2722): avc:  denied  { unmount } for  pid=284 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  475.435330][ T6447] loop2: detected capacity change from 0 to 256
[  475.465928][    T8] kworker/dying (8) used greatest stack depth: 20352 bytes left
[  475.684153][   T28] audit: type=1400 audit(1748435972.322:2723): avc:  denied  { block_suspend } for  pid=6432 comm="syz.0.1610" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  475.706671][ T6435] F2FS-fs (loop4): Found nat_bits in checkpoint
[  475.755793][ T6452] loop3: detected capacity change from 0 to 1024
[  475.765223][ T6435] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  475.802284][ T6452] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  475.827168][  T283] EXT4-fs (loop1): unmounting filesystem.
[  475.874311][  T284] EXT4-fs (loop3): unmounting filesystem.
[  475.916513][ T6463] loop1: detected capacity change from 0 to 128
[  475.925174][ T6464] 9pnet_fd: Insufficient options for proto=fd
[  475.964359][ T6463] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1615'.
[  475.975303][ T6463] syz.1.1615: attempt to access beyond end of device
[  475.975303][ T6463] loop1: rw=2049, sector=153, nr_sectors = 3 limit=128
[  476.120560][ T6466] loop3: detected capacity change from 0 to 40427
[  476.136773][ T6466] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  476.152893][ T6466] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  476.162113][ T6466] F2FS-fs (loop3): invalid crc value
[  476.176776][ T6466] F2FS-fs (loop3): Found nat_bits in checkpoint
[  476.211130][  T220] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  476.231580][ T6466] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  476.238657][ T6466] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  476.289128][ T6468] loop1: detected capacity change from 0 to 40427
[  476.308600][ T6468] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  476.331485][ T6468] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  476.345004][ T6468] F2FS-fs (loop1): invalid crc value
[  477.533249][  T331] udevd[331]: symlink '../../loop3' '/dev/disk/by-diskseq/1235.tmp-b7:3' failed: Read-only file system
[  477.545790][  T331] udevd[331]: symlink '../../loop3' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:3' failed: Read-only file system
[  477.560237][ T6465] syz.3.1617: attempt to access beyond end of device
[  477.560237][ T6465] loop3: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  477.567265][ T6468] F2FS-fs (loop1): Found nat_bits in checkpoint
[  477.724159][  T331] udevd[331]: symlink '../../loop4' '/dev/disk/by-diskseq/1234.tmp-b7:4' failed: Read-only file system
[  477.891186][  T220] usb 3-1: Using ep0 maxpacket: 16
[  477.911337][  T220] usb 3-1: config 6 has an invalid interface number: 59 but max is 0
[  477.932263][  T359] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  477.942067][  T359] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  477.952205][ T6468] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  477.959265][ T6468] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  477.963353][  T331] udevd[331]: symlink '../../loop0' '/dev/disk/by-diskseq/1224.tmp-b7:0' failed: Read-only file system
[  477.978538][  T220] usb 3-1: config 6 has no interface number 0
[  477.985222][  T220] usb 3-1: config 6 interface 59 has no altsetting 0
[  477.998180][ T1823] udevd[1823]: symlink '../../loop1' '/dev/disk/by-diskseq/1236.tmp-b7:1' failed: Read-only file system
[  478.010971][  T220] usb 3-1: New USB device found, idVendor=0698, idProduct=6b82, bcdDevice=d3.eb
[  478.020611][ T1823] udevd[1823]: symlink '../../loop1' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:1' failed: Read-only file system
[  478.026720][  T359] kworker/u4:5: attempt to access beyond end of device
[  478.026720][  T359] loop3: rw=1, sector=45104, nr_sectors = 8 limit=40427
[  478.036309][  T220] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  478.203930][ T1823] udevd[1823]: symlink '../../loop0' '/dev/disk/by-diskseq/1224.tmp-b7:0' failed: Read-only file system
[  478.315718][  T220] usb 3-1: Product: syz
[  478.319934][  T220] usb 3-1: Manufacturer: syz
[  478.324626][  T220] usb 3-1: SerialNumber: syz
[  479.099428][ T6496] loop0: detected capacity change from 0 to 256
[  479.269116][  T220] usb 3-1: USB disconnect, device number 23
[  479.284198][  T409] udevd[409]: symlink '../../loop2' '/dev/disk/by-diskseq/1228.tmp-b7:2' failed: Read-only file system
[  479.334777][ T1823] udevd[1823]: symlink '../../loop0' '/dev/disk/by-diskseq/1237.tmp-b7:0' failed: Read-only file system
[  479.386083][ T1823] udevd[1823]: symlink '../../loop0' '/dev/disk/by-diskseq/1237.tmp-b7:0' failed: Read-only file system
[  479.481184][  T360] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  479.760062][  T360] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  479.846167][ T6506] loop0: detected capacity change from 0 to 1024
[  479.859627][   T28] audit: type=1400 audit(1748435976.672:2724): avc:  denied  { create } for  pid=6511 comm="syz.4.1629" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  479.907045][   T28] audit: type=1400 audit(1748435976.732:2725): avc:  denied  { connect } for  pid=6517 comm="syz.3.1630" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  479.927931][ T6506] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  479.953903][ T6520] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1630'.
[  480.010760][  T285] EXT4-fs (loop0): unmounting filesystem.
[  480.233125][ T6529] FAULT_INJECTION: forcing a failure.
[  480.233125][ T6529] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  480.259159][ T6529] CPU: 1 PID: 6529 Comm: syz.0.1632 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  480.269015][ T6529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  480.279076][ T6529] Call Trace:
[  480.282353][ T6529]  <TASK>
[  480.285285][ T6529]  __dump_stack+0x21/0x24
[  480.289621][ T6529]  dump_stack_lvl+0xee/0x150
[  480.294271][ T6529]  ? __cfi_dump_stack_lvl+0x8/0x8
[  480.299304][ T6529]  dump_stack+0x15/0x24
[  480.303462][ T6529]  should_fail_ex+0x3d4/0x520
[  480.308136][ T6529]  should_fail+0xb/0x10
[  480.312288][ T6529]  should_fail_usercopy+0x1a/0x20
[  480.317314][ T6529]  _copy_to_user+0x1e/0x90
[  480.321731][ T6529]  simple_read_from_buffer+0xe9/0x160
[  480.327106][ T6529]  proc_fail_nth_read+0x19a/0x210
[  480.332135][ T6529]  ? __cfi_proc_fail_nth_read+0x10/0x10
[  480.337688][ T6529]  ? security_file_permission+0x94/0xb0
[  480.343231][ T6529]  ? __cfi_proc_fail_nth_read+0x10/0x10
[  480.348779][ T6529]  vfs_read+0x26e/0x8c0
[  480.352938][ T6529]  ? __cfi_vfs_read+0x10/0x10
[  480.357703][ T6529]  ? __kasan_check_write+0x14/0x20
[  480.362818][ T6529]  ? mutex_lock+0x8d/0x1a0
[  480.367241][ T6529]  ? __cfi_mutex_lock+0x10/0x10
[  480.372102][ T6529]  ? __fdget_pos+0x2cd/0x380
[  480.376695][ T6529]  ? ksys_read+0x71/0x240
[  480.381028][ T6529]  ksys_read+0x140/0x240
[  480.385282][ T6529]  ? __cfi_ksys_read+0x10/0x10
[  480.390045][ T6529]  ? fpregs_restore_userregs+0x128/0x260
[  480.395676][ T6529]  __x64_sys_read+0x7b/0x90
[  480.400184][ T6529]  x64_sys_call+0x2f/0x9a0
[  480.404603][ T6529]  do_syscall_64+0x4c/0xa0
[  480.409025][ T6529]  ? clear_bhb_loop+0x15/0x70
[  480.413696][ T6529]  ? clear_bhb_loop+0x15/0x70
[  480.418370][ T6529]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  480.424277][ T6529] RIP: 0033:0x7ff83698d37c
[  480.428701][ T6529] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  480.448325][ T6529] RSP: 002b:00007ff8377b8030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  480.456763][ T6529] RAX: ffffffffffffffda RBX: 00007ff836bb6160 RCX: 00007ff83698d37c
[  480.464732][ T6529] RDX: 000000000000000f RSI: 00007ff8377b80a0 RDI: 0000000000000007
[  480.472704][ T6529] RBP: 00007ff8377b8090 R08: 0000000000000000 R09: 0000000000000000
[  480.480673][ T6529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  480.488644][ T6529] R13: 0000000000000000 R14: 00007ff836bb6160 R15: 00007fff685dce98
[  480.496623][ T6529]  </TASK>
[  480.831551][   T28] audit: type=1326 audit(1748436206.664:2726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6535 comm="syz.4.1634" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f18d8f8e969 code=0x0
[  481.020090][ T6539] loop0: detected capacity change from 0 to 2048
[  481.056115][ T6539] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  481.076295][ T6539] ext4 filesystem being mounted at /331/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  481.129265][   T28] audit: type=1400 audit(1748436206.964:2727): avc:  denied  { append } for  pid=6537 comm="syz.0.1635" name="file0" dev="loop0" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  481.152535][ T6539] fs-verity: sha512 using implementation "sha512-avx2"
[  481.159895][   T28] audit: type=1400 audit(1748436206.994:2728): avc:  denied  { ioctl } for  pid=6537 comm="syz.0.1635" path="/331/file0/file0/file0" dev="loop0" ino=13 ioctlcmd=0x6685 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  481.185171][   T28] audit: type=1400 audit(1748436206.994:2729): avc:  denied  { write } for  pid=6537 comm="syz.0.1635" name="file0" dev="loop0" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  481.252453][  T285] EXT4-fs (loop0): unmounting filesystem.
[  481.287214][ T6547] loop3: detected capacity change from 0 to 512
[  481.312774][ T6547] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  481.341508][ T6553] loop1: detected capacity change from 0 to 512
[  481.348219][ T6553] EXT4-fs: Ignoring removed i_version option
[  481.354382][ T6553] EXT4-fs: Ignoring removed mblk_io_submit option
[  481.365694][ T6553] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  481.395025][ T6547] EXT4-fs (loop3): orphan cleanup on readonly fs
[  481.408970][ T6553] EXT4-fs (loop1): 1 truncate cleaned up
[  481.414832][ T6553] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  481.440115][ T6547] Quota error (device loop3): do_check_range: Getting block 196613 out of range 1-5
[  481.492919][ T6547] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  481.508340][ T6560] loop0: detected capacity change from 0 to 256
[  481.523595][ T6547] EXT4-fs error (device loop3): ext4_acquire_dquot:6789: comm syz.3.1636: Failed to acquire dquot type 1
[  481.543389][ T6547] EXT4-fs (loop3): 1 truncate cleaned up
[  481.626454][ T6547] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  481.679817][ T6563] loop4: detected capacity change from 0 to 256
[  481.726911][ T6563] FAT-fs (loop4): Directory bread(block 64) failed
[  481.746919][ T6563] FAT-fs (loop4): Directory bread(block 65) failed
[  481.772066][ T6563] FAT-fs (loop4): Directory bread(block 66) failed
[  481.808051][ T6563] FAT-fs (loop4): Directory bread(block 67) failed
[  481.821231][ T6563] FAT-fs (loop4): Directory bread(block 68) failed
[  481.837404][ T6563] FAT-fs (loop4): Directory bread(block 69) failed
[  481.855573][ T6563] FAT-fs (loop4): Directory bread(block 70) failed
[  481.877315][ T6563] FAT-fs (loop4): Directory bread(block 71) failed
[  481.898460][ T6563] FAT-fs (loop4): Directory bread(block 72) failed
[  481.914453][ T6565] loop2: detected capacity change from 0 to 256
[  481.915298][ T6563] FAT-fs (loop4): Directory bread(block 73) failed
[  482.182519][  T283] EXT4-fs (loop1): unmounting filesystem.
[  482.545550][  T331] udevd[331]: symlink '../../loop4' '/dev/disk/by-diskseq/1249.tmp-b7:4' failed: Read-only file system
[  482.562529][ T1823] udevd[1823]: symlink '../../loop1' '/dev/disk/by-diskseq/1251.tmp-b7:1' failed: Read-only file system
[  482.596400][  T331] udevd[331]: symlink '../../loop4' '/dev/disk/by-diskseq/1249.tmp-b7:4' failed: Read-only file system
[  482.602887][ T6575] loop1: detected capacity change from 0 to 1024
[  482.646039][  T331] udevd[331]: symlink '../../loop1' '/dev/disk/by-diskseq/1253.tmp-b7:1' failed: Read-only file system
[  482.661359][ T6576] netlink: 'syz.4.1643': attribute type 7 has an invalid length.
[  482.679380][ T6576] netlink: 'syz.4.1643': attribute type 5 has an invalid length.
[  482.689617][ T6575] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  482.690486][  T331] udevd[331]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[  482.729101][ T6576] netlink: 17 bytes leftover after parsing attributes in process `syz.4.1643'.
[  482.735829][ T1823] udevd[1823]: symlink '../../loop0' '/dev/disk/by-diskseq/1248.tmp-b7:0' failed: Read-only file system
[  482.759084][  T283] EXT4-fs (loop1): unmounting filesystem.
