last executing test programs:

4m57.700579703s ago: executing program 0 (id=1):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x1daf6}, 0x10)
setsockopt$packet_int(r0, 0x107, 0xe, &(0x7f0000000380)=0x3d70, 0x4)
inotify_init()
r1 = socket$igmp6(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r1, 0x29, 0x22, &(0x7f0000000000)={{0xa, 0x4e21, 0xffff8000, @mcast1, 0x8}, {0xa, 0xffff, 0xfffffffe, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x0, {[0x6, 0x3cecb818, 0x101, 0xfffffefc, 0x2d, 0x1, 0x0, 0x200003]}}, 0x5c)
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x40, 0x0, 0x0, 0x0, 0x0)
mount$incfs(&(0x7f0000000300)='./file0\x00', &(0x7f0000000400)='./file0\x00', &(0x7f0000000280), 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
openat$incfs(r2, &(0x7f0000000180)='.pending_reads\x00', 0x10b441, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000030000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r4}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00'}, 0x10)
setregid(0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x2, 0x0, 0x3, 0xfffffffffffffffd, 0x3, 0x0, 0x0, 0xe}, 0x0, &(0x7f0000000300)={0x3ff, 0x7e7, 0x0, 0x9, 0x4, 0x0, 0x7fffffff, 0x3f8}, 0x0, 0x0)

4m57.184837514s ago: executing program 0 (id=6):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040)={0x1000, 0x10ffff, 0xfffffffd})
ioctl$GIO_UNISCRNMAP(r0, 0x4b69, &(0x7f0000000280)=""/146)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
r2 = inotify_init()
ioctl$TCSETSW(r1, 0x5403, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x0, 0x2172, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000003000/0x3000)=nil, 0x3000, 0x1000001)
ioctl$FS_IOC_GETFSSYSFSPATH(r2, 0x80811501, &(0x7f0000000080)={0x80})

4m51.35772993s ago: executing program 0 (id=12):
r0 = socket(0x1d, 0x1, 0x10a0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0xd, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x18, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000300000005"], 0x50)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00'})
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000180)={[{@grpid}, {@mblk_io_submit}, {@nodioread_nolock}, {@test_dummy_encryption}, {@inode_readahead_blks}, {@nodelalloc}, {@minixdf}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}]}, 0x4, 0xbaf, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3ny2zftO+vIi1k0jIi2o07SSYotgKxU3LgTdCg3ppIRMP0giNWkWE/0HRF0LbgS1KF3YdTcKbt1o3VpcCEVioyCikTsfSWxmkrSd5Ibk94Mz95w5d+Z5nrlM7j0wNwHsWgPZQxpxICLOJhGF+vNpRHRXe70Rldp+C/OzI7/Pz44ksbj42i9JJBFxd352pPFeSX27rz7ojYhvX0zif++sjjs5PTM+XC6XJurjI1MXLh+ZnJ55ZuzC8PnS+dLFo8efGzo2dHzwxFDbav3jx1M3fnv85Z8qf37617Vf3/84iVPRV59bWUe7DMTA0meyUmdEDLc7WE466vWsrDPpXOdF6SYnBQBAS+mKa7hHohAdsXzxVoivvss1OQAAAKAtFjsiFgEAAIAdLrH+BwAAgB2u8TuAu/OzI42W7y8Sttad0xHRX6t/od5qM51RqW57oysi9t5NYuVtrUntZQ9tICJu/3Dii6zFJt2HvJbKXEQ82uz4J9X6+6t3ca+uP42IwTbEH7hnvN3qf7q7df2n2hA/7/oB2J1unq6dyFaf/9Kl659ocv7rbHLuehB5n/8a138Lq67/luvvaHH99+oGY1z95MMrreay+p+/8dLnjZbFz7YPVdR9uDMX8Vhns/qTpfqTFvWf3WCMwt9XSq3m8q5/8aOIQ9G8/oZk7f9PdGR0rFwarD02jTH3zdBnreLnXX92/Pe2qH+94395gzHeOHPmequ59etPf+5OXq/2uuvPvDU8NTVxNKI7eWX188fqN7S30Nin8R5Z/YefWPv736z+LESl/jlka4G5+jYbv31PzBeuXf1yrfqztV+ex//cAx7/dzcY48mv3zvcam7l+jdrWfzbSW0tDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaUT0RZIWl/ppWixG7IuI/8fetHxpcuqp0UtvXjyXzUX0R1c6OlYuDUZEoTZOsvHRan95fOye8bMRsT8iPijsqY6LI5fK5/IuHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCX7IqIvkrQYEWlELBTStFjMOysAAACg7frzTgAAAADYdNb/AAAAsPNZ/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDJ9h+8eSuJiMrJPdWW6a7PdeWaGbDZ0rwTAHLTkXcCQG46804AyM19rvFdLsAOlKwz39typqftuQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwfR06cPNWEhGVk3uqLdNdn+tq+oqDW5gdsJnSvBMActOx1mTn1uUBbD1fcdi9mq/xgd0kWWe+d3mfyr9nejYtJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2n75qS9JiRKTVfpoWixH/iYj+6EpGx8qlwYj4b0R8X+jqycY9eScNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA201Oz4wPl8ulCR0dnXw7yfZIo9bJ+y8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5mJyeGR8ul0sTk3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORtcnpmfLhcLk1soHP9fnZe0cm7RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vNPAAAA///5ZQ4Q")
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x202a00c, &(0x7f0000003b40)=ANY=[], 0x1, 0x2f4, &(0x7f0000000880)="$eJzs3U1PE1sYwPGnLxRaAsPi5t5cE8OJbnQzgepaaQwkxiYSpMaXxGSQqTYdWzLTYGqM6Mqt8UO4ICzZkShfgI073bhxx8bEhSyMYzqdodAOb6VQAv9fQubJnPNMz+kMyXMmzLB+792zYt7R80ZFon1KIiIiGyJDEpVAxN9GvTghW72Wy/0/v5y/c//BrUw2Oz6l1ERm+kpaKTU4/PH5y6TfbaVX1oYerf9If1/7d+3/9T/TTwuOKjiqVK4oQ82Uv1WMGctUswWnqCs1aZmGY6pCyTHtenu53p63ynNzVWWUZgdSc7bpOMooVVXRrKpKWVXsqoo9MQolpeu6GkgJ9pJbnJoyMm0m93V4MDgitp0xYiKSbGnJLXZlQAAAoKua6/+oqE7W/0sXViv9d5cH/fp/JRFW/1/9Wj/Wtvq/Vl2G1v/B54fW/8bB6v/WiuhsOVT9j5NhONGyK9IIa412xkj5v7+eNw+XRqTn2AYIAAAAAAAAAAAAAAAAAAAAAAAOZ8N1Ndd1tWDrxkXEdbVe/wFv198fkhoTketdGDI6qOX8+z/7OP84BRoP7sUHRay387n5XH3rd1gVEUtMGRFNfnvXg68WB08eqZoh+WQt+PkL87mY15LJS8HLHxWtR5rzXXfiZnZ8VNVtz++R1Nb8tGjyT3h+OjQ/IZcubsnXRZPPj6Uslsx642jkvxpV6sbtbFN+0usHAAAAAMBpoKtNoet3Xd+pvZ6/ub5uvj8Qa6yvR0LX53E5F+/u3AEAAAAAOCuc6ouiYVmmvUuQlL37tB/Ej+jIwQz3mxX8LcPRzXSXIPjwbU3BP9jo+NcSOcDXskMQlXayhmuzUYedRXDbaKc+Mjl2/GfQC/57/+FX5w54bblvj5m2H8R2vwB4OTAAAABwCjWK/mDPWHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGXQcb0fr9hwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk+JvAAAA///+mQDw")
r4 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r5 = socket$netlink(0x10, 0x3, 0x0)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000180)="200000001300034700bb65e1c3e4ffff01000000010000005600000025000000", 0x20}], 0x1)
setsockopt$inet_mreqsrc(r4, 0x0, 0x28, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mount$binderfs(0x0, &(0x7f0000000040)='./binderfs\x00', 0x0, 0x42c, &(0x7f00000000c0)=ANY=[@ANYBLOB='context='])
getsockopt$inet_IP_XFRM_POLICY(r6, 0x0, 0x11, &(0x7f0000000780)={{{@in6=@initdev, @in=@remote}}, {{@in=@dev}, 0x0, @in=@loopback}}, &(0x7f0000000380)=0xe8)

4m46.450908212s ago: executing program 0 (id=18):
r0 = syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x220008c9, &(0x7f0000000140)=ANY=[], 0x81, 0x14f3, &(0x7f0000002a80)="$eJzs3AuUzlXbMPB97b3/jGnibpLDsK99/bnTYJskySEhhyRJkiSnhCRJkpAYckoakpDjJDkMITlMY9I4nw85J00eaZIkp5zC/pae53s9z9vzvr3v9/S91nrn+q21172v+c913XvPNWv+h7Xm/rHnqLrN69VqSkTiXwJ/fUkWQsQIIYYJIQoIIQIhRMX4ivFXj+dTkPyvvQn7cz2Wdr1XwK4n7n/uxv3P3bj/uRv3P3fj/udu3P/cjfufu3H/GcvNts8pehOP3Dv4+X9uxuf//0Vyyk3+dmO5W3r9N1K4/7kb9z934/7nbtz/3I37n7tx///3q/mfHOP+527cf8Zys+v9/JnH9R3X+/ePMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxljucN5fo4UQV1/Pee+v97oYY4wxxhhjjDH25/F5r/cKGGOMMcYYY4wx9v8fCCmU0CIQeUReESPyiVhxg4gTN4r8ooCIiJtEvLhZFBS3iEKisCgiiooEUUwUF0agsIJEKEqIkiIqbhWlxG0iUZQWZURZ4UQ5kSRuF+XFHaKCuFNUFHeJSuJuUVlUEVVFNXGPqC7uFTVETVFL3Cdqizqirqgn7hf1xQOigXhQNBQPiUbiYdFYPCKaiEdFU/GYaCYeF83FE6KFeFK0FK1Ea9FGtP1/yn9V9BWviX6iv0gWA8RA8boYJAaLIWKoGCbeEMPFm2KEeEukiJFilHhbjBbviDHiXTFWjBPjxXtigpgoJonJYoqYKlLF+2Ka+EBMFx+KGWKmmCVmizQxR8wVH4l5Yr5YID4WC8UnYpFYLJaIpSJdfCoyxDKRKT4Ty8XnIkusECvFKrFarBFrxTqxXmwQG8UmsVlsEVvFNrFdfCF2iJ1il9gt9oi9Yp/4UuwXX4kD4muRLb75b+af+3f5vUCAAAkSNGjIA3kgBmIgFmIhDuIgP+SHCEQgHuKhIBSEQlAIikARSIAEKA7FAQGBgKAElIAoRKEUlIJESIQyUAYcOEiCJCgPd0AFqAAVoSJUgkpQGapAFagG1aA6VIcaUANqQS2oDbWhLtSF++F+eAAaQANoCA2hETSCxtAYmkATaApNoRk0g+bQHFpAC2gJLaE1tIa20BbaQTtoD+2hI3SETtAJOkNn6AJdoCt0hW7QDbpDd+gBPaAn9IRe0Bt6w6vwKrwGr0F/qC0HwEAYCINgEAyBoTAU3oDh8Ca8CW9BCoyEUfA2vA3vwBg4C2NhHIyH8VBdToRJMBlIToVUSIVpMA2mw3SYATNhJsyGNJgDc2EuzIP5MB8+hoXwCXwCi2ExLIV0SIcMWAaZkAnL4RxkwQpYCatgNayB1bAO1sM62AibYCNsgS2wDbbBF/AF7ISdsBt2w17YC1/Cl/AVfAUpkA3ZcBAOwiE4BIfhMORADhyBI3AUjsIxOAbH4TicgJNwCk7CGTgDZ+EcnIfzcBEuwiV4OeH7ZntLb0gR8iottcwj88gYGSNjZayMk3Eyv8wvIzKvjJfxsqAsKAvJQrKILCITZIIsLotLlChJhrKELCGjMipLyVIyUSbKMrKMdNLJJJkky8vysoKsICvKu2QlebesLKvIDq6arCary46uhqwpa8lasrasI+vKejJOCFFfNpANZEPZUDaSjWRj+YhsIgfAEHhMXu1MczkSWshR0FK2kq1lG/kOPCXbyTHQXnaQHeUzchyMhc6ynesin5dd5SToJl+Uk+El2UNOhZ7yFdlL9pZ95Kuyr2zv+sn+cgYMkAPlbBgkB8shcqicB3Xk1Y7VlW/JFDlSjpJvy6Xwjhwj35Vj5Tg5Xr4nJ8iJcpKcLKfIqTJVvi+nyQ/kdPmhnCFnyllytkyTc+Rc+ZGcJ+fLBfJjuVB+IhfJxXKJXCrT5acyQy6TmfIzuVx+LrPkCrlSrpKr5Rq5Vq6T6+UGuVFukpvlFrlVbpPb5Rdyh9wpd8ndco/cK/fJL+V++ZU8IL+W2fIbeVD+RR6S38rD8juZI7+XR+QP8qj8UR6TP8nj8md5Qp6Up+RpeUb+Is/Kc/K8vCAvyl/lJXlZXpFeCgVKKqW0ClQelVfFqHwqVt2g4tSNKr8qoCLqJhWvblYF1S2qkCqsiqiiKkEVU8WVUaisIhWqEqqkiqpbVSl1m0pUpVUZVVY5VU4lqdtVeXWHqqDuVBXVXaqSultVVlVUVVVN3aOqq3tVDVVT1VL3qdqqjqqr6qn7VX31gGqgHlQN1UOqkXpYNVaPqCbqUdVUPaaaqcdVc/WEaqGeVC1VK9VatVFt1VOqnXpatVcdVEf1jOqknlWd1XOqi3pedVUvqG7qRdVdvaR6qJdVT/WK6qV6qz7qsrqivOqn+qtkNUANVK+rQWqwGqKGqmHqDTVcvalGqLdUihqpRqm31Wj1jhqj3lVj1Tg1Xr2nJqiJapKarKaoqSpVva+mqQ/UdPWhmqFmqllqtkpTc9SQv1Va8F/I/+Cf5I/47d23qe3qC7VD7VS71G61R+1V+9Q+tV/tVwfUAZWtstVBdVAdUofUYXVY5agcdUQdUUfVUXVMHVPH1XF1Qp1UF9RpdUb9os6qc+qcuqAuqovq0t9+BkKDllpprQOdR+fVMTqfjtU36Dh9o86vC+iIvknH65t1QX2LLqQL6yK6qE7QxXRxbTRqq0mHuoQuqaP6Vl1K36YTdWldRpfVTpfTSfr2fzn/j9bXVrfV7XQ73V631x11R91Jd9KddWfdRUPyX69vuunuurvuoXvonrqn7qV76T66j+6r++p+up9O1sl6oH5dD9KD9RA9VA/Tb+jhergeoUfoFJ2iR+lRerQercfoMXqsHqvH6/F6gp6gJ+lJeoqeolN1qp6mp+nperqeoWfoWXqWTtNpeq6eq+fpeXqBXqAX6oV6kV6kl+glOl2n6wydoTN1pl6ul+ssvUKv0Kv0Kr1Gr9Hr9Dq9QW/Qm/QmvUVv0Vl6u96ud+gdepfepffoPXqf3qf36/36gD6gs3W2PqgP6kP6kD6sD+scnaOP6CP6qD6qj+lj+rg+rk/oE/qUPqXP6DP6rD6rz+vz+qK+qC/pS/qKvnL1si+QgQx0oIM8QZ4gJogJYoPYIC6IC/IH+YNIEAnig/igYHBLUCgoHBQJigYJQbGgeGACDGxAQRiUCEoG0eDWoFRwW5AYlA7KBGUDF5QLkoLbg/LBHUGF4M6gYnBXUCm4O6gcVAmqBtWCe4Lqwb1BjaBmUCu4L6gd1AnqBvWC+4P6wQNBg+DBoGHwUNAoeDhoHDwSNAkeDZoGjwXNgseD5sETQYvgyaBl0CpoHbQJ2v6p9b0/W/hp18/0N8kmxgw0r5tBZrAZYoaaYeYNM9y8aUaYt0yKGWlGmbfNaPOOGWPeNWPNODPevGcmmIlmkplsppipJtW8b6aZD8x086GZYWaaWWa2STNzzFzzkZln5psF5mOz0HxiFpnFZolZatLNpybDLDOZ5jOz3HxusswKs9KsMqvNGrPWrDPrzQaz0Wwym80Ws9VsM9vNF2aH2Wl2md1mj9lr9pkvzX7zlTlgvjbZ5htz0PzFHDLfmsPmO5NjvjdHzA/mqPnRHDM/mePmZ3PCnDSnzGlzxvxizppz5ry5YC6aX80lc9lcMf7qxf3V0ztq1JgH82AMxmAsxmIcxmF+zI8RjGA8xmNBLIiFsBAWwSKYgAlYHIvjVYSEJbAERjGKpbAUJmIilsEy6NBhEiZheSyPFbACVsSKWAkrYWWsjFWxKt6D9+C9eC/WxJp4H96HdbAO1sN6WB/rYwNsgA2xITbCRtgYG2MTbIJNsSk2w2bYHJtjC2yBLbEltsbW2BbbYjtsh+2xPXbEjtgJO2Fn7IxdsAt2xa7YDbthd+yOPbAH9sSe2At7YR/sg32xL/bDfpiMyTgQB+IgHIRDcAgOw2E4HIfjCByBKZiCo3AUjsbROAbH4Fgch+PxPZyAE3ESTsYpOBVTMRWn4TScjtNxBs7AWTgL0zAN5+JcnIfzcAEuwIW4EBcJgUtwCaZjOmZgBmZiJi7H5ZiFWbgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsftuAN34C7chXtwD+7Dfbgf9+MBPIDZmI0H8SAewkN4GA9jDubgETyCR/EoHsNjeByP4wk8gafwFJ7BM3gWz+J5PI8X8Ve8hJfxCnqMsVLE2htsnL3R5rcFbIzNZ/8+LmKL2gRbzBa3xhayhf8hRmttoi1ty9iy1tlyNsne/ru4sq1iq9pq9h5b3d5ra/wurm8fsA3sg7ahfcjWs/f/Q9zIPmwb2ydsE/ukbWpb2Wa2jW1un7At7JO2pW1lW9s2tpN91na2z9ku9nnb1b7wuzjDLrPr7Qa70W6y++1X9ry9YI/aH+1F+6vtZ/vbYfYNO9y+aUfYt2yKHfm7eLx9z06wE+0kO9lOsVN/F8+ys22anWPn2o/sPDv/d3G6/dQutJl2kV1sl9ilv8VX15RpP7PL7ec2y66wK+0qu9qusWvtun9b6yq7xW612+w++6XdYXfaXXa33WP3/hZf3ccB+7XNtt/YI/YHe8h+aw/bYzbHfv9bfHV/x+xP9rj92Z6wJ+0pe9qesb/Ys/bcb/u/uvfT9rK9Yr0VBCRJkaaA8lBeiqF8FEsFKI5upPxUgCJ0E8XTzVSQbqFCVJiKUFFKoGJUnAwhWSIKqQSVpCjdSqXoNkqk0lSGypKjcpREt1N5uoMq0J1Uke6iSnQ3VaYqVJWq0T1Une6lGlSTatF9VJvqUF2qR/dTfXqAGtCD1JAeokb0MDWmR6gJPUpN6TFqRo9Tc3qCWtCT1JJaUWtqQ23pKWpHT1N76kAd6RnqRM9SZ3qOutDz1JVeoG70InWnl6gHvUw96RXqRb2pD71Kfek16kf9KZkG0EB6nQbRYBpCQ2kYvUHD6U0aQW9RCo2kUfQ2jaZ3aAy9S2NpHI2n92gCTaRJNJmm0FRKpfdpGn1A0+lDmkEzaRbNpjSaQ3PpI5pH82kBfUwL6RNaRItpCS2ldPqUMmgZZdJntJw+pyxaQStpFa2mNbSW1tF62kAbaRNtpi20lbbRdvqCdtBO2kW7aQ/tpX30Je2nr+gAfU3Z9A0dpL/QIfqWDtN3lEPf0xH6gY7Sj3SMfqLj9DOdoJN0ik7TGfqFztI5Ok8X6CL9SpfoMl0hTyKEUIYq1GEQ5gnzhjFhvjA2vCGMC28M84cFwkh4Uxgf3hwWDG8JC4WFwyJh0TAhLBYWD02IoQ0pDMMSYckwGt4algpvCxPD0mGZsGzownJhUnh7WD68I6wQ3hlWDO8KK4V3h5XDKuETD1UL7wmrh/eGNcKaYa3wvrB2WCesG9YL7w/rhw+EDcIHw4bhQ2GF8OGwcfhI2CR8NGwaPhY2Cx8Pm4dPhC3CJ8OWYauwddgmbBs+FbYLnw7bhx3CjuEzYafw2bBz+FzYJXw+7Bq+8IfHk8MB4cDw9fD10PsH1ZLo0mh69NNoRnRZNDP6WXR59PNoVnRFdGV0VXR1dE10bXRddH10Q3RjdFN0c3RLdGt0W9T7enmFAyedctoFLo/L62JcPhfrbnBx7kaX3xVwEXeTi3c3u4LuFlfIFXZFXFGX4Iq54s44dNaRC10JV9JF3a2ulLvNJbrSrowr65wr55JcG9fWtXXt3NOuvevgOrpn3DPuWfese8495553Xd0Lrpt70XV3L7ke7mX3snvF9XK9XR/3quvrXnP9XH+X7JLdQDfQDXKD3BA3xA1zw9xwN9yNcCNciktxo9woN9qNdmPcGDfWjXXj3Xg3wU1wk9wkN8VNcaku1U1z09x0N93NcDPcLDfLpbk0N9fNdfPcPLfALXALExe6RW6RW+KWuHSX7jJchst0mW65W+6yXJZb6Va61W61W+vWuvVuvdvoNrrNbrPb6ra67W672+F2uF1ul9vj9rh9bp/b7/a7A+6Ay3bZ7qA76A65Q+6w+87luO/dEfeDO+p+dMfcT+64+9mdcCfdKXfanXG/uLPunDvvLriL7ld3yV12V5x3qZH3I9MiH0SmRz6MzIjMjMyKzI6kReZE5kY+isyLzI8siHwcWRj5JLIosjiyJLI0kh75NJIRWRbJjHwWWR75PJIVWRFZGVkVWR1ZE/G+2I7Ql/AlfdTf6kv523yiL+3L+LLe+XI+yd/uy/s7fAV/p6/o7/KV/N2+sq/iq/onfUvfyrf2bXxb/5Rv55/27X0H39E/4zv5Z31n/5zv4p/3Xf0Lvpt/0Xf3L/ke/mXf07/ie/nevo9/1ff1r/l+vr9P9gP8QP+6H+QH+yF+qB/m3/DD/Zt+hH/Lp/iRfpR/24/27/gx/l0/1o/z4/17foKf6Cf5yX6Kn+pT/ft+mv/AT/cf+hl+pp/lZ/s0P8fP9R/5eX6+X+A/9gv9J36RX+yX+KU+3X/qM/wyn+k/88v95z7Lr/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3X/hd/idfpff7ff4vX6f/9Lv91/5A/5rn+2/8Qf9X/wh/60/7L/zOf57f8T/4I/6H/0x/5M/7n/2J/xJf8qf9mf8L/6sP+fP+wv+ov/VX/KX/RX+nzXGGGOMsf8S9QfHB/yTr8m/jasGCiFu3Fk059/X3Fzor/PBMqFTRAjxfP+ej/3fUbt2cvLfHs6LLCWCkouFEJFr+XnEtXiF6CieFV1EB1H+n65vsOx9kf6gfvQuIWL/LidGXIuv1b/jP6j/1DPjMyqF5+P/k/qLhUgseS0nn7gWX6tf4T+oX7jdH6w/37epQrT/u5w4cS2+Vj9JPC1eEF3+4TsZY4wxxhhjjLG/Giyrdv+j++er9+cJ+lpOXnEt/qP7c8YYY4wxxhhjjF1/L/Xu89xTXbp06M4TnvCEJ/82ud5/mRhjjDHGGGN/tmsX/dd7JYwxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWO71P/FxYtd7j4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxtj19n8CAAD//7CLOQ4=")
r1 = syz_usb_connect(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0)
r2 = add_key$user(&(0x7f00000001c0), &(0x7f0000000380)={'syz', 0x2}, &(0x7f00000003c0)="d98387c3f4d74b94ec9880856dbe45896042c8379d5cfe2881b63ce2cdf05c8e900afc380977e086c28c6cfa1ddf1646806b4903a5f8a2", 0x37, 0xfffffffffffffffe)
r3 = add_key$fscrypt_provisioning(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x3}, &(0x7f00000004c0)={0x0, 0x0, @a}, 0x48, 0xfffffffffffffffb)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000400)='rxrpc\x00', &(0x7f0000000540)=@keyring={'key_or_keyring:', r3})
ioctl$SNDRV_TIMER_IOCTL_CREATE(0xffffffffffffffff, 0xc02054a5, &(0x7f0000000100)={0x5, <r4=>r0, 'id0\x00'})
ioctl$EVIOCSCLOCKID(r4, 0x400445a0, &(0x7f0000000080)=0xb309)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x100482, 0x0, 0xfd, 0x0, 0x0)
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r5 = gettid()
r6 = getpid()
rt_tgsigqueueinfo(r6, r5, 0xb, &(0x7f0000000000)={0x4, 0xfffffffe, 0x4})
r7 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8)={[0xfffffffffffffffe]}, 0x8)
read(r7, &(0x7f0000000740)=""/384, 0x200008c0)
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r8, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r9 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r9, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$fuseblk(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x24000, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000f3ff0000850000007000000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000140)='kmem_cache_free\x00', r10}, 0x18)
r11 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r11, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r11, &(0x7f0000000240)=[{{&(0x7f00000001c0)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000200)="a90500040000746400009e150451160200000064c6", 0x15}, {&(0x7f0000000000)="17460081ba60ccbb9d000000000000", 0xf}], 0x2}}, {{&(0x7f0000000080)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000780)="5825be06000000000000007ca2746314d1787b35", 0x14}], 0x1}}], 0x2, 0x4004040)
mount$bind(&(0x7f0000000280)='./file0\x00', &(0x7f0000000340)='.\x00', 0x0, 0x52000, 0x0)
syz_usb_ep_write$ath9k_ep2(r1, 0x83, 0xd6, &(0x7f0000000240)=@generic={0x8, 0x0, 0xce, "1139bf6c", "0b43a6e39bc81305b8e578be7a359044133a909c726c2293b39aead229a6e074b91ac5fc28e24f99e30bc6283564e94a3b5912a06dce0988cdb189cb70fa231ad8cdbd830217acc13cdb81be7751ac8fb6a1a27d7c47689620b30b7d05d9b0f02524c6a6336ccdd1fb3f3292949b0e8ca4b04808606a389775d60abb3422237157a79e9a6ffa30d677036e9fa2f0e80a65126a3aee9edd120d79298a7c41230bafbbe475e4c3621bf98f1c8de14eecf0287d3f49b1cafd4d4ca898edff3eae87e1896b72d69300bbdae4d6c0a40a"})
syz_usb_ep_write$ath9k_ep2(r1, 0x83, 0x8, &(0x7f0000000080)=ANY=[])
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000580)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
syz_usb_connect$printer(0x0, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201"], 0x0)

4m46.280194476s ago: executing program 32 (id=20):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f00000002c0)={&(0x7f0000000340), &(0x7f0000000b00)=""/228, &(0x7f0000001740)="6873c91130d878399e63758683b1160bc39717c6f742233381d523ae80a41fe4f126ef53bf73023377d7d4a46fab9d698a5e1613d94908e5fb1eb8932442b996b0b9bb64451aeb2cda6d873ac89ddb453bad4e9fd3bf1b3fc2819ec65b574ff72faffe395c08b21db9b46e7dcdf08e64e6b411f0f1574ffff4872f67c27c72f995998aab5f382b115ec2b7dc0494d314fab74797dec0378bcab5a60fda095cc25369e758e54f046e9af7b113b61e8ac3fc5475135aea1694fd1cdde61a97a9ab589ead5c5fedde4de3ae0deafa2f35c7fab385a2bab7bd26619a134e1ccc92837a4c59df51170192760ee1100378877fa5cb75c9822b53b80b0d6ace3e5c4aabc02b4d24a46fa448ca0bf61673d929a2db5bf8a47025c23587d39b174c5e3cdc6d047956d6595e9757065b4868b3d71abc94dc0ee4063d816197f66717259495d6c502f25a1adc7dccc50e4a567bba7464f13b446d95ef1d54ceb9c5c11f5ca1b962f724060670a420a36b519e87fc28637fa0102a309e9b4432ef234cf20f6eec2f32d903d846fcacf95189275ed0390030ff0d60dd72557277889677d852b1c37bc888b3f519d36bd295146c53382135eb870fb081679832155f3cf96c6f303c3268bc8beefd3fb0b549472e1a76584442e3e749feeb1164bd6f961ae5a9cccb8e49462e90a9a8ef1f892272409cad5a2dc79a1f87981936dea49f9f14faa194193b511dc85a634bfe09b51beada93995d0c184cee7cc06750e34193d6abf199eb7eeb71d5bd9fb3da0ca585a26bab3928f656faebcd38b24746d4102b1db00a3d54011e186d4e95789bb103456bb9fcf9c870db700767d70aaaf2278db022e72e026c1ce5cf8e80ca553c76d72a2039d029ee662a39f27a4351ebf5bd6cee4e52d35f832d64167318d65fcfe95c99cc03420c230cbd421b648c76cce1f481f2bb9444274c0a4dc3fab15033531d8e5f111a9b47cf34db540999f16cbb4a68d13324e317629e214ca1932c2c87d056e54e235a13daeef2c6e01d0bc4a0140cf1cfed431f750f49d41b9a732bedfaa48412262707651b745d952f632cce03ef174186acea24f53310e7f15bbd2ad8f7f5092d963c335d587f29e5234dc595333246b96c062a3b5f6e753bdd71c99da5a51f8d38a22efb1f3ac62828721726e5f89308476dfb7d44469457494d98aac37b8007d62c71d0795bff46d90d4df02ce4491d6ce07fb8d273cd201dcc502f8c7edfd27391df1b57611ce2a29bb3b49824b226ff48c5c191f8d58cba9fcdd828832b60b766c1aec6ad697fed84647f335fcff59c27ff898a0729afe2f1875559722e0001da16695e1c7cbf726f90f4d6f0563521a2b873547fc05a377968e4ade771434f14b6fee3533bc5df1f3cf6bd85172726325ad79aeb1869456a94d9143cf1dc4e2192cb82c15db1114b7d9fbd204c9bd91c20388646f3aa9bb664ef38db9e51372e52bc28486f24ebc72d5a142a5ec5b88439730d0dc970133ec31dda75152e036af23c9f1ddd0c55c31b966934ee66bcc84bd7eb3fc3e99a690ec58013c02e28ce0614b323eb33f65e48393edcb6d1249f86d41c7864b562c4e8e18a89f1616a5b5c3f2022560fb4f47742c977fcca44484f7fce316dc16844065fedc01a0920ea15fd73d83eaa9de5bc7ee265d72c7fd0d40f443e491a8233f01d7b2d273fd00c2f676094b11cd670a2aa3d87759a1de7a9a4ea2971b8364a9ab02ea619459c4bdbaaee98d1ab50f5e5573300bad1c77c78cc71fb299a94c97bd5c3c0c7244a32f09cf2ff788f36275e15cbd0d035039b2bdf8e7c73ade564690bfece3be8e2a951fc8d90dfe5165701cdc16cff816899cc7408c9db9c517298833f624db8d992722c3aed2bd534b352cf0eaa63594e787a3b11bbb7503742bdbf1a7b5a166d21e4bf35806e2715696dfedcc1996d194cc439259b1446f12036402f47094c0d58fcde54465d8702275a1b13d1425d689596bcae955e34817e921de7e905356d73446fba945a9633806aec57", &(0x7f0000000280)="a86834233a7cef760b", 0x8, r3, 0x4}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r2, 0xc020f509, &(0x7f00000003c0)={0xffffffffffffffff, 0x7f, 0x1, 0xd2})
fstat(r5, &(0x7f0000000500))
fstat(r2, &(0x7f0000000600))
r7 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r7)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x10)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r8, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=@newtfilter={0x88, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x5}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0x58, 0x2, [@TCA_BASIC_EMATCHES={0x54, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xffff}}, @TCA_EMATCH_TREE_LIST={0x48, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x1}, @TCF_EM_META={0x18, 0x2, 0x0, 0x0, {{}, [@TCA_EM_META_HDR={0xc}]}}, @TCF_EM_U32={0x1c, 0x3, 0x0, 0x0, {{0x2, 0x3, 0x7}, {0x8, 0x42794445, 0x598d, 0x2}}}]}]}]}}]}, 0x88}}, 0x0)