[  482.766897][  T331] udevd[331]: symlink '../../loop2' '/dev/disk/by-diskseq/1250.tmp-b7:2' failed: Read-only file system
[  482.784430][  T411] udevd[411]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[  482.799677][  T331] udevd[331]: symlink '../../loop2' '/dev/disk/by-diskseq/1250.tmp-b7:2' failed: Read-only file system
[  482.806291][ T6580] loop2: detected capacity change from 0 to 2048
[  482.819173][  T411] udevd[411]: symlink '../../loop1' '/dev/disk/by-diskseq/1253.tmp-b7:1' failed: Read-only file system
[  482.831644][ T6580] EXT4-fs: Ignoring removed mblk_io_submit option
[  482.839821][ T6580] EXT4-fs: dax option not supported
[  482.841511][ T6586] loop1: detected capacity change from 0 to 128
[  482.849964][ T6587] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1646'.
[  482.974584][ T6586] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  482.989505][ T6586] ext4 filesystem being mounted at /349/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  483.023010][   T28] audit: type=1400 audit(1748436437.871:2730): avc:  denied  { write } for  pid=6585 comm="syz.1.1648" name="encrypted_dir" dev="loop1" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  483.315479][   T28] audit: type=1400 audit(1748436437.891:2731): avc:  denied  { add_name } for  pid=6585 comm="syz.1.1648" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  483.352110][  T283] EXT4-fs (loop1): unmounting filesystem.
[  483.479448][  T284] EXT4-fs (loop3): unmounting filesystem.
[  483.842173][ T6608] loop4: detected capacity change from 0 to 256
[  483.915311][ T6612] loop2: detected capacity change from 0 to 2048
[  483.936824][ T6608] FAT-fs (loop4): Directory bread(block 64) failed
[  483.956862][ T6608] FAT-fs (loop4): Directory bread(block 65) failed
[  483.964460][ T6608] FAT-fs (loop4): Directory bread(block 66) failed
[  483.964879][ T6612]  loop2: p1 < > p2 p3 < p5 p6 > p4
[  483.971320][ T6608] FAT-fs (loop4): Directory bread(block 67) failed
[  483.982987][ T6608] FAT-fs (loop4): Directory bread(block 68) failed
[  483.989611][ T6608] FAT-fs (loop4): Directory bread(block 69) failed
[  483.990647][ T6612] loop2: partition table partially beyond EOD, 
[  483.996430][ T6608] FAT-fs (loop4): Directory bread(block 70) failed
[  484.007853][ T6612] truncated
[  484.009573][ T6608] FAT-fs (loop4): Directory bread(block 71) failed
[  484.018264][ T6612] loop2: p1 start 3405774849 is beyond EOD, truncated
[  484.019139][ T6608] FAT-fs (loop4): Directory bread(block 72) failed
[  484.033207][ T6612] loop2: p2 size 5046285 extends beyond EOD, truncated
[  484.041087][ T6608] FAT-fs (loop4): Directory bread(block 73) failed
[  484.314100][ T6615] loop0: detected capacity change from 0 to 256
[  484.328547][ T6612] loop2: p5 size 5046285 extends beyond EOD, truncated
[  484.472623][ T6623] loop1: detected capacity change from 0 to 256
[  484.482340][  T331] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  484.529317][ T6623] FAT-fs (loop1): Directory bread(block 64) failed
[  484.559091][ T6623] FAT-fs (loop1): Directory bread(block 65) failed
[  484.567250][ T6623] FAT-fs (loop1): Directory bread(block 66) failed
[  484.574117][ T6623] FAT-fs (loop1): Directory bread(block 67) failed
[  484.594528][ T6623] FAT-fs (loop1): Directory bread(block 68) failed
[  484.610706][ T6623] FAT-fs (loop1): Directory bread(block 69) failed
[  484.625747][ T6623] FAT-fs (loop1): Directory bread(block 70) failed
[  484.639688][ T6623] FAT-fs (loop1): Directory bread(block 71) failed
[  484.668236][ T6623] FAT-fs (loop1): Directory bread(block 72) failed
[  484.682213][ T6623] FAT-fs (loop1): Directory bread(block 73) failed
[  485.068567][ T6632] fuse: Bad value for 'fd'
[  485.247264][ T6636] loop0: detected capacity change from 0 to 2048
[  485.254441][ T6636] EXT4-fs: Ignoring removed mblk_io_submit option
[  485.271138][ T6636] EXT4-fs: dax option not supported
[  485.441101][ T2864] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  488.980820][  T331] udevd[331]: symlink '../../loop2' '/dev/disk/by-diskseq/1265.tmp-b7:2' failed: Read-only file system
[  489.007222][ T1823] udevd[1823]: symlink '../../loop3' '/dev/disk/by-diskseq/1260.tmp-b7:3' failed: Read-only file system
[  489.049877][ T6653] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1666'.
[  489.069874][  T331] udevd[331]: symlink '../../loop3' '/dev/disk/by-diskseq/1260.tmp-b7:3' failed: Read-only file system
[  489.119984][  T331] udevd[331]: symlink '../../loop1' '/dev/disk/by-diskseq/1270.tmp-b7:1' failed: Read-only file system
[  489.160403][  T331] udevd[331]: symlink '../../loop4' '/dev/disk/by-diskseq/1267.tmp-b7:4' failed: Read-only file system
[  489.185765][ T1823] udevd[1823]: symlink '../../loop1' '/dev/disk/by-diskseq/1270.tmp-b7:1' failed: Read-only file system
[  489.239370][  T331] udevd[331]: symlink '../../loop0' '/dev/disk/by-diskseq/1269.tmp-b7:0' failed: Read-only file system
[  489.263538][  T331] udevd[331]: symlink '../../loop3' '/dev/disk/by-diskseq/1260.tmp-b7:3' failed: Read-only file system
[  489.332884][  T331] udevd[331]: symlink '../../loop2' '/dev/disk/by-diskseq/1265.tmp-b7:2' failed: Read-only file system
[  489.366350][   T28] kauditd_printk_skb: 1 callbacks suppressed
[  489.366366][   T28] audit: type=1400 audit(1748436444.211:2733): avc:  denied  { mount } for  pid=6664 comm="syz.0.1672" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  489.396967][ T6672] loop2: detected capacity change from 0 to 16
[  489.405621][   T28] audit: type=1400 audit(1748436444.241:2734): avc:  denied  { create } for  pid=6671 comm="syz.2.1675" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  489.412060][ T6672] erofs: (device loop2): mounted with root inode @ nid 36.
[  489.426527][   T28] audit: type=1400 audit(1748436444.261:2735): avc:  denied  { mounton } for  pid=6671 comm="syz.2.1675" path="/332/file0" dev="tmpfs" ino=1940 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  489.462390][ T6673] FAULT_INJECTION: forcing a failure.
[  489.462390][ T6673] name failslab, interval 1, probability 0, space 0, times 0
[  489.475396][ T6673] CPU: 1 PID: 6673 Comm: syz.3.1674 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  489.485225][ T6673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  489.495299][ T6673] Call Trace:
[  489.498587][ T6673]  <TASK>
[  489.501533][ T6673]  __dump_stack+0x21/0x24
[  489.505892][ T6673]  dump_stack_lvl+0xee/0x150
[  489.510497][ T6673]  ? __cfi_dump_stack_lvl+0x8/0x8
[  489.515535][ T6673]  ? stack_trace_save+0x98/0xe0
[  489.520401][ T6673]  dump_stack+0x15/0x24
[  489.524595][ T6673]  should_fail_ex+0x3d4/0x520
[  489.529284][ T6673]  __should_failslab+0xac/0xf0
[  489.534055][ T6673]  ? __get_vm_area_node+0x12c/0x360
[  489.539270][ T6673]  should_failslab+0x9/0x20
[  489.543787][ T6673]  __kmem_cache_alloc_node+0x3d/0x2c0
[  489.549168][ T6673]  ? __x64_sys_clone3+0x28d/0x2e0
[  489.554212][ T6673]  ? x64_sys_call+0x4ce/0x9a0
[  489.558906][ T6673]  ? do_syscall_64+0x4c/0xa0
[  489.563512][ T6673]  ? __get_vm_area_node+0x12c/0x360
[  489.568732][ T6673]  kmalloc_node_trace+0x26/0xb0
[  489.573600][ T6673]  __get_vm_area_node+0x12c/0x360
[  489.578643][ T6673]  __vmalloc_node_range+0x326/0x13d0
[  489.583949][ T6673]  ? copy_process+0x5ac/0x3470
[  489.588736][ T6673]  ? kasan_save_alloc_info+0x25/0x30
[  489.594040][ T6673]  ? __cfi___vmalloc_node_range+0x10/0x10
[  489.599777][ T6673]  ? memcpy+0x56/0x70
[  489.603772][ T6673]  dup_task_struct+0x3ae/0x770
[  489.608552][ T6673]  ? copy_process+0x5ac/0x3470
[  489.613338][ T6673]  ? __kasan_check_write+0x14/0x20
[  489.618483][ T6673]  ? recalc_sigpending+0x168/0x1c0
[  489.623613][ T6673]  copy_process+0x5ac/0x3470
[  489.628227][ T6673]  ? __cfi_kstrtouint_from_user+0x10/0x10
[  489.633968][ T6673]  ? idle_dummy+0x10/0x10
[  489.638380][ T6673]  ? copy_clone_args_from_user+0x525/0x630
[  489.638417][ T6673]  kernel_clone+0x23a/0x810
[  489.638440][ T6673]  ? __delayed_free_task+0x20/0x20
[  489.638467][ T6673]  ? __cfi_kernel_clone+0x10/0x10
[  489.638492][ T6673]  __x64_sys_clone3+0x28d/0x2e0
[  489.638516][ T6673]  ? __cfi___x64_sys_clone3+0x10/0x10
[  489.638539][ T6673]  ? mutex_unlock+0x89/0x220
[  489.638567][ T6673]  ? fput+0x154/0x1a0
[  489.638594][ T6673]  ? fpregs_assert_state_consistent+0xb1/0xe0
[  489.638616][ T6673]  x64_sys_call+0x4ce/0x9a0
[  489.638636][ T6673]  do_syscall_64+0x4c/0xa0
[  489.638658][ T6673]  ? clear_bhb_loop+0x15/0x70
[  489.638674][ T6673]  ? clear_bhb_loop+0x15/0x70
[  489.638691][ T6673]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  489.638716][ T6673] RIP: 0033:0x7f499f58e969
[  489.638731][ T6673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  489.638746][ T6673] RSP: 002b:00007f49a044ef08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  489.638765][ T6673] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f499f58e969
[  489.638778][ T6673] RDX: 00007f49a044ef20 RSI: 0000000000000058 RDI: 00007f49a044ef20
[  489.638790][ T6673] RBP: 00007f49a044f090 R08: 0000000000000000 R09: 0000000000000058
[  489.638801][ T6673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  489.638812][ T6673] R13: 0000000000000000 R14: 00007f499f7b6080 R15: 00007ffe61b0fca8
[  489.638828][ T6673]  </TASK>
[  489.650636][ T6673] syz.3.1674: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null)
[  489.660244][  T331] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  489.689318][ T6673] ,cpuset=
[  489.701263][   T28] audit: type=1400 audit(1748436444.541:2736): avc:  denied  { unlink } for  pid=286 comm="syz-executor" name="file0" dev="tmpfs" ino=1940 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  489.703539][ T6673] syz3,mems_allowed=0
[  489.840537][ T6673] CPU: 1 PID: 6673 Comm: syz.3.1674 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  489.850359][ T6673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  489.860515][ T6673] Call Trace:
[  489.863805][ T6673]  <TASK>
[  489.866734][ T6673]  __dump_stack+0x21/0x24
[  489.871072][ T6673]  dump_stack_lvl+0xee/0x150
[  489.875667][ T6673]  ? __cfi_dump_stack_lvl+0x8/0x8
[  489.880701][ T6673]  dump_stack+0x15/0x24
[  489.884859][ T6673]  warn_alloc+0x1b0/0x1d0
[  489.889204][ T6673]  ? should_failslab+0x9/0x20
[  489.893883][ T6673]  ? __cfi_warn_alloc+0x10/0x10
[  489.898751][ T6673]  ? kmalloc_node_trace+0x3d/0xb0
[  489.903776][ T6673]  ? __get_vm_area_node+0x353/0x360
[  489.908979][ T6673]  __vmalloc_node_range+0x34b/0x13d0
[  489.914446][ T6673]  ? kasan_save_alloc_info+0x25/0x30
[  489.919747][ T6673]  ? __cfi___vmalloc_node_range+0x10/0x10
[  489.925473][ T6673]  ? memcpy+0x56/0x70
[  489.929463][ T6673]  dup_task_struct+0x3ae/0x770
[  489.934232][ T6673]  ? copy_process+0x5ac/0x3470
[  489.938996][ T6673]  ? __kasan_check_write+0x14/0x20
[  489.944112][ T6673]  ? recalc_sigpending+0x168/0x1c0
[  489.949238][ T6673]  copy_process+0x5ac/0x3470
[  489.953856][ T6673]  ? __cfi_kstrtouint_from_user+0x10/0x10
[  489.959598][ T6673]  ? idle_dummy+0x10/0x10
[  489.963940][ T6673]  ? copy_clone_args_from_user+0x525/0x630
[  489.969757][ T6673]  kernel_clone+0x23a/0x810
[  489.974295][ T6673]  ? __delayed_free_task+0x20/0x20
[  489.979414][ T6673]  ? __cfi_kernel_clone+0x10/0x10
[  489.984440][ T6673]  __x64_sys_clone3+0x28d/0x2e0
[  489.989292][ T6673]  ? __cfi___x64_sys_clone3+0x10/0x10
[  489.994666][ T6673]  ? mutex_unlock+0x89/0x220
[  489.999266][ T6673]  ? fput+0x154/0x1a0
[  490.003249][ T6673]  ? fpregs_assert_state_consistent+0xb1/0xe0
[  490.009317][ T6673]  x64_sys_call+0x4ce/0x9a0
[  490.013819][ T6673]  do_syscall_64+0x4c/0xa0
[  490.018237][ T6673]  ? clear_bhb_loop+0x15/0x70
[  490.022929][ T6673]  ? clear_bhb_loop+0x15/0x70
[  490.027602][ T6673]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  490.033501][ T6673] RIP: 0033:0x7f499f58e969
[  490.037915][ T6673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  490.057524][ T6673] RSP: 002b:00007f49a044ef08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  490.065934][ T6673] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f499f58e969
[  490.073931][ T6673] RDX: 00007f49a044ef20 RSI: 0000000000000058 RDI: 00007f49a044ef20
[  490.081898][ T6673] RBP: 00007f49a044f090 R08: 0000000000000000 R09: 0000000000000058
[  490.089870][ T6673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  490.097837][ T6673] R13: 0000000000000000 R14: 00007f499f7b6080 R15: 00007ffe61b0fca8
[  490.105810][ T6673]  </TASK>
[  490.110748][  T331] udevd[331]: symlink '../../loop2' '/dev/disk/by-diskseq/1271.tmp-b7:2' failed: Read-only file system
[  490.117886][ T6673] Mem-Info:
[  490.125132][ T6673] active_anon:13719 inactive_anon:163 isolated_anon:0
[  490.125132][ T6673]  active_file:7205 inactive_file:2391 isolated_file:0
[  490.125132][ T6673]  unevictable:0 dirty:399 writeback:0
[  490.125132][ T6673]  slab_reclaimable:8765 slab_unreclaimable:77737
[  490.125132][ T6673]  mapped:36075 shmem:5882 pagetables:720
[  490.125132][ T6673]  sec_pagetables:0 bounce:0
[  490.125132][ T6673]  kernel_misc_reclaimable:0
[  490.125132][ T6673]  free:1498999 free_pcp:24751 free_cma:0
[  490.170535][ T6673] Node 0 active_anon:54924kB inactive_anon:652kB active_file:28820kB inactive_file:9572kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:144324kB dirty:1628kB writeback:0kB shmem:23612kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:5608kB pagetables:2884kB sec_pagetables:0kB all_unreclaimable? no
[  490.172482][   T28] audit: type=1400 audit(1748436445.011:2737): avc:  denied  { unmount } for  pid=285 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  490.205269][ T6673] DMA32 free:2968532kB boost:0kB min:62576kB low:78220kB high:93864kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2974276kB mlocked:0kB bounce:0kB free_pcp:5744kB local_pcp:5744kB free_cma:0kB
[  490.252950][ T6674] loop1: detected capacity change from 0 to 256
[  490.279147][ T6673] lowmem_reserve[]: 0 3932 3932 3932
[  490.285682][ T6673] Normal free:3027212kB boost:0kB min:84876kB low:106092kB high:127308kB reserved_highatomic:0KB active_anon:55024kB inactive_anon:652kB active_file:28820kB inactive_file:9572kB unevictable:0kB writepending:1628kB present:5242880kB managed:4026656kB mlocked:0kB bounce:0kB free_pcp:93952kB local_pcp:42204kB free_cma:0kB
[  490.301790][ T6683] loop2: detected capacity change from 0 to 1024
[  490.316102][ T6673] lowmem_reserve[]: 0 0 0 0
[  490.342533][ T6673] DMA32: 3*4kB (M) 1*8kB (M) 2*16kB (M) 3*32kB (M) 3*64kB (M) 3*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (UM) 2*2048kB (UM) 722*4096kB (M) = 2968532kB
[  490.364234][ T6683] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  490.367070][ T6673] Normal: 1137*4kB (UE) 211*8kB (UME) 41*16kB (UME) 147*32kB (UME) 135*64kB (UME) 102*128kB (UME) 81*256kB (UME) 35*512kB (UME) 22*1024kB (UM) 4*2048kB (UM) 714*4096kB (UM) = 3027212kB
[  490.374390][ T6683] ext4 filesystem being mounted at /334/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  490.391566][ T6673] 15779 total pagecache pages
[  490.419628][ T6690] FAULT_INJECTION: forcing a failure.