4m41.682578424s ago: executing program 0 (id=42):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
mkdir(&(0x7f0000000000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e85"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r4 = open_tree(0xffffffffffffff9c, 0x0, 0x81000)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
sendfile(r5, 0xffffffffffffffff, 0x0, 0x20000023896)
ioctl$TIOCSERGETLSR(r5, 0x5459, &(0x7f0000000000))
move_mount(r4, &(0x7f0000000600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', r4, 0x0, 0x10)
symlinkat(&(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', r4, &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000008c80)=ANY=[@ANYBLOB="2c00000026000506"], 0x2c}}, 0x0)
recvmmsg(r6, &(0x7f0000007700), 0x318, 0xfc0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r7}, 0x18)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)

4m41.580625332s ago: executing program 0 (id=43):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000008000000020000000400000005"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000080)={[{@nobarrier}, {@mblk_io_submit}, {@inlinecrypt}, {@test_dummy_encryption_v1}, {@barrier}, {@mblk_io_submit}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x140, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r5, &(0x7f0000000340)="5b559269", 0x4)
sendfile(r5, r4, 0x0, 0x3ffff)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
pivot_root(&(0x7f0000000000)='.\x00', &(0x7f00000004c0)='./file1\x00')

4m41.580398772s ago: executing program 33 (id=43):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000008000000020000000400000005"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000080)={[{@nobarrier}, {@mblk_io_submit}, {@inlinecrypt}, {@test_dummy_encryption_v1}, {@barrier}, {@mblk_io_submit}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x140, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r5, &(0x7f0000000340)="5b559269", 0x4)
sendfile(r5, r4, 0x0, 0x3ffff)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
pivot_root(&(0x7f0000000000)='.\x00', &(0x7f00000004c0)='./file1\x00')

4m12.055445383s ago: executing program 1 (id=186):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004300000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

4m9.792526704s ago: executing program 1 (id=190):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x8000, &(0x7f0000000740)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c666d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be29df17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e6760094145e542e426bceaab9b2cf261046247bce0565db3ac5888b74efd48bc9f455e60f49496ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9d0000000094bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4672e47fe5a25502919954242f8d779d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d4ada887dcc71e35f364baa1b93fd5ee36c02aa4628511442982ced893ab946472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b5650d88642b10c7893fe9b664421a40f4822ffcc284dfe9aea76e4a04293c970f2dae776decf07b085e16511b0bd365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b28c52096d13d6b9aac338f27ca2d2108c51ad7bbbc6ec9d577b00c703c4ef2ee9f16febbb7afdafc59e817dc8edb56d445c74fa48cdccf79223640f685b92b26c62d7d65dd4fdd6f73c1d9c70f1bca7a7150f62de63f2f579f1fb2d10f3a770f2b9ce8cd8be9414e0444fd357b3fad5b16d91c91c0f1aa3e11d39426af77180bdb588060a2546b369655c02eb52709e0e03785f8010bfd1a72a817dad46c854ebb0a8aa5d59cae56089e2aac882b33018aa4006a44968a267cde827c86aa1abccb51cb152459f91a39a5cbbd8d218d37f4cf35d339694a379", @ANYBLOB="d23c17f6ec95b3b820b1161ffa233394c6007d8285b061be4d1d842e4a63ec77908347691f71d1e4132f09405a5b81867a01cf3df73c16fd31622d37a921bdbff76ef2fed6da828ab4e0f87928c18c0380050249fb6ab8e225d1f3c041a6377723b83e57fcac059ad433974df43b0efc268cbd67279c5e0f19f5b89100cc35aafb9e96dae3d8afe28e887e01475b9ec063d40d1080f70254a3f65a1c6261571866a21a54d762495480"], 0xf, 0x2a8, &(0x7f00000001c0)="$eJzs3T9rc1UYAPDnJmkSdUgRF8Xhgg5O5a2rS6O8gthJiaAOGmwLkoRCCwErGDv1Ezj6PfwILi5+A8FVcGuHypWbe2+T2PQPNY1gf7/p6TnnOefJPSWZ8uTL10eDvcMkTs9/i3Y7idpO7MRFEptRi8r30QgA4P/jIsviz+whmY3a6qsBANah+Pwv3LW2tZ6SAIBH9vGnn33Y3d19/lGatuPVztm4l0TE6GzcK+a7B/F1DGM/nkUnLiOyK0X8/ge7z6OR5jbjzdFk3MszR1/8Uu7f/SNimr8dndhcnr+dFq7yX6yqS6N7sFH90YlXlue//c/8GE2i14y33pirfys68etXcRjD2Is8d5b/3Xaavpf9cP7t5/kxeX5Si15rum4mq6/pSgAAAAAAAAAAAAAAAAAAAAAAeAK20jQp2vdM+/fkQ9P+OeNe/XI6v5VW5vv7TKr+QEm1UdEfKIuyRc8kix+r/jrP0jTNyoWz/Ea81vDDAgAAAAAAAAAAAAAAAAAAAJA7/uZk0B8O949WElTdAKqv9T90n53ZyEZEDPr1mzdsRdTuedZ8t4G81lsXR6MRK3osdwUv5PWsfOfW7HI/iSKoLmalZ738brHpyaCfllPVQx70k7vOalcX99P8VDP+bWHZ9F/iMlu80/ZVqYtZzRU9jeZLS6f+yrLsfvu883txR+VIMm2xcb/TN8pg6QvMg/b1u/j55g1vfMuor+q9BwAAAAAAAAAAAAAAAAAAWDT70u+SydNbU2uPVhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArNns9/+roB0RiyPXgkmZfNuaMmjG0fF//BIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4Av4OAAD//4GmTU4=")
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x181)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'batadv_slave_0\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x7, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x871}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', r1, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, 0x0, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'wg0\x00', <r4=>0x0})
sendto$packet(r3, &(0x7f0000000180)="0b03feff4f00020002004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14)
r5 = syz_io_uring_setup(0x1eae, &(0x7f0000000480)={0x0, 0x9d2d, 0x1, 0x2, 0x335}, &(0x7f0000000080)=<r6=>0x0, &(0x7f0000001080))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x40, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r5, 0x1682, 0x0, 0xb, 0x0, 0x0)
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r5, 0xc, 0x0, 0x0)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r7, 0xc004743e, 0x110e22fff6)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_xfrm(0x10, 0x3, 0x6)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="c4000000190001000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000f1ee7368d4e9d6c34313df780000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00150000000020ffff0000"], 0xc4}}, 0x4000000)

4m9.254024906s ago: executing program 1 (id=193):
fsopen(&(0x7f0000000140)='sysfs\x00', 0x0) (async)
r0 = fsopen(&(0x7f0000000140)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x1)
fchdir(r1)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x40000, 0x4d)
getdents(r2, &(0x7f0000000200)=""/223, 0xdf)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000021000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000021000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x3, &(0x7f0000000140), 0x1, 0x25f, &(0x7f0000000b00)="$eJzs3U1oHGUYB/Bn9oOYZJGoF0FQQUQkEOJN8BIvCgEJ4kFQISLiRUkETfC268mLF88iOXkJpbemPZZeQi8thZ7SNof00tKGHhoK/YAp+xXSdttsupuZNvP7wWZmknfmeQfm/74T2GECKKyJiJiJiHJETEZENSKSvQ3ebX8mOpsro+vzEWn61a2k1a693dbdbzwiGhHxcUScKSXxcyViee3brTsbn3/w91L1/f/XvhnN9CQ7trc2v9j5b+6vE7MfLZ+/eGMuiZmoPXJew5f0+F0liXj9MIq9IJJK3j2gH1/+cfxSM/dvRMR7rfzfTdsiHuyu9ZLW/7l54a2s+wsMV5pWm3NgIwUKpxQRtc5Nams9SqWpqfY9/OXyWOmXxd9+n/xpcWnhx7xHKmBYahGbn50aOTneWk9KU538Xyu38w8cVfXOcvVK8+dOOd/eAMO0f6Cb8//k9/UPQ/6hcA6U/1ey6ROQjU7+W8l+LP/X8+oTkI0Dzf9P+xoA8FLy/z8U1zPzX82nT0A2zP9QXPIPxSX/UFzyD8W1N/8AQLGkI30+KNzo7gAcFTkPPwAAAAAAAAAAAAAAAAAAQA8ro+vz3U9WNc/+G7H9aURUetUvt95H3H352NjtpNlsV9LebSDfvTPgAQZ0LOenr1+9mm/9c2/nW7++ENH4MyKmK5Unr7+kc/09v9f2+Xv1hwELDOiTrw/ryLW+Wt1fPaz6/ZndiDjdHH+me40/pXiztew9/tSG8JqEX+8NeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAy8zAAAP//JS12Fg==") (async)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x3, &(0x7f0000000140), 0x1, 0x25f, &(0x7f0000000b00)="$eJzs3U1oHGUYB/Bn9oOYZJGoF0FQQUQkEOJN8BIvCgEJ4kFQISLiRUkETfC268mLF88iOXkJpbemPZZeQi8thZ7SNof00tKGHhoK/YAp+xXSdttsupuZNvP7wWZmknfmeQfm/74T2GECKKyJiJiJiHJETEZENSKSvQ3ebX8mOpsro+vzEWn61a2k1a693dbdbzwiGhHxcUScKSXxcyViee3brTsbn3/w91L1/f/XvhnN9CQ7trc2v9j5b+6vE7MfLZ+/eGMuiZmoPXJew5f0+F0liXj9MIq9IJJK3j2gH1/+cfxSM/dvRMR7rfzfTdsiHuyu9ZLW/7l54a2s+wsMV5pWm3NgIwUKpxQRtc5Nams9SqWpqfY9/OXyWOmXxd9+n/xpcWnhx7xHKmBYahGbn50aOTneWk9KU538Xyu38w8cVfXOcvVK8+dOOd/eAMO0f6Cb8//k9/UPQ/6hcA6U/1ey6ROQjU7+W8l+LP/X8+oTkI0Dzf9P+xoA8FLy/z8U1zPzX82nT0A2zP9QXPIPxSX/UFzyD8W1N/8AQLGkI30+KNzo7gAcFTkPPwAAAAAAAAAAAAAAAAAAQA8ro+vz3U9WNc/+G7H9aURUetUvt95H3H352NjtpNlsV9LebSDfvTPgAQZ0LOenr1+9mm/9c2/nW7++ENH4MyKmK5Unr7+kc/09v9f2+Xv1hwELDOiTrw/ryLW+Wt1fPaz6/ZndiDjdHH+me40/pXiztew9/tSG8JqEX+8NeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAy8zAAAP//JS12Fg==")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x284)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r5, 0x8004587d, &(0x7f00000007c0)={@desc={0x1, 0x0, @desc4}})
lseek(r2, 0x101, 0x1) (async)
lseek(r2, 0x101, 0x1)
getdents64(r2, &(0x7f0000003340)=""/48, 0x30)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000000)=r1, 0x4)

4m9.008540866s ago: executing program 1 (id=195):
syz_mount_image$exfat(&(0x7f00000003c0), &(0x7f0000000480)='./file0\x00', 0x3000050, &(0x7f0000000600)=ANY=[], 0x2, 0x1501, &(0x7f0000001bc0)="$eJzs3Au4zdXWMPAx5pz/bZO0ktznmOPPSi6TJMklIZEkSZLklpAkSXKQ2OSWJEnIPck9JLeQ3O+33JPkSJIkJCSZ36PT+by9nfftnO/0Ht979vg9z3z2HHutMdace+xnrf9/Ps/eX3cYWKVe1Up1mBn+KfiXL2kAkAoAfQHgKgCIAKBk1pJZAYdARo1p/9yLiD/WA1Mu9wrE5ST9T9+k/+mb9D99k/6nb9L/9E36n75J/9M36b8Q6dmWqbmulpF+x7/u/B/k/P//O/L5/2/kUNFRn68rem3HfyBF+p++Sf/TN+l/+ib9T9+k/+mb9P/fXARQ8b95WPqfvkn/hUjPLvf58x89zL/pvv6nxmX+9RNCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIkU6cDZcYAPjr/HKvSwghhBBCCCGEEH+ckOFyr0AIIYQQQgghhBD/8xAUaDAQQQpkgFTICJngCsgMV0IWuAoScDVkhWsgG1wL2SEH5IRckBvyQF6wQOCAIYZ8kB+ScB0UgOuhIBSCwlAEPBSFYnADFIcboQTcBCXhZigFt0BpKANloRzcCuXhNqgAFaES3A6V4Q6oAlXhTqgGd0F1uBtqwD1QE+6FWnAf1Ib7oQ48AHXhQagHD0F9eBgaQENoBI2hyf9T/nPQBZ6HrtAN0qA79IAXoCf0gt7QB/rCi9APXoL+8DIMgFdgILwKg+A1GAyvwxAYCsPgDRgOI2AkjILRMAbGwpswDt6C8fA2TICJMAkmwxSYCtPgHZgOM2AmvAuz4D2YDXNgLsyD+fA+LICFsAg+gMXwISyBpbAMlsMKWAmrYDWsgbWwDtbDBtgIm2AzbIGPYCtsg+2wA3bCLtgNH8Me+AT2wqewDz77B/PP/Kf8jggIqFChQYMpmIKpmIqZMBNmxsyYBbNgAhOYFbNiNsyG2TE75sScmBtzY17Mi4SEjIz5MB8mMYkFsAAWxIJYGAujR4/FsBgWxxuxBJbAklgSS2EpLI1lsAyWw3JYHstjBayAlbASVsbKWAWr4J14J96F1bE61sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYCBthE2yCTbEpNsNm2AJbYEtsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yEnfA5fA6fx+exG1ZW3bEH9sCe2BN7Yx/sgy9iP3wJX8KXcQC+ggPxVXwVX8PBeBqH4FAchsOwvBqBI3EUshqDY3EsjsNxOB7H4wSciBNxMk7BqTgNp+F0nIEz8F2che/hezgH5+A8nI/zcQEuxEW4CBfjGVyCS3EZLscVuBJX4Gpcg6txHa7HdbgRN+Jm3Iwf4Ue4DbfhDtyBu3AXfowf4yf4CQ7AfbgP9+N+PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP4wk8iSfwFJ7C03gGz+JZPIfn8Dw+m/vLursKrR0A6iKjjEpRKSpVpapMKpPKrDKrLCqLSqiEyqqyqmwqm8qusqucKqfKrXKrvCqvIkWKVazyqXwqqZKqgCqgCqqCqrAqrLzyqpgqpoqr4qqEKqFKqptVKXWLKq3KqOa+nCqnyqsWvoKqqCqpSqqyukNVUVVVVVVNVVPVVXVVQ9VQNVVNVUvdp2qr7tgbH1AXO1NPvYL11UBsoBqqRqqxeg0fUU3VYGymmqsW6jE1FIdgK9XUt1ZPqjZqJLZVT6tR+Ixqr8ZgB/Un1VF1Up3Vc6qLaua7pvzyFqgmY0/VS/VWfdR0vENd7Nhfj0UHqlfVPHxNDVavqyFqqBqm3lDD1Qg1Uo1So9UYNVa9qcapt9R49baaoCaqSWqymqKmqmnqHTVdzVAz1btqlnpPzVZz1Fw1T81X76sFaqFapD5Qi9WHaolaqpap5WqFWqlWqdVqjVqr1qn1aoPaqDapzWqL+khtVdvUdrVD7VS71G71sdqjPlF71adqn/pM7Vd/VgfU5+qg+kIdUl+qw+ordUR9rY6qb9Qx9a06rk6ok+o7dUp9r06rM+qs+kGdUz+q8+ondUEFBRq10lobHekUnUGn6ow6k75CZ9ZX6iz6Kp3QV+us+hqdTV+rs+scOqfOpXPrPDqvtpq006xjnU/n10l9nS6gr9cFdSFdWBfRXhfVxfQNuri+UZfQN+mS+mZdSt+iS+syuqwup2/V5fVtuoKuqCvp23VlfYeuoqvqO3U1fZeuru/WNfQ9uqa+V9fS9+na+n5dRz+g6+oHdT39kK6vH9YNdEPdSDfWTfQjuql+VDfTzXWL8JhuqR/XrfQTurV+UrfRT+m2+mndTj+j2+tndQf9J91Rd9Kd9U/6gg66q+6m03R33UO/oHvqXrq37qP76hd1P/2S7q9f1gP0K3qgflUP0q/pwfp1PUQP1cP0G3q4HqFH6lF6tB6jx+o39Tj9lh6v39YT9EQ9SU/WU/RU3fuXSjP/jvy3/kZ+/59ffbPeoj/SW/U2vV3v0Dv1Lr1b79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cn9A/6O/0Kf29Pq3P6DP6B31On9Pnf/kZgEGjjDbGRCbFZDCpJqPJZK4wmc2VJou5yiTM1SarucZkM9ea7CaHyWlymdwmj8lrrCHjDJvY5DP5TdJcZwqY601BU8gUNkWMN0VNMXPDP53/e+trYpqYpqapaWaamRamhWlpWppWppVpbVqbNqaNaWvamnamnWlv2psOpoPpaDqazqaz6WK6mK6mq0kzaaaHecH0NL1Mb9PH9DUvmn6mn+lv+psBZoAZaAaaQWaQGWwGmyFmiBlmhpnhZrgZaUaa0Wa0GWvGmnFmnBlvxpsJZoKZZCaZKWaKmWammelmuplpZppZZpaZbWabuWaumW/mmwVmgVlkFpnFZrFZYpaapWa5WW5WmpVmtVlt1pq1Zr1ZbzaajWaJ2WK2mK1mq9lutpudZqfZbXabPWaP2Wv2mn1mn9lv9psD5oA5aA6aQ+aQOWwOmyPmiDlqjppj5pg5bo6bk+akOWVOmdPmtDlrzppz5pw5b86bC+bCxcu+SEUqMpGJUqKUKDVKjTJFmaLMUeYoS5QlSkSJKGuUNcoWXRtlj3JEOaNcUe4oT5QGNqLIRRzFUb4of5SMrosKRNdHBaNCUeGoSOSjolGx6IaoeHRjVCK6KSoZ3RyVim6JSkdlorJRuejWqHx0W1QhqhhVim6PKkd3RFWiqtGdUbXorqh6dHdUI7onqhndG9WK7otqR/dHdaIHorrRg1G96KGofvRw1CBqGDWKGkdN/tD6IZzO8ajvarvZNNvd9rAv2J62l+1t+9i+9kXbz75k+9uX7QD7ih1oX7WD7Gt2sH3dDrFD7TD7hh1uR9iRdpQdbcfYsfZNO86+Zcfbt+0EO9FOspPtFDvVTrPv2Ol2hp1p37Wz7Ht2tp1j59p5dr593y6wC+0i+4FdbD+0S+xSu8wutyvsSrvKrrZr7Fq7zq63G+xGu8lutlvsR3ar3Wa32x12p91ld9uP7R77id1rP7X77Gd2v/2zPWA/twftF/aQ/dIetl/ZI/Zre9R+Y4/Zb+1xe8KetN/ZU/Z7e9qesWftD/ac/dGetz/ZCzZcvLi/+PFOhgylUAqlUiplokyUmTJTFspCCUpQVspK2SgbZafslJNyUm7KTXkpL13ExJSP8lGSklSAClBBKkiFqTB58lSMilFxKk4lqASVpJJUikpRaSpNZaks3Uq30m10G1WkinQ73U530B1UlapSNapG1ak61aAaVJNqUi2qRbWpNtWhOlSX6lI9qkf1qT41oAbUiBpRE2pCTakpNaNm1IJaUEtqSa2oFbWm1tSG2lBbakvtqB21p/bUgTpQR+pInakzdaEu1JW6UhqlUQ/qQT2pJ/Wm3tSX+lI/6kf9qT8NoAE0kAbSIBpEg2kwDaGhNIzeoOE0gkbSKBpNY2gsjaVxNI7G03iaQBNoEk2iKTSFptE0mk7TaSbNpFk0i2bTbJpLc2k+zacFtIAW0SJaTItpCS2hZbSMVtAKWkWraA2toXW0jjbQBtpEm2gLbaGttJW203baSTtpN+2mPbSH9tJe2kf7aD/tpwN0gA7SQTpEh+gwHaYjdISO0lE6RsfoOB2nk3SSTtEpOk2n6SydpXP0I52nn+gCBUp1CjK5K1xmd6XL4q5yqS6juxhHAHAxzulyudwuj8vrrMvucvwqJudcQVfIFXZFnHdFXTF3w2/i0q6MK+vKuVtdeXebq/CbuJq7y1V3d7sa7h5X1d35q7imu9fVcg+52u5hV8c1dHVdY1fPPeTqu4ddA9fQNXKNXUv3uGvlnnCt3ZOujXvqN/ECt9CtcWvdOrfe7XGfuLPuB3fEfe3OuR9dV9fN9XUvun7uJdffvewGuFd+Ew9zb7jhboQb6Ua50W7Mb+JJbrKb4qa6ae4dN93N+E08373vZrlFbrab4+a6eT/HF9e0yH3gFrsP3RK31C1zy90Kt9Ktcqv/71qXu41uk9vsdruP3Va3zW13O9xOt+vn+OI+9rpP3T73mTvsvnIH3OfuoDvqDrkvf44v7u+o+8Ydc9+64+6EO+m+c6fc9+60O/Pz/i/u/Tv3k7vgggNGVqzZcMQpnIFTOSNn4is4M1/JWfgqTvDVnJWv4Wx8LWfnHJyTc3FuzsN52TKxY+aY83F+TvJ1XICv54JciAtzEfZclIvxDVycb+QSfBOX5Ju5FN/CpbkMl+VyfCuX59u4AlfkSnw7Vw6Bq3BVvpOr8V1cne/mGnwP1+R7uRbfx7X5fq7DD3BdfpDr8UNcnx/mBtyQG3FjbsKPcFN+lJtxc27Bj3FLfpxb8RPcmp/kNvwUt+WnuR0/w+35We7Af+KO3Ik783PchZ/nrtyN07g79+AXuCf34t7ch/vyi9yPX+L+/DIP4Fd4IL/Kg/g1Hsyv8xAeysP4DR7OI3gkj+LRPIbH8ps8jt/i8fw2T+CJPIkn8xSeytP4HZ7OM3gmv8uz+D2ezXN4Ls/j+fw+L+CFvIg/4MX8IS/hpbyMl/MKXsmreDWv4bW8jtfzBt7Im3gzb+GPeCtv4+28g3fyLt7NH/Me/oT38qe8jz/j/fxnPsCf80H+gg/xl3yYv+Ij/DUf5W/4GH/Lx/kEn+Tv+BR/z6f5DJ/lH/gc/8jn+Se+wIEhxljFOjZxFKfEGeLUOGOcKb4izhxfGWeJr4oT8dVx1viaOFt8bZw9zhHnjHPFueM8cd7YxhS7mOM4zhfnj5PxdXGB+Pq4YFwoLhwXiX1cNC4W3xAXj2+MS8Q3xSXjm+NS8S1x6bhM/NA95eJb4/LxbXGFuGJcKb49rhzfEVeJq8Z3xtXiu+Lq8d1xjfieuER8b1wrvi+uHd8f14kfiOvGD8b14ofi+vHDcYO4Ydwobhw3iR+Jm8aPxs3i5nGL+LG4Zfx43Cp+Im4dPxm3iZ/63cfT4u5xj/iF+IU4hLv13OS85Pzk+8kFyYXJRckPkouTHyaXJJcmlyWXJ1ckVyZXJVcn1yTXJtcl1yc3JDcmNyU3J0OomgE8euW1Nz7yKT6DT/UZfSZ/hc/sr/RZ/FU+4a/2Wf01Ppu/1mf3OXxOn8vn9nl8Xm89eefZxz6fz++T/jpfwF/vC/pCvrAv4r0v6ov5xr6Jb+Kb+kd9M9/ct/CP+cf84/5x/4R/wj/p2/infFv/tG/nn/Ht/bP+Wf8n39F38p39c76Lf9539d18mk/zPXwP39P39L19b9/X9/X9fD/f3/f3A/wAP9AP9IP8ID/YD/ZD/BA/zA/zw/1wP9KP9KP9aD/Wj/Xj/Dg/3o/3E/wEP8lP8lP8FD/NT/PT/XQ/08/0swrO8rP9bD/Xz/Xz/Xy/wC/wi/wiv9gv9kv8Er/ML/Mr/Aq/yq/ya/wav86v8xv8Br/Jb/Jb/Ba/1W/12/12v9Pv9Lv9br/H7/F7/V6/z+/z+/1+f8Af8Af9F/6Q/9If9l/5I/5rf9R/44/5b/1xf8Kf9N/5U/57f9qf8Wf9D/6c/9Gf9z/5Cz74sYk3E+MSbyXGJ95OTEhMTExKTE5MSUxNTEu8k5iemJGYmXg3MSvxXmJ2Yk5ibmJeYn7i/cSCxMLEosQHicWJDxNLEksTyxLLEysSKxMh5Nkah3whf0iG60KBcH0oGAqFwqFI8KFoKBZuCMXDjaFEuCmUDDeHUuGWUDqUCWXDw6FBaBgahcahSXgkNA2PhmaheWgRHgstw+OhVXgitA5PhjbhqdA2PB3ahWdC+/Bs6JACoWPoFDqH50KX8HzoGrqFtNA99AgvhJ6hV+gd+oS+4cXQL7wU+oeXw4DwShgYXg2DwmthcHg9DAlDw7DwRhgeRoSRYVQYHcaEseHNMC68FcaHt8OEMDFMCpPDlDA1TAvvhOlhRpgZ3g2zwnthdpgT5oZ5YX54PywIC8Oi8EFYHD4MS8LSsCwsDyvCyrAqrA5rwtqwLqwPG8LGlE1hc9gSPgpbw7awPewIO8OusDt8HPaET8Le8GnYFz4L+8Ofw4HweTgYvgiHwpfhcPgqHAlfh6Phm3AsfBuOhxPhZPgunArfh9PhTDgbfgjnwo/hfPgpXJC/WRNCCCGE+Lvo33m8+9/4XgoAqF/mPQDgym25Dv3nmhuy/2XeS+VumQCAJ7t1eOCvo3LltLS0X567REOUfw4AJH5d/6/xUmgBj0NraA7F/+b6eqlO5/h36idvBsj0H3JS4VJ8qf6N/0X9Rx4btqBUfDbrf1N/DkDB/JdyMsKl+FL9Ev9F/RxNf2f9GT8fC9DsP+RkhkvxpfrF4FF4Clr/6plCCCGEEEIIIcRf9FJl2/3e/fPF+/Pc5lJOBrgU/979uRBCCCGEEEIIIS6/Zzp1fuKR1q2bt/v7JvjLucA/liUTmcjkf9nkcr8zCSGEEEIIIf5oly76L/dKhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKI9Otf8e/ELvcehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiMvt/wQAAP//MoIyxg==")
mount$incfs(&(0x7f0000000080)='.\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x2200080, 0x0)
chdir(&(0x7f0000000040)='./file1\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x1c0002, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xd, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8, 0x8}, 0x48)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSW(r5, 0x5403, &(0x7f0000000040)={0x3d15, 0x0, 0x0, 0x7, 0x0, "0001000000000000649300"})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
r7 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'team_slave_0\x00', <r8=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000700)=ANY=[@ANYBLOB="480000001400b59500000000000000000ac696000000c74226fcb123f0f4448057919c2490d1a06906f66757720214d686d5941ea2228e908c09ba3cf89c5010e6c84b614a666e37d7b542bace7af12588313b2a4cb60e04ac40ff4a0a585fc47ffba19073d9676031741200590a86a59c1e8633450e43304b054b9f4996dba16aaf8bac0199bdd697b26d5b76f9caf2e9d8f02973d201bdbc25c63e93cd9b45dbe7bec4c3a0cea40fbd2d44412e550d8b69d939765d02143d972aced345a33c4b86397f571d219fa788cb0d4d523e744774d58fff1bcc34bd68c869f8aae34093b0cfce59373f3ac564f0ba0957efcee1c126a6f1c7b480dc08edcb86616a35d0633b28bd933680", @ANYRES32=r8, @ANYBLOB="14000200fe8000000000000000000000000000aa080009003f0c0000140001ff77bc953566d992c07dbbb884dc13f83e12596eb473756068263f2b869755cb04b050abea8f9e50303b90876a10d96776a3e0c07111f107ac9fd1be"], 0x48}}, 0x20004001)
openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x2a)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r9, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r10}, 0x18)

4m7.162410274s ago: executing program 1 (id=202):
syz_mount_image$exfat(&(0x7f0000000400), &(0x7f0000000000)='./file1\x00', 0x800, &(0x7f0000000840)=ANY=[@ANYRESOCT, @ANYRESHEX=0x0, @ANYBLOB="2c657263ffa9f43d72656d6f756e742d726f2c696f636861727365740cb9e660f11815c372726f72733d636f6e7469fa15aa6e6a75652c696f636861727365740063703836332c6572726f72733d72656d6f756e742d726f2c74696d655f6f66667365743db078303030303030303030303030303030382c6572726f72733d72656d6f756e742d726f2c755366382c7569643d", @ANYRESHEX=0x0, @ANYBLOB="2c00da9e6281ed732202e92d385b355a8b25d5f39dadafad4bb7987fd8e29441bbc6e82871b48b3edc068c8629dccf3f5b446c25368d5572e0b16e23dbb4468ad8f7bf9f04ce7af7b48e32c74faaa501363aaf927834ab5356364b36f24655f86b3fff40d19d5bb954f3da29015cdb001605b6d29039f7b166c8b2f5"], 0x1, 0x1541, &(0x7f00000009c0)="$eJzs3AucTtX6OPDnWWvtMSbpbZLLsNZ6Nm9yWSZJckmSS5IkSZJbQtIkRxISQ25JQxKSy5BchpBcJiaN+/1+SUiSJkkSckvW/yP8nU6d3zmd+h2/T57v57M/1jN7P2s/+3326917v8w3HQdVa1C9cj0igj8Ez/+RDACxANAPAK4BgAAASseXjj+3PrvE5D+2E/bneijtclfA/riY/ziT+39l4/5f2bj/Vzbu/5WN+39l4/5f2bj/VzbuP2NXsg1T8l3Ly19mCeB35lyG5//4p5y47E/An/9/IVklRn2xqsT1nX7HFwLc/ysb9/8vK/h3NuL+X9m4/1eq2MtdAPs/gN//V4Js/3QN9//Kxv1n7Er2f+CZ9R9fKgD83ufeFxeI/EVeg//0+BljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsf+Ck/4SBQAXx5e7LsYYY4wxxhhjjP15fLbLXQFjjDHGGGOMMcb+9yEIkKAggBjIBrGQHeJAAMDVkBOugQhcC/FwHeSC6yE35IG8kA8SID8UAA0GLBCEUBAKQRRugMJwIxSBolAMioODEpAIN0FJuBlKwS1QGm6FMnAblIVyUB4qwO1QEe6ASnAnVIa7oApUhWpQHe6GGnAP1IR7oRbcB7XhfqgDD0BdeBDqwUNQHx6GBvAINIRHoRE0hibQFJr9R/kvQFd4EbpBd0iGHtATXoJe0Bv6QF/oBy9Df3gFBsCrkAIDYRC8BoPhdRgCb8BQGAbD4U0YAW/BSBgFo2EMpMJYGAdvw3h4BybARJgEkyENpsBUeBemwXSYAe/BTHgfZsFsmANzIR0+gHkwHzLgQ1gAH0EmLIRFsBiWwFJYBsthBayEVbAa1sBaWAfrYQNshE2wGbbAVtgGH8N2+AR2wE7YBZ/Cbvjsd+af+If8TggIKFCgQoUxGIOxGItxGIc5MAfmxJwYwQjGYzzmwlyYG3NjXsyLCZiABbAAGoy9cA4VxChGsTAWxiJYBIthMXToMBETsSTejKWwFJbG0lgGy2BZLIflsAJWwIpYESthJayMlbEKVsFqWA3vxruxB9bEmlgLa2FtrH3x8RTWw3pYH+tjA2yADbEhNsJG2ASbYDNshs2xObbAFtgKW2FrbI1tsA0mYRK2xbbYDtthe2yPHbADdsSO2Ak7Y+esF7IBvogvYnesInpgT+yJvTAlWx/si33xZeyPr+Ar+Cqm4EAchK/ha/g6DsHjOBSH4XAcjhXFWzgSRyGJMZiKqTgOx+F4HI8TcCJOxMmYhlNwKk7FaTgdp+N7OBPfx/dxNs7GuZiO6TgP52MGZuACPIGZuBAX4WJcgktxCS7HFbgcV+FqXIVrcS2ux/W4ETfiZtyMW3ErfowKAD/BnbgTU3A37sY9uAf34l7ch/swC7NwP+7HA3gAD+JBPISH8DB+PyUGAI/hMTyOJ/AknsTTeBrP4HMJX9X/uOjKFBDnKKFEjIgRsSJWxIk4kUPkEDlFThEREREv4kUukUvkFrlFXpFXJIgEUUAUEEYYQSKMAQARFVFRWBQWRUQRUUwUE044kSgSRUlRUpQSpURpcasoI24TZUU50dJVEBVERdHKVRJ3isqisqgiqopqorqoLmqIGqKmqClqiVqitqgt6ogHRF3RA/vgQ+JcZxqIgdhQDMJGorGQF86+5mIIthAtRSvxhBiGQ7GNaO6SxNOirRiJ7cTfxCh8VnQQY7CjeF50Ep1FF/GC6CpauG6iu5iAPURPMRl7id6ij+grpmFV8R7OzF5NvCpSxEAxSLwm5uLrYoh4QwwVw8Rw8aYYId4SI8UoMVqMEalirBgn3hbjxTtigpgoJonJIk1MEVPFu2KamC5miPfETPG+mCVmizlirkgXH4h5Yr7IEB+KBeIjkSkWikVisVgiloplYrlYIVaKVWK1WCPWinVivdggNopNYrPYIraKbeJjsV18InaInWKX+FTsFp+JPeJzsVd8IfaJL0WW+ErsF1+LA+IbcVB8Kw6J78Rh8b04Io6KY+IHcVycECfFKXFa/CjOiJ/EWeEFSJRCSqlkIGNkNhkrs8s4eZXMIYMLr+61Ml5eJ3PJ62VumUfmlflkgswvC0gtjbSSZCgLykIyKm+QheWNsogsKovJ4tLJEjJR3iRLyptlKXmLLC1vlWXkbbKsLCfLywrydllR3iEhcn4fVWRVWU1Wl3fLZLhH1pT3ylryPllb3i/ryAdkXfmgrCcfkvXlw7KBfEQ2lI/KRrKxbCKbymbyMdlcPi5byJaylXxCtpZPyjbyKZkkn5Ztpb9wijwrO8jnZEf5vOwkO8su8id5VnrZTXaX0ANkT/mS7CV7yz6yr+wnX5b95StygHxVpsiBcpB8TQ6Wr8sh8g05VA6Tw+WbcoR8S46Uo+RoOUamyrFynHxbjpfvyAlyopwkJ8s0OUX2uTDTDCn/Zf7bv5E/4Oe9r5cb5Ea5SW6WW+RWuU1+LLfL7XKH3CF3yV1yt9wt98g9cq/cK/fJfTJLZsn9cr88IA/Ig/KgPCQPycPye3lKHpXH5A/yuDwhT8hT8rQ8Lc9ceA1AoRJKKqUCFaOyqViVXcWpq1QOdbXKqa5REXWtilfXqVzqepVb5VF5VT6VoPKrAkoro6wiFaqCqpCKqhvwwgmjiqniyqkSKlHd9HvyVWF1oyqiiv4i/2J9yf+kvmaqmWqumqsWqoVqpVqp1qq1aqPaqCSVpNqqtqqdaqfaq/aqg+qgOqqOqpPqpLqoLqqr6qq6qW4qWSWrnuol1Uv1Vn1UX9VPvaz6q/5qgBqgUlSKGqQGqcFqsBqihqihaqgaroarEWqEGqlGqtFqtEpVqWqcGqfGq/FqgpqgJqlJKk2lqalqqpqmpqkZaoaaqWaqWWqWmqPmqHSVruapeSpDZagFaoHKVAvVQrVYLVZL1VK1XC1XK9VKtVqtVmvVWpWpNqgNapPapLaoLWqb2qa2q+1qh9qhdqldarfarfaoPWqv2qv2qX0qS2Wp/Wq/OqAOqIPqoDqkDqnD6rA6oo6oY+qYOq6Oq5PqpDqtTqsz6ow6q86eu+wLRCACFaggJogJYoPYIC6IC3IEOYKcQc4gEkSC+CA+yBVcH+QO8gR5g3xBQpA/KBDowAQ2EBeaHg1uCAoHNwZFgqJBsaB44IISQWJwU1AyuDkoFdwSlA5uDcoEtwVlg3JB+aBCcHtQMbgjqBTcGVQO7gqqBFWDakH14O6gRnBPUDO4N6gV3BfUDu4P6gQPBHWDB4N6wUNB/eDhoEHwSNAweDRoFDQOmgRNg2Z/6vzeH8/zuOumu+tk3UP31C/pXrq37qP76n76Zd1fv6IH6Fd1ih6oB+nX9GD9uh6i39BD9TA9XL+pR+i39Eg9So/WY3SqHqvH6bf1eP2OnqAn6kl6sk7TU/RU/a6epqfrGfo9PVO/r2fp2XqOnqvT9Qd6np6vM/SHeoH+SGfqhXqRXqyX6KV6mV6uV+iVepVerdfotXqdXq836I16k96st+itepv+WG/Xn+gdeqfepT/Vu/Vneo/+XO/VX+h9+kudpb/S+/XX+oD+Rh/U3+pD+jt9WH+vj+ij+pj+QR/XJ/RJfUqf1j/qM/onfVb7cxf35z7ejTLKxJgYE2tiTZyJMzlMDpPT5DQREzHxJt7kMrlMbpPb5DV5TYJJMAVMAXMOGTIFTUETNVFT2BQ2RUwRU8wUM844k2gSTUlT0pQypUxpU9qUMWVMWVPWlDflze3mdnOHucPcae40d5m7TFVT1VQ31U0NU8PUNDVNLVPL1Da1TR1Tx9Q1dU09U8/UN/VNA9PANDQNTSPTyDQxTUwz08w0N81NC9PCtDKtTGvT2rQxbUySSTJtTVvTzrQz7U1708F0MB1NR9PJdDJdTBfT1XQ13Uw3k2ySTU/T0/QyvUwf08f0M/1Mf9PfDDADTIpJMYPMIDPYDDZDzBAz1Awzw89dqJq3zEgzyow2Y0yqSTXjzDgz3ow3E8wEM8lMMmkmzUw1U800M83MMDPMTDPTzDKzzBwzx6SbdDPPzDMZJsMsMAtMpsk0i8wis8QsMcvMMrPCrDCrzCqzBtaYdWad2WA2mE1mk9litphtZpvZbrabHWaH2WV2md1mt9lj9pi9Zq/ZZ/aZLJNl9pv95oA5YA6ag+aQOWQOm8PmiDlijplj5rg5bk6ak+a0yXPh89KbWJvdxtmrbA57tc1pr7H/GOe1+WyCzW8LWG1z2zy/iI21togtaovZ4tbZEjbR3vSruKwtZ8vbCvZ2W9HeYSv9Kq5h77E17b22lr3PVrd3/yKube+3dewjti4igG1s69umtoF9xDa0j9pGtrFtYpva1vZJ28Y+ZZPs07atfeZX8Tw7366wK+0qu9rusDvtSXvKHrDf2NP2R9vNdrf97Mu2v33FDrCv2hQ78FfxcPumHWHfsiPtKDvajvlVPMlOtml2ip1q37XT7PRfxen2AzvTZthZdradY+f+HJ+rKcN+aBfYj2ymDWCRXWyX2KV2mV3+/2tdbNfadXa93W4/sZvsZrvFbrXbLl4I2512l/3U7raf2f32a7vXfmH32YM2y371c3zu+A7ab+0h+509bL+3R+xRe8z+oC5mnzv2o/Yne9Z6C4QEJElRQDGUjWIpO8XRVZSDrqacdA1F6FqKp+soF11PuSkP5aV8lED5qQBpMmSJKKSCVIiidANdLK8YFSdHJSiRbqKSdDOVoluoNN1KZeg2KkvlqDxVoNupIt1BlehOqkx3URWqStWoOt1NNegeqkn3Ui26j2rT/VSHHqC69CDVo4eoPj1MDegRakiPUiNqTE2oKTWjx6g5PU4tqCW1oieoNT1JbegpSqKnqS09Q+3ob9SenqUO9Bx1pOepE3WmLvQCdaUXqRt1p2TqQT3pJepFvakP9aV+9DL1p1doAL1KKTSQBtFrNJhepyH0Bg2lYTSc3qQR9BaNpFE0msZQKo2lcfQ2jad3aAJNpEk0mdJoCk2ld2kaTacZ9B7NpPdpFs2mOTSX0ukDmkfzKYM+pAX0EWXSQlpEi2kJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW30MW2nT2gH7aRd9Cntps9oD31Oe+kL2kdfUhZ9RfvpazpA39BB+tZ3p+/oMH1PR+goHaMf6DidoJN0ik7Tj3SGfqKz5AlCDEUoQxUGYUyYLYwNs4dx4VVhjvDqMGd4TRgJrw3jw+vCXOH1Ye4wT5g3zBcmhPnDAqEOTWhDCsOwYFgojIY3hIXDG8MiYdGwWFg8dGGJMDG8KSwZ3hyWCm8JS4e3hmXC28KyYbnwkfsqhLeHFcM7wkrhnWHl8K6wSlg1rBZWD+8Oa4T3hDXDe8Na4X1hqfD+sE74QFg3fDCsFz4U1g8fDhuEj4QNw0fDRmHjsEnYNGwWPhY2Dx8PW4Qtw1bhE2Hr8MmwTfhUmBQ+HbYNn/l5/f3z//n65LBH2DN8KXwp9P5eOSc6N5oe/SA6Lzo/mhH9MLog+lE0M7owuii6OLokujS6LLo8uiK6Mroqujq6Jro2ui66Pup99Wzg0AknnXKBi3HZXKzL7uLcVS6Hu9rldNe4iLvWxbvrXC53vcvt8ri8Lp9LcPldAaedcdaRC11BV8hF3Q2usLvRFXFFXTFX3DlXwiW6pq6Za+aau8ddC9fStXJPuCfck+5J95R7yj3t2rpnXDv3N9fePes6uOfcc+5518l1dl3cC66rG5vz/Hsy2fV0PV0v18v1cX1cP9fP9Xf93QA3wKW4FDfIDXKD3WA3xA1xQ91QN9wNdyPcCDfSjXSj3WiX6lLdODfOjXfj3QQ3wU1yk1yaS3NT3VQ3zU1zFaef38ssN8vNcXNcukt389y5a8YMt8AtcJku0y1yi9wSt8Qtc8vcCrfCrXKr3Bq3xq1z69wGt8FtcpvcFrfFbXPb3Ha33e3w15yf1O12e9wet9ftdfvcly7LfeX2u6/dAfeNO+i+dYfcd+6w+94dcUfdMfeDO+5OuJPulDvtfnRn3E/urPMuNTI2Mi7ydmR85J3IhMjEyKTI5EhaZEpkauTdyLTI9MiMyHuRmZH3I7MisyNzInMj6ZEPIvMi8yMZkQ8jCyIfRTIjCyOLIosjSyJLI97n3xT6gr6Qj/obfGF/oy/ii/pivrh3voRP9Df5kv5mX8rf4kv7W30Zf5sv68v58v5R38g39k18U9/MP+ab+8d9C9/St/JP+Nb+Sd/GP+WT/NO+rX/Gt/N/8+39s76Df8539M/7Tr6z7+Jf8F39i76b7+6TfQ/f07/ke/nevo/v6/v5l31//4of4F/1KX6gH+Rf84P9636If8MP9cP88Jg3/YiLt8gwxqf6sX6cf9uP9+/4CX6in+Qn+zQ/xU/17/ppfrqf4d/zM/37fpaf7ef4uT7df+Dn+fk+w3/oF/iPfKZfePGhsl/ml/sVfqVf5Vf7NX6tX+fX+w1+o9/kN/stfqvf5j/22/0nfoff6Xf5T/1u/5nf4z/3e/0Xfp//0mf5r/x+/7U/4L/xB/23/pD/zh/23/sj/qg/5n/wx/0Jf9Kf8qf9j/6M/8mf5f+zxhhjjDH2bxl7aSh+ueb84/wev5Ej/m7jngBw9eZ8WX+//twV5Zrc58e9RULrCAA83b3jQxeXKlWSk5MvbJspISg0G+DiN0HnxMCleCG0gichCVpCyd+sv7fofJr+xfzRWwHi/i4nFi7Fl+b/HACTf2P+x54YPq9MeDL+f5h/NkCRQpdyssOleCG0+vn5Skso9U/qz9P8X9Sf/YtUgBZ/l5MDLsWX6k+Ex+EZSPrFlowxxhhjjDHG2Hm9Rfn2F+8/L/6Lz9+6P09Ql3KywaX4X92fM8YYY4wxxhhj7PJ7tnOXpx5LSmrZ/vcPKv1HWf/2oCH8b83Mg98ceA9w8ScKAP7ghADnBvK/eRQb/yv7Srnw1vnHVUtO+QD+4C5q7AS4/GfCz4PL/BcTY4wxxhhj7E936aL/lz9Xl6sgxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGPsCvTHflVY0r+18eU+RsYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY+xy+38BAAD//+Q9/qY=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
openat$cgroup_subtree(r6, &(0x7f0000000100), 0x2, 0x0)
sendmsg$inet6(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000300)="59e3f9f794ed4357e24967f7bd8e63f664e368913e69532e0599fa9db7718c78eb50e9e1d5b569bd2f98b9d79d9a5318e4eecdef1434", 0x36}, {&(0x7f0000000340)="875a5b061b907135f2a396d52f6d5711768ea35f1063dcf665e3175f1c5e95dae368feafbeb06547dc02a8b2f49df4cf27fa1bb5947e884d9e94f9e863d87c4c997a8748779e74f1a31251782d28f9560af0aafaea1d9f1e2be209f5b499365f34938b355ba167ec7783a5fc9e36484f22e3212f5537e095ba5c3abc9416f3bf7ef43373427ba400d858924a37ea71e275e1b7487e9be5a4688b94187dc180f51c88c4be", 0xa4}, {&(0x7f0000000400)}], 0x3, &(0x7f0000000580)=[@rthdrdstopts={{0x38, 0x29, 0x37, {0x67, 0x4, '\x00', [@ra={0x5, 0x2, 0x139}, @ra={0x5, 0x2, 0x7fff}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}}}, @hopopts_2292={{0xe0, 0x29, 0x36, {0x89, 0x18, '\x00', [@jumbo={0xc2, 0x4, 0xd0a}, @hao={0xc9, 0x10, @mcast2}, @calipso={0x7, 0x30, {0x3, 0xa, 0x79, 0x8, [0x2, 0x7, 0x720c, 0xd, 0x7]}}, @jumbo={0xc2, 0x4, 0x2}, @hao={0xc9, 0x10, @mcast1}, @jumbo={0xc2, 0x4, 0x7}, @generic={0x3, 0x59, "29615770b6b8b6caa08c03cff3f380e61db2c2a065ab50396ed7782e44bdecdaf1d336962bd7af600c5356d4607070a57635d91e37cf1efb4d30383e322f9b21952ae0857cde939e76d19df292478904a54c1f2e77e13ef6ed"}]}}}, @tclass={{0x14}}, @dstopts={{0x80, 0x29, 0x37, {0x5c, 0xc, '\x00', [@pad1, @calipso={0x7, 0x48, {0x3, 0x10, 0x9, 0x0, [0x6, 0x100000000, 0x800, 0x7, 0xb, 0x4, 0x8, 0x0]}}, @hao={0xc9, 0x10, @private1}, @pad1]}}}, @flowinfo={{0x14}}, @dontfrag={{0x14, 0x29, 0x3e, 0x4}}, @dstopts={{0x80, 0x29, 0x37, {0x5c, 0xc, '\x00', [@jumbo={0xc2, 0x4, 0x8}, @jumbo={0xc2, 0x4, 0xa}, @ra={0x5, 0x2, 0x7}, @padn={0x1, 0x2, [0x0, 0x0]}, @pad1, @calipso={0x7, 0x38, {0x2, 0xc, 0xc4, 0x7, [0x5, 0x3, 0x3, 0xa, 0x0, 0xf480]}}, @hao={0xc9, 0x10, @loopback}]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x3}}, @flowinfo={{0x14}}], 0x290}, 0x20000850)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r7 = epoll_create1(0x80000)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r8, &(0x7f00000000c0)={0xe000001a})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_dev$usbfs(&(0x7f0000000040), 0xf, 0xc340)

4m7.032274144s ago: executing program 1 (id=205):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x8000, &(0x7f0000000740)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c666d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be29df17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e6760094145e542e426bceaab9b2cf261046247bce0565db3ac5888b74efd48bc9f455e60f49496ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9d0000000094bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4672e47fe5a25502919954242f8d779d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d4ada887dcc71e35f364baa1b93fd5ee36c02aa4628511442982ced893ab946472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b5650d88642b10c7893fe9b664421a40f4822ffcc284dfe9aea76e4a04293c970f2dae776decf07b085e16511b0bd365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b28c52096d13d6b9aac338f27ca2d2108c51ad7bbbc6ec9d577b00c703c4ef2ee9f16febbb7afdafc59e817dc8edb56d445c74fa48cdccf79223640f685b92b26c62d7d65dd4fdd6f73c1d9c70f1bca7a7150f62de63f2f579f1fb2d10f3a770f2b9ce8cd8be9414e0444fd357b3fad5b16d91c91c0f1aa3e11d39426af77180bdb588060a2546b369655c02eb52709e0e03785f8010bfd1a72a817dad46c854ebb0a8aa5d59cae56089e2aac882b33018aa4006a44968a267cde827c86aa1abccb51cb152459f91a39a5cbbd8d218d37f4cf35d339694a379", @ANYBLOB="d23c17f6ec95b3b820b1161ffa233394c6007d8285b061be4d1d842e4a63ec77908347691f71d1e4132f09405a5b81867a01cf3df73c16fd31622d37a921bdbff76ef2fed6da828ab4e0f87928c18c0380050249fb6ab8e225d1f3c041a6377723b83e57fcac059ad433974df43b0efc268cbd67279c5e0f19f5b89100cc35aafb9e96dae3d8afe28e887e01475b9ec063d40d1080f70254a3f65a1c6261571866a21a54d762495480"], 0xf, 0x2a8, &(0x7f00000001c0)="$eJzs3T9rc1UYAPDnJmkSdUgRF8Xhgg5O5a2rS6O8gthJiaAOGmwLkoRCCwErGDv1Ezj6PfwILi5+A8FVcGuHypWbe2+T2PQPNY1gf7/p6TnnOefJPSWZ8uTL10eDvcMkTs9/i3Y7idpO7MRFEptRi8r30QgA4P/jIsviz+whmY3a6qsBANah+Pwv3LW2tZ6SAIBH9vGnn33Y3d19/lGatuPVztm4l0TE6GzcK+a7B/F1DGM/nkUnLiOyK0X8/ge7z6OR5jbjzdFk3MszR1/8Uu7f/SNimr8dndhcnr+dFq7yX6yqS6N7sFH90YlXlue//c/8GE2i14y33pirfys68etXcRjD2Is8d5b/3Xaavpf9cP7t5/kxeX5Si15rum4mq6/pSgAAAAAAAAAAAAAAAAAAAAAAeAK20jQp2vdM+/fkQ9P+OeNe/XI6v5VW5vv7TKr+QEm1UdEfKIuyRc8kix+r/jrP0jTNyoWz/Ea81vDDAgAAAAAAAAAAAAAAAAAAAJA7/uZk0B8O949WElTdAKqv9T90n53ZyEZEDPr1mzdsRdTuedZ8t4G81lsXR6MRK3osdwUv5PWsfOfW7HI/iSKoLmalZ738brHpyaCfllPVQx70k7vOalcX99P8VDP+bWHZ9F/iMlu80/ZVqYtZzRU9jeZLS6f+yrLsfvu883txR+VIMm2xcb/TN8pg6QvMg/b1u/j55g1vfMuor+q9BwAAAAAAAAAAAAAAAAAAWDT70u+SydNbU2uPVhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArNns9/+roB0RiyPXgkmZfNuaMmjG0fF//BIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4Av4OAAD//4GmTU4=")
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x181)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'batadv_slave_0\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x7, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x871}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', r1, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, 0x0, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'wg0\x00', <r4=>0x0})
sendto$packet(r3, &(0x7f0000000180)="0b03feff4f00020002004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14)
r5 = syz_io_uring_setup(0x1eae, &(0x7f0000000480)={0x0, 0x9d2d, 0x1, 0x2, 0x335}, &(0x7f0000000080)=<r6=>0x0, &(0x7f0000001080))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x40, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r5, 0x1682, 0x0, 0xb, 0x0, 0x0)
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r5, 0xc, 0x0, 0x0)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r7, 0xc004743e, 0x110e22fff6)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_xfrm(0x10, 0x3, 0x6)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="c4000000190001000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000f1ee7368d4e9d6c34313df780000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00150000000020ffff0000"], 0xc4}}, 0x4000000)

4m6.971050589s ago: executing program 34 (id=205):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x8000, &(0x7f0000000740)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c666d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be29df17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e6760094145e542e426bceaab9b2cf261046247bce0565db3ac5888b74efd48bc9f455e60f49496ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9d0000000094bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4672e47fe5a25502919954242f8d779d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d4ada887dcc71e35f364baa1b93fd5ee36c02aa4628511442982ced893ab946472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b5650d88642b10c7893fe9b664421a40f4822ffcc284dfe9aea76e4a04293c970f2dae776decf07b085e16511b0bd365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b28c52096d13d6b9aac338f27ca2d2108c51ad7bbbc6ec9d577b00c703c4ef2ee9f16febbb7afdafc59e817dc8edb56d445c74fa48cdccf79223640f685b92b26c62d7d65dd4fdd6f73c1d9c70f1bca7a7150f62de63f2f579f1fb2d10f3a770f2b9ce8cd8be9414e0444fd357b3fad5b16d91c91c0f1aa3e11d39426af77180bdb588060a2546b369655c02eb52709e0e03785f8010bfd1a72a817dad46c854ebb0a8aa5d59cae56089e2aac882b33018aa4006a44968a267cde827c86aa1abccb51cb152459f91a39a5cbbd8d218d37f4cf35d339694a379", @ANYBLOB="d23c17f6ec95b3b820b1161ffa233394c6007d8285b061be4d1d842e4a63ec77908347691f71d1e4132f09405a5b81867a01cf3df73c16fd31622d37a921bdbff76ef2fed6da828ab4e0f87928c18c0380050249fb6ab8e225d1f3c041a6377723b83e57fcac059ad433974df43b0efc268cbd67279c5e0f19f5b89100cc35aafb9e96dae3d8afe28e887e01475b9ec063d40d1080f70254a3f65a1c6261571866a21a54d762495480"], 0xf, 0x2a8, &(0x7f00000001c0)="$eJzs3T9rc1UYAPDnJmkSdUgRF8Xhgg5O5a2rS6O8gthJiaAOGmwLkoRCCwErGDv1Ezj6PfwILi5+A8FVcGuHypWbe2+T2PQPNY1gf7/p6TnnOefJPSWZ8uTL10eDvcMkTs9/i3Y7idpO7MRFEptRi8r30QgA4P/jIsviz+whmY3a6qsBANah+Pwv3LW2tZ6SAIBH9vGnn33Y3d19/lGatuPVztm4l0TE6GzcK+a7B/F1DGM/nkUnLiOyK0X8/ge7z6OR5jbjzdFk3MszR1/8Uu7f/SNimr8dndhcnr+dFq7yX6yqS6N7sFH90YlXlue//c/8GE2i14y33pirfys68etXcRjD2Is8d5b/3Xaavpf9cP7t5/kxeX5Si15rum4mq6/pSgAAAAAAAAAAAAAAAAAAAAAAeAK20jQp2vdM+/fkQ9P+OeNe/XI6v5VW5vv7TKr+QEm1UdEfKIuyRc8kix+r/jrP0jTNyoWz/Ea81vDDAgAAAAAAAAAAAAAAAAAAAJA7/uZk0B8O949WElTdAKqv9T90n53ZyEZEDPr1mzdsRdTuedZ8t4G81lsXR6MRK3osdwUv5PWsfOfW7HI/iSKoLmalZ738brHpyaCfllPVQx70k7vOalcX99P8VDP+bWHZ9F/iMlu80/ZVqYtZzRU9jeZLS6f+yrLsfvu883txR+VIMm2xcb/TN8pg6QvMg/b1u/j55g1vfMuor+q9BwAAAAAAAAAAAAAAAAAAWDT70u+SydNbU2uPVhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArNns9/+roB0RiyPXgkmZfNuaMmjG0fF//BIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4Av4OAAD//4GmTU4=")
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x181)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'batadv_slave_0\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x7, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x871}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', r1, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, 0x0, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'wg0\x00', <r4=>0x0})
sendto$packet(r3, &(0x7f0000000180)="0b03feff4f00020002004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14)
r5 = syz_io_uring_setup(0x1eae, &(0x7f0000000480)={0x0, 0x9d2d, 0x1, 0x2, 0x335}, &(0x7f0000000080)=<r6=>0x0, &(0x7f0000001080))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x40, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r5, 0x1682, 0x0, 0xb, 0x0, 0x0)
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r5, 0xc, 0x0, 0x0)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r7, 0xc004743e, 0x110e22fff6)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_xfrm(0x10, 0x3, 0x6)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="c4000000190001000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000f1ee7368d4e9d6c34313df780000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00150000000020ffff0000"], 0xc4}}, 0x4000000)

3m35.69945036s ago: executing program 4 (id=418):
ioprio_set$pid(0x2, 0x0, 0x6000)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
ptrace$ARCH_MAP_VDSO_X32(0x1e, r0, 0x10000, 0x2001)
r1 = socket$tipc(0x1e, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
sendmsg$tipc(r1, 0x0, 0x805)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000004c0)=""/249, 0xf9}], 0x1}, 0x0)
close(r2)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0x810100, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1, 0x0, 0x0, 0x3}, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000240)={0x2, &(0x7f0000000000)=[{0x6, 0x1, 0x7, 0x7ffffffd}, {0xe3be, 0x2d, 0x24, 0x5}]})
sync()
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)

3m34.661316543s ago: executing program 4 (id=423):
r0 = socket(0x11, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @dev}, 0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000700)=ANY=[@ANYBLOB="02011400012918000e3580009f0001140000002f0600ac141430e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88"], 0xdd12}], 0x1}, 0x10)

3m34.597837248s ago: executing program 4 (id=424):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r0 = eventfd(0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c0000000400000001000000", @ANYRES16=r0], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004300000018110000", @ANYRES32=r1, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

3m33.647015684s ago: executing program 4 (id=427):
syz_mount_image$erofs(&(0x7f00000002c0), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000040)=ANY=[@ANYRES16=0x0, @ANYBLOB="fcdf5883c81a6c1f703ca4d658f2464326cfe486a0970f633f6977", @ANYRES16], 0x0, 0x1cd, &(0x7f0000000640)="$eJzsmT2vEkEUht+Z3QvcG2NiY2GjiTfxmsCyu6ihscBfYAJ+dRJZCbqAgS2AxILY2Pgz/AsWVBZ2drZaqImJhZTWa2Y4sCPfRIkm9zwJs+/snPk4ZzdvwYJhmFPL1y8/P7+6VaxkAZzBMdJ0/7uVxEgj/lOGxMfX71pnn4/m1xMA4nj7/W0Ab0sWIurH8e+zj+lagZzpO5C4SvoeBBzSDyFxl3QAgQeknxi6fUgiDJxH7bD2uBEGrmo81fiqKcyfbzwUqAHI0PmEMd7tD55WwzDozIuDeLrPwtCuYkP97HFJ4qZRP/W87r98MVT9aW1co34eJDzSBQiUSReRhuM4SUmM/C/YyfrWNvn/D+Jcbl1M9m/uReXBv06ZxWYhjDuHSgjzwZ0fj94vzvq2z4Nd2m/KIM9eGPpw9Gcrp+ilXxqT+Key3CuGP9mwZ/6Rj5rP8t3+INdoVutBPWj5fuGGe811r/t5bUSTdo3/ZbQ/HRnrH6yITYkUetUo6ng9IOp4s74/aQ3HLb9p/9BzpPY/iZPLkzXUq6LTTi/fQ9BP6qtSJ9bKwzMMwzAMwzAMwzAMwzAMw+zERQj9Lyh9qIpX4N/W0b8CAAD//0drYWQ=")
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x3c1, 0x3, 0x398, 0x0, 0xc8, 0x8, 0x0, 0x5803, 0x2c8, 0x2e8, 0x2e8, 0x2c8, 0x2e8, 0x3, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @multicast1}, @mcast1, [], [0x0, 0x0, 0x0, 0xfd], 'erspan0\x00', 'geneve1\x00'}, 0x0, 0x190, 0x1c0, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f34a214e67262c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x40, 0x1}}, @common=@inet=@socket3={{0x28}, 0x22434d1da5f3fe5d}]}, @common=@unspec=@CONNMARK={0x30}}, {{@ipv6={@local, @empty, [0xffffffff, 0x1ff000100, 0x0, 0xffffffff], [0xff, 0xffffff, 0x0, 0xffffff00], 'pimreg0\x00', 'wlan1\x00', {}, {}, 0x21, 0xb, 0x1, 0x16}, 0x0, 0xa8, 0x108}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv6=@mcast2, [0xffffff00, 0xff000000, 0x0, 0xffffff], 0x4e23, 0x4e22, 0x4e23, 0x4e20, 0xf81, 0x9, 0x500, 0x7ff, 0x200}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3f8)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000000040)={{0x0, 0x3938700}}, 0x0)
clock_gettime(0x0, &(0x7f0000000000)={<r2=>0x0, <r3=>0x0})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
r5 = open(&(0x7f0000000180)='./bus\x00', 0x640100, 0x186)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.numa_stat\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r6, 0x8004587d, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1})
fallocate(r5, 0x0, 0x0, 0x1000f4)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000040)={'batadv_slave_0\x00', &(0x7f0000000000)=@ethtool_cmd={0x26, 0x3}})
timer_settime(r1, 0x1, &(0x7f0000000080)={{0x0, 0x989680}, {r2, r3+10000000}}, &(0x7f00000000c0))
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='kvm_fpu\x00', r6, 0x0, 0x3}, 0x18)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r8}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="7d757ab76bba3d4b25e62e030a242d7893b60e48", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prlimit64(0x0, 0x5, &(0x7f0000000240)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
ftruncate(r7, 0xec)
r9 = getpid()
sched_setscheduler(r9, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r10 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r10, &(0x7f0000032680)=""/102400, 0x19000)