[  490.419628][ T6690] name failslab, interval 1, probability 0, space 0, times 0
[  490.432758][ T6690] CPU: 1 PID: 6690 Comm: syz.4.1680 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  490.442591][ T6690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  490.447465][ T6673] 163 pages in swap cache
[  490.452654][ T6690] Call Trace:
[  490.452663][ T6690]  <TASK>
[  490.452670][ T6690]  __dump_stack+0x21/0x24
[  490.452702][ T6690]  dump_stack_lvl+0xee/0x150
[  490.457333][ T6673] Free swap  = 123912kB
[  490.460311][ T6690]  ? __cfi_dump_stack_lvl+0x8/0x8
[  490.463447][ T6673] Total swap = 124996kB
[  490.467572][ T6690]  dump_stack+0x15/0x24
[  490.472265][ T6673] 2097051 pages RAM
[  490.476284][ T6690]  should_fail_ex+0x3d4/0x520
[  490.481385][ T6673] 0 pages HighMem/MovableOnly
[  490.485442][ T6690]  __should_failslab+0xac/0xf0
[  490.489578][ T6673] 346818 pages reserved
[  490.489587][ T6673] 0 pages cma reserved
[  490.493369][ T6690]  ? __se_sys_mount+0x153/0x380
[  490.493397][ T6690]  should_failslab+0x9/0x20
[  490.525202][ T6690]  __kmem_cache_alloc_node+0x3d/0x2c0
[  490.530589][ T6690]  ? __se_sys_mount+0x153/0x380
[  490.535445][ T6690]  kmalloc_trace+0x29/0xb0
[  490.539883][ T6690]  __se_sys_mount+0x153/0x380
[  490.544564][ T6690]  ? fput+0x154/0x1a0
[  490.548542][ T6690]  ? __x64_sys_mount+0xd0/0xd0
[  490.553307][ T6690]  ? __cfi_ksys_write+0x10/0x10
[  490.558170][ T6690]  __x64_sys_mount+0xbf/0xd0
[  490.562777][ T6690]  x64_sys_call+0x65d/0x9a0
[  490.567289][ T6690]  do_syscall_64+0x4c/0xa0
[  490.571728][ T6690]  ? clear_bhb_loop+0x15/0x70
[  490.576409][ T6690]  ? clear_bhb_loop+0x15/0x70
[  490.581089][ T6690]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  490.586994][ T6690] RIP: 0033:0x7f18d8f8e969
[  490.591404][ T6690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  490.611268][ T6690] RSP: 002b:00007f18d9ee4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  490.619681][ T6690] RAX: ffffffffffffffda RBX: 00007f18d91b5fa0 RCX: 00007f18d8f8e969
[  490.627675][ T6690] RDX: 0000200000000140 RSI: 0000200000000100 RDI: 0000000000000000
[  490.635642][ T6690] RBP: 00007f18d9ee4090 R08: 0000200000002380 R09: 0000000000000000
[  490.643611][ T6690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  490.651578][ T6690] R13: 0000000000000000 R14: 00007f18d91b5fa0 R15: 00007ffe21f11b98
[  490.659574][ T6690]  </TASK>
[  490.677705][   T28] audit: type=1400 audit(1748436445.521:2738): avc:  denied  { mounton } for  pid=6682 comm="syz.2.1678" path="/334/file1/file0" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  490.756799][  T286] EXT4-fs (loop2): unmounting filesystem.
[  490.768314][ T6697] loop3: detected capacity change from 0 to 2048
[  490.777936][ T6698] loop1: detected capacity change from 0 to 512
[  490.789221][ T6698] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  490.800918][ T6697] EXT4-fs: Ignoring removed mblk_io_submit option
[  490.821212][ T6697] EXT4-fs: dax option not supported
[  490.829130][ T6702] 9pnet_fd: Insufficient options for proto=fd
[  490.857251][ T6698] EXT4-fs (loop1): orphan cleanup on readonly fs
[  490.865214][ T6698] Quota error (device loop1): do_check_range: Getting block 196613 out of range 1-5
[  490.874735][ T6698] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  490.884425][ T6698] EXT4-fs error (device loop1): ext4_acquire_dquot:6789: comm syz.1.1681: Failed to acquire dquot type 1
[  490.892568][   T28] audit: type=1400 audit(1748436445.701:2739): avc:  denied  { create } for  pid=6704 comm="syz.0.1685" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  490.920940][ T6698] EXT4-fs (loop1): 1 truncate cleaned up
[  490.926874][ T6698] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  491.112163][ T6712] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1686'.
[  491.293435][ T6715] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1687'.
[  491.518678][  T283] EXT4-fs (loop1): unmounting filesystem.
[  492.060509][ T6726] loop3: detected capacity change from 0 to 16
[  492.067395][ T6726] erofs: Unknown parameter '0xffffffffffffffff'
[  492.354197][ T6735] loop0: detected capacity change from 0 to 256
[  492.362154][ T6738] FAULT_INJECTION: forcing a failure.
[  492.362154][ T6738] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  492.375276][ T6738] CPU: 0 PID: 6738 Comm: syz.4.1694 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  492.385096][ T6738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  492.395157][ T6738] Call Trace:
[  492.398444][ T6738]  <TASK>
[  492.401378][ T6738]  __dump_stack+0x21/0x24
[  492.405730][ T6738]  dump_stack_lvl+0xee/0x150
[  492.410332][ T6738]  ? __cfi_dump_stack_lvl+0x8/0x8
[  492.415372][ T6738]  dump_stack+0x15/0x24
[  492.419541][ T6738]  should_fail_ex+0x3d4/0x520
[  492.424231][ T6738]  should_fail+0xb/0x10
[  492.428401][ T6738]  should_fail_usercopy+0x1a/0x20
[  492.433435][ T6738]  copyout+0x20/0xa0
[  492.437337][ T6738]  _copy_to_iter+0x3f0/0xe50
[  492.441936][ T6738]  ? __cfi__copy_to_iter+0x10/0x10
[  492.447059][ T6738]  ? check_stack_object+0x81/0x140
[  492.452186][ T6738]  ? __check_object_size+0x45a/0x600
[  492.457487][ T6738]  seq_read_iter+0xbeb/0xdd0
[  492.462130][ T6738]  seq_read+0x159/0x1f0
[  492.466310][ T6738]  ? __cfi_seq_read+0x10/0x10
[  492.471003][ T6738]  ? kstrtoull+0x137/0x1d0
[  492.475441][ T6738]  ? avc_policy_seqno+0x1b/0x70
[  492.480310][ T6738]  ? __kasan_check_read+0x11/0x20
[  492.485348][ T6738]  ? __cfi_seq_read+0x10/0x10
[  492.490087][ T6738]  proc_reg_read+0x1e4/0x2d0
[  492.494687][ T6738]  do_iter_read+0x4b0/0xb30
[  492.499209][ T6738]  ? _copy_from_user+0x8f/0xc0
[  492.503984][ T6738]  ? vfs_iter_read+0xa0/0xa0
[  492.508594][ T6738]  ? import_iovec+0x7c/0xb0
[  492.513122][ T6738]  do_preadv+0x1f6/0x330
[  492.517372][ T6738]  ? vfs_writev+0x590/0x590
[  492.521887][ T6738]  ? __kasan_check_write+0x14/0x20
[  492.527010][ T6738]  ? fput+0x154/0x1a0
[  492.531006][ T6738]  __x64_sys_preadv+0x9e/0xb0
[  492.535708][ T6738]  x64_sys_call+0x370/0x9a0
[  492.540225][ T6738]  do_syscall_64+0x4c/0xa0
[  492.544657][ T6738]  ? clear_bhb_loop+0x15/0x70
[  492.549340][ T6738]  ? clear_bhb_loop+0x15/0x70
[  492.554024][ T6738]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  492.560019][ T6738] RIP: 0033:0x7f18d8f8e969
[  492.564443][ T6738] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  492.584070][ T6738] RSP: 002b:00007f18d9ea2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  492.592495][ T6738] RAX: ffffffffffffffda RBX: 00007f18d91b6160 RCX: 00007f18d8f8e969
[  492.600473][ T6738] RDX: 0000000000000001 RSI: 0000200000000140 RDI: 0000000000000003
[  492.608458][ T6738] RBP: 00007f18d9ea2090 R08: 0000000000000005 R09: 0000000000000000
[  492.616445][ T6738] R10: 0000000000000096 R11: 0000000000000246 R12: 0000000000000001
[  492.624428][ T6738] R13: 0000000000000000 R14: 00007f18d91b6160 R15: 00007ffe21f11b98
[  492.632427][ T6738]  </TASK>
[  492.934555][  T331] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  492.979718][ T6746] loop1: detected capacity change from 0 to 256
[  493.027882][ T6746] FAT-fs (loop1): Directory bread(block 64) failed
[  493.044856][ T6746] FAT-fs (loop1): Directory bread(block 65) failed
[  493.076345][ T6746] FAT-fs (loop1): Directory bread(block 66) failed
[  493.083881][ T6746] FAT-fs (loop1): Directory bread(block 67) failed
[  493.084282][ T6743] loop2: detected capacity change from 0 to 16
[  493.090453][ T6746] FAT-fs (loop1): Directory bread(block 68) failed
[  493.090479][ T6746] FAT-fs (loop1): Directory bread(block 69) failed
[  493.090513][ T6746] FAT-fs (loop1): Directory bread(block 70) failed
[  493.090532][ T6746] FAT-fs (loop1): Directory bread(block 71) failed
[  493.090567][ T6746] FAT-fs (loop1): Directory bread(block 72) failed
[  493.129730][ T6743] erofs: Unknown parameter '0xffffffffffffffff'
[  493.963752][ T6746] FAT-fs (loop1): Directory bread(block 73) failed
[  493.986845][ T1823] udevd[1823]: symlink '../../loop1' '/dev/disk/by-diskseq/1284.tmp-b7:1' failed: Read-only file system
[  493.999919][  T331] udevd[331]: symlink '../../loop2' '/dev/disk/by-diskseq/1286.tmp-b7:2' failed: Read-only file system
[  494.789831][  T411] udevd[411]: symlink '../../loop4' '/dev/disk/by-diskseq/1267.tmp-b7:4' failed: Read-only file system
[  494.817548][  T331] udevd[331]: symlink '../../loop2' '/dev/disk/by-diskseq/1286.tmp-b7:2' failed: Read-only file system
[  494.861529][  T411] udevd[411]: symlink '../../loop4' '/dev/disk/by-diskseq/1267.tmp-b7:4' failed: Read-only file system
[  494.883764][ T1823] udevd[1823]: symlink '../../loop0' '/dev/disk/by-diskseq/1285.tmp-b7:0' failed: Read-only file system
[  494.896902][  T331] udevd[331]: symlink '../../loop2' '/dev/disk/by-diskseq/1287.tmp-b7:2' failed: Read-only file system
[  494.918587][  T411] udevd[411]: symlink '../../loop1' '/dev/disk/by-diskseq/1284.tmp-b7:1' failed: Read-only file system
[  494.931826][ T6770] loop2: detected capacity change from 0 to 256
[  494.963058][  T331] udevd[331]: symlink '../../loop1' '/dev/disk/by-diskseq/1284.tmp-b7:1' failed: Read-only file system
[  494.993738][  T331] udevd[331]: symlink '../../loop1' '/dev/disk/by-diskseq/1288.tmp-b7:1' failed: Read-only file system
[  495.045640][ T6770] FAT-fs (loop2): Directory bread(block 64) failed
[  495.055955][ T6775] FAULT_INJECTION: forcing a failure.