3m32.044020102s ago: executing program 4 (id=435):
syz_mount_image$ext4(&(0x7f0000000100)='ext2\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000)={[{@grpquota}, {@bh}]}, 0xfe, 0x55b, &(0x7f0000000980)="$eJzs3c9vFFUcAPDvbFt+FaUkhKgH04SDGGRLW39g4gGPRokkesdNOzSkW5Z0t4RWEuEgFy+GmBgjifEP8O6R+A/4V5AoCTGk0YOXNbOdhaXdH6UsdGU/n2TgvXmzvHkz8328t283G8DQmsz+KES8GhHfJhGHWspGIy+c3Dhu/cG1uWxLol7/7K8kknxf8/gk/3s8z7wSEb99HXGisLXe6uraYqlcTpfz/FRt6fJUdXXt5MWl0kK6kF6amZ09/c7szPvvvbv1xXt31tY3z/3zw6d3Pjr9zbH173+5d/hWEmfiYF7W2o6ncL01MxmT+TUZizObDpzuQ2WDJNntE2BHRvI4H4usDzgUI3nUAy++ryKiDgypRPzDkGqOA5pz+67z4PqLN8u7/+HGBGhr+5ON90ZiX2NudGA9eWxmlF2JiT7Un9Xx65+3b2Vb9O99CICert+IiFOjo4/1fy9HS/+3c6e2cczmOvR/8PzcycY/b+1tM/4pPBz/RJvxz3ib2N2J3vFfuNeHajrKxn8ftB3/Ply0mhjJcy81xnxjyYWL5TTr27Ju8niM7c3y3dZzTq/frXcqax3/ZVtWf3MsmJ/HvdFN613zpVrpadrc6v6NiNd6jH+TNvc/ux7ntlnH0fT2653Kerf/2ar/HPFG2/v/aK6TdF+fnGo8D1PNp2Krv28e/b1T/bvd/uz+H+je/omkdb22+uR1/LTv37RT2WSSL5o+4fO/J/m8kd6T77taqtWWpyP2JJ9s3T/z6LXNfPP4rP3Hj7WP/27P//6I+GKb7b955GbHQwfh/s8/0f3vkKgnHYvufvzlj53q317/93YjdTzfs53+r8uZPpZ4mmsHAAAAAAAAg6YQEQcjKRQfpguFYnHj8x1H4kChXKnWTlyorFyaj8Z3ZSdirNBc6R5v+TzEdP552GZ+ZlN+NiIOR8R3I/sb+eJcpTy/240HAAAAAAAAAAAAAAAAAACAATHe4fv/mT9GdvvsgGfOT37D8OoZ//34pSdgIPn/H4aX+IfhJf5heIl/GF7iH4aX+IfhJf5heIl/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KtzZ89mW339wbW5LD9/ZXVlsXLl5HxaXSwurcwV5yrLl4sLlcpCOS3OVZZ6/XvlSuXy9EysXJ2qpUltqrq6dn6psnKpdv7iUmkhPZ+OPZdWAQAAAAAAAAAAAAAAAAAAwP9LdXVtsVQup8sSEjtKjA7GaUj0ObHbPRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPPJfAAAA//9j0zaD")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000600"/28], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000ccdf814f24c3d29500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7ec9}, 0x94)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000000c0)='mm_page_alloc\x00', r4}, 0x18)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
fcntl$setpipe(r5, 0x407, 0x7000000)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6], 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
r9 = dup(r8)
fsetxattr$security_selinux(r9, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)
r10 = dup(r2)
sendmsg$inet(r10, &(0x7f0000000080)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000000040)=[{0x0}, {&(0x7f0000000000)="be", 0x1}], 0x2}, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0xa0}}, 0x0)
r11 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f00000000000000000a000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmmsg(r11, &(0x7f0000000000), 0x4000000000001f2, 0x0)

3m25.225361047s ago: executing program 4 (id=464):
prctl$PR_SET_SECUREBITS(0x1c, 0x24)
setuid(0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000340)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000100)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000000c0), 0x12)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000740)='./bus\x00', 0x283016, 0x0, 0x11, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
newfstatat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0), 0x1000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x3, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000100)=0x5000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
tgkill(r2, r2, 0xa)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0x200003a0, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
userfaultfd(0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r6=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000200)={r5, r6, 0x25, 0x6, @val=@netkit={@void, @value=r5}}, 0x1c)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000280)={{}, 'syz1\x00', 0x10})

3m25.224849217s ago: executing program 35 (id=464):
prctl$PR_SET_SECUREBITS(0x1c, 0x24)
setuid(0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000340)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000100)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000000c0), 0x12)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000740)='./bus\x00', 0x283016, 0x0, 0x11, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
newfstatat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0), 0x1000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x3, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000100)=0x5000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
tgkill(r2, r2, 0xa)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0x200003a0, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
userfaultfd(0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r6=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000200)={r5, r6, 0x25, 0x6, @val=@netkit={@void, @value=r5}}, 0x1c)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000280)={{}, 'syz1\x00', 0x10})

3m25.079304399s ago: executing program 5 (id=467):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x8000, &(0x7f0000000740)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c666d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be29df17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e6760094145e542e426bceaab9b2cf261046247bce0565db3ac5888b74efd48bc9f455e60f49496ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9d0000000094bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4672e47fe5a25502919954242f8d779d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d4ada887dcc71e35f364baa1b93fd5ee36c02aa4628511442982ced893ab946472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b5650d88642b10c7893fe9b664421a40f4822ffcc284dfe9aea76e4a04293c970f2dae776decf07b085e16511b0bd365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b28c52096d13d6b9aac338f27ca2d2108c51ad7bbbc6ec9d577b00c703c4ef2ee9f16febbb7afdafc59e817dc8edb56d445c74fa48cdccf79223640f685b92b26c62d7d65dd4fdd6f73c1d9c70f1bca7a7150f62de63f2f579f1fb2d10f3a770f2b9ce8cd8be9414e0444fd357b3fad5b16d91c91c0f1aa3e11d39426af77180bdb588060a2546b369655c02eb52709e0e03785f8010bfd1a72a817dad46c854ebb0a8aa5d59cae56089e2aac882b33018aa4006a44968a267cde827c86aa1abccb51cb152459f91a39a5cbbd8d218d37f4cf35d339694a379", @ANYBLOB="d23c17f6ec95b3b820b1161ffa233394c6007d8285b061be4d1d842e4a63ec77908347691f71d1e4132f09405a5b81867a01cf3df73c16fd31622d37a921bdbff76ef2fed6da828ab4e0f87928c18c0380050249fb6ab8e225d1f3c041a6377723b83e57fcac059ad433974df43b0efc268cbd67279c5e0f19f5b89100cc35aafb9e96dae3d8afe28e887e01475b9ec063d40d1080f70254a3f65a1c6261571866a21a54d762495480"], 0xf, 0x2a8, &(0x7f00000001c0)="$eJzs3T9rc1UYAPDnJmkSdUgRF8Xhgg5O5a2rS6O8gthJiaAOGmwLkoRCCwErGDv1Ezj6PfwILi5+A8FVcGuHypWbe2+T2PQPNY1gf7/p6TnnOefJPSWZ8uTL10eDvcMkTs9/i3Y7idpO7MRFEptRi8r30QgA4P/jIsviz+whmY3a6qsBANah+Pwv3LW2tZ6SAIBH9vGnn33Y3d19/lGatuPVztm4l0TE6GzcK+a7B/F1DGM/nkUnLiOyK0X8/ge7z6OR5jbjzdFk3MszR1/8Uu7f/SNimr8dndhcnr+dFq7yX6yqS6N7sFH90YlXlue//c/8GE2i14y33pirfys68etXcRjD2Is8d5b/3Xaavpf9cP7t5/kxeX5Si15rum4mq6/pSgAAAAAAAAAAAAAAAAAAAAAAeAK20jQp2vdM+/fkQ9P+OeNe/XI6v5VW5vv7TKr+QEm1UdEfKIuyRc8kix+r/jrP0jTNyoWz/Ea81vDDAgAAAAAAAAAAAAAAAAAAAJA7/uZk0B8O949WElTdAKqv9T90n53ZyEZEDPr1mzdsRdTuedZ8t4G81lsXR6MRK3osdwUv5PWsfOfW7HI/iSKoLmalZ738brHpyaCfllPVQx70k7vOalcX99P8VDP+bWHZ9F/iMlu80/ZVqYtZzRU9jeZLS6f+yrLsfvu883txR+VIMm2xcb/TN8pg6QvMg/b1u/j55g1vfMuor+q9BwAAAAAAAAAAAAAAAAAAWDT70u+SydNbU2uPVhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArNns9/+roB0RiyPXgkmZfNuaMmjG0fF//BIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4Av4OAAD//4GmTU4=")
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x181)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'batadv_slave_0\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x7, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x871}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', r1, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, 0x0, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'wg0\x00', <r4=>0x0})
sendto$packet(r3, &(0x7f0000000180)="0b03feff4f00020002004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14)
r5 = syz_io_uring_setup(0x1eae, &(0x7f0000000480)={0x0, 0x9d2d, 0x1, 0x2, 0x335}, &(0x7f0000000080)=<r6=>0x0, &(0x7f0000001080))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x40, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r5, 0x1682, 0x0, 0xb, 0x0, 0x0)
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r5, 0xc, 0x0, 0x0)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r7, 0xc004743e, 0x110e22fff6)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_xfrm(0x10, 0x3, 0x6)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="c4000000190001000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000700000000000000f1ee7368d4e9d6c34313df780000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00150000000020ffff0000"], 0xc4}}, 0x4000000)

3m24.446903409s ago: executing program 5 (id=470):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000a40), 0x40400, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r3, 0x4048ae9b, &(0x7f0000000300)={0x70001, 0x0, [0x40000000000, 0x64f, 0x6, 0x6, 0xfffffffffffffffc, 0x4ffff, 0x29]})
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000800)=ANY=[@ANYBLOB="48000000110001000000000000000000ffffffff001e00000000000000000000000000000a3200000c00150000000000000000001400"], 0x48}}, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000000)="f20f1c0166b864912c870f23c80f21f866350c0080000f23f80f01fc0f20e06635000010000f22e00f20c06635000000400f22c00f1c9700000f01c566b9a001000066b80400000066ba000000000f30c0dbb6660f3adf932700de", 0x5b}], 0x1, 0x0, 0x0, 0x0)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00'}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000500)='kmem_cache_free\x00'}, 0x18)
syz_emit_ethernet(0x62, &(0x7f0000000540)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a37f2", 0x2c, 0x2c, 0x0, @remote, @local, {[@dstopts={0x33, 0x2, '\x00', [@calipso={0x7, 0x8, {0x1, 0x0, 0x2, 0x7}}, @jumbo={0xc2, 0x4, 0x2}]}], {{0x600, 0x3, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f00000005c0)=ANY=[@ANYRESOCT=r5, @ANYRES32=r0, @ANYRES16=r1, @ANYRES16=r6, @ANYBLOB="8b137e7fe778fe462a30d57f469e24d03207a0e22d540c11359f41cb2cd53dadf7ea5981982619b4e90a37ad9767e76853e13f841e46dd84f0a3226817dca7098328bcd3eeeb150f3f450f1dec342feab19f676dad7a3bace079d9b5c07e784f7ff87255864c38fff5913d2f674b128bdb402f40ae826ae2f2f69924db4fff65a439d9cd58286e4560cdd50cee6baf29633dd913b6b6bc9f433e005bcb689d384274e994ea77a2d3c56dc980264299b8b03bca20c3043e6eeb77fd94f62a894194096f9a31be21738ca1"], 0x119)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
read$FUSE(r7, &(0x7f0000001680)={0x2020}, 0x2020)
socketpair$tipc(0x1e, 0x5, 0x0, 0x0)
connect$tipc(0xffffffffffffffff, &(0x7f0000000480)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}, 0x3}}, 0x10)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1008082, &(0x7f00000002c0)={[{@data_journal}, {@nogrpid}, {@dax_inode}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x4}}, {@dioread_nolock}, {@jqfmt_vfsv0}, {@noacl}, {@nobarrier}]}, 0x2, 0x5fd, &(0x7f0000001080)="$eJzs3c9vFdUeAPDv3NuWlvJeC3l57+FCmhgDidLSAoYYF7A1pMEfcePGSgsiBRpafxRNKAluTIwbY0yMCxfif6FEtqx05cKNK0JC1LA08Zq5nSn9Mbe/aO8g8/kkl545Z6bnzL18O+eee87cACprIP2nFrE3IqaSiL5kbqGsI7LCgfn97v/x4en0kUSj8cpvSSRZXr5/kv3szQ7ujogff0hiT31lvdOzV86PTU5OXM62h2YuTA1Nz145eO7C2NmJsxMXR54bOXb0yNFjw4c2dV5XC/JOXn/7vb6PR1//5ss/k+FvfxlN4ni8mO24+Dy2ykAMNJ+TZGVR77Gtrqwk9ez/yeKXOOko2rOzfY1i3fLXL311/hd9UY8HL15ffPRSqY0DtlUjiWgAFZWIf6iovB+Qv7df/j64VkqvBGiHeyfmBwBWxn/H/NhgdDfHBnbeT2LxsE4SEZsbmVtqV0TcvjV6/cyt0euxTeNwQLG5axHx/6L4T5rx3x/d0d+M/9qS+E/7Baeyn2n+y5usf/lQsfiH9pmP/+5V4z9axP8bi+L/zU3WP/Ag+VbPkvjv2ewpAQAAAAAAQGXdPBERzxZ9/l9bmP8TBfN/eiPi+BbUP7Bse+Xn/7W7W1ANUODeiYgXCuf/1vLZv/31LPWv5nyAzuTMucmJQxHx74g4EJ070u3hVeo4+MmeL1qVDWTz//JHWv/tbC5g1o67HTsWH1GP8bGZsYc/c+DetYgnCuf/JgvX/6Tg+p/+PZhaZx17nr5xqlXZ2vEPbJfG1xH7C6//D+5akax+f46hZn9gKO8VrPTkB59+16r+zcZ/4S0mgA1Jr/87V4///mTx/XqmN17H4dmOxsrcO18dfnc+tbH+fzT7/13Jq81bznRlee+PzcxcHo7oSk7W09wl+SMbbzM8jvJ4yOMljf8DT60+/lfU/++JiLllvzv5fema4tx//+r9tVV79P+hPGn8j2/o+r/xxMiN/u9b1b++8b8jzWv9gSzH+B/M+zwP066l+QXh2FFU1O72AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDjoBYRuyKpDS6ka7XBwYjeiPhP7KxNXpqeeebMpXcujqdlze//r+Xf9Ns3v53k3//fv2h7ZNn24YjYHRGf1Xua24OnL02Ol33yAAAAAAAAAAAAAAAAAAAA8IjobbH+P3WnXnbrgG3XUXYDgNIUxP9PZbQDaD/Xf6gu8Q/VJf6husQ/VJf4h+oS/1Bd4h+qS/wDAAAAAMBjZfe+mz8nETH3fE/zkerKyjpLbRmw3WplNwAojVv8QHWZ+gPV5T0+kKxR3t3yoLWOXM3U6Yc4GAAAAAAAAAAAAAAqZ/9e6/+hqqz/h+qy/h+qK1//v6/kdgDt5z0+EGus5C9c/7/mUQAAAAAAAAAAAADAVpqevXJ+bHJy4vI/OnE8O5uH+j2vlX0WW5KoRcS6d240GlfT5+1Rafz2JOrtqiufCl+8T5T9bORr/dZ3VDl/jwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJX+DgAA//90MCEH")
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000180)={'fscrypt:', @desc2}, &(0x7f0000000500)={0x0, "f100000000462d3589e67197f90be6e423ceb0ab4912f9fba31854ec98e950cfede476ad7ff0fbcb56670982f8938caa52dd8d39ff14c31ed56ad59300", 0x8004000}, 0x48, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r8, 0x0, 0x4)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

3m23.577113199s ago: executing program 5 (id=478):
r0 = socket(0x11, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @dev}, 0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0}, 0x18)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs2/binder1\x00', 0x800, 0x0)
ioctl$BINDER_GET_NODE_DEBUG_INFO(r3, 0xc018620b, &(0x7f00000000c0))
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
write$cgroup_int(r5, &(0x7f0000000200), 0x43451)
ioctl$UI_SET_KEYBIT(r5, 0x40045565, 0x147)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000700)=ANY=[@ANYBLOB="02011400012918000e3580009f0001140000002f0600ac141430e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0aba61f6304a80500ffffca88faca"], 0xdd12}], 0x1}, 0x10)

3m23.468466938s ago: executing program 5 (id=479):
syz_mount_image$erofs(&(0x7f00000002c0), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000040)=ANY=[@ANYRES16=0x0, @ANYBLOB="fcdf5883c81a6c1f703ca4d658f2464326cfe486a0970f633f6977", @ANYRES16], 0x0, 0x1cd, &(0x7f0000000640)="$eJzsmT2vEkEUht+Z3QvcG2NiY2GjiTfxmsCyu6ihscBfYAJ+dRJZCbqAgS2AxILY2Pgz/AsWVBZ2drZaqImJhZTWa2Y4sCPfRIkm9zwJs+/snPk4ZzdvwYJhmFPL1y8/P7+6VaxkAZzBMdJ0/7uVxEgj/lOGxMfX71pnn4/m1xMA4nj7/W0Ab0sWIurH8e+zj+lagZzpO5C4SvoeBBzSDyFxl3QAgQeknxi6fUgiDJxH7bD2uBEGrmo81fiqKcyfbzwUqAHI0PmEMd7tD55WwzDozIuDeLrPwtCuYkP97HFJ4qZRP/W87r98MVT9aW1co34eJDzSBQiUSReRhuM4SUmM/C/YyfrWNvn/D+Jcbl1M9m/uReXBv06ZxWYhjDuHSgjzwZ0fj94vzvq2z4Nd2m/KIM9eGPpw9Gcrp+ilXxqT+Key3CuGP9mwZ/6Rj5rP8t3+INdoVutBPWj5fuGGe811r/t5bUSTdo3/ZbQ/HRnrH6yITYkUetUo6ng9IOp4s74/aQ3HLb9p/9BzpPY/iZPLkzXUq6LTTi/fQ9BP6qtSJ9bKwzMMwzAMwzAMwzAMwzAMw+zERQj9Lyh9qIpX4N/W0b8CAAD//0drYWQ=")
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x3c1, 0x3, 0x398, 0x0, 0xc8, 0x8, 0x0, 0x5803, 0x2c8, 0x2e8, 0x2e8, 0x2c8, 0x2e8, 0x3, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @multicast1}, @mcast1, [], [0x0, 0x0, 0x0, 0xfd], 'erspan0\x00', 'geneve1\x00'}, 0x0, 0x190, 0x1c0, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f34a214e67262c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x40, 0x1}}, @common=@inet=@socket3={{0x28}, 0x22434d1da5f3fe5d}]}, @common=@unspec=@CONNMARK={0x30}}, {{@ipv6={@local, @empty, [0xffffffff, 0x1ff000100, 0x0, 0xffffffff], [0xff, 0xffffff, 0x0, 0xffffff00], 'pimreg0\x00', 'wlan1\x00', {}, {}, 0x21, 0xb, 0x1, 0x16}, 0x0, 0xa8, 0x108}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv6=@mcast2, [0xffffff00, 0xff000000, 0x0, 0xffffff], 0x4e23, 0x4e22, 0x4e23, 0x4e20, 0xf81, 0x9, 0x500, 0x7ff, 0x200}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3f8)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000000040)={{0x0, 0x3938700}}, 0x0)
clock_gettime(0x0, &(0x7f0000000000)={<r2=>0x0, <r3=>0x0})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
r5 = open(&(0x7f0000000180)='./bus\x00', 0x640100, 0x186)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.numa_stat\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r6, 0x8004587d, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1})
fallocate(r5, 0x0, 0x0, 0x1000f4)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000040)={'batadv_slave_0\x00', &(0x7f0000000000)=@ethtool_cmd={0x26, 0x3}})
timer_settime(r1, 0x1, &(0x7f0000000080)={{0x0, 0x989680}, {r2, r3+10000000}}, &(0x7f00000000c0))
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='kvm_fpu\x00', r6, 0x0, 0x3}, 0x18)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r8}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="7d757ab76bba3d4b25e62e030a242d7893b60e48", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prlimit64(0x0, 0x5, &(0x7f0000000240)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
ftruncate(r7, 0xec)
r9 = getpid()
sched_setscheduler(r9, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r10 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r10, &(0x7f0000032680)=""/102400, 0x19000)

3m22.715187248s ago: executing program 5 (id=481):
eventfd(0xc)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c0000000400000001000000"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

3m13.902969022s ago: executing program 5 (id=519):
r0 = socket(0xa, 0x3, 0xff) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="09000000180000000800000040"], 0x50) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) (async)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) (async)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000001700)=0x4) (async)
socketpair$unix(0x1, 0x2, 0x0, 0x0) (async)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0xe, &(0x7f0000002300)=ANY=[@ANYBLOB="b702000000001700bfa300000000000007030000f0ffffff720af0ff1100000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd844a954b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129da487130d5f24bf901115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4b9535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024a0041b1df65b3e1b9bf115646d14ce53d13d0ccacda1efc5f9094fa737c28b994a8512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4fdc4b4861004eefbc17f54f82a804d4a69bf9bc5fa77ee2922bd165a5a68488e010030166565a097b103b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f940b6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c2d7f22b0d22772c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d366501753a7ac7fedb8d34f5bc381604fcd46105c457e7dd13cab6692422a47e9ffe2d4a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c9585638c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670100be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c160119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d300e4d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000001c800000000000000000000000928ee53595a779d243a48cea769470424d28804c024ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d74bf0a305790c9d644735efbf3411718d6ee7aebf9ef40662d7836d252c566f5ee934c679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c031578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada209bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6155e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2f085185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bcdb7c89739f5d81e750d50517a59a3ad09e8802e8f4f535447cc0facd5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5b473332f2011e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d3fcd116bce9c764c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755367fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf00000048d2570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749e1338636555009edf66be445d6975d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab0043ebf7c79a953e023f74afad591821610b857e8717764b633b21cb32f09f4db033e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c1960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000000000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd5c17d5486b0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dff7aa46e820a74f9530bdcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fdca4e9eda0072f6df342f3e7071e28ef6806bc8e139c49b91c76b0d3958f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7194d1eb3de6a5f99f301f89c2ee627e949cdd22000026a9960503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640000cd9e7f2e236ef5f1e3a94b108eb9750b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a2050000c375c705c798e0e208e4a5259d0bda526b462af45a6e9a84aebe"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040), 0x10}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000340)=ANY=[@ANYRESHEX], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async, rerun: 64)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x15d90f88bddb15c3, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (rerun: 64)
getdents(0xffffffffffffffff, &(0x7f0000000680)=""/243, 0xf3) (async, rerun: 64)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0xc, &(0x7f0000000180)=ANY=[@ANYRESOCT=r0, @ANYRESOCT=r3, @ANYRES32=r3], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) (rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10) (async)
unshare(0x40020200) (async)
socket(0x1, 0x1, 0x0)
setreuid(0xee00, 0x0) (async, rerun: 32)
r5 = syz_pidfd_open(0x0, 0x0) (rerun: 32)
setns(r5, 0x24020000)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x1000, r1}, 0x38) (async)
socket(0xa, 0x2400000001, 0x0) (async)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
close(r6) (async, rerun: 64)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) (async, rerun: 64)
ioctl$TUNSETOFFLOAD(r6, 0xc004743e, 0x110e22fff7)

3m13.795880441s ago: executing program 36 (id=519):
r0 = socket(0xa, 0x3, 0xff) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="09000000180000000800000040"], 0x50) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) (async)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) (async)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000001700)=0x4) (async)
socketpair$unix(0x1, 0x2, 0x0, 0x0) (async)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0xe, &(0x7f0000002300)=ANY=[@ANYBLOB="b702000000001700bfa300000000000007030000f0ffffff720af0ff1100000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd844a954b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129da487130d5f24bf901115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4b9535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024a0041b1df65b3e1b9bf115646d14ce53d13d0ccacda1efc5f9094fa737c28b994a8512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4fdc4b4861004eefbc17f54f82a804d4a69bf9bc5fa77ee2922bd165a5a68488e010030166565a097b103b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f940b6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c2d7f22b0d22772c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d366501753a7ac7fedb8d34f5bc381604fcd46105c457e7dd13cab6692422a47e9ffe2d4a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c9585638c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670100be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c160119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d300e4d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000001c800000000000000000000000928ee53595a779d243a48cea769470424d28804c024ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d74bf0a305790c9d644735efbf3411718d6ee7aebf9ef40662d7836d252c566f5ee934c679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c031578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada209bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6155e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2f085185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bcdb7c89739f5d81e750d50517a59a3ad09e8802e8f4f535447cc0facd5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5b473332f2011e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d3fcd116bce9c764c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755367fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf00000048d2570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749e1338636555009edf66be445d6975d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab0043ebf7c79a953e023f74afad591821610b857e8717764b633b21cb32f09f4db033e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c1960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000000000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd5c17d5486b0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dff7aa46e820a74f9530bdcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fdca4e9eda0072f6df342f3e7071e28ef6806bc8e139c49b91c76b0d3958f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7194d1eb3de6a5f99f301f89c2ee627e949cdd22000026a9960503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640000cd9e7f2e236ef5f1e3a94b108eb9750b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a2050000c375c705c798e0e208e4a5259d0bda526b462af45a6e9a84aebe"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040), 0x10}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000340)=ANY=[@ANYRESHEX], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async, rerun: 64)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x15d90f88bddb15c3, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (rerun: 64)
getdents(0xffffffffffffffff, &(0x7f0000000680)=""/243, 0xf3) (async, rerun: 64)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0xc, &(0x7f0000000180)=ANY=[@ANYRESOCT=r0, @ANYRESOCT=r3, @ANYRES32=r3], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) (rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10) (async)
unshare(0x40020200) (async)
socket(0x1, 0x1, 0x0)
setreuid(0xee00, 0x0) (async, rerun: 32)
r5 = syz_pidfd_open(0x0, 0x0) (rerun: 32)
setns(r5, 0x24020000)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x1000, r1}, 0x38) (async)
socket(0xa, 0x2400000001, 0x0) (async)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
close(r6) (async, rerun: 64)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) (async, rerun: 64)
ioctl$TUNSETOFFLOAD(r6, 0xc004743e, 0x110e22fff7)

32.636560175s ago: executing program 6 (id=1455):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f000000000000000002000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4005}, 0x0)

32.44259684s ago: executing program 6 (id=1456):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f00000002c0)={[{@barrier}, {@nodioread_nolock}, {@noquota}, {@barrier}, {@auto_da_alloc}, {@nodioread_nolock}]}, 0x1, 0x599, &(0x7f0000001280)="$eJzs3T9sG2UbAPDnznHTP/m+9JO+T/pAHSpAKlJVJ+kfKEztiqhUqQMSC0SOG1Vx4ipOoIkike4VogMC1KVsMDCCGBgQCyMrC4gZqaIRSE0HMHJ8TtPULk6I4xL/ftLZ73t39vO+d35e+053cgB962j9IY14KiIuJhHDG5YNRLbwaGO91ZWl4v2VpWIStdqlX5JIIuLeylKxuX6SPR+KiOWI+H9EfJOPOJ6uv+W+ZqG6sDg1Xi6XZrP6yNz01ZHqwuKJK9Pjk6XJ0sypF186c/b0mbGTYxube7+2sZbfWl9v/Hjz3RvfvXL75qefHVkuvj+exLkYypZt7MdOamyTfJzbNP90N4L1UNLrBrAtuSzP66n0vxiOXJb1rdQ2Dg6Du9I8oItqgxE1oE8l8h/6VPN3QP34tznt5u+PO+cbByD1uKsrS8V3ohl/oHFuIvavHZsc/DV56Mikfrx5eDcbyp60fD0iRgcGHv38J9nnb/tGd6KBdNXX5xs76tH9n66PP9Fi/Blqnjv9m5rj32o2/q22iJ9rM/5d7DDG76//9FHb+NcH4+mW8ZP1+EmL+GlEvNlh/FuvfXm23bLaxxHHonX8puTx54dHLl8pl0Ybjy1jfHXsyMvt+x9xsE38xjnb/WtfMxv7vy9rU9ph/7/49vNnlh8T//lnH7//W23/AxHxXofx/3Pvk1fbLbtzPblb/xWw1f2fRD5udxj/hXNHf8iKzhoCAAAAAAAAAMAOSteuZUvSwno5TQuFxj28/42DablSnTt+uTI/M9G45u1w5NPmlVbDjXpSr49l1+M26yc31U/lsoC5A2v1QrFSnuhx3wEAAAAAAAAAAAAAAAAAAOBJcWjT/f+/5dbu/9/8d9XAXtX+L7+BvU7+Q/96OP+TnrUD2H2+/6Fv1eQ/9C/5D/1L/kP/kv/Qv+Q/9C/5D/1L/gMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChPtXurywV6/WJgYX5qcpbJyZK1anC9HyxUKzMXi1MViqT5VKhWJn+q/dLKpWrozEzf21krlSdG6kuLL4xXZmfaf6naCnf9R4BAAAAAAAAAAAAAAAAAADAP8/Q2pSkhYh8o56mhULEvyLicBLJ5Svl0mhE/Dsivs/lB+v1sV43GgAAAAAAAAAAAAAAAAAAAPaY6sLi1Hi5XJrtXmEgC9XFEJ0XBrayckQs72wz6u+45Vflsw3Y4023Nwq5J+Nz+OQXejgoAQAAAAAAAAAAAAAAAABAn3pw02+nr/ijuw0CAAAAAAAAAAAAAAAAAACAvpT+nEREfTo2/NzQ5qX7ktXc2nNEvH3r0gfXxufmZsfq8++uz5/7MJt/shftBzrVzNM0Iup5DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxQXVicGi+XS7PbLAx2sE6v+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwHX8GAAD//xLkz18=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000740)='./file1\x00', 0x183042, 0x15)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
pwrite64(r0, &(0x7f0000000640)='2', 0x1, 0xe7c)

32.036350143s ago: executing program 6 (id=1459):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800714, &(0x7f0000000000)={[{@nobarrier}]}, 0x2, 0x486, &(0x7f0000001040)="$eJzs3M9rHFUcAPDv7Db93SbWWm1tNVrF4o+kSav24EFFwYOCoId6jElaa7eNNBFsCRpF6lEK3sWj4F/gzYuoBxG8KniUQtEgNPW0Mr+a7WaTJmmSNdnPBzb73s6bfe87M2/3zbzMBtCxetM/ScTOiPgtIrrz7K0FevOnmenJ4RvTk8NJ1Otv/JVk5a5PTw6XRcv1dhSZI5WIyqdJPJ/MrXf84qWzQ7Xa6IUi3z9x7r3+8YuXnjpzbuj06OnR84MnThw/NvDsM4NPr0icaVzXD3w4dnD/K29deW345JW3f/wmbda+Q/nyxjhu60aLgFroTbfa3/VM87JHl9D29WBXQzrZ1MaGsCTViEh3V1fW/7ujGrM7rzte/qStjQNWVfrdtGX+xVN1YANLot0tANqj/KJPz3/LxxoNPf4Xrr0QsblIz0xPDs/cjL9arxSvd61i/b0RcXLq3y/TRyz1OgQAwDJkY5snW43/KrEve87nOnYXcyg9EXFXROyJiLsjYm9E3BORlb03Iu7LV653L7L+3qb83PFP5WrLNq+QdPz3XMPYb6Yh/uKpp1rkdmXxdyWnztRGjxbb5Eh0bUnzAwvU8d1Lv34+37LG8V/6SOsvx4JFA65uarpANzI0MbRSG+HaxxEHNrWKP7k5E5AeAfsj4sDS3np3mTjz+NcH5yt0+/gXsALzTPWvIh7L9/9UNMVfShaen+zfGrXRo/3lUTHXT79cfn2++u8o/hWQ7v/ttx7/TSW6/0ny+dquqNVGL4wvvY7Lv3827znNco//zcmb2Zz1z+/kr30wNDFxYSBic/Jqli/P6bLXB2fXLfNl+TT+I4db9/89xTpp/PdHRHoQH4qIByLiwaLtD0XEwxFxeIH4f3jxkXcXiD+JJNq6/0dafv7dPP57ksb5+mUkqme//3a+GfPF7f/jMZV91uayz7/bWGwD73DzAQAAwLpQiYidkVT68nTvzqhU+vry/+HfG9srtbHxiSdOjb1/fiS/R6Anuirlla7uhuuhA8lU8Y55frC4VlwuP1ZcN/6iui3L9w2P1UbaHDt0uh239v8o+3/qz2q7WwesOvdrQedq7v+VNrUDWHuL+f53LgAbU4v+v60d7QDWnvN/6Fyt+v9HTXnjf9iY5vb/P1r8ZB2wERn/Q+fS/6Fz6f/Qke7kvv7lJ8qbBZb/PlsXfYd/pyTKX7xYzbq2xewrUWl7yB2USHvM2lY6+xsqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA69l/AQAA//9EvefZ")
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)

31.492473207s ago: executing program 6 (id=1469):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="48000000120001000000000000000000ac1414000000000000000000000000000000000000006c0014000d00200100000000000000000000000000000c0015"], 0x48}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000000), 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tcuTEXE1f9tURHztyxHfTA7Gbe7sri/WatWtvFxp1TcrzZ3d62v1xdXqanVjfn7ujYU3F15fmM1yT9TOUi/zky99/vanv/W7G3++9u12tT73kShEXztOUrfphc626Glvo63TCDYCE3l7CqOuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//ysA4A0=")
mount(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380)='devtmpfs\x00', 0x4000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x3200890, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x262)

31.191420061s ago: executing program 6 (id=1481):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x18)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)

31.08075504s ago: executing program 6 (id=1482):
r0 = socket$tipc(0x1e, 0x5, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
close(r0)

31.08063969s ago: executing program 37 (id=1482):
r0 = socket$tipc(0x1e, 0x5, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
close(r0)

1.913062976s ago: executing program 8 (id=2295):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xca02})
r1 = socket$netlink(0x10, 0x3, 0x0)
preadv(r0, &(0x7f0000000300)=[{&(0x7f0000000380)=""/183, 0xb7}], 0x1, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='pids.events\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, 0x0, 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)

1.668615416s ago: executing program 2 (id=2309):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001bc0)=ANY=[@ANYBLOB="ac020000", @ANYRES16=r3, @ANYBLOB="bf4400000000000000000c"], 0x2ac}}, 0x0)

1.560470114s ago: executing program 2 (id=2315):
creat(&(0x7f00000000c0)='./file0\x00', 0xc22cddfde31e1cc9)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[])

1.558273155s ago: executing program 2 (id=2317):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='bbr\x00', 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000300)='kmem_cache_free\x00', r1}, 0x18)
statx(0xffffffffffffff9c, 0x0, 0x0, 0xffff4a9c0080ffff, 0x0)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)

1.292550326s ago: executing program 3 (id=2330):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
syz_clone(0x64087000, 0x0, 0xffffff59, 0x0, 0x0, 0x0)
r2 = inotify_init1(0x0)
inotify_add_watch(r2, &(0x7f0000000080)='./file0\x00', 0x40000012)

1.266168578s ago: executing program 7 (id=2333):
creat(&(0x7f0000000200)='./file0\x00', 0xc2)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000680)='ext4\x00', &(0x7f00000006c0)='./file0\x00', 0x0, &(0x7f0000000700), 0x1, 0x676, &(0x7f0000000740)="$eJzs3UtsXFcZB/DvXj/IY8COkgXpBkMWRUKxPXFcBQRqi1jw6AJEF1SqBFYycayMkxC7VWyMaAMSjwVCXdAFUlVY0FJAWBTUIkBYPFYgVIlKqAgiYAWVqqK2YoU06Ixn7KG+rp36cSvu7yddz7nnzOR84+Q/917lHjuAyhpJX/KI4xExnEUM9Yz1R2dwZPV5SxPLF9KWRav18RezyCJiZmL5Qvf5WefxcOfFZyLil++POPHFjfPOLSxenGo2G1c7+2Pzs1fG5hYWT87MTk03phuXTtVvq58Zr09Ont619/rnH99/9PbDH/7J95997IfXvnXxb1ncEbXOWO/72C0jMbL2PenVn0XctduTlaSv8+9koOxCuGlfuO/sl9Pf39GIOBERR2Io+jqpv+Ud9740FNf+stlr//WrR/65n7UCu6/1uYgWUEllf/4AAAAAAAAAAAAAAAAAAADrWq3M+n+oqLI/fwAAAAAAAAAAAAAAAAAAgI1mJpYvdLf9mvOPP9uvmYAiL9wZEf2r+V/qbKsj/THSfjwQAxFx6OUsPW1NFhEf3eHcK3dEjMT7Hp7/xD3fSVt0Pod2+McC2/TAgxHx1qLjf9bO/3AcaO8dejn/n/zn6bWdx9R//XXMffy5lP+Z7/X2yT/sn53k/2s9+X/odcx98hsp/1//UW+f/EM1LP267AqAsnzo6bIrgGprn/+P9/dvdv6/E1e2GP/PXDr/f/HdvX3O/6EaHv9M2RUAZfnpD8quACjLV/9QdgVQbSt3puv/ov//y9fu/4mC+39qEfGpHc49+fN0/f/2o719rv9h/3Tv/1vacP/fev77Nrn/79FtztH69/Sxov5jT6X8P3qte/9f2tL83XsBgb31woMRtxTmP1vLf1aQ/zwilrc5x9Jv750t6j96d8r/4/fLP5Sj9c2IW6M4/12pNTY/e2VsbmHx5Mzs1HRjunHpVP22+pnx+uTk6bHzM83G+OrXwjnqD13/fFH/87en/A9dl38oRzr+H9ok/1ud/69sc45PfmX4Y0X9p+9J+f/AxGvnP39+MLs7lRCDnZ5rU/PzV+sRg9ldG/tP3ex3AKqjm5FuhlL+33nita//i87/D0bEM9ucc/HqU98t6n/ksZT/bz/h+A/lSPk/t8Xxvyj/qe+v25zjvS/9vnB50JN/Svn/+2flHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3qjwiapHlo2vtPB8djTgcEcfiUN68PDf/rvOX77t0Lo1FDMdA3v1N/0Or+1nar7fb6/unXrU/ERFHIuJLfQfb+6NnLzfPlf3moaJqETee/PTZwbLrAAAAAAAAAAAAAAAAAAAA1h1+1fr/f/Strv8H/n/VIm48+5unf5Har/SVXQ2wn1L+n3hl9iMh/1A58g/VJf9QXfIP1SX/UF3yD9Ul/1Bd8g/VJf9QXfIP1dWbfwAAAAAAAAAAAAAAAAAAAAAAAABgbx1528pzWUQ88J6D7S0Z7IwNlFoZsNfysgsASuNHf0N19ZddAFAa1/hAtsX4gc0GVrZ6JQAAAAAAAAAAAACwW249bv0/VJX1/1Bd1v9DdVn/D9XlGh+w/h8AAAAAAAAAAAAA3vhq7S3LRztrgWuR56OjEW+OiOEYyM7PNBvjEfGWiPhd38Cb0n697KKBHalF3PjgM8ceLrsOAAAAAAAAAAAAAAAAAABg3dzC4sWpZrNxVUNDQ2OtUfYnEwAAAAAAAAAAAAAAAAAAVM/6ot+yKwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA8qz//v+9a5T9HgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBm/TcAAP//7HpP/g==")

1.212516892s ago: executing program 9 (id=2335):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="500000000a0601020000ffff00000000020000000900020073797a31000000000500010006000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0xc4)

1.199574364s ago: executing program 9 (id=2336):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc1ffb}]})
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)

1.179887565s ago: executing program 3 (id=2337):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
io_uring_setup(0x739b, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x4, 0x24, &(0x7f0000000480)=ANY=[], 0x0)
ioctl$EVIOCRMFF(r0, 0x40095505, 0x0)

1.12067233s ago: executing program 9 (id=2338):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000201000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x41000}, 0x94)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r1, &(0x7f0000003d00)=[{{0x0, 0x0, &(0x7f0000001940)=[{&(0x7f0000000300)=""/148, 0x94}], 0x1}, 0x4}], 0x1, 0x10000, 0x0)

1.12054561s ago: executing program 7 (id=2339):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
timer_create(0x0, 0x0, &(0x7f0000000300)=<r2=>0x0)
timer_getoverrun(r2)

1.1204039s ago: executing program 7 (id=2340):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
io_setup(0x7, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000785ceb2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@newlink={0x20, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x115}}, 0x20}, 0x1, 0x0, 0x0, 0x28001}, 0x8000002)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4)

1.062536604s ago: executing program 8 (id=2341):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020e0000150000000000000000000000030005000000000002004e24ac1e00010000000000000000030006003c000000020000fc34000000000000000000000001001800000000000800120000000200fcffffff0000000006003300000000000000000000000000fe8000000000000000000000000000aa00000000000000000000000000000000040003"], 0xa8}}, 0x40000)
sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, 0x0, 0x0)

1.004864599s ago: executing program 8 (id=2342):
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000600080850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x60, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021bc0000000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000900003808c000080080003400000000280000b807c000180090001006c617374000000006c000280080001400000000508000140000000090c0002"], 0x140}}, 0x0)

948.758864ms ago: executing program 8 (id=2343):
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @mcast1}, 0x1c)

917.254976ms ago: executing program 8 (id=2344):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x14, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x42, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
write$selinux_attr(r2, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)

852.732462ms ago: executing program 8 (id=2345):
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={0xffffffffffffffff}, 0x4)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x6, 0x1002, 0x0, 0x2, 0xffffffff}, [@TCA_NETEM_CORRUPT={0xc, 0x4, {0xfffffffd}}]}}}]}, 0x58}}, 0x20000000)
sendmsg$inet(r1, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)

376.68232ms ago: executing program 3 (id=2346):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae091f75cd9701ffa62891f686bfbb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003875c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9e"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r1)
sendmsg$ETHTOOL_MSG_STRSET_GET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x28, r2, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x2001}, 0x0)

376.55657ms ago: executing program 2 (id=2347):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
close(r2)

270.907818ms ago: executing program 9 (id=2348):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200003, 0x0, 0x0, 0x3})
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x8f0, &(0x7f0000002400)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r2, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}])

191.574924ms ago: executing program 3 (id=2349):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x1, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="08020000", @ANYRES16=r3, @ANYBLOB="0109000000000000002501"], 0x208}, 0x1, 0x0, 0x0, 0x24004000}, 0x24044880)

128.689809ms ago: executing program 2 (id=2350):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)={0x20, 0x2, 0x1, 0x5, 0x0, 0x0, {0xa, 0x0, 0xa}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x4}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x60400d0}, 0x4000000)

128.482619ms ago: executing program 7 (id=2351):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x200, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newtaction={0x90, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x7c, 0x1, [@m_tunnel_key={0x78, 0x1, 0x0, 0x0, {{0xf}, {0x48, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x9, 0x408, 0xfffffffffffffff5, 0x5, 0x1}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @private0={0xfc, 0x0, '\x00', 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @empty}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x90}}, 0x0)

122.71493ms ago: executing program 7 (id=2352):
r0 = open(&(0x7f0000000140)='./bus\x00', 0x143bc2, 0x1c0)
fcntl$setlease(r0, 0x400, 0x1)
open(0x0, 0x18f03e, 0x8)
open$dir(&(0x7f0000000000)='./bus\x00', 0x80000, 0x4c)
close(r0)

122.12207ms ago: executing program 9 (id=2353):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
fcntl$lock(r0, 0x25, &(0x7f0000000280)={0x0, 0x2, 0x80000001, 0x9, 0xffffffffffffffff})

103.971741ms ago: executing program 2 (id=2354):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="0b00000073790101000000000000000000000000000af7f4f0c55de8ca0000000000000000000000000000000000000000f3c800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff00000000000000000000000000000020000000000000030000000000000000000000004119202532aeecfcdbb73887feb3"], 0x138)
write$UHID_DESTROY(r0, &(0x7f0000000340), 0x4)

103.439682ms ago: executing program 3 (id=2364):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001700)=ANY=[@ANYBLOB="160000000000000061b1000002"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1, <r2=>0xffffffffffffffff}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x15, &(0x7f0000000200)={r2, 0x0, &(0x7f0000001780)=""/4096}, 0x20)

396.58µs ago: executing program 9 (id=2355):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@multicast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x4f}}, {{@in6=@mcast2, 0x404d3, 0x2b}, 0x0, @in=@empty}}, 0xe4)
r1 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
close(r0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc0000000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x40, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0xaa3, 0xfffffffffffffff8}, {0x0, 0xb}}}, 0xb8}}, 0x0)

260.24µs ago: executing program 3 (id=2356):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x6, 0x2, 0x0, 0x2}, [@TCA_NETEM_CORRUPT={0xc, 0x4, {0xfffffffd}}]}}}]}, 0x58}}, 0x20000000)

0s ago: executing program 7 (id=2357):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90)
r0 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
write$selinux_access(r0, 0x0, 0x0)
read(r0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r2 = socket$packet(0x11, 0x3, 0x300)
ptrace(0x10, 0x0)
r3 = gettid()
r4 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
read$ptp(r4, 0x0, 0x0)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x4, @tid=r3}, &(0x7f0000bbdffc)=<r5=>0x0)
syz_open_procfs(0x0, 0x0)
timer_settime(r5, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x1000000000)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
ptrace$getregset(0x4204, 0x0, 0x2, &(0x7f0000000100)={0x0})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'veth0\x00', <r6=>0x0})
setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f00000004c0)={r6, 0x3, 0x6}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bind$packet(r2, &(0x7f0000000040)={0x11, 0x1, r6, 0x1, 0x9}, 0x14)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000100)={r6, 0x1, 0x6, @remote}, 0x10)

kernel console output (not intermixed with test programs):