[  495.055955][ T6775] name failslab, interval 1, probability 0, space 0, times 0
[  495.068886][ T6775] CPU: 0 PID: 6775 Comm: syz.1.1706 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  495.078805][ T6775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  495.088866][ T6775] Call Trace:
[  495.092142][ T6775]  <TASK>
[  495.095070][ T6775]  __dump_stack+0x21/0x24
[  495.099415][ T6775]  dump_stack_lvl+0xee/0x150
[  495.104009][ T6775]  ? __cfi_dump_stack_lvl+0x8/0x8
[  495.109040][ T6775]  dump_stack+0x15/0x24
[  495.113201][ T6775]  should_fail_ex+0x3d4/0x520
[  495.117881][ T6775]  __should_failslab+0xac/0xf0
[  495.122641][ T6775]  ? sk_prot_alloc+0xed/0x320
[  495.127323][ T6775]  should_failslab+0x9/0x20
[  495.131835][ T6775]  __kmem_cache_alloc_node+0x3d/0x2c0
[  495.137207][ T6775]  ? kasan_save_alloc_info+0x25/0x30
[  495.142505][ T6775]  ? sk_prot_alloc+0xed/0x320
[  495.147185][ T6775]  __kmalloc+0xa1/0x1e0
[  495.151352][ T6775]  ? irqentry_exit+0x37/0x40
[  495.155942][ T6775]  sk_prot_alloc+0xed/0x320
[  495.160449][ T6775]  sk_alloc+0x3b/0x460
[  495.164520][ T6775]  pptp_create+0x32/0x2f0
[  495.168850][ T6775]  pppox_create+0x13a/0x1a0
[  495.173350][ T6775]  __sock_create+0x39e/0x7c0
[  495.177946][ T6775]  __sys_socketpair+0x1a1/0x5b0
[  495.182798][ T6775]  __x64_sys_socketpair+0x9b/0xb0
[  495.187828][ T6775]  x64_sys_call+0x6e/0x9a0
[  495.192253][ T6775]  do_syscall_64+0x4c/0xa0
[  495.196669][ T6775]  ? clear_bhb_loop+0x15/0x70
[  495.201343][ T6775]  ? clear_bhb_loop+0x15/0x70
[  495.206018][ T6775]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  495.211914][ T6775] RIP: 0033:0x7f77bdd8e969
[  495.216324][ T6775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  495.235924][ T6775] RSP: 002b:00007f77bdbff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  495.244337][ T6775] RAX: ffffffffffffffda RBX: 00007f77bdfb6160 RCX: 00007f77bdd8e969
[  495.252305][ T6775] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000018
[  495.260272][ T6775] RBP: 00007f77bdbff090 R08: 0000000000000000 R09: 0000000000000000
[  495.268237][ T6775] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  495.276204][ T6775] R13: 0000000000000000 R14: 00007f77bdfb6160 R15: 00007ffd524202d8
[  495.284183][ T6775]  </TASK>
[  495.327878][ T6775] loop1: detected capacity change from 0 to 512
[  495.346397][ T6775] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  495.558923][ T6775] EXT4-fs (loop1): orphan cleanup on readonly fs
[  495.592278][ T6775] Quota error (device loop1): do_check_range: Getting block 196613 out of range 1-5
[  495.602486][ T6775] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  496.328503][ T6779] loop3: detected capacity change from 0 to 256
[  496.397688][ T6775] EXT4-fs error (device loop1): ext4_acquire_dquot:6789: comm syz.1.1706: Failed to acquire dquot type 1
[  496.493831][ T6775] EXT4-fs (loop1): 1 truncate cleaned up
[  496.500459][ T6775] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  496.609048][ T6770] FAT-fs (loop2): Directory bread(block 65) failed
[  496.706038][ T6770] FAT-fs (loop2): Directory bread(block 66) failed
[  496.771177][ T6770] FAT-fs (loop2): Directory bread(block 67) failed
[  496.777764][ T6770] FAT-fs (loop2): Directory bread(block 68) failed
[  496.793890][ T6770] FAT-fs (loop2): Directory bread(block 69) failed
[  496.865576][ T6782] loop3: detected capacity change from 0 to 4096
[  496.872615][ T6782] EXT4-fs: Ignoring removed mblk_io_submit option
[  496.882211][ T6782] EXT4-fs (loop3): Test dummy encryption mode enabled
[  496.898117][ T6770] FAT-fs (loop2): Directory bread(block 70) failed
[  496.904937][ T6770] FAT-fs (loop2): Directory bread(block 71) failed
[  496.978377][ T6787] loop4: detected capacity change from 0 to 256
[  497.941710][ T6770] FAT-fs (loop2): Directory bread(block 72) failed
[  497.948421][ T6770] FAT-fs (loop2): Directory bread(block 73) failed
[  497.971543][ T6782] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  498.013100][ T6787] FAULT_INJECTION: forcing a failure.
[  498.013100][ T6787] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  498.026279][ T6787] CPU: 1 PID: 6787 Comm: syz.4.1709 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  498.036094][ T6787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  498.046145][ T6787] Call Trace:
[  498.049419][ T6787]  <TASK>
[  498.052358][ T6787]  __dump_stack+0x21/0x24
[  498.056697][ T6787]  dump_stack_lvl+0xee/0x150
[  498.061290][ T6787]  ? __cfi_dump_stack_lvl+0x8/0x8
[  498.066318][ T6787]  dump_stack+0x15/0x24
[  498.070473][ T6787]  should_fail_ex+0x3d4/0x520
[  498.075156][ T6787]  should_fail+0xb/0x10
[  498.079318][ T6787]  should_fail_usercopy+0x1a/0x20
[  498.084344][ T6787]  strncpy_from_user+0x24/0x2d0
[  498.089198][ T6787]  ? getname_flags+0xb9/0x500
[  498.093879][ T6787]  getname_flags+0xf4/0x500
[  498.098388][ T6787]  getname+0x19/0x20
[  498.102284][ T6787]  do_sys_openat2+0xcb/0x7e0
[  498.106880][ T6787]  ? do_sys_open+0xe0/0xe0
[  498.111305][ T6787]  ? release_firmware_map_entry+0x194/0x194
[  498.117201][ T6787]  ? ksys_write+0x1eb/0x240
[  498.121709][ T6787]  ? __kasan_check_write+0x14/0x20
[  498.126828][ T6787]  __x64_sys_open+0x11c/0x140
[  498.131507][ T6787]  x64_sys_call+0x97b/0x9a0
[  498.136016][ T6787]  do_syscall_64+0x4c/0xa0
[  498.140438][ T6787]  ? clear_bhb_loop+0x15/0x70
[  498.145112][ T6787]  ? clear_bhb_loop+0x15/0x70
[  498.149786][ T6787]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  498.155691][ T6787] RIP: 0033:0x7f18d8f8e969
[  498.160118][ T6787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  498.179881][ T6787] RSP: 002b:00007f18d9ea2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  498.188310][ T6787] RAX: ffffffffffffffda RBX: 00007f18d91b6160 RCX: 00007f18d8f8e969
[  498.196288][ T6787] RDX: 0000000000000000 RSI: 000000000014927e RDI: 0000200000000180
[  498.204282][ T6787] RBP: 00007f18d9ea2090 R08: 0000000000000000 R09: 0000000000000000
[  498.212252][ T6787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  498.220230][ T6787] R13: 0000000000000000 R14: 00007f18d91b6160 R15: 00007ffe21f11b98
[  498.228217][ T6787]  </TASK>
[  498.244123][  T283] EXT4-fs (loop1): unmounting filesystem.
[  498.356962][   T28] audit: type=1400 audit(1748436453.201:2740): avc:  denied  { mount } for  pid=6781 comm="syz.3.1708" name="/" dev="configfs" ino=14433 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  498.402278][   T28] audit: type=1400 audit(1748436453.241:2741): avc:  denied  { search } for  pid=6781 comm="syz.3.1708" name="/" dev="configfs" ino=14433 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  498.424772][   T28] audit: type=1400 audit(1748436453.241:2742): avc:  denied  { write } for  pid=6781 comm="syz.3.1708" name="/" dev="configfs" ino=14433 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  498.447496][   T28] audit: type=1400 audit(1748436453.241:2743): avc:  denied  { add_name } for  pid=6781 comm="syz.3.1708" name=".pending_reads" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  498.477154][   T28] audit: type=1400 audit(1748436453.241:2744): avc:  denied  { create } for  pid=6781 comm="syz.3.1708" name=".pending_reads" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:configfs_t tclass=file permissive=1
[  498.528991][   T28] audit: type=1400 audit(1748436453.371:2745): avc:  denied  { read } for  pid=6781 comm="syz.3.1708" name="loop-control" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  498.631586][   T28] audit: type=1400 audit(1748436453.371:2746): avc:  denied  { open } for  pid=6781 comm="syz.3.1708" path="/dev/loop-control" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  499.547567][  T284] EXT4-fs (loop3): unmounting filesystem.
[  499.907799][ T6810] loop2: detected capacity change from 0 to 512
[  499.923231][ T6810] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  499.956622][ T1823] udevd[1823]: symlink '../../loop0' '/dev/disk/by-diskseq/1285.tmp-b7:0' failed: Read-only file system
[  499.971860][ T6810] EXT4-fs (loop2): orphan cleanup on readonly fs
[  499.978881][ T6810] Quota error (device loop2): do_check_range: Getting block 196613 out of range 1-5
[  499.988377][ T6810] EXT4-fs error (device loop2): ext4_acquire_dquot:6789: comm syz.2.1710: Failed to acquire dquot type 1
[  500.000582][ T6810] EXT4-fs (loop2): 1 truncate cleaned up
[  500.006405][ T6810] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  500.025552][  T411] udevd[411]: symlink '../../loop4' '/dev/disk/by-diskseq/1296.tmp-b7:4' failed: Read-only file system
[  500.046119][  T331] udevd[331]: symlink '../../loop2' '/dev/disk/by-diskseq/1298.tmp-b7:2' failed: Read-only file system
[  500.074310][  T409] udevd[409]: symlink '../../loop1' '/dev/disk/by-diskseq/1295.tmp-b7:1' failed: Read-only file system
[  500.085846][ T6813] loop0: detected capacity change from 0 to 2048
[  500.114183][  T331] udevd[331]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[  500.148738][ T1823] udevd[1823]: symlink '../../loop3' '/dev/disk/by-diskseq/1293.tmp-b7:3' failed: Read-only file system
[  500.235380][  T331] udevd[331]: symlink '../../loop2' '/dev/disk/by-diskseq/1298.tmp-b7:2' failed: Read-only file system
[  500.269841][  T331] udevd[331]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[  500.533805][ T6825] loop1: detected capacity change from 0 to 256
[  500.584350][ T6819] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1719'.
[  500.594558][ T6819] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1719'.
[  500.621455][  T411] udevd[411]: symlink '../../loop0' '/dev/disk/by-diskseq/1299.tmp-b7:0' failed: Read-only file system
[  500.677756][ T1823] udevd[1823]: symlink '../../loop3' '/dev/disk/by-diskseq/1293.tmp-b7:3' failed: Read-only file system
[  500.782695][  T286] EXT4-fs (loop2): unmounting filesystem.
[  500.792967][ T6813]  loop0: p3 < >
[  500.796688][ T6813] loop0: partition table partially beyond EOD, truncated
[  500.804522][ T6813] loop0: p3 start 4284289 is beyond EOD, truncated
[  501.253033][ T6834] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1721'.