-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  251.193636][  T351] udevd[351]: inotify_add_watch(7, /dev/loop8p1, 10) failed: No such file or directory
[  251.216439][ T2845] udevd[2845]: inotify_add_watch(7, /dev/loop8p2, 10) failed: No such file or directory
[  251.232981][ T4941] EXT4-fs (loop6): mounted filesystem without journal. Opts: i_version,quota,min_batch_time=0x0000000000000005,,errors=continue. Quota mode: writeback.
[  251.311756][ T4934] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  251.379261][  T332] udevd[332]: inotify_add_watch(7, /dev/loop8p3, 10) failed: No such file or directory
[  251.604703][ T4934] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  251.764055][   T30] audit: type=1326 audit(2000000706.716:2703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4933 comm="syz.2.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  251.807104][ T2845] udevd[2845]: inotify_add_watch(7, /dev/loop8p3, 10) failed: No such file or directory
[  251.819323][  T347] udevd[347]: inotify_add_watch(7, /dev/loop8p2, 10) failed: No such file or directory
[  251.836936][   T30] audit: type=1326 audit(2000000706.716:2704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4933 comm="syz.2.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  251.838017][  T351] udevd[351]: inotify_add_watch(7, /dev/loop8p1, 10) failed: No such file or directory
[  251.862007][   T30] audit: type=1326 audit(2000000706.716:2705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4933 comm="syz.2.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  251.862039][   T30] audit: type=1326 audit(2000000706.716:2706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4933 comm="syz.2.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  251.939266][   T30] audit: type=1326 audit(2000000706.716:2707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4933 comm="syz.2.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  251.966912][ T4938] netlink: 96 bytes leftover after parsing attributes in process `syz.7.1298'.
[  251.983305][   T30] audit: type=1326 audit(2000000706.716:2708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4933 comm="syz.2.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  252.086197][   T30] audit: type=1326 audit(2000000706.716:2709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4933 comm="syz.2.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  252.112574][ T4955] loop2: detected capacity change from 0 to 128
[  252.121599][ T4953] loop6: detected capacity change from 0 to 256
[  252.172435][   T30] audit: type=1326 audit(2000000706.716:2710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4933 comm="syz.2.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f1fac6acc23 code=0x7ffc0000
[  252.218932][ T4937] loop9: detected capacity change from 0 to 40427
[  252.250609][ T4946] loop8: detected capacity change from 0 to 40427
[  252.260416][ T4937] F2FS-fs (loop9): Small segment_count (9 < 1 * 24)
[  252.263563][ T4953] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  252.278623][ T4937] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  252.287393][ T4955] attempt to access beyond end of device
[  252.287393][ T4955] loop2: rw=2049, want=148, limit=128
[  252.313440][ T4937] F2FS-fs (loop9): Found nat_bits in checkpoint
[  252.323916][ T4946] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12
[  252.362114][ T4946] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  252.374223][ T4955] attempt to access beyond end of device
[  252.374223][ T4955] loop2: rw=2049, want=154, limit=128
[  252.394801][ T4946] F2FS-fs (loop8): invalid crc value
[  252.402937][ T4946] F2FS-fs (loop8): invalid crc value
[  252.408581][ T4946] F2FS-fs (loop8): Failed to get valid F2FS checkpoint
[  252.416271][ T4955] attempt to access beyond end of device
[  252.416271][ T4955] loop2: rw=524288, want=154, limit=128
[  252.432281][ T4955] attempt to access beyond end of device
[  252.432281][ T4955] loop2: rw=0, want=154, limit=128
[  252.446601][ T4955] attempt to access beyond end of device
[  252.446601][ T4955] loop2: rw=0, want=154, limit=128
[  252.458669][ T4937] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[  252.466750][ T4937] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  252.476378][ T4954] attempt to access beyond end of device
[  252.476378][ T4954] loop2: rw=0, want=154, limit=128
[  252.500806][ T4955] attempt to access beyond end of device
[  252.500806][ T4955] loop2: rw=0, want=154, limit=128
[  252.512469][ T4965] device syzkaller0 entered promiscuous mode
[  252.516109][ T4955] attempt to access beyond end of device
[  252.516109][ T4955] loop2: rw=0, want=154, limit=128
[  252.530822][ T4954] attempt to access beyond end of device
[  252.530822][ T4954] loop2: rw=0, want=154, limit=128
[  252.550250][ T4955] attempt to access beyond end of device
[  252.550250][ T4955] loop2: rw=0, want=154, limit=128
[  252.573524][ T4955] Buffer I/O error on dev loop2, logical block 153, async page read
[  252.582431][ T4955] Buffer I/O error on dev loop2, logical block 153, async page read
[  252.592626][ T4955] Buffer I/O error on dev loop2, logical block 153, async page read
[  252.602264][ T4955] Buffer I/O error on dev loop2, logical block 153, async page read
[  252.611145][ T4955] Buffer I/O error on dev loop2, logical block 153, async page read
[  252.620234][ T4955] Buffer I/O error on dev loop2, logical block 153, async page read
[  252.629388][ T4955] Buffer I/O error on dev loop2, logical block 153, async page read
[  252.640350][ T4955] Buffer I/O error on dev loop2, logical block 153, async page read
[  252.649441][ T4955] Buffer I/O error on dev loop2, logical block 153, async page read
[  252.651370][ T4974] loop6: detected capacity change from 0 to 2048
[  252.670970][ T4955] Buffer I/O error on dev loop2, logical block 153, async page read
[  252.678966][ T4976] loop8: detected capacity change from 0 to 2048
[  252.704559][ T4974] Alternate GPT is invalid, using primary GPT.
[  252.711270][ T4974]  loop6: p1 p2 p3
[  252.718641][  T351]  loop8: p1 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p216 
[  252.719703][  T351] loop8: p3 size 54016 extends beyond EOD, 
[  252.820231][  T837] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  252.855149][  T351] truncated
[  253.019214][ T4985] loop6: detected capacity change from 0 to 512
[  253.030643][ T4985] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  253.053117][  T347] udevd[347]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory
[  253.068217][  T332] udevd[332]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory
[  253.078880][ T2845] udevd[2845]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  253.093310][  T837] usb 10-1: Using ep0 maxpacket: 16
[  253.223279][  T837] usb 10-1: config 1 has an invalid interface number: 214 but max is 0
[  253.235289][  T837] usb 10-1: config 1 has no interface number 0
[  253.248108][  T837] usb 10-1: config 1 interface 214 altsetting 2 bulk endpoint 0x81 has invalid maxpacket 64
[  253.278240][ T4990] loop6: detected capacity change from 0 to 40427
[  253.284911][  T837] usb 10-1: config 1 interface 214 has no altsetting 0
[  253.353221][ T4990] F2FS-fs (loop6): invalid crc value
[  253.367389][ T4990] F2FS-fs (loop6): Found nat_bits in checkpoint
[  253.409442][ T4994] loop2: detected capacity change from 0 to 2048
[  253.417889][ T4976]  loop8: p1 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p216 
[  253.417913][ T4990] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  253.523021][ T4976] loop8: p3 size 54016 extends beyond EOD, truncated
[  253.530575][  T837] usb 10-1: New USB device found, idVendor=07b4, idProduct=010a, bcdDevice= 1.02
[  253.544695][  T837] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.554244][  T837] usb 10-1: Product: syz
[  253.558906][  T837] usb 10-1: Manufacturer: syz
[  253.565779][  T837] usb 10-1: SerialNumber: syz
[  253.586299][ T4994] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_lock,journal_dev=0x0000000000000002,quota,norecovery,auto_da_alloc,noquota,grpquota,barrier=0x0000000000000000,grpjquota=,jqfmt=vfsold,,errors=continue. Quota mode: writeback.
[  253.613332][ T4937] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  253.624132][  T837] ums-alauda 10-1:1.214: USB Mass Storage device detected
[  253.741363][ T5004] loop6: detected capacity change from 0 to 256
[  253.785986][ T5004] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  253.825889][  T837] usb 10-1: USB disconnect, device number 4
[  253.902000][ T5006] loop6: detected capacity change from 0 to 256
[  254.005286][ T5006] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1320'.
[  254.041549][  T351] udevd[351]: inotify_add_watch(7, /dev/loop8p1, 10) failed: No such file or directory
[  254.060075][ T5013] loop8: detected capacity change from 0 to 256
[  254.245229][ T5013] FAT-fs (loop8): Directory bread(block 64) failed
[  254.263505][ T5013] FAT-fs (loop8): Directory bread(block 65) failed
[  254.303674][ T5013] FAT-fs (loop8): Directory bread(block 66) failed
[  254.310794][ T5013] FAT-fs (loop8): Directory bread(block 67) failed
[  254.382099][ T5013] FAT-fs (loop8): Directory bread(block 68) failed
[  254.484364][ T5013] FAT-fs (loop8): Directory bread(block 69) failed
[  254.491538][ T5013] FAT-fs (loop8): Directory bread(block 70) failed
[  254.499570][ T5013] FAT-fs (loop8): Directory bread(block 71) failed
[  254.508530][ T5013] FAT-fs (loop8): Directory bread(block 72) failed
[  254.524654][ T5013] FAT-fs (loop8): Directory bread(block 73) failed
[  254.892425][ T5017] loop6: detected capacity change from 0 to 40427
[  254.929329][ T5022] loop9: detected capacity change from 0 to 2048
[  254.943940][ T5017] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  254.951865][ T5017] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  255.014913][ T5022] Alternate GPT is invalid, using primary GPT.
[  255.024398][ T5027] loop8: detected capacity change from 0 to 512
[  255.032016][ T5022]  loop9: p1 p2 p3
[  255.042588][ T5017] F2FS-fs (loop6): invalid crc value
[  255.048710][ T5017] F2FS-fs (loop6): invalid crc value
[  255.056201][ T5017] F2FS-fs (loop6): Failed to get valid F2FS checkpoint
[  255.215388][ T5045] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1329'.
[  255.226614][ T5045] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1329'.
[  255.277328][ T5049] loop7: detected capacity change from 0 to 256
[  255.370056][ T5056] loop6: detected capacity change from 0 to 128
[  255.469030][ T5057] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1333'.
[  255.530384][ T5049] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  256.445158][ T5069] loop9: detected capacity change from 0 to 512
[  256.502959][ T5069] EXT4-fs (loop9): Ignoring removed mblk_io_submit option
[  256.512358][ T5069] EXT4-fs (loop9): Test dummy encryption mode enabled
[  256.525959][ T5069] EXT4-fs (loop9): Ignoring removed mblk_io_submit option
[  256.535280][ T5069] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  256.631893][ T5071] loop8: detected capacity change from 0 to 2048
[  256.652842][ T5069] EXT4-fs (loop9): 1 truncate cleaned up
[  256.659867][ T5069] EXT4-fs (loop9): mounted filesystem without journal. Opts: usrquota,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,,errors=continue. Quota mode: writeback.
[  256.730132][  T101] Alternate GPT is invalid, using primary GPT.
[  256.737126][  T101]  loop8: p1 p2 p3
[  256.985591][ T5081] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1337'.
[  256.995917][ T5081] netlink: 24 bytes leftover after parsing attributes in process `syz.9.1337'.
[  257.012046][ T5080] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1338'.
[  257.060839][ T5080] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1338'.
[  257.074175][ T5080] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1338'.
[  257.088506][ T5080] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1338'.
[  257.173059][ T5071] Alternate GPT is invalid, using primary GPT.
[  257.180187][ T5071]  loop8: p1 p2 p3
[  257.275132][ T5084] loop2: detected capacity change from 0 to 256
[  257.401716][  T101] Alternate GPT is invalid, using primary GPT.
[  257.600016][ T5084] loop2: detected capacity change from 0 to 512
[  257.716284][  T101]  loop8: p1 p2 p3
[  257.773557][ T5084] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.1340: inode #1: comm syz.2.1340: iget: illegal inode #
[  257.788239][ T5084] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.1340: error while reading EA inode 1 err=-117
[  257.803949][ T5084] EXT4-fs (loop2): 1 orphan inode deleted
[  257.810055][ T5084] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  258.000027][ T5092] loop9: detected capacity change from 0 to 512
[  258.285782][ T5092] EXT4-fs (loop9): Mount option "dioread_lock" incompatible with ext3
[  258.297071][ T5098] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1345'.
[  258.306850][ T5098] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1345'.
[  258.335969][   T30] kauditd_printk_skb: 70 callbacks suppressed
[  258.335985][   T30] audit: type=1400 audit(2000000714.176:2781): avc:  denied  { getopt } for  pid=5101 comm="syz.2.1347" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  258.479275][ T5104] loop7: detected capacity change from 0 to 512
[  258.518148][   T30] audit: type=1400 audit(2000000714.336:2782): avc:  denied  { ioctl } for  pid=5101 comm="syz.2.1347" path="socket:[34888]" dev="sockfs" ino=34888 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  258.673605][ T5104] EXT4-fs (loop7): Cannot turn on journaled quota: type 0: error -2
[  258.683735][ T5104] EXT4-fs (loop7): Cannot turn on journaled quota: type 1: error -2
[  258.725852][ T5104] EXT4-fs (loop7): 1 truncate cleaned up
[  258.733532][ T5104] EXT4-fs (loop7): mounted filesystem without journal. Opts: usrquota,usrjquota="data=ordered,noload,grpid,grpjquota="init_itable,jqfmt=vfsold,noblock_validity,,errors=continue. Quota mode: writeback.
[  258.947850][ T5110] loop9: detected capacity change from 0 to 256
[  259.095058][ T5112] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1349'.
[  259.135598][ T5110] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  259.437480][ T5115] loop2: detected capacity change from 0 to 256
[  259.476196][  T351] udevd[351]: inotify_add_watch(7, /dev/loop8p3, 10) failed: No such file or directory
[  259.480824][ T5095] loop6: detected capacity change from 0 to 40427
[  259.501936][  T347] udevd[347]: inotify_add_watch(7, /dev/loop8p4, 10) failed: No such file or directory
[  259.514007][ T5095] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  259.516665][  T332] udevd[332]: inotify_add_watch(7, /dev/loop8p6, 10) failed: No such file or directory
[  259.522311][ T5095] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  259.524565][ T5011] udevd[5011]: inotify_add_watch(7, /dev/loop8p13, 10) failed: No such file or directory
[  259.532824][ T5009] udevd[5009]: inotify_add_watch(7, /dev/loop8p7, 10) failed: No such file or directory
[  259.555217][ T5007] udevd[5007]: inotify_add_watch(7, /dev/loop8p14, 10) failed: No such file or directory
[  259.567759][ T2845] udevd[2845]: inotify_add_watch(7, /dev/loop8p5, 10) failed: No such file or directory
[  259.581272][  T351] udevd[351]: inotify_add_watch(7, /dev/loop8p15, 10) failed: No such file or directory
[  259.587548][  T348] udevd[348]: inotify_add_watch(7, /dev/loop8p11, 10) failed: No such file or directory
[  259.609791][ T5095] F2FS-fs (loop6): invalid crc value
[  259.610113][ T5010] udevd[5010]: inotify_add_watch(7, /dev/loop8p12, 10) failed: No such file or directory
[  259.630483][ T5095] F2FS-fs (loop6): invalid crc value
[  259.636006][ T5095] F2FS-fs (loop6): Failed to get valid F2FS checkpoint
[  259.807266][ T5120] loop8: detected capacity change from 0 to 4096
[  259.817904][ T5120] EXT4-fs (loop8): Ignoring removed mblk_io_submit option
[  259.826786][ T5120] EXT4-fs (loop8): Test dummy encryption mode enabled
[  260.015658][ T5120] EXT4-fs (loop8): mounted filesystem without journal. Opts: grpid,mblk_io_submit,nodioread_nolock,test_dummy_encryption,inode_readahead_blks=0x0000000000000000,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback.
[  261.038364][ T5137] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1352'.
[  263.906493][ T5136] loop8: detected capacity change from 0 to 4096
[  264.049313][ T5139] loop6: detected capacity change from 0 to 4096
[  264.339820][ T5136] EXT4-fs (loop8): Ignoring removed mblk_io_submit option
[  264.348855][ T5136] EXT4-fs (loop8): Test dummy encryption mode enabled
[  264.361976][ T5107] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters
[  264.379223][ T5139] EXT4-fs (loop6): Ignoring removed mblk_io_submit option
[  264.388921][ T5139] EXT4-fs (loop6): Test dummy encryption mode enabled
[  264.491234][ T2842] udevd[2842]: inotify_add_watch(7, /dev/loop8p110, 10) failed: No such file or directory
[  264.519667][ T2844] udevd[2844]: inotify_add_watch(7, /dev/loop8p108, 10) failed: No such file or directory
[  264.533040][ T5008] udevd[5008]: inotify_add_watch(7, /dev/loop8p109, 10) failed: No such file or directory
[  264.544987][ T5009] udevd[5009]: inotify_add_watch(7, /dev/loop8p107, 10) failed: No such file or directory
[  264.562318][ T5010] udevd[5010]: inotify_add_watch(7, /dev/loop8p112, 10) failed: No such file or directory
[  264.583609][ T5139] EXT4-fs (loop6): mounted filesystem without journal. Opts: grpid,mblk_io_submit,nodioread_nolock,test_dummy_encryption,inode_readahead_blks=0x0000000000000000,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback.
[  264.712134][  T348] udevd[348]: inotify_add_watch(7, /dev/loop8p111, 10) failed: No such file or directory
[  264.733703][ T5136] EXT4-fs (loop8): mounted filesystem without journal. Opts: grpid,mblk_io_submit,nodioread_nolock,test_dummy_encryption,inode_readahead_blks=0x0000000000000000,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback.
[  264.901415][ T5009] udevd[5009]: inotify_add_watch(7, /dev/loop8p119, 10) failed: No such file or directory
[  264.915069][ T2844] udevd[2844]: inotify_add_watch(7, /dev/loop8p120, 10) failed: No such file or directory
[  264.967555][ T5010] udevd[5010]: inotify_add_watch(7, /dev/loop8p124, 10) failed: No such file or directory
[  265.016157][ T5147] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1359'.
[  265.026344][ T5147] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1359'.
[  265.029328][  T347] udevd[347]: inotify_add_watch(7, /dev/loop8p116, 10) failed: No such file or directory
[  265.063292][   T30] audit: type=1400 audit(2000000720.896:2783): avc:  denied  { ioctl } for  pid=5150 comm="syz.6.1360" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=34982 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  265.097149][ T5154] loop9: detected capacity change from 0 to 256
[  265.271434][ T5160] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1358'.
[  265.287540][ T5160] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1358'.
[  265.299239][ T5160] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1358'.
[  265.309492][ T5160] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1358'.
[  265.399723][ T5161] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1361'.
[  265.430432][ T5154] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  266.268757][ T5172] loop8: detected capacity change from 0 to 512
[  266.386468][   T30] audit: type=1400 audit(2000000722.176:2784): avc:  denied  { watch watch_reads } for  pid=5163 comm="syz.2.1363" path="/274/file0" dev="tmpfs" ino=1569 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  266.643904][ T5172] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  266.665196][   T30] audit: type=1326 audit(2000000722.496:2785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5175 comm="syz.6.1367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5d5a787be9 code=0x7ffc0000
[  266.702510][ T5172] EXT4-fs error (device loop8): ext4_xattr_ibody_find:2228: inode #15: comm syz.8.1366: corrupted in-inode xattr
[  266.718155][ T5184] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1370'.
[  266.721556][ T5172] EXT4-fs error (device loop8): ext4_orphan_get:1406: comm syz.8.1366: couldn't read orphan inode 15 (err -117)
[  266.749269][ T5172] EXT4-fs (loop8): mounted filesystem without journal. Opts: grpid,grpquota,debug_want_extra_isize=0x0000000000000068,mb_optimize_scan=0x0000000000000001,block_validity,dioread_lock,,errors=continue. Quota mode: writeback.
[  266.775584][   T30] audit: type=1326 audit(2000000722.496:2786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5175 comm="syz.6.1367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5d5a787be9 code=0x7ffc0000
[  266.810118][ T5186] netlink: 40 bytes leftover after parsing attributes in process `syz.9.1368'.
[  266.830738][ T5172] overlayfs: unrecognized mount option "uuid=auto" or missing value
[  266.851669][ T5186] netlink: 32 bytes leftover after parsing attributes in process `syz.9.1368'.
[  266.873827][ T5172] audit: audit_backlog=65 > audit_backlog_limit=64
[  266.890778][ T5191] audit: audit_backlog=65 > audit_backlog_limit=64
[  266.896467][   T30] audit: type=1326 audit(2000000722.496:2787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5175 comm="syz.6.1367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5d5a787be9 code=0x7ffc0000
[  266.899777][ T5172] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[  267.041832][ T5194] loop6: detected capacity change from 0 to 4096
[  267.074463][ T5172] audit: backlog limit exceeded
[  267.093709][ T5196] 9pnet: Insufficient options for proto=fd
[  267.122380][ T5189] loop9: detected capacity change from 0 to 2048
[  267.151896][ T5191] audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=64
[  267.176076][ T5194] EXT4-fs (loop6): Ignoring removed mblk_io_submit option
[  267.187029][ T5194] EXT4-fs (loop6): Test dummy encryption mode enabled
[  267.253060][ T5194] EXT4-fs (loop6): mounted filesystem without journal. Opts: grpid,mblk_io_submit,nodioread_nolock,test_dummy_encryption,inode_readahead_blks=0x0000000000000000,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback.
[  267.485001][ T5189] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  267.935011][ T5203] netlink: 'syz.2.1376': attribute type 4 has an invalid length.
[  267.958113][ T5166] loop7: detected capacity change from 0 to 40427
[  267.967936][ T5203] netlink: 'syz.2.1376': attribute type 4 has an invalid length.
[  268.013235][ T5166] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[  268.092226][ T5166] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  270.096499][ T5214] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1374'.
[  270.411823][ T5216] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1377'.
[  270.502657][ T5166] F2FS-fs (loop7): invalid crc value
[  270.719508][ T5008] udevd[5008]: inotify_add_watch(7, /dev/loop8p220, 10) failed: No such file or directory
[  270.730765][ T5010] udevd[5010]: inotify_add_watch(7, /dev/loop8p223, 10) failed: No such file or directory
[  270.742145][ T2842] udevd[2842]: inotify_add_watch(7, /dev/loop8p221, 10) failed: No such file or directory
[  270.753657][  T348] udevd[348]: inotify_add_watch(7, /dev/loop8p222, 10) failed: No such file or directory
[  270.770805][ T5218] loop8: detected capacity change from 0 to 256
[  270.790942][ T5166] F2FS-fs (loop7): invalid crc value
[  270.812053][  T351] udevd[351]: inotify_add_watch(7, /dev/loop8p225, 10) failed: No such file or directory
[  270.824180][ T5011] udevd[5011]: inotify_add_watch(7, /dev/loop8p224, 10) failed: No such file or directory
[  270.839615][ T2844] udevd[2844]: inotify_add_watch(7, /dev/loop8p226, 10) failed: No such file or directory
[  270.854792][ T5009] udevd[5009]: inotify_add_watch(7, /dev/loop8p227, 10) failed: No such file or directory
[  270.867263][ T5007] udevd[5007]: inotify_add_watch(7, /dev/loop8p228, 10) failed: No such file or directory
[  270.882495][  T347] udevd[347]: inotify_add_watch(7, /dev/loop8p229, 10) failed: No such file or directory
[  270.906893][ T5166] F2FS-fs (loop7): Failed to get valid F2FS checkpoint
[  270.931191][ T5218] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  271.251706][ T5233] netlink: 300 bytes leftover after parsing attributes in process `syz.2.1381'.
[  271.443562][ T5240] loop7: detected capacity change from 0 to 512
[  271.554463][ T5240] EXT4-fs warning (device loop7): ext4_enable_quotas:6450: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  271.571334][ T5240] EXT4-fs (loop7): mount failed
[  271.621779][ T5246] loop8: detected capacity change from 0 to 2048
[  271.674308][ T5246] Alternate GPT is invalid, using primary GPT.
[  271.683226][ T5246]  loop8: p1 p2 p3
[  272.186046][ T5259] loop2: detected capacity change from 0 to 4096
[  272.474318][ T5260] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1389'.
[  272.528913][ T5260] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1389'.
[  272.541726][ T5260] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1389'.
[  272.553954][ T5260] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1389'.
[  272.748527][ T5259] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  272.757875][ T5259] EXT4-fs (loop2): Test dummy encryption mode enabled
[  273.775464][ T5259] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpid,mblk_io_submit,nodioread_nolock,test_dummy_encryption,inode_readahead_blks=0x0000000000000000,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback.
[  274.088917][ T5272] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1392'.
[  274.921084][ T5273] loop6: detected capacity change from 0 to 256
[  274.932119][ T5242] loop9: detected capacity change from 0 to 40427
[  274.973909][ T5273] FAT-fs (loop6): Unrecognized mount option "/dev/net/tun" or missing value
[  275.281119][ T5273] netlink: 'syz.6.1393': attribute type 3 has an invalid length.
[  275.304064][ T5287] loop2: detected capacity change from 0 to 512
[  275.354217][ T5280] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1397'.
[  275.366215][ T5287] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  275.451103][ T5287] EXT4-fs (loop2): orphan cleanup on readonly fs
[  275.458799][ T5287] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:510: comm syz.2.1396: Block bitmap for bg 0 marked uninitialized
[  275.475454][ T5287] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6183: Corrupt filesystem
[  275.486449][ T5287] EXT4-fs (loop2): 1 orphan inode deleted
[  275.494164][ T5287] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  275.621972][   T30] kauditd_printk_skb: 79 callbacks suppressed
[  275.621987][   T30] audit: type=1400 audit(2000000731.456:2866): avc:  denied  { write } for  pid=5299 comm="syz.6.1402" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  275.669301][ T5302] fuse: Bad value for 'group_id'
[  275.697861][ T5304] netlink: 96 bytes leftover after parsing attributes in process `syz.6.1403'.
[  275.902953][ T5311] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1404'.
[  276.765119][ T5319] loop7: detected capacity change from 0 to 4096
[  276.846620][ T5319] EXT4-fs (loop7): Ignoring removed mblk_io_submit option
[  276.855973][ T5319] EXT4-fs (loop7): Test dummy encryption mode enabled
[  276.990876][ T5319] EXT4-fs (loop7): mounted filesystem without journal. Opts: grpid,mblk_io_submit,nodioread_nolock,test_dummy_encryption,inode_readahead_blks=0x0000000000000000,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback.
[  277.299115][ T5310] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5310 comm=syz.8.1405
[  277.628458][ T5333] loop8: detected capacity change from 0 to 256
[  277.672783][ T5333] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  278.056992][ T5352] loop8: detected capacity change from 0 to 512
[  278.151928][ T5352] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  278.164446][ T5352] ext4 filesystem being mounted at /202/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  278.181253][   T30] audit: type=1400 audit(2000000734.016:2867): avc:  denied  { setattr } for  pid=5351 comm="syz.8.1413" path="/202/bus/bus" dev="loop8" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  278.208886][ T5352] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5352 comm=syz.8.1413
[  278.254950][ T5363] loop7: detected capacity change from 0 to 256
[  278.264371][ T5361] loop2: detected capacity change from 0 to 2048
[  278.290758][ T5363] FAT-fs (loop7): Directory bread(block 64) failed
[  278.304197][ T5007] Alternate GPT is invalid, using primary GPT.
[  278.316429][ T5007]  loop2: p1 p2 p3
[  278.324394][ T5363] FAT-fs (loop7): Directory bread(block 65) failed
[  278.335121][ T5363] FAT-fs (loop7): Directory bread(block 66) failed
[  278.344087][ T5363] FAT-fs (loop7): Directory bread(block 67) failed
[  278.351945][ T5363] FAT-fs (loop7): Directory bread(block 68) failed
[  278.359517][ T5363] FAT-fs (loop7): Directory bread(block 69) failed
[  278.367524][ T5363] FAT-fs (loop7): Directory bread(block 70) failed
[  278.376739][ T5363] FAT-fs (loop7): Directory bread(block 71) failed
[  278.385164][ T5363] FAT-fs (loop7): Directory bread(block 72) failed
[  278.402700][ T5361] Alternate GPT is invalid, using primary GPT.
[  278.406006][ T5363] FAT-fs (loop7): Directory bread(block 73) failed
[  278.416886][ T5361]  loop2: p1 p2 p3
[  278.513704][  T101] Alternate GPT is invalid, using primary GPT.
[  278.532291][  T101]  loop2: p1 p2 p3
[  278.645544][ T5376] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1418'.
[  278.777973][  T351] udevd[351]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  278.816089][ T5007] udevd[5007]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  278.816126][ T5011] udevd[5011]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  278.836542][   T39] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  279.017200][   T30] audit: type=1400 audit(2000000734.856:2868): avc:  denied  { accept } for  pid=5378 comm="syz.2.1421" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  279.143359][   T39] usb 9-1: Using ep0 maxpacket: 16
[  279.221601][  T351] udevd[351]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  279.221621][ T5007] udevd[5007]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  279.336761][ T5011] udevd[5011]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  279.354176][   T30] audit: type=1400 audit(2000000734.956:2869): avc:  denied  { read } for  pid=5378 comm="syz.2.1421" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  279.409657][  T351] udevd[351]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  279.421725][ T5011] udevd[5011]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  279.445777][  T347] udevd[347]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  279.459154][   T39] usb 9-1: config 0 has an invalid interface number: 255 but max is 0
[  279.478664][ T5387] loop6: detected capacity change from 0 to 256
[  279.484044][   T39] usb 9-1: config 0 has no interface number 0
[  279.681998][ T5391] loop7: detected capacity change from 0 to 4096
[  279.744094][ T5391] EXT4-fs (loop7): Ignoring removed mblk_io_submit option
[  279.753408][ T5391] EXT4-fs (loop7): Test dummy encryption mode enabled
[  279.883642][ T5387] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  279.923435][ T5391] EXT4-fs (loop7): mounted filesystem without journal. Opts: grpid,mblk_io_submit,nodioread_nolock,test_dummy_encryption,inode_readahead_blks=0x0000000000000000,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback.
[  280.257283][ T5398] syz.2.1425[5398] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  280.257366][ T5398] syz.2.1425[5398] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  280.306046][ T5398] incfs: Options parsing error. -22
[  280.372603][ T5398] incfs: mount failed -22
[  280.482135][ T5416] loop7: detected capacity change from 0 to 256
[  280.529350][ T5423] loop9: detected capacity change from 0 to 128
[  281.985531][ T5426] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1429'.
[  281.995448][ T5425] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1431'.
[  282.006944][ T5426] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1429'.
[  282.021414][ T5425] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1431'.
[  282.163544][   T39] usb 9-1: New USB device found, idVendor=1a0a, idProduct=0108, bcdDevice=da.32
[  282.179466][   T39] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  282.329011][   T39] usb 9-1: Product: syz
[  282.333520][   T39] usb 9-1: Manufacturer: syz
[  282.340054][   T39] usb 9-1: config 0 descriptor??
[  282.363313][   T39] usb 9-1: can't set config #0, error -71
[  282.374305][   T39] usb 9-1: USB disconnect, device number 7
[  282.689599][ T5433] handle_bad_sector: 8155 callbacks suppressed
[  282.689623][ T5433] attempt to access beyond end of device
[  282.689623][ T5433] loop9: rw=2049, want=1041, limit=128
[  282.715456][ T5416] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1428'.
[  282.811286][ T5438] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1434'.
[  283.713289][ T5440] loop6: detected capacity change from 0 to 2048
[  283.734619][ T5442] loop8: detected capacity change from 0 to 128
[  283.741947][ T5422] attempt to access beyond end of device
[  283.741947][ T5422] loop9: rw=524288, want=369, limit=128
[  283.764321][ T5423] attempt to access beyond end of device
[  283.764321][ T5423] loop9: rw=0, want=153, limit=128
[  283.775763][ T5423] attempt to access beyond end of device
[  283.775763][ T5423] loop9: rw=0, want=153, limit=128
[  283.787237][ T5423] attempt to access beyond end of device
[  283.787237][ T5423] loop9: rw=0, want=153, limit=128
[  283.798869][ T5423] attempt to access beyond end of device
[  283.798869][ T5423] loop9: rw=0, want=153, limit=128
[  283.835953][ T5423] attempt to access beyond end of device
[  283.835953][ T5423] loop9: rw=0, want=153, limit=128
[  283.870770][ T5442] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  283.885703][ T5440] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  283.928443][ T5442] ext4 filesystem being mounted at /206/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  283.941362][ T5440] ext4 filesystem being mounted at /275/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  283.967932][ T5450] overlayfs: unrecognized mount option "uuid=null" or missing value
[  284.201620][ T5465] loop2: detected capacity change from 0 to 4096
[  284.246926][ T5465] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  284.256364][ T5465] EXT4-fs (loop2): Test dummy encryption mode enabled
[  284.400140][ T5465] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpid,mblk_io_submit,nodioread_nolock,test_dummy_encryption,inode_readahead_blks=0x0000000000000000,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback.
[  284.887388][ T5472] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1443'.
[  286.636904][ T5485] loop7: detected capacity change from 0 to 256
[  288.062523][ T5487] loop2: detected capacity change from 0 to 4096
[  288.104840][ T5487] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  288.114331][ T5487] EXT4-fs (loop2): Test dummy encryption mode enabled
[  288.291130][ T5487] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpid,mblk_io_submit,nodioread_nolock,test_dummy_encryption,inode_readahead_blks=0x0000000000000000,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback.
[  288.535798][ T5482] loop7: detected capacity change from 0 to 512
[  288.739901][ T5482] EXT4-fs error (device loop7): ext4_xattr_inode_iget:404: comm syz.7.1445: inode #1: comm syz.7.1445: iget: illegal inode #
[  288.754207][ T5482] EXT4-fs error (device loop7): ext4_xattr_inode_iget:409: comm syz.7.1445: error while reading EA inode 1 err=-117
[  288.767291][ T5482] EXT4-fs (loop7): 1 orphan inode deleted
[  288.773819][ T5482] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  289.093362][ T5510] loop2: detected capacity change from 0 to 512
[  289.143916][ T5510] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #15: comm syz.2.1452: casefold flag without casefold feature
[  289.173471][ T5510] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.1452: couldn't read orphan inode 15 (err -117)
[  289.205948][ T5510] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  289.606818][ T5521] loop6: detected capacity change from 0 to 1024
[  289.710314][ T5521] EXT4-fs (loop6): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none.
[  289.730453][ T5521] ext4 filesystem being mounted at /279/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  289.757224][ T5521] EXT4-fs error (device loop6): ext4_map_blocks:740: inode #15: block 3: comm syz.6.1456: lblock 3 mapped to illegal pblock 3 (length 1)
[  289.791641][ T5521] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  289.813342][ T5521] EXT4-fs (loop6): This should not happen!! Data will be lost
[  289.813342][ T5521] 
[  289.848811][ T5524] loop8: detected capacity change from 0 to 1024
[  289.876767][ T5528] netlink: 'syz.7.1458': attribute type 3 has an invalid length.
[  289.930160][ T5524] EXT4-fs (loop8): mounted filesystem without journal. Opts: nojournal_checksum,nombcache,barrier,nogrpid,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,usrquota,jqfmt=vfsold,bsdgroups,errors=remount-ro,. Quota mode: writeback.
[  289.971791][ T5537] loop6: detected capacity change from 0 to 512
[  289.980086][   T30] audit: type=1400 audit(2000000745.826:2870): avc:  denied  { read } for  pid=5509 comm="syz.2.1452" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  290.312141][ T5537] EXT4-fs error (device loop6): ext4_orphan_get:1401: inode #15: comm syz.6.1459: casefold flag without casefold feature
[  290.343390][ T5537] EXT4-fs error (device loop6): ext4_orphan_get:1406: comm syz.6.1459: couldn't read orphan inode 15 (err -117)
[  290.388896][ T5537] EXT4-fs (loop6): mounted filesystem without journal. Opts: nobarrier,,errors=continue. Quota mode: writeback.
[  290.470636][ T5566] loop6: detected capacity change from 0 to 512
[  290.513485][ T5566] EXT4-fs error (device loop6): ext4_do_update_inode:5235: inode #16: comm syz.6.1469: corrupted inode contents
[  290.527307][ T5566] EXT4-fs error (device loop6): ext4_dirty_inode:6071: inode #16: comm syz.6.1469: mark_inode_dirty error
[  290.540480][ T5566] EXT4-fs error (device loop6): ext4_do_update_inode:5235: inode #16: comm syz.6.1469: corrupted inode contents
[  290.553479][ T5566] EXT4-fs error (device loop6): __ext4_ext_dirty:183: inode #16: comm syz.6.1469: mark_inode_dirty error
[  290.568711][ T5566] EXT4-fs error (device loop6): ext4_do_update_inode:5235: inode #16: comm syz.6.1469: corrupted inode contents
[  290.582361][ T5566] EXT4-fs error (device loop6) in ext4_orphan_del:305: Corrupt filesystem
[  290.593077][ T5566] EXT4-fs error (device loop6): ext4_do_update_inode:5235: inode #16: comm syz.6.1469: corrupted inode contents
[  290.609257][ T5566] EXT4-fs error (device loop6): ext4_truncate:4304: inode #16: comm syz.6.1469: mark_inode_dirty error
[  290.624753][ T5566] EXT4-fs error (device loop6) in ext4_process_orphan:347: Corrupt filesystem
[  290.644164][ T5566] EXT4-fs (loop6): 1 truncate cleaned up
[  290.651463][ T5566] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  290.663801][ T5566] ext4 filesystem being mounted at /281/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  290.681087][   T30] audit: type=1400 audit(2000000746.516:2871): avc:  denied  { mount } for  pid=5565 comm="syz.6.1469" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  290.724270][ T5583] loop7: detected capacity change from 0 to 8192
[  290.921929][   T30] audit: type=1400 audit(2000000746.756:2872): avc:  denied  { mounton } for  pid=5593 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  290.956321][ T5599] loop9: detected capacity change from 0 to 512
[  290.983284][   T30] audit: type=1326 audit(2000000746.786:2873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5596 comm="syz.7.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3bf66fbe9 code=0x7ffc0000
[  291.011757][ T5599] EXT4-fs (loop9): Ignoring removed bh option
[  291.018615][   T30] audit: type=1326 audit(2000000746.786:2874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5596 comm="syz.7.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe3bf66fbe9 code=0x7ffc0000
[  291.034569][ T5600] loop7: detected capacity change from 0 to 512
[  291.044711][ T5599] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  291.062219][   T30] audit: type=1326 audit(2000000746.786:2875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5596 comm="syz.7.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3bf66fbe9 code=0x7ffc0000
[  291.062521][ T5599] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem
[  291.090009][   T30] audit: type=1326 audit(2000000746.786:2876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5596 comm="syz.7.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe3bf66fbe9 code=0x7ffc0000
[  291.100318][ T5599] EXT4-fs (loop9): warning: mounting unchecked fs, running e2fsck is recommended
[  291.128937][   T30] audit: type=1326 audit(2000000746.786:2877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5596 comm="syz.7.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3bf66fbe9 code=0x7ffc0000
[  291.158025][ T5599] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  291.181710][   T30] audit: type=1326 audit(2000000746.786:2878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5596 comm="syz.7.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe3bf66fbe9 code=0x7ffc0000
[  291.195742][ T5599] EXT4-fs (loop9): mounted filesystem without journal. Opts: discard,bh,noblock_validity,,errors=continue. Quota mode: none.
[  291.228914][   T30] audit: type=1326 audit(2000000746.786:2879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5596 comm="syz.7.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3bf66fbe9 code=0x7ffc0000
[  291.291459][ T5599] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.1488: bg 0: block 353: padding at end of block bitmap is not set
[  291.307161][ T5600] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  291.325633][ T5600] ext4 filesystem being mounted at /256/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  291.337703][ T5593] bridge0: port 1(bridge_slave_0) entered blocking state
[  291.362059][ T5593] bridge0: port 1(bridge_slave_0) entered disabled state
[  291.373651][ T5593] device bridge_slave_0 entered promiscuous mode
[  291.389789][ T5593] bridge0: port 2(bridge_slave_1) entered blocking state
[  291.399183][ T5593] bridge0: port 2(bridge_slave_1) entered disabled state
[  291.410383][ T5593] device bridge_slave_1 entered promiscuous mode
[  291.629902][ T5638] loop2: detected capacity change from 0 to 128
[  291.642565][  T437] device bridge_slave_1 left promiscuous mode
[  291.651279][  T437] bridge0: port 2(bridge_slave_1) entered disabled state
[  291.664058][ T5637] serio: Serial port ttyS3
[  291.676798][  T437] device bridge_slave_0 left promiscuous mode
[  291.688323][ T5644] loop7: detected capacity change from 0 to 1024
[  291.688367][  T437] bridge0: port 1(bridge_slave_0) entered disabled state
[  291.711742][  T437] device veth1_macvtap left promiscuous mode
[  291.718632][  T437] device veth0_vlan left promiscuous mode
[  291.724830][ T5638] FAT-fs (loop2): Directory bread(block 32) failed
[  291.732971][ T5638] FAT-fs (loop2): Directory bread(block 33) failed
[  291.740703][ T5638] FAT-fs (loop2): Directory bread(block 34) failed
[  291.747734][ T5644] EXT4-fs (loop7): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,init_itable,noauto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none.
[  291.750902][ T5638] FAT-fs (loop2): Directory bread(block 35) failed
[  291.786844][ T5644] ext4 filesystem being mounted at /261/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  291.798204][ T5638] FAT-fs (loop2): Directory bread(block 36) failed
[  291.826759][ T5644] EXT4-fs error (device loop7): ext4_map_blocks:740: inode #15: block 3: comm syz.7.1508: lblock 3 mapped to illegal pblock 3 (length 3)
[  291.834334][ T5638] FAT-fs (loop2): Directory bread(block 37) failed
[  291.850801][ T5638] FAT-fs (loop2): Directory bread(block 38) failed
[  291.858005][ T5644] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  291.859418][ T5638] FAT-fs (loop2): Directory bread(block 39) failed
[  291.871997][ T5644] EXT4-fs (loop7): This should not happen!! Data will be lost
[  291.871997][ T5644] 
[  291.894881][ T5647] EXT4-fs error (device loop7): ext4_map_blocks:630: inode #15: block 3: comm syz.7.1508: lblock 3 mapped to illegal pblock 3 (length 3)
[  291.895111][ T5638] FAT-fs (loop2): Directory bread(block 40) failed
[  291.929187][ T5638] FAT-fs (loop2): Directory bread(block 41) failed
[  291.937779][  T939] EXT4-fs error (device loop7): ext4_map_blocks:740: inode #15: block 8: comm kworker/u4:7: lblock 8 mapped to illegal pblock 8 (length 8)
[  291.955446][  T939] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  291.963511][ T5638] attempt to access beyond end of device
[  291.963511][ T5638] loop2: rw=0, want=4116, limit=128
[  291.983317][ T5638] buffer_io_error: 7816 callbacks suppressed
[  291.983336][ T5638] Buffer I/O error on dev loop2, logical block 1028, async page read
[  291.983673][  T939] EXT4-fs (loop7): This should not happen!! Data will be lost
[  291.983673][  T939] 
[  291.990624][ T5638] attempt to access beyond end of device
[  291.990624][ T5638] loop2: rw=0, want=167968, limit=128
[  291.990647][ T5638] Buffer I/O error on dev loop2, logical block 41991, async page read
[  291.990674][ T5638] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000a009)
[  292.042252][ T5638] FAT-fs (loop2): Filesystem has been set read-only
[  292.049997][ T5638] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000a009)
[  292.060035][ T5638] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000a009)
[  292.069695][ T5638] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000a009)
[  292.079157][ T5638] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000a009)
[  292.088033][ T5638] attempt to access beyond end of device
[  292.088033][ T5638] loop2: rw=0, want=4116, limit=128
[  292.099951][ T5638] Buffer I/O error on dev loop2, logical block 1028, async page read
[  292.108930][ T5638] attempt to access beyond end of device
[  292.108930][ T5638] loop2: rw=0, want=167968, limit=128
[  292.120803][ T5638] Buffer I/O error on dev loop2, logical block 41991, async page read
[  292.151301][ T5653] loop7: detected capacity change from 0 to 512
[  292.227381][ T5657] loop2: detected capacity change from 0 to 512
[  292.236903][ T5657] EXT4-fs (loop2): Unrecognized mount option "uid>00000000000000000000" or missing value
[  292.308511][ T5666] loop2: detected capacity change from 0 to 128
[  292.334691][ T5666] EXT4-fs (loop2): Ignoring removed nobh option
[  292.351012][ T5666] EXT4-fs (loop2): mounted filesystem without journal. Opts: nobh,max_dir_size_kb=0x0000000000000002,,errors=continue. Quota mode: none.
[  292.413036][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  292.427590][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  292.467339][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  292.471631][ T5689] loop8: detected capacity change from 0 to 512
[  292.482792][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  292.514272][  T939] bridge0: port 1(bridge_slave_0) entered blocking state
[  292.528810][  T939] bridge0: port 1(bridge_slave_0) entered forwarding state
[  292.542582][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  292.578753][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  292.608386][ T5695] loop9: detected capacity change from 0 to 512
[  292.616776][ T5689] EXT4-fs (loop8): bad geometry: block count 204800 exceeds size of device (64 blocks)
[  292.634497][  T939] bridge0: port 2(bridge_slave_1) entered blocking state
[  292.642819][  T939] bridge0: port 2(bridge_slave_1) entered forwarding state
[  292.662670][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  292.672593][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  292.684836][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  292.695465][ T5695] EXT4-fs (loop9): Ignoring removed nomblk_io_submit option
[  292.705361][ T5695] EXT4-fs (loop9): Ignoring removed bh option
[  292.713109][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  292.735163][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  292.751192][ T5704] loop2: detected capacity change from 0 to 512
[  292.763430][ T5698] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  292.771424][ T5698] IPv6: NLM_F_CREATE should be set when creating new route
[  292.792859][ T5695] EXT4-fs error (device loop9): mb_free_blocks:1865: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  292.807459][ T5593] device veth0_vlan entered promiscuous mode
[  292.822741][ T5695] EXT4-fs error (device loop9): ext4_do_update_inode:5235: inode #11: comm +}[@: corrupted inode contents
[  292.831403][ T5709] loop7: detected capacity change from 0 to 1024
[  292.845529][ T5695] EXT4-fs error (device loop9): ext4_dirty_inode:6071: inode #11: comm +}[@: mark_inode_dirty error
[  292.853749][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  292.868717][ T5695] EXT4-fs error (device loop9): ext4_free_branches:1030: inode #11: comm +}[@: invalid indirect mapped block 1 (level 1)
[  292.872973][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  292.908612][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  292.918276][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  292.920391][ T5704] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.1532: inode #1: comm syz.2.1532: iget: illegal inode #
[  292.927552][ T5695] EXT4-fs error (device loop9): ext4_do_update_inode:5235: inode #11: comm +}[@: corrupted inode contents
[  292.949617][ T5593] device veth1_macvtap entered promiscuous mode
[  292.970147][ T5695] EXT4-fs error (device loop9) in ext4_orphan_del:305: Corrupt filesystem
[  292.988683][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  292.992575][ T5704] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.1532: error while reading EA inode 1 err=-117
[  292.998362][ T5709] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  293.024953][ T5695] EXT4-fs error (device loop9): ext4_do_update_inode:5235: inode #11: comm +}[@: corrupted inode contents
[  293.038453][ T5704] EXT4-fs (loop2): 1 orphan inode deleted
[  293.048147][ T5717] binfmt_misc: register: failed to install interpreter file ./file2
[  293.050367][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  293.061150][ T5704] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  293.072532][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  293.093878][ T5695] EXT4-fs error (device loop9): ext4_truncate:4304: inode #11: comm +}[@: mark_inode_dirty error
[  293.115620][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  293.126187][ T5695] EXT4-fs error (device loop9) in ext4_process_orphan:347: Corrupt filesystem
[  293.130621][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  293.139956][ T5709] EXT4-fs (loop7): re-mounted. Opts: . Quota mode: none.
[  293.161891][ T5704] SELinux:  Context � is not valid (left unmapped).
[  293.170514][ T5695] EXT4-fs (loop9): 1 truncate cleaned up
[  293.189502][ T5723] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1538'.
[  293.204867][ T5695] EXT4-fs (loop9): mounted filesystem without journal. Opts: nomblk_io_submit,bh,,errors=continue. Quota mode: none.
[  293.274328][ T5731] loop9: detected capacity change from 0 to 512
[  293.306803][ T5740] syzkaller0: refused to change device tx_queue_len
[  293.315022][ T5743] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  293.361262][ T5731] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  293.498312][ T5754] loop7: detected capacity change from 0 to 8192
[  293.582600][ T5754]  loop7: p3 p4 < >
[  293.591434][ T5754] loop7: p3 size 33554432 extends beyond EOD, truncated
[  293.696364][ T5771] loop9: detected capacity change from 0 to 1024
[  293.804252][ T5771] EXT4-fs (loop9): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none.
[  293.830219][ T5791] loop2: detected capacity change from 0 to 8192
[  293.841610][ T5771] EXT4-fs error (device loop9): ext4_map_blocks:740: inode #15: block 3: comm syz.9.1557: lblock 3 mapped to illegal pblock 3 (length 1)
[  293.860316][ T5771] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  293.869083][ T5787] loop3: detected capacity change from 0 to 8192
[  293.885007][ T5771] EXT4-fs (loop9): This should not happen!! Data will be lost
[  293.885007][ T5771] 
[  293.916670][ T5787] tmpfs: Unsupported parameter 'mpol'
[  294.024708][ T5797] loop9: detected capacity change from 0 to 2048
[  294.036992][ T5798] serio: Serial port ttyS3
[  294.081377][ T5797] EXT4-fs (loop9): failed to initialize system zone (-117)
[  294.094324][ T5797] EXT4-fs (loop9): mount failed
[  294.129654][ T5807] loop2: detected capacity change from 0 to 1024
[  294.314359][ T5819] netlink: 212 bytes leftover after parsing attributes in process `syz.7.1577'.
[  294.327208][ T5807] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  294.351394][ T5821] loop3: detected capacity change from 0 to 2048
[  294.408657][ T5011]  loop3: p1 < > p4
[  294.414508][ T5011] loop3: p4 size 8388608 extends beyond EOD, truncated
[  294.441871][ T5823] hub 8-0:1.0: USB hub found
[  294.455003][ T5825] loop9: detected capacity change from 0 to 512
[  294.476138][ T5823] hub 8-0:1.0: 1 port detected
[  294.501408][ T5821]  loop3: p1 < > p4
[  294.522118][ T5821] loop3: p4 size 8388608 extends beyond EOD, truncated
[  294.594461][ T5825] EXT4-fs (loop9): 1 orphan inode deleted
[  294.604908][  T101]  loop3: p1 < > p4
[  294.623514][ T5825] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  294.638073][  T101] loop3: p4 size 8388608 extends beyond EOD, truncated
[  294.764064][ T5007] udevd[5007]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  294.776859][ T5011] udevd[5011]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  294.850989][ T5007] udevd[5007]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  294.855755][ T5839] loop3: detected capacity change from 0 to 1024
[  294.927134][ T5011] udevd[5011]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  294.927226][ T5831] Restarting kernel threads ... done.
[  294.963528][ T5839] EXT4-fs error (device loop3): ext4_acquire_dquot:6198: comm syz.3.1586: Failed to acquire dquot type 0
[  295.023494][ T5839] EXT4-fs error (device loop3): mb_free_blocks:1865: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  295.053526][ T5839] EXT4-fs error (device loop3): ext4_do_update_inode:5235: inode #13: comm syz.3.1586: corrupted inode contents
[  295.117252][ T5839] EXT4-fs error (device loop3): ext4_dirty_inode:6071: inode #13: comm syz.3.1586: mark_inode_dirty error
[  295.129205][ T5807] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3876: comm syz.2.1574: Allocating blocks 497-513 which overlap fs metadata
[  295.163639][ T5807] EXT4-fs (loop2): pa ffff88812cd4e930: logic 256, phys. 385, len 8
[  295.174535][ T5807] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4893: group 0, free 0, pa_free 1
[  295.179644][ T5839] EXT4-fs error (device loop3): ext4_do_update_inode:5235: inode #13: comm syz.3.1586: corrupted inode contents
[  295.282704][ T5839] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #13: comm syz.3.1586: mark_inode_dirty error
[  295.318248][ T5839] EXT4-fs error (device loop3): ext4_do_update_inode:5235: inode #13: comm syz.3.1586: corrupted inode contents
[  295.341677][ T5839] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  295.341751][ T5858] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1595'.
[  295.363022][ T5839] EXT4-fs error (device loop3): ext4_do_update_inode:5235: inode #13: comm syz.3.1586: corrupted inode contents
[  295.383476][ T5839] EXT4-fs error (device loop3): ext4_truncate:4304: inode #13: comm syz.3.1586: mark_inode_dirty error
[  295.397601][ T5839] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  295.409281][ T5839] EXT4-fs (loop3): 1 truncate cleaned up
[  295.417773][ T5839] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  295.481467][ T5839] EXT4-fs (loop3): re-mounted. Opts: (null). Quota mode: writeback.
[  295.508629][   T30] kauditd_printk_skb: 86 callbacks suppressed
[  295.508644][   T30] audit: type=1326 audit(295.475:2964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5862 comm="syz.2.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  295.547673][ T5867] sch_tbf: burst 6 is lower than device ip6gre0 mtu (1448) !
[  295.577994][ T5869] loop3: detected capacity change from 0 to 128
[  295.592806][   T30] audit: type=1326 audit(295.515:2965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5862 comm="syz.2.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  295.622141][  T837] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  295.644027][ T5869] FAT-fs (loop3): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  295.682236][   T30] audit: type=1326 audit(295.525:2966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5862 comm="syz.2.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  295.728130][ T5877] loop2: detected capacity change from 0 to 1024
[  295.747312][   T30] audit: type=1326 audit(295.525:2967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5862 comm="syz.2.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  296.027353][   T30] audit: type=1326 audit(295.525:2968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5862 comm="syz.2.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  296.039218][ T5877] EXT4-fs (loop2): mounted filesystem without journal. Opts: user_xattr,nodioread_nolock,,errors=continue. Quota mode: none.
[  296.053319][ T5883] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1605'.
[  296.089768][ T5877] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  296.108543][ T5877] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  296.122152][ T5877] EXT4-fs (loop2): This should not happen!! Data will be lost
[  296.122152][ T5877] 
[  296.135418][ T5877] EXT4-fs (loop2): Total free blocks count 0
[  296.142926][ T5877] EXT4-fs (loop2): Free/Dirty block details
[  296.151640][ T5877] EXT4-fs (loop2): free_blocks=4293918720
[  296.153365][  T837] usb 10-1: Using ep0 maxpacket: 16
[  296.160791][ T5877] EXT4-fs (loop2): dirty_blocks=16
[  296.186338][ T5877] EXT4-fs (loop2): Block reservation details
[  296.198499][ T5877] EXT4-fs (loop2): i_reserved_data_blocks=1
[  296.225298][   T30] audit: type=1400 audit(296.195:2969): avc:  denied  { relabelto } for  pid=5884 comm="syz.3.1606" name="file0" dev="tmpfs" ino=134 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  296.269399][   T30] audit: type=1400 audit(296.225:2970): avc:  denied  { associate } for  pid=5884 comm="syz.3.1606" name="file0" dev="tmpfs" ino=134 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:fsadm_exec_t:s0"
[  296.316890][ T5893] loop3: detected capacity change from 0 to 512
[  296.326001][   T30] audit: type=1400 audit(296.235:2971): avc:  denied  { rmdir } for  pid=5593 comm="syz-executor" name="file0" dev="tmpfs" ino=134 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  296.358626][   T30] audit: type=1326 audit(296.295:2972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5895 comm="syz.8.1612" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff8006fdbe9 code=0x0
[  296.393377][ T5893] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  296.423343][  T837] usb 10-1: config 0 has an invalid interface number: 57 but max is 0
[  296.446264][ T5902] loop2: detected capacity change from 0 to 128
[  296.447388][  T837] usb 10-1: config 0 has no interface number 0
[  296.464004][   T30] audit: type=1400 audit(296.385:2973): avc:  denied  { mounton } for  pid=5895 comm="syz.8.1612" path="/proc/682/task/683/net/dev_snmp6" dev="proc" ino=4026532423 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=dir permissive=1
[  296.491868][  T837] usb 10-1: config 0 interface 57 has no altsetting 0
[  296.498272][ T5893] FAT-fs (loop3): Directory bread(block 1056) failed
[  296.508320][ T5893] FAT-fs (loop3): Directory bread(block 1057) failed
[  296.522379][ T5893] FAT-fs (loop3): Directory bread(block 1058) failed
[  296.530000][ T5893] FAT-fs (loop3): Directory bread(block 1059) failed
[  296.539241][ T5893] FAT-fs (loop3): Directory bread(block 1060) failed
[  296.565162][ T5893] FAT-fs (loop3): Directory bread(block 1061) failed
[  296.575625][ T5893] FAT-fs (loop3): Directory bread(block 1062) failed
[  296.583111][ T5893] FAT-fs (loop3): Directory bread(block 1063) failed
[  296.592368][ T5893] FAT-fs (loop3): Directory bread(block 1064) failed
[  296.611217][ T5893] FAT-fs (loop3): Directory bread(block 1065) failed
[  296.652093][ T5893] attempt to access beyond end of device
[  296.652093][ T5893] loop3: rw=2051, want=1504, limit=512
[  296.664156][  T837] usb 10-1: New USB device found, idVendor=17ef, idProduct=77c2, bcdDevice=eb.73
[  296.681443][  T837] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  296.692489][  T837] usb 10-1: Product: syz
[  296.699023][  T837] usb 10-1: Manufacturer: syz
[  296.707935][  T837] usb 10-1: SerialNumber: syz
[  296.718249][  T837] usb 10-1: config 0 descriptor??
[  296.799576][ T1521] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  296.807749][ T1521] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  296.815598][ T1521] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  296.824561][ T1521] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  296.832934][ T1521] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  296.842149][ T1521] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  296.851938][ T1521] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  296.859779][ T1521] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  296.868560][ T1521] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  296.879665][ T1521] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  296.903220][ T1521] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  296.914170][ T1521] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  296.925066][ T1521] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  296.934500][ T1521] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  296.943545][ T1521] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  296.954156][ T1521] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  296.962314][ T1521] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  296.970549][ T1521] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  296.978635][ T1521] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  296.987445][ T1521] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  296.995338][ T1521] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  297.005814][ T1521] hid-generic 0000:0000:0000.0006: item fetching failed at offset 30/43
[  297.015501][ T1521] hid-generic: probe of 0000:0000:0000.0006 failed with error -22
[  297.070346][  T837] usb 10-1: USB disconnect, device number 5
[  297.702809][ T5987] device bridge_slave_0 left promiscuous mode
[  297.711862][ T5987] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.725441][ T5987] device bridge_slave_1 left promiscuous mode
[  297.733428][ T5987] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.867538][ T6015] serio: Serial port ttyS3
[  298.047591][ T6038] loop9: detected capacity change from 0 to 1024
[  298.057582][ T6040] loop8: detected capacity change from 0 to 512
[  298.077344][ T6038] EXT4-fs (loop9): Ignoring removed nobh option
[  298.088291][ T6040] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  298.092222][ T6038] EXT4-fs (loop9): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  298.118814][ T6040] EXT4-fs (loop8): 1 truncate cleaned up
[  298.129112][ T6040] EXT4-fs (loop8): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,jqfmt=vfsold,minixdf,quota,,errors=continue. Quota mode: writeback.
[  298.135621][ T6038] EXT4-fs (loop9): mounted filesystem without journal. Opts: errors=continue,jqfmt=vfsv0,init_itable,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b0,noblock_validity,grpquota,nobh,user_xattr,inode_readahead_blks=0x0000000000000004,dioread_nolock,,errors=continue. Quota mode: writeback.
[  298.202011][ T6050] loop3: detected capacity change from 0 to 256
[  298.252597][ T6054] netlink: 'syz.9.1682': attribute type 4 has an invalid length.
[  298.265591][ T6054] netlink: 'syz.9.1682': attribute type 4 has an invalid length.
[  298.274571][ T6056] syz.3.1684[6056] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  298.274649][ T6056] syz.3.1684[6056] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  298.339956][ T6066] loop9: detected capacity change from 0 to 1024
[  298.387992][ T6066] EXT4-fs (loop9): mounted filesystem without journal. Opts: user_xattr,nodioread_nolock,,errors=continue. Quota mode: none.
[  298.418366][  T837] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x4
[  298.437992][  T837] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x2
[  298.463397][  T837] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x3
[  298.483692][  T837] hid-generic 0000:3000000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  298.492802][ T6074] loop2: detected capacity change from 0 to 2048
[  298.518410][ T6066] EXT4-fs error (device loop9): ext4_map_blocks:740: inode #15: block 1: comm syz.9.1688: lblock 1 mapped to illegal pblock 1 (length 15)
[  298.549315][ T6066] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 15 with error 117
[  298.556457][ T6077] fido_id[6077]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  298.566276][ T6066] EXT4-fs (loop9): This should not happen!! Data will be lost
[  298.566276][ T6066] 
[  298.611846][ T6066] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  298.615553][ T6074] EXT4-fs (loop2): mounted filesystem without journal. Opts: usrquota,jqfmt=vfsv1,,errors=continue. Quota mode: writeback.
[  298.660299][ T3363] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  298.676834][ T3363] EXT4-fs (loop9): This should not happen!! Data will be lost
[  298.676834][ T3363] 
[  298.699994][ T3363] EXT4-fs (loop9): Total free blocks count 0
[  298.707786][ T3363] EXT4-fs (loop9): Free/Dirty block details
[  298.715153][ T3363] EXT4-fs (loop9): free_blocks=4293918720
[  298.723873][ T3363] EXT4-fs (loop9): dirty_blocks=16
[  298.731327][ T3363] EXT4-fs (loop9): Block reservation details
[  298.742270][ T3363] EXT4-fs (loop9): i_reserved_data_blocks=1
[  298.778810][ T6084] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  298.795990][ T6084] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1386 with error 28
[  298.850778][ T6084] EXT4-fs (loop2): This should not happen!! Data will be lost
[  298.850778][ T6084] 
[  298.867675][ T6084] EXT4-fs (loop2): Total free blocks count 0
[  298.886274][ T6084] EXT4-fs (loop2): Free/Dirty block details
[  298.894400][ T6084] EXT4-fs (loop2): free_blocks=2415919104
[  298.901049][ T6084] EXT4-fs (loop2): dirty_blocks=1392
[  298.907403][ T6084] EXT4-fs (loop2): Block reservation details
[  298.915349][ T6084] EXT4-fs (loop2): i_reserved_data_blocks=87
[  298.933611][ T6095] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6095 comm=syz.7.1693
[  299.163302][ T6106] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1699'.
[  299.180953][  T939] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 24 with max blocks 2 with error 28
[  299.246778][  T939] EXT4-fs (loop2): This should not happen!! Data will be lost
[  299.246778][  T939] 
[  299.250105][ T6105] loop9: detected capacity change from 0 to 512
[  299.344508][ T6105] EXT4-fs (loop9): Quota format mount options ignored when QUOTA feature is enabled
[  299.537506][ T6114] loop3: detected capacity change from 0 to 512
[  299.925503][ T6114] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  300.137867][ T6105] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  300.250727][ T6121] loop8: detected capacity change from 0 to 2048
[  300.274862][ T6105] System zones: 0-2, 18-18, 34-34
[  300.291379][ T6105] EXT4-fs (loop9): mounted filesystem without journal. Opts: noquota,debug,jqfmt=vfsv0,noauto_da_alloc,resgid=0x0000000000000000,,errors=continue. Quota mode: writeback.
[  300.402367][ T6121] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  300.513903][   T30] kauditd_printk_skb: 180 callbacks suppressed
[  300.513920][   T30] audit: type=1400 audit(300.485:3154): avc:  denied  { prog_load } for  pid=6135 comm="syz.2.1713" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  300.541814][   T30] audit: type=1400 audit(300.485:3155): avc:  denied  { bpf } for  pid=6135 comm="syz.2.1713" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  300.565123][   T30] audit: type=1400 audit(300.485:3156): avc:  denied  { perfmon } for  pid=6135 comm="syz.2.1713" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  300.589112][   T30] audit: type=1400 audit(300.515:3157): avc:  denied  { prog_run } for  pid=6135 comm="syz.2.1713" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  300.610050][   T30] audit: type=1400 audit(300.515:3158): avc:  denied  { unmount } for  pid=5593 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  300.632111][   T30] audit: type=1400 audit(300.555:3159): avc:  denied  { create } for  pid=6135 comm="syz.2.1713" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  300.655784][   T30] audit: type=1400 audit(300.555:3160): avc:  denied  { write } for  pid=6135 comm="syz.2.1713" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  300.693361][   T30] audit: type=1400 audit(300.665:3161): avc:  denied  { map_create } for  pid=6139 comm="syz.9.1710" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  300.729071][   T30] audit: type=1400 audit(300.685:3162): avc:  denied  { create } for  pid=6143 comm="syz.8.1712" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  300.752014][   T30] audit: type=1400 audit(300.695:3163): avc:  denied  { bind } for  pid=6143 comm="syz.8.1712" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  300.797486][ T6148] loop3: detected capacity change from 0 to 1024
[  300.890560][ T6148] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  300.911033][ T6148] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  300.937724][ T6148] JBD2: no valid journal superblock found
[  300.958230][ T6148] EXT4-fs (loop3): error loading journal
[  300.973297][ T6158] loop9: detected capacity change from 0 to 8192
[  301.283974][ T6190] loop8: detected capacity change from 0 to 512
[  301.381848][ T6193] device wireguard0 entered promiscuous mode
[  301.653740][ T6205] SELinux:  policydb magic number 0x77274 does not match expected magic number 0xf97cff8c
[  301.693322][ T6205] SELinux: failed to load policy
[  301.715582][ T6205] netlink: 104 bytes leftover after parsing attributes in process `syz.8.1741'.
[  301.834263][ T6242] loop7: detected capacity change from 0 to 512
[  301.889623][ T6242] EXT4-fs (loop7): Ignoring removed oldalloc option
[  301.896979][ T6242] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  301.910207][ T6242] EXT4-fs (loop7): 1 truncate cleaned up
[  301.917211][ T6242] EXT4-fs (loop7): mounted filesystem without journal. Opts: bsddf,oldalloc,resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000080,block_validity,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  302.157097][ T6267] loop9: detected capacity change from 0 to 512
[  302.202331][ T6272] loop3: detected capacity change from 0 to 128
[  302.203758][ T6267] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  302.223389][ T6267] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.1769: bg 0: block 384: padding at end of block bitmap is not set
[  302.239052][ T6267] EXT4-fs (loop9): Remounting filesystem read-only
[  302.246809][ T6267] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6183: Corrupt filesystem
[  302.256627][ T6267] EXT4-fs (loop9): Remounting filesystem read-only
[  302.273409][ T6267] EXT4-fs error (device loop9): ext4_clear_blocks:883: inode #11: comm syz.9.1769: attempt to clear invalid blocks 983260 len 1
[  302.278729][ T6270] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6270 comm=syz.8.1768
[  302.301301][ T6267] EXT4-fs (loop9): Remounting filesystem read-only
[  302.308269][ T6267] EXT4-fs error (device loop9): __ext4_get_inode_loc:4352: comm syz.9.1769: Invalid inode table block 0 in block_group 0
[  302.323172][ T6267] EXT4-fs (loop9): Remounting filesystem read-only
[  302.330932][ T6267] EXT4-fs error (device loop9) in ext4_reserve_inode_write:5867: Corrupt filesystem
[  302.338562][ T6272] attempt to access beyond end of device
[  302.338562][ T6272] loop3: rw=2049, want=1041, limit=128
[  302.354558][ T6267] EXT4-fs (loop9): Remounting filesystem read-only
[  302.363492][ T6267] EXT4-fs error (device loop9) in ext4_orphan_del:305: Corrupt filesystem
[  302.372663][ T6267] EXT4-fs (loop9): Remounting filesystem read-only
[  302.379940][ T6267] EXT4-fs error (device loop9): __ext4_get_inode_loc:4352: comm syz.9.1769: Invalid inode table block 0 in block_group 0
[  302.400888][ T6267] EXT4-fs (loop9): Remounting filesystem read-only
[  302.410924][ T6267] EXT4-fs error (device loop9) in ext4_reserve_inode_write:5867: Corrupt filesystem
[  302.424661][ T6267] EXT4-fs (loop9): Remounting filesystem read-only
[  302.434797][ T6267] EXT4-fs error (device loop9): ext4_truncate:4304: inode #11: comm syz.9.1769: mark_inode_dirty error
[  302.450772][ T6267] EXT4-fs (loop9): Remounting filesystem read-only
[  302.458229][ T6267] EXT4-fs error (device loop9) in ext4_process_orphan:347: Corrupt filesystem
[  302.470936][ T6267] EXT4-fs (loop9): Remounting filesystem read-only
[  302.481807][ T6267] EXT4-fs (loop9): 1 truncate cleaned up
[  302.488784][ T6267] EXT4-fs (loop9): mounted filesystem without journal. Opts: errors=remount-ro,resuid=0x0000000000000000,max_dir_size_kb=0x00000000000001ff,noblock_validity,. Quota mode: none.
[  302.516462][ T6267] EXT4-fs error (device loop9): __ext4_get_inode_loc:4352: comm syz.9.1769: Invalid inode table block 0 in block_group 0
[  302.530645][ T6267] EXT4-fs (loop9): Remounting filesystem read-only
[  302.540041][ T6283] loop3: detected capacity change from 0 to 128
[  302.649828][ T6288] netlink: 'syz.3.1778': attribute type 3 has an invalid length.
[  302.689912][ T6290] loop3: detected capacity change from 0 to 2048
[  302.767448][ T6304] device veth0_to_team entered promiscuous mode
[  302.782404][ T6290] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,errors=remount-ro,. Quota mode: none.
[  302.801192][ T6290] EXT4-fs error (device loop3): ext4_find_inline_data_nolock:164: inode #12: comm syz.3.1780: inline data xattr refers to an external xattr inode
[  302.819359][ T6290] EXT4-fs (loop3): Remounting filesystem read-only
[  302.827547][ T6290] EXT4-fs error (device loop3): ext4_find_inline_data_nolock:164: inode #12: comm syz.3.1780: inline data xattr refers to an external xattr inode
[  302.853381][ T6290] EXT4-fs (loop3): Remounting filesystem read-only
[  302.862396][ T6315] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1789'.
[  303.208067][ T6362] loop8: detected capacity change from 0 to 1024
[  303.316937][ T6362] EXT4-fs (loop8): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,init_itable,noauto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none.
[  303.344514][ T6385] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1821'.
[  303.416457][ T6385] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1821'.
[  303.450353][ T6385] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1821'.
[  303.457822][ T6362] EXT4-fs error (device loop8): ext4_map_blocks:740: inode #15: block 3: comm syz.8.1810: lblock 3 mapped to illegal pblock 3 (length 3)
[  303.512488][ T6394] loop9: detected capacity change from 0 to 128
[  303.529453][ T6398] loop2: detected capacity change from 0 to 128
[  303.536644][ T6362] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  303.552332][ T6400] EXT4-fs error (device loop8): ext4_map_blocks:630: inode #15: block 3: comm syz.8.1810: lblock 3 mapped to illegal pblock 3 (length 3)
[  303.585716][ T6394] attempt to access beyond end of device
[  303.585716][ T6394] loop9: rw=2049, want=234, limit=128
[  303.592720][ T6362] EXT4-fs (loop8): This should not happen!! Data will be lost
[  303.592720][ T6362] 
[  303.606233][ T6407] loop7: detected capacity change from 0 to 512
[  303.619349][ T6394] attempt to access beyond end of device
[  303.619349][ T6394] loop9: rw=0, want=129, limit=128
[  303.637621][ T6394] attempt to access beyond end of device
[  303.637621][ T6394] loop9: rw=0, want=233, limit=128
[  303.651126][ T6409] loop3: detected capacity change from 0 to 2048
[  303.659198][  T437] EXT4-fs error (device loop8): ext4_map_blocks:740: inode #15: block 8: comm kworker/u4:5: lblock 8 mapped to illegal pblock 8 (length 8)
[  303.677594][  T437] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  303.696934][ T6407] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  303.703023][  T437] EXT4-fs (loop8): This should not happen!! Data will be lost
[  303.703023][  T437] 
[  303.719859][  T939] attempt to access beyond end of device
[  303.719859][  T939] loop9: rw=1, want=235, limit=128
[  303.736494][ T6409]  loop3: p3 p4 < >
[  303.740540][ T6409] loop3: p3 size 57344 extends beyond EOD, truncated
[  303.744601][  T939] Buffer I/O error on dev loop9, logical block 234, lost async page write
[  303.757151][  T939] attempt to access beyond end of device
[  303.757151][  T939] loop9: rw=1, want=236, limit=128
[  303.770829][  T939] Buffer I/O error on dev loop9, logical block 235, lost async page write
[  303.781228][  T939] attempt to access beyond end of device
[  303.781228][  T939] loop9: rw=1, want=237, limit=128
[  303.793944][  T939] Buffer I/O error on dev loop9, logical block 236, lost async page write
[  303.803487][  T939] attempt to access beyond end of device
[  303.803487][  T939] loop9: rw=1, want=238, limit=128
[  303.819761][  T939] Buffer I/O error on dev loop9, logical block 237, lost async page write
[  303.838202][  T939] attempt to access beyond end of device
[  303.838202][  T939] loop9: rw=1, want=239, limit=128
[  303.844394][ T6416] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  303.850545][  T939] Buffer I/O error on dev loop9, logical block 238, lost async page write
[  303.868729][  T939] attempt to access beyond end of device
[  303.868729][  T939] loop9: rw=1, want=240, limit=128
[  303.883645][  T939] Buffer I/O error on dev loop9, logical block 239, lost async page write
[  303.894749][ T6415] tipc: Disabling bearer <eth:syzkaller0>
[  303.902370][  T939] Buffer I/O error on dev loop9, logical block 240, lost async page write
[  303.915102][ T6425] loop7: detected capacity change from 0 to 512
[  303.928467][  T351] udevd[351]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  303.930237][ T5011] udevd[5011]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  303.950999][ T6425] EXT4-fs (loop7): error: journal path ./bus is not a block device
[  303.977748][ T6430] loop2: detected capacity change from 0 to 512
[  304.026325][ T6430] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  304.030721][ T5007] udevd[5007]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  304.038002][ T5011] udevd[5011]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  304.070157][ T6440] cgroup: fork rejected by pids controller in /syz9
[  304.082231][ T6430] EXT4-fs (loop2): 1 truncate cleaned up
[  304.089314][ T6430] EXT4-fs (loop2): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,jqfmt=vfsold,noinit_itable,quota,,errors=continue. Quota mode: writeback.
[  304.192187][ T6451] loop2: detected capacity change from 0 to 1024
[  304.255338][ T6466] loop7: detected capacity change from 0 to 128
[  304.256718][ T6451] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  304.512524][ T6471] bridge0: port 1(bridge_slave_0) entered blocking state
[  304.527723][ T6471] bridge0: port 1(bridge_slave_0) entered disabled state
[  304.536408][ T6471] device bridge_slave_0 entered promiscuous mode
[  304.545179][ T6471] bridge0: port 2(bridge_slave_1) entered blocking state
[  304.553012][ T6471] bridge0: port 2(bridge_slave_1) entered disabled state
[  304.561303][ T6471] device bridge_slave_1 entered promiscuous mode
[  304.622250][ T6498] 9pnet: Insufficient options for proto=fd
[  304.693817][ T6504] loop8: detected capacity change from 0 to 512