[  501.296373][ T6834] loop2: detected capacity change from 0 to 1024
[  501.304133][ T6834] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  501.494995][ T6834] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  501.504244][ T6834] ext4 filesystem being mounted at /342/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  501.619821][  T286] EXT4-fs (loop2): unmounting filesystem.
[  501.754406][ T6846] loop2: detected capacity change from 0 to 256
[  501.810092][ T6846] FAT-fs (loop2): Directory bread(block 64) failed
[  501.847084][ T6846] FAT-fs (loop2): Directory bread(block 65) failed
[  501.877365][ T6846] FAT-fs (loop2): Directory bread(block 66) failed
[  501.904021][ T6846] FAT-fs (loop2): Directory bread(block 67) failed
[  501.924927][ T6846] FAT-fs (loop2): Directory bread(block 68) failed
[  501.927391][   T28] kauditd_printk_skb: 1 callbacks suppressed
[  501.927415][   T28] audit: type=1400 audit(1748436456.731:2747): avc:  denied  { ioctl } for  pid=6812 comm="syz.0.1717" path="socket:[44870]" dev="sockfs" ino=44870 ioctlcmd=0x7437 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  501.946705][ T6849] syz.3.1727 (6849): /proc/6848/oom_adj is deprecated, please use /proc/6848/oom_score_adj instead.
[  501.999164][ T6846] FAT-fs (loop2): Directory bread(block 69) failed
[  502.029744][ T6846] FAT-fs (loop2): Directory bread(block 70) failed
[  502.041383][ T6846] FAT-fs (loop2): Directory bread(block 71) failed
[  502.047998][ T6846] FAT-fs (loop2): Directory bread(block 72) failed
[  502.074864][ T6846] FAT-fs (loop2): Directory bread(block 73) failed
[  502.077868][ T6842] loop1: detected capacity change from 0 to 40427
[  502.105368][ T6842] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  502.131172][ T6842] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  502.202317][ T6842] F2FS-fs (loop1): invalid crc value
[  502.236806][ T6842] F2FS-fs (loop1): Found nat_bits in checkpoint
[  502.271609][   T28] audit: type=1400 audit(1748436457.121:2748): avc:  denied  { name_bind } for  pid=6848 comm="syz.3.1727" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  502.342328][   T28] audit: type=1400 audit(1748436457.141:2749): avc:  denied  { node_bind } for  pid=6848 comm="syz.3.1727" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  502.395966][ T6842] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  502.421407][ T6842] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  502.603520][ T6841] syz.1.1725: attempt to access beyond end of device
[  502.603520][ T6841] loop1: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  502.653861][ T6869] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1731'.
[  502.669625][ T6869] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1731'.
[  502.696774][ T6871] FAULT_INJECTION: forcing a failure.
[  502.696774][ T6871] name failslab, interval 1, probability 0, space 0, times 0
[  502.723328][ T6871] CPU: 1 PID: 6871 Comm: syz.3.1732 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  502.733176][ T6871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  502.737519][ T6873] loop4: detected capacity change from 0 to 256
[  502.743260][ T6871] Call Trace:
[  502.743271][ T6871]  <TASK>
[  502.743279][ T6871]  __dump_stack+0x21/0x24
[  502.743312][ T6871]  dump_stack_lvl+0xee/0x150
[  502.743346][ T6871]  ? __cfi_dump_stack_lvl+0x8/0x8
[  502.769763][ T6871]  dump_stack+0x15/0x24
[  502.773952][ T6871]  should_fail_ex+0x3d4/0x520
[  502.778662][ T6871]  __should_failslab+0xac/0xf0
[  502.783442][ T6871]  ? sk_prot_alloc+0xed/0x320
[  502.788138][ T6871]  should_failslab+0x9/0x20
[  502.792681][ T6871]  __kmem_cache_alloc_node+0x3d/0x2c0
[  502.798082][ T6871]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[  502.803898][ T6871]  ? sk_prot_alloc+0xed/0x320
[  502.808590][ T6871]  __kmalloc+0xa1/0x1e0
[  502.812758][ T6871]  sk_prot_alloc+0xed/0x320
[  502.817270][ T6871]  sk_alloc+0x3b/0x460
[  502.821344][ T6871]  netlink_create+0x3c2/0x640
[  502.826027][ T6871]  ? __cfi_genl_bind+0x10/0x10
[  502.830800][ T6871]  __sock_create+0x39e/0x7c0
[  502.835389][ T6871]  __sys_socket+0xcd/0x1a0
[  502.839811][ T6871]  __x64_sys_socket+0x7a/0x90
[  502.844495][ T6871]  x64_sys_call+0x449/0x9a0
[  502.849003][ T6871]  do_syscall_64+0x4c/0xa0
[  502.853429][ T6871]  ? clear_bhb_loop+0x15/0x70
[  502.858102][ T6871]  ? clear_bhb_loop+0x15/0x70
[  502.862778][ T6871]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  502.868681][ T6871] RIP: 0033:0x7f499f590887
[  502.873093][ T6871] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  502.892718][ T6871] RSP: 002b:00007f49a046efa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[  502.901133][ T6871] RAX: ffffffffffffffda RBX: 00007f499f7b5fa0 RCX: 00007f499f590887
[  502.909106][ T6871] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  502.917074][ T6871] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[  502.925042][ T6871] R10: 0000200000000080 R11: 0000000000000286 R12: 0000000000000001
[  502.933017][ T6871] R13: 0000000000000001 R14: 00007f499f7b5fa0 R15: 00007ffe61b0fca8
[  502.940992][ T6871]  </TASK>
[  502.995689][ T6874] loop0: detected capacity change from 0 to 256
[  503.209860][ T6873] FAT-fs (loop4): Directory bread(block 64) failed
[  503.305942][ T6873] FAT-fs (loop4): Directory bread(block 65) failed
[  503.337806][ T6873] FAT-fs (loop4): Directory bread(block 66) failed
[  503.345660][   T10] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  503.357177][ T6873] FAT-fs (loop4): Directory bread(block 67) failed
[  503.363840][ T6873] FAT-fs (loop4): Directory bread(block 68) failed
[  503.365326][   T10] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  503.370420][ T6873] FAT-fs (loop4): Directory bread(block 69) failed
[  503.385933][ T6873] FAT-fs (loop4): Directory bread(block 70) failed
[  503.392925][ T6873] FAT-fs (loop4): Directory bread(block 71) failed
[  503.399714][ T6873] FAT-fs (loop4): Directory bread(block 72) failed
[  503.414950][ T6873] FAT-fs (loop4): Directory bread(block 73) failed
[  503.434889][   T10] kworker/u4:1: attempt to access beyond end of device
[  503.434889][   T10] loop1: rw=1, sector=45104, nr_sectors = 8 limit=40427
[  503.516995][ T6883] loop4: detected capacity change from 0 to 256
[  503.577291][ T6883] FAT-fs (loop4): Directory bread(block 64) failed
[  503.584302][ T6883] FAT-fs (loop4): Directory bread(block 65) failed
[  503.590870][ T6883] FAT-fs (loop4): Directory bread(block 66) failed
[  503.597886][ T6883] FAT-fs (loop4): Directory bread(block 67) failed
[  503.613087][ T6883] FAT-fs (loop4): Directory bread(block 68) failed
[  503.619645][ T6883] FAT-fs (loop4): Directory bread(block 69) failed
[  503.627721][ T6883] FAT-fs (loop4): Directory bread(block 70) failed
[  503.650285][ T6883] FAT-fs (loop4): Directory bread(block 71) failed
[  503.664074][ T6883] FAT-fs (loop4): Directory bread(block 72) failed
[  503.676428][ T6883] FAT-fs (loop4): Directory bread(block 73) failed
[  503.691101][  T220] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  503.846540][ T6882] loop0: detected capacity change from 0 to 40427
[  503.871070][  T220] usb 4-1: Using ep0 maxpacket: 32
[  503.880807][  T220] usb 4-1: unable to get BOS descriptor or descriptor too short
[  503.886212][ T6882] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  503.897142][ T6896] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1742'.
[  503.904010][ T6882] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  503.917939][ T6882] F2FS-fs (loop0): invalid crc value
[  503.926424][  T220] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  503.936320][ T6893] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1742'.
[  503.945385][  T220] usb 4-1: config 1 has an invalid interface descriptor of length 2, skipping
[  503.961880][ T6882] F2FS-fs (loop0): Found nat_bits in checkpoint
[  503.972694][  T220] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  503.982014][  T220] usb 4-1: config 1 has no interface number 1
[  503.998822][  T220] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  504.017342][  T220] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  504.027946][  T220] usb 4-1: Product: syz
[  504.033651][  T220] usb 4-1: Manufacturer: syz
[  504.038410][  T220] usb 4-1: SerialNumber: syz
[  504.049551][ T6882] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  504.056745][ T6882] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  504.091110][ T6882] device bridge0 entered promiscuous mode
[  504.097541][ T6882] bridge0: port 3(macsec1) entered blocking state
[  504.105616][ T6882] bridge0: port 3(macsec1) entered disabled state
[  504.113808][ T6882] device bridge0 left promiscuous mode
[  504.244373][ T6881] syz.0.1739: attempt to access beyond end of device
[  504.244373][ T6881] loop0: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  504.260680][  T220] usb 4-1: 2:1 : unknown format tag 0x3 is detected.  processed as MPEG.
[  504.281716][  T220] usb 4-1: found format II with max.bitrate = 6, frame size=2
[  504.356409][  T220] usb 4-1: 2:1 : unknown format tag 0x3 is detected.  processed as MPEG.
[  504.368833][  T220] usb 4-1: found format II with max.bitrate = 6, frame size=2
[  504.370395][  T359] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  504.387076][  T359] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  504.388452][  T220] usb 4-1: USB disconnect, device number 21
[  504.417283][  T359] kworker/u4:5: attempt to access beyond end of device
[  504.417283][  T359] loop0: rw=1, sector=45104, nr_sectors = 8 limit=40427
[  504.433554][   T28] audit: type=1400 audit(1748436459.281:2750): avc:  denied  { write } for  pid=6917 comm="syz.1.1748" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  505.030232][ T6924] loop0: detected capacity change from 0 to 256
[  505.588429][ T1823] udevd[1823]: symlink '../../loop4' '/dev/disk/by-diskseq/1316.tmp-b7:4' failed: Read-only file system
[  505.609431][  T331] udevd[331]: symlink '../../loop0' '/dev/disk/by-diskseq/1319.tmp-b7:0' failed: Read-only file system
[  505.623406][  T411] udevd[411]: symlink '../../loop3' '/dev/disk/by-diskseq/1300.tmp-b7:3' failed: Read-only file system
[  505.646918][ T6930] loop4: detected capacity change from 0 to 128
[  505.656074][ T1823] udevd[1823]: symlink '../../loop2' '/dev/disk/by-diskseq/1315.tmp-b7:2' failed: Read-only file system
[  505.665233][  T331] udevd[331]: symlink '../../loop0' '/dev/disk/by-diskseq/1319.tmp-b7:0' failed: Read-only file system
[  505.686662][  T409] udevd[409]: symlink '../../loop1' '/dev/disk/by-diskseq/1314.tmp-b7:1' failed: Read-only file system
[  505.725277][  T331] udevd[331]: symlink '../../loop0' '/dev/disk/by-diskseq/1319.tmp-b7:0' failed: Read-only file system
[  505.740808][  T411] udevd[411]: symlink '../../loop4' '/dev/disk/by-diskseq/1320.tmp-b7:4' failed: Read-only file system
[  505.759276][ T6937] loop1: detected capacity change from 0 to 128
[  505.767081][ T6930] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  505.779499][  T331] udevd[331]: symlink '../../loop0' '/dev/disk/by-diskseq/1319.tmp-b7:0' failed: Read-only file system
[  505.799341][  T409] udevd[409]: symlink '../../loop2' '/dev/disk/by-diskseq/1315.tmp-b7:2' failed: Read-only file system
[  505.803287][ T6930] ext4 filesystem being mounted at /350/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  505.839193][   T28] audit: type=1400 audit(1748436460.681:2751): avc:  denied  { create } for  pid=6929 comm="syz.3.1752" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  505.877243][ T6946] loop0: detected capacity change from 0 to 256
[  505.877253][ T6937] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1754'.
[  505.902017][ T6946] FAT-fs (loop0): Directory bread(block 64) failed
[  505.909864][ T6947] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1756'.
[  505.918863][ T6946] FAT-fs (loop0): Directory bread(block 65) failed
[  505.918917][ T6946] FAT-fs (loop0): Directory bread(block 66) failed
[  505.918938][ T6946] FAT-fs (loop0): Directory bread(block 67) failed
[  505.961202][ T6942] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1756'.
[  505.976564][ T6946] FAT-fs (loop0): Directory bread(block 68) failed
[  505.998194][ T6946] FAT-fs (loop0): Directory bread(block 69) failed
[  506.005561][   T28] audit: type=1400 audit(1748436460.711:2752): avc:  denied  { write } for  pid=6929 comm="syz.3.1752" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  506.017320][ T6937] syz.1.1754: attempt to access beyond end of device
[  506.017320][ T6937] loop1: rw=2049, sector=153, nr_sectors = 3 limit=128
[  506.053105][ T6946] FAT-fs (loop0): Directory bread(block 70) failed
[  506.059667][ T6946] FAT-fs (loop0): Directory bread(block 71) failed
[  506.231436][ T6946] FAT-fs (loop0): Directory bread(block 72) failed
[  506.299324][ T6946] FAT-fs (loop0): Directory bread(block 73) failed
[  506.629079][ T6957] loop1: detected capacity change from 0 to 128
[  506.759232][ T6957] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  507.091388][ T6957] ext4 filesystem being mounted at /375/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  507.142934][ T6957] FAULT_INJECTION: forcing a failure.
[  507.142934][ T6957] name failslab, interval 1, probability 0, space 0, times 0
[  507.169858][ T6957] CPU: 0 PID: 6957 Comm: syz.1.1759 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  507.179717][ T6957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  507.189787][ T6957] Call Trace:
[  507.193097][ T6957]  <TASK>
[  507.196036][ T6957]  __dump_stack+0x21/0x24
[  507.200376][ T6957]  dump_stack_lvl+0xee/0x150
[  507.204974][ T6957]  ? __cfi_dump_stack_lvl+0x8/0x8
[  507.210006][ T6957]  ? memset+0x35/0x40
[  507.214023][ T6957]  dump_stack+0x15/0x24
[  507.218183][ T6957]  should_fail_ex+0x3d4/0x520
[  507.222871][ T6957]  __should_failslab+0xac/0xf0
[  507.227648][ T6957]  should_failslab+0x9/0x20
[  507.232162][ T6957]  slab_pre_alloc_hook+0x30/0x1e0
[  507.237195][ T6957]  kmem_cache_alloc_lru+0x49/0x280
[  507.242305][ T6957]  ? __d_alloc+0x34/0x6c0
[  507.246645][ T6957]  __d_alloc+0x34/0x6c0
[  507.250887][ T6957]  ? rwsem_write_trylock+0x130/0x300
[  507.256182][ T6957]  d_alloc+0x4b/0x1d0
[  507.260166][ T6957]  lookup_one_qstr_excl+0xcb/0x270
[  507.265300][ T6957]  filename_create+0x219/0x450
[  507.270068][ T6957]  ? kasan_save_alloc_info+0x25/0x30
[  507.275358][ T6957]  ? kern_path_create+0x1b0/0x1b0
[  507.280383][ T6957]  do_mkdirat+0x5c/0x4c0
[  507.284623][ T6957]  ? getname_flags+0x206/0x500
[  507.289427][ T6957]  __x64_sys_mkdirat+0x89/0xa0
[  507.294189][ T6957]  x64_sys_call+0x73d/0x9a0
[  507.298716][ T6957]  do_syscall_64+0x4c/0xa0
[  507.303141][ T6957]  ? clear_bhb_loop+0x15/0x70
[  507.307818][ T6957]  ? clear_bhb_loop+0x15/0x70
[  507.312492][ T6957]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  507.318389][ T6957] RIP: 0033:0x7f77bdd8e969
[  507.322799][ T6957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  507.342401][ T6957] RSP: 002b:00007f77beb3c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  507.350814][ T6957] RAX: ffffffffffffffda RBX: 00007f77bdfb5fa0 RCX: 00007f77bdd8e969
[  507.358780][ T6957] RDX: 00000000000001c0 RSI: 0000200000000640 RDI: ffffffffffffff9c
[  507.366748][ T6957] RBP: 00007f77beb3c090 R08: 0000000000000000 R09: 0000000000000000
[  507.374722][ T6957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  507.382686][ T6957] R13: 0000000000000000 R14: 00007f77bdfb5fa0 R15: 00007ffd524202d8
[  507.390660][ T6957]  </TASK>
[  507.404782][  T287] EXT4-fs (loop4): unmounting filesystem.
[  507.509058][   T28] audit: type=1400 audit(1748436462.351:2753): avc:  denied  { name_bind } for  pid=6971 comm="syz.2.1763" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  508.000494][ T6980] FAULT_INJECTION: forcing a failure.
[  508.000494][ T6980] name fail_futex, interval 1, probability 0, space 0, times 1
[  508.122035][   T28] audit: type=1400 audit(1748436462.971:2754): avc:  denied  { ioctl } for  pid=6976 comm="syz.4.1764" path="socket:[45377]" dev="sockfs" ino=45377 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  508.167579][ T6980] CPU: 1 PID: 6980 Comm: syz.2.1763 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  508.177435][ T6980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  508.187508][ T6980] Call Trace:
[  508.190804][ T6980]  <TASK>
[  508.193741][ T6980]  __dump_stack+0x21/0x24
[  508.198091][ T6980]  dump_stack_lvl+0xee/0x150
[  508.202696][ T6980]  ? __cfi_dump_stack_lvl+0x8/0x8
[  508.207819][ T6980]  ? __switch_to+0x51f/0xe30
[  508.212417][ T6980]  dump_stack+0x15/0x24
[  508.216589][ T6980]  should_fail_ex+0x3d4/0x520
[  508.221279][ T6980]  should_fail+0xb/0x10
[  508.225446][ T6980]  get_futex_key+0x13d/0xb00
[  508.230052][ T6980]  ? _raw_spin_unlock+0x4c/0x70
[  508.234918][ T6980]  ? finish_task_switch+0x16b/0x7b0
[  508.240132][ T6980]  ? __cfi_get_futex_key+0x10/0x10
[  508.245258][ T6980]  ? __schedule+0xb8f/0x14e0
[  508.249867][ T6980]  futex_wake+0x13a/0x890
[  508.254210][ T6980]  ? release_firmware_map_entry+0x194/0x194
[  508.260120][ T6980]  ? __kasan_check_read+0x11/0x20
[  508.265164][ T6980]  ? __cfi_futex_wake+0x10/0x10
[  508.270030][ T6980]  ? preempt_schedule_irq+0xbb/0x110
[  508.275329][ T6980]  ? __cfi_preempt_schedule_irq+0x10/0x10
[  508.281067][ T6980]  ? preempt_schedule+0xa7/0xb0
[  508.285936][ T6980]  ? _raw_spin_unlock_irqrestore+0x55/0x80
[  508.291757][ T6980]  ? raw_irqentry_exit_cond_resched+0x29/0x30
[  508.297840][ T6980]  ? irqentry_exit+0x37/0x40
[  508.302451][ T6980]  do_futex+0x2b9/0x420
[  508.306631][ T6980]  ? __cfi_do_futex+0x10/0x10
[  508.311326][ T6980]  ? uprobe_free_utask+0x26/0x140
[  508.316362][ T6980]  mm_release+0x189/0x2c0
[  508.320706][ T6980]  ? exit_mm_release+0x30/0x30
[  508.325485][ T6980]  ? futex_exit_release+0x119/0x1d0
[  508.330709][ T6980]  exit_mm_release+0x25/0x30
[  508.335313][ T6980]  do_exit+0x883/0x2650
[  508.339489][ T6980]  ? __cfi_do_exit+0x10/0x10
[  508.344096][ T6980]  ? __kasan_check_write+0x14/0x20
[  508.349223][ T6980]  ? _raw_spin_lock_irq+0x8f/0xe0
[  508.354264][ T6980]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  508.359825][ T6980]  do_group_exit+0x210/0x2d0
[  508.364440][ T6980]  ? __kasan_check_write+0x14/0x20
[  508.369575][ T6980]  get_signal+0x13b5/0x1520
[  508.374102][ T6980]  arch_do_signal_or_restart+0xb0/0x1030
[  508.379754][ T6980]  ? __this_cpu_preempt_check+0x13/0x20
[  508.385316][ T6980]  ? tracing_record_taskinfo_sched_switch+0x80/0x3a0
[  508.392007][ T6980]  ? probe_sched_switch+0x63/0x90
[  508.397051][ T6980]  ? _raw_spin_unlock+0x4c/0x70
[  508.401917][ T6980]  ? finish_task_switch+0x16b/0x7b0
[  508.407132][ T6980]  ? __switch_to_asm+0x3a/0x60
[  508.411916][ T6980]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  508.418091][ T6980]  ? __kasan_check_read+0x11/0x20
[  508.423138][ T6980]  exit_to_user_mode_loop+0x7a/0xb0
[  508.428347][ T6980]  exit_to_user_mode_prepare+0x5a/0xa0
[  508.433818][ T6980]  syscall_exit_to_user_mode+0x1a/0x30
[  508.439291][ T6980]  do_syscall_64+0x58/0xa0
[  508.443723][ T6980]  ? clear_bhb_loop+0x15/0x70
[  508.448414][ T6980]  ? clear_bhb_loop+0x15/0x70
[  508.453100][ T6980]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  508.459016][ T6980] RIP: 0033:0x7f578938e969
[  508.463438][ T6980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  508.483056][ T6980] RSP: 002b:00007f578a13c038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[  508.491485][ T6980] RAX: fffffffffffffdfe RBX: 00007f57895b6080 RCX: 00007f578938e969
[  508.499467][ T6980] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000200000000500
[  508.507446][ T6980] RBP: 00007f578a13c090 R08: 0000000000000000 R09: 0000000000000000
[  508.515428][ T6980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  508.523408][ T6980] R13: 0000000000000000 R14: 00007f57895b6080 R15: 00007ffcf987b318
[  508.531400][ T6980]  </TASK>
[  508.607850][ T6994] loop2: detected capacity change from 0 to 2048
[  508.617397][ T6994] EXT4-fs: Ignoring removed mblk_io_submit option
[  508.624003][ T6994] EXT4-fs: dax option not supported
[  508.640142][ T6988] loop3: detected capacity change from 0 to 16
[  508.661421][ T6988] erofs: Unknown parameter '0xffffffffffffffff˙˙˙˙'
[  508.678450][ T6997] loop4: detected capacity change from 0 to 128
[  508.785631][ T6998] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1769'.
[  508.840383][ T7001] loop3: detected capacity change from 0 to 128
[  508.862244][ T7001] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  508.878797][ T7001] ext4 filesystem being mounted at /331/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  508.884758][ T6997] syz.4.1769: attempt to access beyond end of device
[  508.884758][ T6997] loop4: rw=2049, sector=153, nr_sectors = 3 limit=128
[  509.999566][ T7015] loop4: detected capacity change from 0 to 256
[  510.147650][   T28] audit: type=1400 audit(1748436464.291:2755): avc:  denied  { create } for  pid=7007 comm="syz.0.1772" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  510.199979][   T28] audit: type=1400 audit(1748436465.041:2756): avc:  denied  { mounton } for  pid=7009 comm="syz.4.1771" path="/355/file0/file0" dev="loop4" ino=1048950 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1
[  510.399942][ T7015] 9pnet_fd: Insufficient options for proto=fd
[  511.014732][   T28] audit: type=1400 audit(1748436465.421:2757): avc:  denied  { write } for  pid=7000 comm="syz.3.1770" path="/331/mnt/encrypted_dir/file" dev="loop3" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  511.046225][ T1823] udevd[1823]: symlink '../../loop3' '/dev/disk/by-diskseq/1333.tmp-b7:3' failed: Read-only file system
[  511.058793][  T331] udevd[331]: symlink '../../loop4' '/dev/disk/by-diskseq/1335.tmp-b7:4' failed: Read-only file system
[  511.090074][  T411] udevd[411]: symlink '../../loop2' '/dev/disk/by-diskseq/1332.tmp-b7:2' failed: Read-only file system
[  511.127012][ T1823] udevd[1823]: symlink '../../loop3' '/dev/disk/by-uuid/76b65be2-f6da-4727-8c75-0525a5b65a09.tmp-b7:3' failed: Read-only file system
[  511.150325][  T331] udevd[331]: symlink '../../loop4' '/dev/disk/by-diskseq/1335.tmp-b7:4' failed: Read-only file system
[  511.173398][  T411] udevd[411]: symlink '../../loop2' '/dev/disk/by-diskseq/1332.tmp-b7:2' failed: Read-only file system
[  511.216374][  T331] udevd[331]: symlink '../../loop4' '/dev/disk/by-diskseq/1335.tmp-b7:4' failed: Read-only file system
[  511.436168][  T331] udevd[331]: symlink '../../loop0' '/dev/disk/by-diskseq/1326.tmp-b7:0' failed: Read-only file system
[  511.518059][  T305] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  511.519339][  T284] EXT4-fs (loop3): unmounting filesystem.
[  511.553020][  T331] udevd[331]: symlink '../../loop1' '/dev/disk/by-uuid/76b65be2-f6da-4727-8c75-0525a5b65a09.tmp-b7:3' failed: Read-only file system
[  511.569439][  T331] udevd[331]: symlink '../../loop3' '/dev/disk/by-diskseq/1333.tmp-b7:3' failed: Read-only file system
[  511.821094][  T305] usb 5-1: Using ep0 maxpacket: 32
[  511.828276][  T305] usb 5-1: config 0 has an invalid interface number: 67 but max is 0
[  512.010281][  T305] usb 5-1: config 0 has no interface number 0
[  512.067516][   T28] audit: type=1400 audit(1748436466.911:2758): avc:  denied  { read write } for  pid=7038 comm="syz.3.1779" name="vhost-vsock" dev="devtmpfs" ino=268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  512.158794][  T305] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  512.364243][  T305] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  512.388063][   T28] audit: type=1400 audit(1748436466.941:2759): avc:  denied  { open } for  pid=7038 comm="syz.3.1779" path="/dev/vhost-vsock" dev="devtmpfs" ino=268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  512.421790][  T305] usb 5-1: Product: syz
[  512.431250][  T305] usb 5-1: Manufacturer: syz
[  512.435866][  T305] usb 5-1: SerialNumber: syz
[  512.473410][ T7045] loop2: detected capacity change from 0 to 16
[  512.501739][ T7045] erofs: Unknown parameter '0xffffffffffffffff˙˙˙˙'
[  512.512852][  T305] usb 5-1: config 0 descriptor??
[  512.521838][  T305] smsc95xx v2.0.0
[  512.527189][   T28] audit: type=1400 audit(1748436466.961:2760): avc:  denied  { ioctl } for  pid=7038 comm="syz.3.1779" path="/dev/vhost-vsock" dev="devtmpfs" ino=268 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  512.705965][  T283] EXT4-fs (loop1): unmounting filesystem.
[  512.751107][  T402] usb 4-1: new full-speed USB device number 22 using dummy_hcd
[  512.954926][  T402] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  512.988273][  T402] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  513.022606][  T402] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[  513.046567][  T402] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  513.069927][  T402] usb 4-1: SerialNumber: syz
[  513.087574][  T402] usb 4-1: 0:2 : does not exist
[  513.122018][ T7027] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  513.130588][ T7027] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  513.149257][  T305] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71
[  513.167370][  T305] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  513.185695][  T305] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  513.209181][  T305] smsc95xx: probe of 5-1:0.67 failed with error -71
[  513.231352][  T305] usb 5-1: USB disconnect, device number 20
[  514.081049][ T7075] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1787'.
[  514.098341][   T28] audit: type=1400 audit(1748436468.891:2761): avc:  denied  { read write } for  pid=7069 comm="syz.4.1787" name="uinput" dev="devtmpfs" ino=262 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  514.276466][   T28] audit: type=1400 audit(1748436468.891:2762): avc:  denied  { open } for  pid=7069 comm="syz.4.1787" path="/dev/uinput" dev="devtmpfs" ino=262 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  514.325123][   T28] audit: type=1400 audit(1748436468.901:2763): avc:  denied  { ioctl } for  pid=7069 comm="syz.4.1787" path="/dev/uinput" dev="devtmpfs" ino=262 ioctlcmd=0x556d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  514.331977][ T7079] loop0: detected capacity change from 0 to 128
[  514.350497][   T28] audit: type=1400 audit(1748436468.901:2764): avc:  denied  { read } for  pid=7069 comm="syz.4.1787" name="usbmon7" dev="devtmpfs" ino=180 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  514.380602][   T28] audit: type=1400 audit(1748436468.901:2765): avc:  denied  { open } for  pid=7069 comm="syz.4.1787" path="/dev/usbmon7" dev="devtmpfs" ino=180 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  514.382177][ T7081] loop2: detected capacity change from 0 to 1024
[  514.410357][   T28] audit: type=1400 audit(1748436469.161:2766): avc:  denied  { append } for  pid=7078 comm="syz.0.1789" name="001" dev="devtmpfs" ino=182 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  514.448066][ T7081] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  514.483138][  T331] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  514.484786][  T286] EXT4-fs (loop2): unmounting filesystem.
[  514.966944][  T527] usb 4-1: USB disconnect, device number 22
[  516.290674][  T331] udevd[331]: symlink '../../loop4' '/dev/disk/by-diskseq/1336.tmp-b7:4' failed: Read-only file system
[  516.293581][  T331] udevd[331]: symlink '../../loop2' '/dev/disk/by-diskseq/1344.tmp-b7:2' failed: Read-only file system
[  516.315483][  T331] udevd[331]: symlink '../../loop3' '/dev/disk/by-diskseq/1337.tmp-b7:3' failed: Read-only file system
[  516.328951][  T331] udevd[331]: symlink '../../loop1' '/dev/disk/by-diskseq/1340.tmp-b7:1' failed: Read-only file system
[  516.386295][  T331] udevd[331]: symlink '../../loop4' '/dev/disk/by-diskseq/1336.tmp-b7:4' failed: Read-only file system
[  516.540391][ T7102] loop2: detected capacity change from 0 to 256
[  516.550606][ T7102] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  516.557361][ T7108] loop3: detected capacity change from 0 to 512
[  516.570002][  T331] udevd[331]: symlink '../../loop0' '/dev/disk/by-diskseq/1343.tmp-b7:0' failed: Read-only file system
[  516.576073][ T1823] udevd[1823]: symlink '../../loop2' '/dev/disk/by-diskseq/1345.tmp-b7:2' failed: Read-only file system
[  516.583235][ T7102] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  516.602913][ T1823] udevd[1823]: symlink '../../loop2' '/dev/disk/by-uuid/1234-1234.tmp-b7:2' failed: Read-only file system
[  516.605122][  T411] udevd[411]: symlink '../../loop3' '/dev/disk/by-diskseq/1346.tmp-b7:3' failed: Read-only file system
[  516.620899][ T7102] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  516.626608][  T411] udevd[411]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  516.672854][ T7111] loop0: detected capacity change from 0 to 16
[  516.692137][ T7108] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  516.707443][   T28] audit: type=1400 audit(1748436471.541:2767): avc:  denied  { relabelfrom } for  pid=7104 comm="syz.4.1799" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  516.715763][ T7111] erofs: Unknown parameter '0xffffffffffffffff˙˙˙˙'
[  516.734119][ T7108] ext4 filesystem being mounted at /334/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  516.756645][   T28] audit: type=1400 audit(1748436471.541:2768): avc:  denied  { relabelto } for  pid=7104 comm="syz.4.1799" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  516.791917][  T331] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  517.195899][   T28] audit: type=1400 audit(1748436472.001:2769): avc:  denied  { mounton } for  pid=7100 comm="syz.3.1796" path="/334/file0/bus" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  517.249064][  T284] EXT4-fs (loop3): unmounting filesystem.
[  517.289559][ T7120] loop2: detected capacity change from 0 to 1024
[  517.296655][ T7120] EXT4-fs: Ignoring removed nobh option
[  517.302375][ T7120] EXT4-fs: Ignoring removed bh option
[  517.308925][ T7120] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  517.336972][ T7120] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  517.346284][ T7127] loop0: detected capacity change from 0 to 256
[  517.372674][ T7127] FAT-fs (loop0): Directory bread(block 64) failed
[  517.433509][ T7127] FAT-fs (loop0): Directory bread(block 65) failed
[  517.449740][ T7127] FAT-fs (loop0): Directory bread(block 66) failed
[  517.456772][ T7127] FAT-fs (loop0): Directory bread(block 67) failed
[  517.475678][ T7127] FAT-fs (loop0): Directory bread(block 68) failed
[  517.484436][ T7127] FAT-fs (loop0): Directory bread(block 69) failed
[  517.491346][ T7127] FAT-fs (loop0): Directory bread(block 70) failed
[  517.504321][ T7127] FAT-fs (loop0): Directory bread(block 71) failed
[  517.510985][ T7127] FAT-fs (loop0): Directory bread(block 72) failed
[  517.517596][ T7127] FAT-fs (loop0): Directory bread(block 73) failed
[  518.495427][ T7143] loop4: detected capacity change from 0 to 512
[  518.704692][  T286] EXT4-fs (loop2): unmounting filesystem.
[  518.710637][ T7143] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  518.719683][ T7143] ext4 filesystem being mounted at /361/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  519.111180][  T287] EXT4-fs (loop4): unmounting filesystem.
[  519.519114][ T7158] loop0: detected capacity change from 0 to 512
[  519.687557][ T7162] loop4: detected capacity change from 0 to 1024
[  519.714428][ T7162] EXT4-fs: Ignoring removed orlov option
[  519.748822][ T7162] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  519.827645][ T7162] overlayfs: missing 'lowerdir'
[  519.917046][ T7158] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  519.926220][ T7158] ext4 filesystem being mounted at /364/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  520.594491][   T28] kauditd_printk_skb: 9 callbacks suppressed
[  520.594508][   T28] audit: type=1400 audit(1748436478.889:2779): avc:  denied  { mount } for  pid=7161 comm="syz.4.1812" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  520.628380][  T285] EXT4-fs (loop0): unmounting filesystem.
[  520.663028][  T287] EXT4-fs (loop4): unmounting filesystem.
[  520.668853][ T7173] tc_dump_action: action bad kind
[  520.676168][ T7173] loop3: detected capacity change from 0 to 256
[  520.685416][ T7173] exfat: Unknown parameter ''
[  520.725926][ T7179] loop4: detected capacity change from 0 to 256
[  520.737371][ T7179] FAT-fs (loop4): Directory bread(block 64) failed
[  520.746626][ T7179] FAT-fs (loop4): Directory bread(block 65) failed
[  520.753586][ T7179] FAT-fs (loop4): Directory bread(block 66) failed
[  520.760214][ T7179] FAT-fs (loop4): Directory bread(block 67) failed
[  520.767064][ T7179] FAT-fs (loop4): Directory bread(block 68) failed
[  520.805320][ T7179] FAT-fs (loop4): Directory bread(block 69) failed
[  520.813583][ T7179] FAT-fs (loop4): Directory bread(block 70) failed
[  520.820290][ T7179] FAT-fs (loop4): Directory bread(block 71) failed
[  520.829369][ T7179] FAT-fs (loop4): Directory bread(block 72) failed
[  520.844076][ T7179] FAT-fs (loop4): Directory bread(block 73) failed
[  521.105770][ T7188] loop1: detected capacity change from 0 to 256
[  521.140347][ T7182] loop2: detected capacity change from 0 to 16
[  521.161465][ T7182] erofs: Unknown parameter '0xffffffffffffffff˙˙˙˙'
[  521.178263][   T28] audit: type=1400 audit(1748436480.019:2780): avc:  denied  { setopt } for  pid=7191 comm="syz.0.1820" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  521.209721][ T7192] tipc: Started in network mode
[  521.224829][   T28] audit: type=1400 audit(1748436480.049:2781): avc:  denied  { read } for  pid=7191 comm="syz.0.1820" path="socket:[45708]" dev="sockfs" ino=45708 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  521.251852][ T7192] tipc: Node identity 4, cluster identity 4711
[  521.258055][ T7192] tipc: Node number set to 4
[  521.271223][   T28] audit: type=1400 audit(1748436480.119:2782): avc:  denied  { create } for  pid=7191 comm="syz.0.1820" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  521.291470][   T28] audit: type=1400 audit(1748436480.119:2783): avc:  denied  { connect } for  pid=7191 comm="syz.0.1820" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  521.353478][ T1823] udevd[1823]: symlink '../../loop3' '/dev/disk/by-diskseq/1362.tmp-b7:3' failed: Read-only file system
[  521.369467][  T331] udevd[331]: symlink '../../loop2' '/dev/disk/by-diskseq/1365.tmp-b7:2' failed: Read-only file system
[  521.387833][ T7197] FAULT_INJECTION: forcing a failure.
[  521.387833][ T7197] name failslab, interval 1, probability 0, space 0, times 0
[  521.406701][ T7198] loop0: detected capacity change from 0 to 256
[  521.414018][  T331] udevd[331]: symlink '../../loop2' '/dev/disk/by-diskseq/1365.tmp-b7:2' failed: Read-only file system
[  521.429252][ T7197] CPU: 0 PID: 7197 Comm: syz.3.1822 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  521.439104][ T7197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  521.447728][  T411] udevd[411]: symlink '../../loop0' '/dev/disk/by-diskseq/1360.tmp-b7:0' failed: Read-only file system
[  521.449173][ T7197] Call Trace:
[  521.449182][ T7197]  <TASK>
[  521.449190][ T7197]  __dump_stack+0x21/0x24
[  521.466148][ T7198] FAT-fs (loop0): Directory bread(block 64) failed
[  521.466408][ T7197]  dump_stack_lvl+0xee/0x150
[  521.472019][ T7198] FAT-fs (loop0): Directory bread(block 65) failed
[  521.477216][ T7197]  ? __cfi_dump_stack_lvl+0x8/0x8
[  521.485933][  T331] udevd[331]: symlink '../../loop2' '/dev/disk/by-diskseq/1366.tmp-b7:2' failed: Read-only file system
[  521.488295][ T7197]  ? ____fput+0x15/0x20
[  521.500938][ T1823] udevd[1823]: symlink '../../loop0' '/dev/disk/by-diskseq/1367.tmp-b7:0' failed: Read-only file system
[  521.504332][ T7197]  ? exit_to_user_mode_loop+0x9b/0xb0
[  521.504366][ T7197]  ? exit_to_user_mode_prepare+0x5a/0xa0
[  521.504386][ T7197]  ? syscall_exit_to_user_mode+0x1a/0x30
[  521.511124][ T7198] FAT-fs (loop0): Directory bread(block 66) failed
[  521.519630][ T7197]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  521.519674][ T7197]  dump_stack+0x15/0x24
[  521.533093][ T1823] udevd[1823]: symlink '../../loop0' '/dev/disk/by-diskseq/1367.tmp-b7:0' failed: Read-only file system
[  521.536320][ T7197]  should_fail_ex+0x3d4/0x520
[  521.536353][ T7197]  __should_failslab+0xac/0xf0
[  521.543028][ T7198] FAT-fs (loop0): Directory bread(block 67) failed
[  521.548904][ T7197]  ? tracepoint_probe_unregister+0x1e6/0x8b0
[  521.554916][ T7198] FAT-fs (loop0): Directory bread(block 68) failed
[  521.564166][ T7197]  should_failslab+0x9/0x20
[  521.564204][ T7197]  __kmem_cache_alloc_node+0x3d/0x2c0
[  521.564229][ T7197]  ? __cfi_mutex_lock+0x10/0x10
[  521.569435][ T7198] FAT-fs (loop0): Directory bread(block 69) failed
[  521.573669][ T7197]  ? delete_node+0x2f4/0xa60
[  521.573698][ T7197]  ? tracepoint_probe_unregister+0x1e6/0x8b0
[  521.573723][ T7197]  __kmalloc+0xa1/0x1e0
[  521.573749][ T7197]  ? __cfi___bpf_trace_percpu_free_percpu+0x10/0x10
[  521.580830][ T7198] FAT-fs (loop0): Directory bread(block 70) failed
[  521.586218][ T7197]  tracepoint_probe_unregister+0x1e6/0x8b0
[  521.586252][ T7197]  bpf_probe_unregister+0x61/0x70
[  521.593138][ T7198] FAT-fs (loop0): Directory bread(block 71) failed
[  521.597259][ T7197]  bpf_raw_tp_link_release+0x63/0x90
[  521.597303][ T7197]  bpf_link_free+0x13a/0x390
[  521.603255][ T7198] FAT-fs (loop0): Directory bread(block 72) failed
[  521.607504][ T7197]  ? bpf_link_put_deferred+0x20/0x20
[  521.614409][ T7198] FAT-fs (loop0): Directory bread(block 73) failed
[  521.618606][ T7197]  ? security_file_free+0xd8/0xf0
[  521.618637][ T7197]  bpf_link_release+0x15f/0x170
[  521.638016][  T331] udevd[331]: symlink '../../loop0' '/dev/disk/by-diskseq/1367.tmp-b7:0' failed: Read-only file system
[  521.641802][ T7197]  ? __cfi_bpf_link_release+0x10/0x10
[  521.641843][ T7197]  __fput+0x1fc/0x8f0
[  521.717491][ T7197]  ? _raw_spin_unlock+0x4c/0x70
[  521.722367][ T7197]  ____fput+0x15/0x20
[  521.726363][ T7197]  task_work_run+0x1db/0x240
[  521.730957][ T7197]  ? __cfi_task_work_run+0x10/0x10
[  521.736079][ T7197]  ? __cfi___close_range+0x10/0x10
[  521.741214][ T7197]  exit_to_user_mode_loop+0x9b/0xb0
[  521.746411][ T7197]  exit_to_user_mode_prepare+0x5a/0xa0
[  521.751865][ T7197]  syscall_exit_to_user_mode+0x1a/0x30
[  521.757320][ T7197]  do_syscall_64+0x58/0xa0
[  521.761737][ T7197]  ? clear_bhb_loop+0x15/0x70
[  521.766406][ T7197]  ? clear_bhb_loop+0x15/0x70
[  521.771079][ T7197]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  521.776973][ T7197] RIP: 0033:0x7f499f58e969
[  521.781382][ T7197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  521.800998][ T7197] RSP: 002b:00007f49a0470038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  521.809424][ T7197] RAX: 0000000000000000 RBX: 00007f499f7b5fa0 RCX: 00007f499f58e969
[  521.817394][ T7197] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000000
[  521.825396][ T7197] RBP: 00007f49a0470090 R08: 0000000000000000 R09: 0000000000000000
[  521.833379][ T7197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  521.841344][ T7197] R13: 0000000000000000 R14: 00007f499f7b5fa0 R15: 00007ffe61b0fca8
[  521.849339][ T7197]  </TASK>
[  521.861526][    C1] CFI failure at __traceiter_percpu_free_percpu+0x87/0xe0 (target: tp_stub_func+0x0/0x10; expected type: 0xc88d2a22)
[  521.873899][    C1] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  521.879994][    C1] CPU: 1 PID: 7181 Comm: syz.1.1818 Not tainted 6.1.138-syzkaller-00046-gdb710ea87c32 #0
[  521.889895][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  521.899959][    C1] RIP: 0010:__traceiter_percpu_free_percpu+0x87/0xe0
[  521.906651][    C1] Code: f8 48 c1 e8 03 80 3c 18 00 74 05 e8 a3 ff 0f 00 49 8b 7d 08 4c 89 fe 8b 55 d4 48 8b 4d c8 41 ba de d5 72 37 45 03 56 fc 74 02 <0f> 0b 41 ff d6 49 83 c4 18 4c 89 e0 48 c1 e8 03 80 3c 18 00 74 08
[  521.926253][    C1] RSP: 0018:ffffc900001b0ab8 EFLAGS: 00010092
[  521.932323][    C1] RAX: 1ffff110265ed506 RBX: dffffc0000000000 RCX: 0000607e08a09730
[  521.940291][    C1] RDX: 0000000000009730 RSI: ffffe8ffffa00000 RDI: ffffc90000c39000
[  521.948265][    C1] RBP: ffffc900001b0af0 R08: dffffc0000000000 R09: fffffbfff0ee425e
[  521.956236][    C1] R10: 00000000dcb33cea R11: 1ffffffff0ee425d R12: ffff888132f6a828
[  521.964203][    C1] R13: ffff888132f6a828 R14: ffffffff81710d60 R15: ffffe8ffffa00000
[  521.972174][    C1] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  521.981110][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  521.987687][    C1] CR2: 000000110c30217f CR3: 0000000006e0f000 CR4: 00000000003506a0
[  521.995656][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  522.003631][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  522.011609][    C1] Call Trace:
[  522.014878][    C1]  <IRQ>
[  522.017717][    C1]  free_percpu+0xd09/0x1020
[  522.022222][    C1]  ? __kasan_slab_free+0x11/0x20
[  522.027186][    C1]  ? __cfi_free_percpu+0x10/0x10
[  522.032291][    C1]  ? __cfi_percpu_free_defer_callback+0x10/0x10
[  522.038575][    C1]  percpu_free_defer_callback+0x36/0x50
[  522.044116][    C1]  rcu_do_batch+0x515/0xb90
[  522.048628][    C1]  ? rcu_core+0xe70/0xe70
[  522.052960][    C1]  ? __kasan_check_write+0x14/0x20
[  522.058072][    C1]  ? _raw_spin_lock_irqsave+0xb0/0x110
[  522.063537][    C1]  ? __cfi__raw_spin_lock_irqsave+0x10/0x10
[  522.069457][    C1]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[  522.075268][    C1]  ? rcu_report_qs_rnp+0x2bc/0x390
[  522.080462][    C1]  rcu_core+0x5a5/0xe70
[  522.084620][    C1]  ? rcu_cpu_kthread_park+0x90/0x90
[  522.089821][    C1]  ? kvm_sched_clock_read+0x18/0x40
[  522.095026][    C1]  ? run_rebalance_domains+0xf7/0x1c0
[  522.100396][    C1]  rcu_core_si+0x9/0x10
[  522.104552][    C1]  handle_softirqs+0x1d7/0x600
[  522.109319][    C1]  __irq_exit_rcu+0x52/0xf0
[  522.113816][    C1]  irq_exit_rcu+0x9/0x10
[  522.118057][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  522.123687][    C1]  </IRQ>
[  522.126641][    C1]  <TASK>
[  522.129566][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  522.135539][    C1] RIP: 0010:release_pages+0x3c3/0xb20
[  522.140915][    C1] Code: ff 89 de e8 bf e9 d1 ff 45 84 f6 8b 5c 24 04 74 30 e8 d1 e6 d1 ff 4c 89 ff e8 f9 63 1d 00 eb 26 e8 c2 e6 d1 ff 4c 8b 74 24 18 <49> bd 00 00 00 00 00 fc ff df 4c 89 fb 44 8b 7c 24 04 e9 0b 06 00
[  522.160542][    C1] RSP: 0018:ffffc9000e8df2a0 EFLAGS: 00000293
[  522.166615][    C1] RAX: ffffffff819e0a4e RBX: ffffea0004e77dc0 RCX: ffff88810e7e3cc0
[  522.174580][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  522.182548][    C1] RBP: ffffc9000e8df3a8 R08: dffffc0000000000 R09: fffff940009cefbf
[  522.190600][    C1] R10: fffff940009cefbf R11: 1ffffd40009cefbe R12: bfffffffffffffff
[  522.198588][    C1] R13: dffffc0000000000 R14: 0000000000000000 R15: 00000000000001f8
[  522.206654][    C1]  ? release_pages+0x3be/0xb20
[  522.211428][    C1]  ? __kasan_check_write+0x14/0x20
[  522.216556][    C1]  ? lru_add_drain_cpu+0x383/0x4b0
[  522.221668][    C1]  ? __cfi_release_pages+0x10/0x10
[  522.226778][    C1]  ? __this_cpu_preempt_check+0x13/0x20
[  522.232327][    C1]  ? __kasan_check_read+0x11/0x20
[  522.237361][    C1]  free_pages_and_swap_cache+0x86/0xa0
[  522.242824][    C1]  tlb_flush_mmu+0x101/0x1e0
[  522.247416][    C1]  unmap_page_range+0x20c6/0x2310
[  522.252447][    C1]  ? __cfi_unmap_page_range+0x10/0x10
[  522.257819][    C1]  ? mas_find+0x155/0x370
[  522.262175][    C1]  unmap_vmas+0x31c/0x430
[  522.266592][    C1]  ? __cfi_unmap_vmas+0x10/0x10
[  522.271443][    C1]  ? __cfi_lru_add_drain_cpu+0x10/0x10
[  522.276991][    C1]  ? __kasan_check_write+0x14/0x20
[  522.282102][    C1]  exit_mmap+0x263/0xa40
[  522.286349][    C1]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[  522.292168][    C1]  ? __cfi_exit_mmap+0x10/0x10
[  522.296937][    C1]  ? __cfi_exit_aio+0x10/0x10
[  522.301619][    C1]  ? uprobe_clear_state+0x2c1/0x320
[  522.306815][    C1]  __mmput+0x93/0x320
[  522.310796][    C1]  ? mmput+0x43/0x150
[  522.314774][    C1]  mmput+0x4b/0x150
[  522.318591][    C1]  do_exit+0x979/0x2650
[  522.322750][    C1]  ? __cfi_do_exit+0x10/0x10
[  522.327338][    C1]  ? plist_del+0x3df/0x3f0
[  522.331756][    C1]  ? _raw_spin_unlock+0x4c/0x70
[  522.336610][    C1]  ? futex_unqueue+0x126/0x160
[  522.341377][    C1]  ? __kasan_check_write+0x14/0x20
[  522.346489][    C1]  ? _raw_spin_lock_irq+0x8f/0xe0
[  522.351530][    C1]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  522.357077][    C1]  do_group_exit+0x210/0x2d0
[  522.361670][    C1]  ? __kasan_check_write+0x14/0x20
[  522.366783][    C1]  get_signal+0x13b5/0x1520
[  522.371295][    C1]  arch_do_signal_or_restart+0xb0/0x1030
[  522.376924][    C1]  ? irqentry_exit+0x37/0x40
[  522.381510][    C1]  ? sysvec_irq_work+0x61/0xc0
[  522.386303][    C1]  ? asm_sysvec_irq_work+0x1b/0x20
[  522.391413][    C1]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  522.397573][    C1]  ? __se_sys_futex+0x277/0x2e0
[  522.402431][    C1]  exit_to_user_mode_loop+0x7a/0xb0
[  522.407636][    C1]  exit_to_user_mode_prepare+0x5a/0xa0
[  522.413097][    C1]  syscall_exit_to_user_mode+0x1a/0x30
[  522.418572][    C1]  do_syscall_64+0x58/0xa0
[  522.422984][    C1]  ? clear_bhb_loop+0x15/0x70
[  522.427662][    C1]  ? clear_bhb_loop+0x15/0x70
[  522.432333][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  522.438228][    C1] RIP: 0033:0x7f77bdd8e969
[  522.442637][    C1] Code: Unable to access opcode bytes at 0x7f77bdd8e93f.
[  522.449641][    C1] RSP: 002b:00007f77beb1b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  522.458047][    C1] RAX: fffffffffffffe00 RBX: 00007f77bdfb6088 RCX: 00007f77bdd8e969
[  522.466015][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f77bdfb6088
[  522.473981][    C1] RBP: 00007f77bdfb6080 R08: 0000000000000000 R09: 0000000000000000
[  522.481945][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f77bdfb608c
[  522.489907][    C1] R13: 0000000000000000 R14: 00007ffd524201f0 R15: 00007ffd524202d8
[  522.497876][    C1]  </TASK>
[  522.500894][    C1] Modules linked in:
[  522.504789][    C1] ---[ end trace 0000000000000000 ]---
[  522.510241][    C1] RIP: 0010:__traceiter_percpu_free_percpu+0x87/0xe0
[  522.516924][    C1] Code: f8 48 c1 e8 03 80 3c 18 00 74 05 e8 a3 ff 0f 00 49 8b 7d 08 4c 89 fe 8b 55 d4 48 8b 4d c8 41 ba de d5 72 37 45 03 56 fc 74 02 <0f> 0b 41 ff d6 49 83 c4 18 4c 89 e0 48 c1 e8 03 80 3c 18 00 74 08
[  522.536528][    C1] RSP: 0018:ffffc900001b0ab8 EFLAGS: 00010092
[  522.542604][    C1] RAX: 1ffff110265ed506 RBX: dffffc0000000000 RCX: 0000607e08a09730
[  522.550576][    C1] RDX: 0000000000009730 RSI: ffffe8ffffa00000 RDI: ffffc90000c39000
[  522.558588][    C1] RBP: ffffc900001b0af0 R08: dffffc0000000000 R09: fffffbfff0ee425e
[  522.566588][    C1] R10: 00000000dcb33cea R11: 1ffffffff0ee425d R12: ffff888132f6a828
[  522.574574][    C1] R13: ffff888132f6a828 R14: ffffffff81710d60 R15: ffffe8ffffa00000
[  522.582548][    C1] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  522.591599][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  522.598177][    C1] CR2: 000000110c30217f CR3: 0000000006e0f000 CR4: 00000000003506a0
[  522.606175][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  522.614142][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  522.622122][    C1] Kernel panic - not syncing: Fatal exception in interrupt
[  522.629682][    C1] Kernel Offset: disabled
[  522.634015][    C1] Rebooting in 86400 seconds..