[  304.704303][ T6506] serio: Serial port ttyS3
[  304.730993][ T6471] bridge0: port 2(bridge_slave_1) entered blocking state
[  304.738791][ T6471] bridge0: port 2(bridge_slave_1) entered forwarding state
[  304.746657][ T6471] bridge0: port 1(bridge_slave_0) entered blocking state
[  304.754731][ T6471] bridge0: port 1(bridge_slave_0) entered forwarding state
[  304.784472][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  304.793930][  T437] bridge0: port 1(bridge_slave_0) entered disabled state
[  304.802211][ T6504] EXT4-fs (loop8): Ignoring removed nomblk_io_submit option
[  304.822687][  T437] bridge0: port 2(bridge_slave_1) entered disabled state
[  304.846644][ T6504] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  304.859071][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  304.866183][ T6504] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c000e128, mo2=0002]
[  304.880443][ T6504] EXT4-fs (loop8): orphan cleanup on readonly fs
[  304.889226][ T6504] EXT4-fs warning (device loop8): ext4_enable_quotas:6450: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  304.895307][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  304.905849][ T6504] EXT4-fs (loop8): Cannot turn on quotas: error -22
[  304.918832][  T939] bridge0: port 1(bridge_slave_0) entered blocking state
[  304.930099][  T939] bridge0: port 1(bridge_slave_0) entered forwarding state
[  304.938635][ T6504] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm syz.8.1874: bg 0: block 40: padding at end of block bitmap is not set
[  304.953786][ T6504] EXT4-fs (loop8): Remounting filesystem read-only
[  304.960911][ T6504] EXT4-fs error (device loop8) in ext4_mb_clear_bb:6183: Corrupt filesystem
[  304.971276][ T6504] EXT4-fs (loop8): Remounting filesystem read-only
[  304.980234][ T6504] EXT4-fs (loop8): 1 truncate cleaned up
[  304.986519][ T6504] EXT4-fs (loop8): mounted filesystem without journal. Opts: errors=remount-ro,noload,noblock_validity,dioread_lock,nouid32,nomblk_io_submit,. Quota mode: writeback.
[  304.994896][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  305.024619][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  305.036234][  T939] bridge0: port 2(bridge_slave_1) entered blocking state
[  305.044230][  T939] bridge0: port 2(bridge_slave_1) entered forwarding state
[  305.053379][ T6504] EXT4-fs (loop8): shut down requested (2)
[  305.075668][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  305.085208][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  305.099784][ T6534] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1884'.
[  305.118024][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  305.128525][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  305.161290][ T3363] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.181314][ T3363] device bridge_slave_0 left promiscuous mode
[  305.188066][ T3363] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.286786][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  305.297326][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  305.312837][ T6471] device veth0_vlan entered promiscuous mode
[  305.329215][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  305.338373][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  305.347473][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  305.357148][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  305.367575][ T6471] device veth1_macvtap entered promiscuous mode
[  305.376479][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  305.385505][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  305.394937][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  305.410840][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  305.420694][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  305.430880][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  305.441431][  T939] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  305.481854][ T6556] loop9: detected capacity change from 0 to 512
[  305.537619][ T6556] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  305.553850][   T30] kauditd_printk_skb: 468 callbacks suppressed
[  305.553865][   T30] audit: type=1400 audit(305.525:3631): avc:  denied  { write } for  pid=6552 comm="syz.3.1892" name="tcp6" dev="proc" ino=4026532999 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  305.585302][ T6556] EXT4-fs (loop9): 1 truncate cleaned up
[  305.591334][ T6556] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  305.605664][   T30] audit: type=1400 audit(305.575:3632): avc:  denied  { write } for  pid=6555 comm="syz.9.1859" name="urandom" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[  305.631240][   T30] audit: type=1400 audit(305.575:3633): avc:  denied  { write } for  pid=6555 comm="syz.9.1859" name="/" dev="loop9" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  305.656072][   T30] audit: type=1400 audit(305.575:3634): avc:  denied  { add_name } for  pid=6555 comm="syz.9.1859" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  305.679353][   T30] audit: type=1400 audit(305.575:3635): avc:  denied  { create } for  pid=6555 comm="syz.9.1859" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  305.701319][   T30] audit: type=1400 audit(305.575:3636): avc:  denied  { read write } for  pid=6555 comm="syz.9.1859" name="file1" dev="loop9" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  305.726439][   T30] audit: type=1400 audit(305.575:3637): avc:  denied  { open } for  pid=6555 comm="syz.9.1859" path="/0/file0/file1" dev="loop9" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  305.814848][ T6560] loop9: detected capacity change from 0 to 512
[  305.843778][ T6560] FAT-fs (loop9): Unrecognized mount option "shortnameٴ�i�8j�ocharset=utf8" or missing value
[  305.885740][ T6562] loop9: detected capacity change from 0 to 512
[  305.953872][ T6562] EXT4-fs (loop9): Ignoring removed oldalloc option
[  305.961259][ T6562] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  305.978698][ T6562] EXT4-fs (loop9): 1 truncate cleaned up
[  305.987939][   T30] audit: type=1400 audit(305.955:3638): avc:  denied  { create } for  pid=6564 comm="syz.7.1895" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  305.993829][ T6562] EXT4-fs (loop9): mounted filesystem without journal. Opts: bsddf,oldalloc,resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000080,block_validity,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  306.036032][   T30] audit: type=1400 audit(305.955:3639): avc:  denied  { connect } for  pid=6564 comm="syz.7.1895" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  306.063076][   T30] audit: type=1400 audit(306.025:3640): avc:  denied  { mounton } for  pid=6561 comm="syz.9.1894" path="/2/bus" dev="loop9" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  306.394079][ T6613] device syzkaller0 entered promiscuous mode
[  306.605581][ T6644] loop8: detected capacity change from 0 to 512
[  306.675631][ T6644] EXT4-fs (loop8): mounting ext2 file system using the ext4 subsystem
[  306.686352][ T6644] EXT4-fs (loop8): orphan cleanup on readonly fs
[  306.694335][ T6644] EXT4-fs error (device loop8): ext4_validate_block_bitmap:429: comm syz.8.1932: bg 0: block 16: invalid block bitmap
[  306.709024][ T6644] EXT4-fs (loop8): Remounting filesystem read-only
[  306.717062][ T6644] EXT4-fs error (device loop8) in ext4_mb_clear_bb:6183: Corrupt filesystem
[  306.727404][ T6644] EXT4-fs (loop8): Remounting filesystem read-only
[  306.734969][ T6644] EXT4-fs error (device loop8): ext4_free_branches:1030: inode #13: comm syz.8.1932: invalid indirect mapped block 5 (level 0)
[  306.750736][ T6644] EXT4-fs (loop8): Remounting filesystem read-only
[  306.787467][ T6655] loop3: detected capacity change from 0 to 4096
[  306.795215][ T6644] EXT4-fs error (device loop8): ext4_free_branches:1030: inode #13: comm syz.8.1932: invalid indirect mapped block 4294967295 (level 1)
[  306.810558][ T6644] EXT4-fs (loop8): Remounting filesystem read-only
[  306.817623][ T6644] EXT4-fs error (device loop8): ext4_free_branches:1030: inode #13: comm syz.8.1932: invalid indirect mapped block 4294967295 (level 2)
[  306.835597][ T6644] EXT4-fs (loop8): Remounting filesystem read-only
[  306.839573][ T6655] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  306.878771][ T6644] EXT4-fs (loop8): 1 truncate cleaned up
[  306.886073][ T6644] EXT4-fs (loop8): mounted filesystem without journal. Opts: mb_optimize_scan=0x0000000000000001,noquota,errors=remount-ro,. Quota mode: none.
[  307.616554][ T6684] loop9: detected capacity change from 0 to 512
[  307.720077][ T6688] loop2: detected capacity change from 0 to 8192
[  307.788913][ T6684] EXT4-fs error (device loop9): ext4_orphan_get:1427: comm syz.9.1951: bad orphan inode 15
[  307.822249][ T6684] ext4_test_bit(bit=14, block=5) = 0
[  307.847231][ T6684] EXT4-fs (loop9): mounted filesystem without journal. Opts: noblock_validity,stripe=0x0000000000000001,journal_dev=0x0000000000000003,grpid,journal_ioprio=0x0000000000000002,journal_ioprio=0x0000000000000003,nolazytime,noload,,errors=continue. Quota mode: none.
[  307.912034][ T6700] netlink: 72 bytes leftover after parsing attributes in process `syz.7.1958'.
[  308.004896][ T6706] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1959'.
[  308.099369][ T6725] loop8: detected capacity change from 0 to 512
[  308.101579][ T6726] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1970'.
[  308.116710][ T6720] device wg2 entered promiscuous mode
[  308.167649][ T6725] EXT4-fs (loop8): Ignoring removed oldalloc option
[  308.178332][ T6738] loop9: detected capacity change from 0 to 7
[  308.200963][ T6741] loop2: detected capacity change from 0 to 1024
[  308.231250][ T6725] EXT4-fs error (device loop8): ext4_xattr_inode_iget:400: comm syz.8.1968: Parent and EA inode have the same ino 15
[  308.263689][ T6725] EXT4-fs error (device loop8): ext4_xattr_inode_iget:400: comm syz.8.1968: Parent and EA inode have the same ino 15
[  308.277320][ T6725] EXT4-fs (loop8): 1 orphan inode deleted
[  308.283933][ T6725] EXT4-fs (loop8): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000002,bsdgroups,debug_want_extra_isize=0x000000000000005c,noauto_da_alloc,bsdgroups,oldalloc,errors=continue,,errors=continue. Quota mode: none.
[  308.286109][ T6741] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[  308.340816][ T6754] loop9: detected capacity change from 0 to 2048
[  308.349069][ T6741] EXT4-fs (loop2): mounted filesystem without journal. Opts: minixdf,bsddf,barrier=0x0000000000000009,commit=0x0000000000000005,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,noblock_validity,nomblk_io_submit,,errors=continue. Quota mode: none.
[  308.439130][ T6754] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  308.601322][ T6793] loop8: detected capacity change from 0 to 512
[  308.624109][ T6793] EXT4-fs error (device loop8): ext4_orphan_get:1427: comm syz.8.2000: bad orphan inode 15
[  308.643458][ T6793] ext4_test_bit(bit=14, block=5) = 0
[  308.652285][ T6793] EXT4-fs (loop8): mounted filesystem without journal. Opts: noblock_validity,stripe=0x0000000000000001,journal_dev=0x0000000000000003,grpid,journal_ioprio=0x0000000000000002,journal_ioprio=0x0000000000000003,nolazytime,noload,,errors=continue. Quota mode: none.
[  308.765516][ T6812] loop8: detected capacity change from 0 to 8192
[  308.804141][ T6812]  loop8: p3 p4 < >
[  308.815560][ T6812] loop8: p3 size 33554432 extends beyond EOD, truncated
[  309.457426][ T6845] loop2: detected capacity change from 0 to 512
[  309.474770][ T6845] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  309.505341][ T6845] EXT4-fs (loop2): orphan cleanup on readonly fs
[  309.513521][ T6845] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:510: comm syz.2.2022: Block bitmap for bg 0 marked uninitialized
[  309.574848][ T6845] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6183: Corrupt filesystem
[  309.588728][ T6845] EXT4-fs (loop2): 1 orphan inode deleted
[  309.597357][ T6845] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  309.731498][ T6857] loop8: detected capacity change from 0 to 512
[  309.786465][ T6857] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm syz.8.2027: bg 0: block 248: padding at end of block bitmap is not set
[  309.927540][ T6867] loop3: detected capacity change from 0 to 256
[  309.937405][ T6865] loop2: detected capacity change from 0 to 2048
[  309.947938][ T6857] EXT4-fs error (device loop8): ext4_acquire_dquot:6198: comm syz.8.2027: Failed to acquire dquot type 1
[  310.001638][ T6857] EXT4-fs (loop8): 1 truncate cleaned up
[  310.009016][ T6867] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2031'.
[  310.024393][ T6865]  loop2: p2 p3 p7
[  310.037977][ T6857] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  310.063886][ T6865] FAT-fs (loop2p2): bogus number of reserved sectors
[  310.085866][ T6865] FAT-fs (loop2p2): Can't find a valid FAT filesystem
[  310.323036][ T6885] loop3: detected capacity change from 0 to 512
[  310.364214][ T6885] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #11: comm syz.3.2040: missing EA_INODE flag
[  310.436294][ T6891] loop7: detected capacity change from 0 to 512
[  310.445415][ T6885] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.2040: error while reading EA inode 11 err=-117
[  310.513875][ T6885] EXT4-fs (loop3): 1 orphan inode deleted
[  310.520808][ T6885] EXT4-fs (loop3): mounted filesystem without journal. Opts: nodioread_nolock,init_itable,debug_want_extra_isize=0x000000000000004c,nouid32,resgid=0x0000000000000000,acl,noquota,,errors=continue. Quota mode: none.
[  310.604809][ T6891] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  310.605679][   T30] kauditd_printk_skb: 285 callbacks suppressed
[  310.605693][   T30] audit: type=1400 audit(310.575:3924): avc:  denied  { read write } for  pid=6897 comm="syz.3.2045" name="uhid" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  310.653280][   T30] audit: type=1400 audit(310.615:3925): avc:  denied  { open } for  pid=6897 comm="syz.3.2045" path="/dev/uhid" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  310.683794][ T6891] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e02c, mo2=0002]
[  310.703679][ T6891] EXT4-fs (loop7): orphan cleanup on readonly fs
[  310.729070][ T6891] EXT4-fs error (device loop7): ext4_orphan_get:1427: comm syz.7.2042: bad orphan inode 267
[  310.791225][ T6905] loop3: detected capacity change from 0 to 1024
[  310.799189][ T6891] EXT4-fs (loop7): Remounting filesystem read-only
[  310.819839][ T6891] EXT4-fs (loop7): mounted filesystem without journal. Opts: nojournal_checksum,noblock_validity,discard,errors=remount-ro,jqfmt=vfsv0. Quota mode: none.
[  310.900670][   T30] audit: type=1326 audit(310.865:3926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6895 comm="syz.2.2044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  310.915982][ T6891] EXT4-fs warning (device loop7): dx_probe:893: inode #2: comm syz.7.2042: dx entry: limit 0 != root limit 125
[  310.956803][   T30] audit: type=1326 audit(310.865:3927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6895 comm="syz.2.2044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  311.007232][ T6905] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  311.032976][ T6891] EXT4-fs warning (device loop7): dx_probe:966: inode #2: comm syz.7.2042: Corrupt directory, running e2fsck is recommended
[  311.088240][ T6915] loop2: detected capacity change from 0 to 128
[  311.134413][   T30] audit: type=1326 audit(310.915:3928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6895 comm="syz.2.2044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  311.275213][   T30] audit: type=1326 audit(310.915:3929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6895 comm="syz.2.2044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  311.302335][   T30] audit: type=1326 audit(310.915:3930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6895 comm="syz.2.2044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  311.407965][   T30] audit: type=1326 audit(310.915:3931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6895 comm="syz.2.2044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  311.533308][   T30] audit: type=1326 audit(310.915:3932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6895 comm="syz.2.2044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  311.598222][ T6933] SELinux: failed to load policy
[  311.629362][   T30] audit: type=1326 audit(310.915:3933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6895 comm="syz.2.2044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  312.010031][ T6960] loop8: detected capacity change from 0 to 1024
[  312.016896][ T6962] loop2: detected capacity change from 0 to 1024
[  312.074815][ T6962] EXT4-fs (loop2): Ignoring removed nobh option
[  312.082882][ T6962] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  312.103236][ T6960] EXT4-fs (loop8): Ignoring removed orlov option
[  312.133193][ T6960] EXT4-fs (loop8): mounted filesystem without journal. Opts: orlov,min_batch_time=0x0000000000000004,,errors=continue. Quota mode: writeback.
[  312.156324][ T6962] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=continue,data_err=abort,init_itable,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b0,noblock_validity,grpquota,nobh,user_xattr,inode_readahead_blks=0x0000000000000004,dioread_nolock,,errors=continue. Quota mode: writeback.
[  312.214856][ T6989] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2084'.
[  312.339130][ T7002] loop3: detected capacity change from 0 to 512
[  312.355910][ T7002] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  312.415972][ T7002] EXT4-fs (loop3): 1 truncate cleaned up
[  312.439971][ T7002] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  312.669045][ T7053] binfmt_misc: register: failed to install interpreter file ./file0
[  312.727954][ T7058] loop8: detected capacity change from 0 to 1024
[  312.784805][ T7058] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  312.802125][ T7058] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:3876: comm syz.8.2117: Allocating blocks 465-513 which overlap fs metadata
[  312.817592][ T7072] device wireguard0 entered promiscuous mode
[  312.834159][ T7058] EXT4-fs (loop8): pa ffff888128c1a9d8: logic 256, phys. 369, len 9
[  312.842802][ T7058] EXT4-fs error (device loop8): ext4_mb_release_inode_pa:4893: group 0, free 0, pa_free 3
[  312.855084][ T7058] EXT4-fs error (device loop8): mb_free_blocks:1865: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[  312.890176][ T7078] loop9: detected capacity change from 0 to 128
[  312.921988][ T7084] loop3: detected capacity change from 0 to 512
[  312.962344][ T7088] 9pnet: Could not find request transport: rdma
[  313.030732][ T7084] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  313.054276][ T7090] 9p: Unknown access argument ��
[  313.078347][ T7084] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm syz.3.2129: bg 0: block 5: invalid block bitmap
[  313.116124][ T7084] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6183: Corrupt filesystem
[  313.130618][ T7084] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.2129: invalid indirect mapped block 3 (level 2)
[  313.151505][ T7084] EXT4-fs (loop3): 2 truncates cleaned up
[  313.159668][ T7084] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,init_itable=0x0000000000000006,dioread_nolock,grpquota,,errors=continue. Quota mode: writeback.
[  313.300707][ T7126] loop7: detected capacity change from 0 to 1024
[  313.314051][ T7125] netlink: 'syz.2.2144': attribute type 49 has an invalid length.
[  313.326545][ T7126] EXT4-fs (loop7): Ignoring removed orlov option
[  313.361921][ T7126] EXT4-fs (loop7): mounted filesystem without journal. Opts: orlov,min_batch_time=0x0000000000000004,,errors=continue. Quota mode: writeback.
[  313.412944][ T7139] loop2: detected capacity change from 0 to 1024
[  313.437730][ T7139] EXT4-fs (loop2): Ignoring removed nobh option
[  313.467386][ T7139] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  313.549084][ T7139] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=continue,jqfmt=vfsv0,init_itable,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b0,noblock_validity,grpquota,nobh,user_xattr,inode_readahead_blks=0x0000000000000004,dioread_nolock,,errors=continue. Quota mode: writeback.
[  313.591681][ T7159] device bridge_slave_0 left promiscuous mode
[  313.599402][ T7159] bridge0: port 1(bridge_slave_0) entered disabled state
[  313.616455][ T7159] device bridge_slave_1 left promiscuous mode
[  313.625555][ T7159] bridge0: port 2(bridge_slave_1) entered disabled state
[  313.963185][  T837] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[  314.293330][  T837] usb 4-1: device descriptor read/64, error -71
[  314.452870][ T7189] loop9: detected capacity change from 0 to 7
[  314.763602][  T837] usb 4-1: device descriptor read/64, error -71
[  314.885488][ T7214] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  315.033362][  T837] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[  315.094699][ T7226] hub 9-0:1.0: USB hub found
[  315.099579][ T7226] hub 9-0:1.0: 1 port detected
[  315.303173][  T837] usb 4-1: device descriptor read/64, error -71
[  315.693189][  T837] usb 4-1: device descriptor read/64, error -71
[  315.840780][   T30] kauditd_printk_skb: 443 callbacks suppressed
[  315.840844][   T30] audit: type=1400 audit(315.785:4377): avc:  denied  { append } for  pid=7232 comm="syz.7.2192" name="ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  315.873536][  T837] usb usb4-port1: attempt power cycle
[  315.948889][ T7237] loop9: detected capacity change from 0 to 1024
[  316.037899][ T7237] EXT4-fs (loop9): Ignoring removed orlov option
[  316.062911][   T30] audit: type=1326 audit(316.025:4378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7242 comm="syz.2.2196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  316.087605][ T7237] EXT4-fs (loop9): mounted filesystem without journal. Opts: orlov,min_batch_time=0x0000000000000004,,errors=continue. Quota mode: writeback.
[  316.112723][   T30] audit: type=1326 audit(316.055:4379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7242 comm="syz.2.2196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  316.144357][   T30] audit: type=1326 audit(316.075:4380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7242 comm="syz.2.2196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  316.179181][   T30] audit: type=1326 audit(316.075:4381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7242 comm="syz.2.2196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  316.218437][   T30] audit: type=1326 audit(316.075:4382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7242 comm="syz.2.2196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f1fac6ab84a code=0x7ffc0000
[  316.255873][   T30] audit: type=1326 audit(316.075:4383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7242 comm="syz.2.2196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f1fac6df4a5 code=0x7ffc0000
[  316.279942][ T7246] loop8: detected capacity change from 0 to 512
[  316.314738][   T30] audit: type=1326 audit(316.285:4384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7242 comm="syz.2.2196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  316.348609][  T837] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  316.349121][ T7246] EXT4-fs (loop8): Ignoring removed oldalloc option
[  316.369494][   T30] audit: type=1326 audit(316.285:4385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7242 comm="syz.2.2196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fac6acbe9 code=0x7ffc0000
[  316.417292][ T7246] EXT4-fs error (device loop8): ext4_xattr_inode_iget:400: comm syz.8.2198: Parent and EA inode have the same ino 15
[  316.435319][ T7246] EXT4-fs (loop8): Remounting filesystem read-only
[  316.445460][ T7246] EXT4-fs (loop8): 1 orphan inode deleted
[  316.454832][ T7246] EXT4-fs (loop8): mounted filesystem without journal. Opts: errors=remount-ro,bsdgroups,debug_want_extra_isize=0x0000000000000040,mb_optimize_scan=0x0000000000000001,bsdgroups,oldalloc,resuid=0x0000000000000000,. Quota mode: none.
[  316.693093][ T7255] netlink: 'syz.9.2202': attribute type 3 has an invalid length.
[  316.751890][   T30] audit: type=1404 audit(316.715:4386): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[  317.032628][ T7282] netlink: 'syz.3.2213': attribute type 3 has an invalid length.
[  317.042282][  T837] usb 4-1: device descriptor read/8, error -71
[  317.176459][ T7299] loop7: detected capacity change from 0 to 1024
[  317.184363][ T7301] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2223'.
[  317.208249][ T7303] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2224'.
[  317.237047][ T7299] EXT4-fs (loop7): mounted filesystem without journal. Opts: user_xattr,nodioread_nolock,,errors=continue. Quota mode: none.
[  317.255414][  T837] usb 4-1: device descriptor read/8, error -71
[  317.275323][ T7299] usb usb1: check_ctrlrecip: process 7299 (+}[@) requesting ep 01 but needs 81
[  317.298336][ T7311] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=none:owns=io+mem
[  317.351724][ T7316] loop2: detected capacity change from 0 to 1024
[  317.407933][ T7321] loop9: detected capacity change from 0 to 7
[  317.409118][ T7311] device syzkaller0 entered promiscuous mode
[  317.465978][ T7316] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  317.609182][ T7340] loop9: detected capacity change from 0 to 512
[  317.613056][ T7337] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2234'.
[  317.624945][ T7329] netlink: 68 bytes leftover after parsing attributes in process `syz.8.2236'.
[  317.640693][ T7342] loop3: detected capacity change from 0 to 512
[  317.701653][ T7340] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  317.738682][ T7350] netlink: 'syz.7.2233': attribute type 4 has an invalid length.
[  317.747890][ T7350] netlink: 17 bytes leftover after parsing attributes in process `syz.7.2233'.
[  317.813688][ T7342] EXT4-fs (loop3): mounted filesystem without journal. Opts: acl,barrier=0x0000000000001003,errors=remount-ro,noauto_da_alloc,dioread_lock,. Quota mode: writeback.
[  318.194212][ T7365] netlink: 228 bytes leftover after parsing attributes in process `syz.2.2249'.
[  318.516504][ T7381] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2256'.
[  318.581453][ T7384] loop9: detected capacity change from 0 to 512
[  318.630739][ T7384] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  318.651680][ T7381] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2256'.
[  318.692619][ T7387] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2256'.
[  318.711612][ T7384] EXT4-fs (loop9): 1 truncate cleaned up
[  318.724488][ T7384] EXT4-fs (loop9): mounted filesystem without journal. Opts: barrier=0x0000000000000101,errors=remount-ro,. Quota mode: none.
[  318.750341][ T7387] tc_dump_action: action bad kind
[  318.836244][ T7395] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2261'.
[  318.979482][ T7410] netlink: 28 bytes leftover after parsing attributes in process `syz.9.2268'.
[  319.278326][ T7426] loop9: detected capacity change from 0 to 8192
[  319.306271][ T7433] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12 sclass=netlink_route_socket pid=7433 comm=syz.3.2278
[  319.327293][ T5011]  loop9: p3 p4 < >
[  319.332781][ T5011] loop9: p3 size 33554432 extends beyond EOD, truncated
[  319.346206][ T7433] 9pnet: Insufficient options for proto=fd
[  319.356456][ T7426]  loop9: p3 p4 < >
[  319.361307][ T7426] loop9: p3 size 33554432 extends beyond EOD, truncated
[  319.388638][ T7435] loop8: detected capacity change from 0 to 1024
[  319.411102][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  319.423755][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  319.434154][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  319.448140][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  319.468558][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  319.485255][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  319.512040][ T7435] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  319.533499][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  319.543719][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  319.652418][ T7451] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2284'.
[  319.717470][  T830] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x4
[  319.730729][  T830] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x2
[  319.749423][  T830] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x0
[  319.758131][  T830] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x0
[  319.766575][  T830] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x0
[  319.776024][  T830] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x0
[  319.794604][  T830] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x0
[  319.803745][ T7461] device dummy0 entered promiscuous mode
[  319.810591][  T830] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x0
[  319.822364][ T7463] loop7: detected capacity change from 0 to 256
[  319.829740][  T830] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x0
[  319.839234][  T830] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x0
[  319.847947][ T7460] device dummy0 left promiscuous mode
[  319.848932][  T830] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x0
[  319.863051][  T830] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x0
[  319.872889][  T830] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x0
[  319.882229][  T830] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x0
[  319.890503][  T830] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x0
[  319.899385][  T830] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x0
[  319.908628][  T830] hid-generic 0000:3000000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  319.941824][ T7469] 9pnet: Could not find request transport: 0xffffffffffffffff
[  319.992224][ T7470] fido_id[7470]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  320.016395][ T7465] loop2: detected capacity change from 0 to 8192
[  320.053797][ T5007]  loop2: p1 p4 < >
[  320.058154][ T5007] loop2: p1 start 4261412864 is beyond EOD, truncated
[  320.068001][ T7465]  loop2: p1 p4 < >
[  320.074079][ T7465] loop2: p1 start 4261412864 is beyond EOD, truncated
[  320.099046][ T7483] netlink: 'syz.7.2299': attribute type 4 has an invalid length.
[  320.110294][ T7483] netlink: 'syz.7.2299': attribute type 4 has an invalid length.
[  320.179497][ T5011] udevd[5011]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  320.264510][ T5011] udevd[5011]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  320.478329][ T7535] hub 6-0:1.0: USB hub found
[  320.488311][ T7535] hub 6-0:1.0: 1 port detected
[  320.679918][ T7558] loop7: detected capacity change from 0 to 1024
[  320.695025][ T7558] EXT4-fs (loop7): Unsupported blocksize for fs-verity
[  320.866023][   T30] kauditd_printk_skb: 205 callbacks suppressed
[  320.866041][   T30] audit: type=1400 audit(320.835:4592): avc:  denied  { create } for  pid=7575 comm="syz.8.2341" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  320.900399][   T30] audit: type=1400 audit(320.835:4593): avc:  denied  { write } for  pid=7575 comm="syz.8.2341" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  320.962829][   T30] audit: type=1400 audit(320.925:4594): avc:  denied  { read write } for  pid=7567 comm="syz.3.2337" name="raw-gadget" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  321.018674][   T30] audit: type=1400 audit(320.925:4595): avc:  denied  { open } for  pid=7567 comm="syz.3.2337" path="/dev/raw-gadget" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  321.063382][   T30] audit: type=1400 audit(320.925:4596): avc:  denied  { ioctl } for  pid=7567 comm="syz.3.2337" path="/dev/raw-gadget" dev="devtmpfs" ino=254 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  321.090628][   T30] audit: type=1400 audit(321.025:4597): avc:  denied  { setcurrent } for  pid=7583 comm="syz.8.2344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  321.111775][   T30] audit: type=1401 audit(321.025:4598): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[  321.690103][   T30] audit: type=1400 audit(321.655:4599): avc:  denied  { write } for  pid=7593 comm="syz.9.2348" path="socket:[44180]" dev="sockfs" ino=44180 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  321.834033][   T30] audit: type=1400 audit(321.795:4600): avc:  denied  { lock } for  pid=7602 comm="syz.9.2353" path="socket:[44212]" dev="sockfs" ino=44212 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  321.839266][ T3475] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x4
[  321.884115][   T30] audit: type=1400 audit(321.855:4601): avc:  denied  { setopt } for  pid=7609 comm="syz.9.2355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  321.894189][ T3475] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x2
[  321.916041][ T7611] ==================================================================
[  321.925653][ T7611] BUG: KASAN: slab-out-of-bounds in xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[  321.936252][ T7611] Read of size 1 at addr ffff88813a0b73f8 by task syz.9.2355/7611
[  321.945216][ T7611] 
[  321.947816][ T7611] CPU: 1 PID: 7611 Comm: syz.9.2355 Not tainted 5.15.189-syzkaller-android13-5.15.189_r00 #0
[  321.959293][ T7611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  321.971191][ T7611] Call Trace:
[  321.975017][ T7611]  <TASK>
[  321.978238][ T7611]  __dump_stack+0x21/0x30
[  321.982759][ T7611]  dump_stack_lvl+0xee/0x150
[  321.987947][ T7611]  ? show_regs_print_info+0x20/0x20
[  321.993236][ T7611]  ? load_image+0x3a0/0x3a0
[  321.998408][ T7611]  ? unwind_get_return_address+0x4d/0x90
[  322.004402][ T7611]  print_address_description+0x7f/0x2c0
[  322.011239][ T7611]  ? xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[  322.018228][ T7611]  kasan_report+0xf1/0x140
[  322.022985][ T7611]  ? xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[  322.029923][ T7611]  __asan_report_load1_noabort+0x14/0x20
[  322.036276][ T7611]  xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[  322.043046][ T7611]  xfrm_policy_inexact_insert_node+0x938/0xb50
[  322.049626][ T7611]  ? xfrm_netlink_rcv+0x72/0x90
[  322.054651][ T7611]  ? netlink_unicast+0x876/0xa40
[  322.060940][ T7611]  ? netlink_sendmsg+0x86a/0xb70
[  322.066422][ T7611]  ? ____sys_sendmsg+0x5a2/0x8c0
[  322.071769][ T7611]  ? ___sys_sendmsg+0x1f0/0x260
[  322.077158][ T7611]  ? x64_sys_call+0x4b/0x9a0
[  322.082143][ T7611]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  322.088902][ T7611]  xfrm_policy_inexact_alloc_chain+0x53a/0xb30
[  322.096358][ T7611]  xfrm_policy_inexact_insert+0x70/0x1130
[  322.103135][ T7611]  ? __get_hash_thresh+0x10c/0x420
[  322.108790][ T7611]  ? policy_hash_bysel+0x110/0x4f0
[  322.114185][ T7611]  xfrm_policy_insert+0x126/0x9a0
[  322.119464][ T7611]  ? xfrm_policy_construct+0x54f/0x1f00
[  322.126209][ T7611]  xfrm_add_policy+0x4d1/0x830
[  322.131813][ T7611]  ? xfrm_dump_sa_done+0xc0/0xc0
[  322.141691][ T7611]  xfrm_user_rcv_msg+0x45c/0x6e0
[  322.149291][ T7611]  ? xfrm_netlink_rcv+0x90/0x90
[  322.155308][ T7611]  ? avc_has_perm_noaudit+0x460/0x460
[  322.162037][ T7611]  ? x64_sys_call+0x4b/0x9a0
[  322.167830][ T7611]  ? selinux_nlmsg_lookup+0x237/0x4c0
[  322.174308][ T7611]  netlink_rcv_skb+0x1e0/0x430
[  322.179127][ T7611]  ? xfrm_netlink_rcv+0x90/0x90
[  322.184815][ T7611]  ? netlink_ack+0xb60/0xb60
[  322.191642][ T7611]  ? wait_for_completion_killable_timeout+0x10/0x10
[  322.199285][ T7611]  ? __netlink_lookup+0x387/0x3b0
[  322.205049][ T7611]  xfrm_netlink_rcv+0x72/0x90
[  322.210119][ T7611]  netlink_unicast+0x876/0xa40
[  322.215446][ T7611]  netlink_sendmsg+0x86a/0xb70
[  322.221346][ T7611]  ? netlink_getsockopt+0x530/0x530
[  322.226991][ T7611]  ? sock_alloc_file+0xba/0x260
[  322.232338][ T7611]  ? security_socket_sendmsg+0x82/0xa0
[  322.239284][ T7611]  ? netlink_getsockopt+0x530/0x530
[  322.245547][ T7611]  ____sys_sendmsg+0x5a2/0x8c0
[  322.251500][ T7611]  ? __sys_sendmsg_sock+0x40/0x40
[  322.257627][ T7611]  ? import_iovec+0x7c/0xb0
[  322.263015][ T7611]  ___sys_sendmsg+0x1f0/0x260
[  322.268252][ T7611]  ? __sys_sendmsg+0x250/0x250
[  322.273249][ T7611]  ? __fdget+0x1a1/0x230
[  322.277689][ T7611]  __x64_sys_sendmsg+0x1e2/0x2a0
[  322.283262][ T7611]  ? ___sys_sendmsg+0x260/0x260
[  322.288223][ T7611]  ? __bpf_trace_sys_enter+0x62/0x70
[  322.294450][ T7611]  ? trace_sys_enter+0x3d/0x50
[  322.299706][ T7611]  x64_sys_call+0x4b/0x9a0
[  322.304546][ T7611]  do_syscall_64+0x4c/0xa0
[  322.309406][ T7611]  ? clear_bhb_loop+0x50/0xa0
[  322.315806][ T7611]  ? clear_bhb_loop+0x50/0xa0
[  322.321813][ T7611]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  322.329241][ T7611] RIP: 0033:0x7f7ffc435be9
[  322.334418][ T7611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  322.361012][ T7611] RSP: 002b:00007f7ffae9e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  322.373232][ T7611] RAX: ffffffffffffffda RBX: 00007f7ffc66cfa0 RCX: 00007f7ffc435be9
[  322.383116][ T7611] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000005
[  322.393376][ T7611] RBP: 00007f7ffc4b8e19 R08: 0000000000000000 R09: 0000000000000000
[  322.403005][ T7611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  322.411746][ T7611] R13: 00007f7ffc66d038 R14: 00007f7ffc66cfa0 R15: 00007ffce564d178
[  322.421626][ T7611]  </TASK>
[  322.426243][ T7611] 
[  322.429306][ T7611] Allocated by task 7611:
[  322.433874][ T7611]  __kasan_kmalloc+0xda/0x110
[  322.439687][ T7611]  __kmalloc+0x13d/0x2c0
[  322.445231][ T7611]  sk_prot_alloc+0xed/0x320
[  322.450166][ T7611]  sk_alloc+0x38/0x430
[  322.454665][ T7611]  pfkey_create+0x12a/0x660
[  322.460320][ T7611]  __sock_create+0x38d/0x7a0
[  322.467023][ T7611]  __sys_socket+0xec/0x190
[  322.472890][ T7611]  __x64_sys_socket+0x7a/0x90
[  322.481990][ T7611]  x64_sys_call+0x8c5/0x9a0
[  322.488450][ T7611]  do_syscall_64+0x4c/0xa0
[  322.495417][ T7611]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  322.508439][ T7611] 
[  322.513047][ T7611] The buggy address belongs to the object at ffff88813a0b7000
[  322.513047][ T7611]  which belongs to the cache kmalloc-1k of size 1024
[  322.533332][ T7611] The buggy address is located 1016 bytes inside of
[  322.533332][ T7611]  1024-byte region [ffff88813a0b7000, ffff88813a0b7400)
[  322.553464][ T7611] The buggy address belongs to the page:
[  322.562576][ T7611] page:ffffea0004e82c00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x13a0b0
[  322.575396][ T7611] head:ffffea0004e82c00 order:3 compound_mapcount:0 compound_pincount:0
[  322.584630][ T7611] flags: 0x4000000000010200(slab|head|zone=1)
[  322.592912][ T7611] raw: 4000000000010200 ffffea0004e81e00 0000000400000004 ffff888100043080
[  322.604500][ T7611] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[  322.615859][ T7611] page dumped because: kasan: bad access detected
[  322.624671][ T7611] page_owner tracks the page as allocated
[  322.631891][ T7611] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 347, ts 223918582548, free_ts 223754030353
[  322.655728][ T7611]  post_alloc_hook+0x192/0x1b0
[  322.662451][ T7611]  prep_new_page+0x1c/0x110
[  322.669187][ T7611]  get_page_from_freelist+0x2cc5/0x2d50
[  322.676339][ T7611]  __alloc_pages+0x18f/0x440
[  322.682205][ T7611]  new_slab+0xa1/0x4d0
[  322.686810][ T7611]  ___slab_alloc+0x381/0x810
[  322.694093][ T7611]  __slab_alloc+0x49/0x90
[  322.698801][ T7611]  __kmalloc_track_caller+0x169/0x2c0
[  322.704985][ T7611]  __alloc_skb+0x21a/0x740
[  322.709502][ T7611]  netlink_sendmsg+0x602/0xb70
[  322.714453][ T7611]  ____sys_sendmsg+0x5a2/0x8c0
[  322.719628][ T7611]  ___sys_sendmsg+0x1f0/0x260
[  322.725617][ T7611]  __x64_sys_sendmsg+0x1e2/0x2a0
[  322.731365][ T7611]  x64_sys_call+0x4b/0x9a0
[  322.736049][ T7611]  do_syscall_64+0x4c/0xa0
[  322.741352][ T7611]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  322.749405][ T7611] page last free stack trace:
[  322.756018][ T7611]  free_unref_page_prepare+0x542/0x550
[  322.762161][ T7611]  free_unref_page+0xa2/0x550
[  322.767299][ T7611]  __free_pages+0x6c/0x100
[  322.772663][ T7611]  __free_slab+0xe8/0x1e0
[  322.777436][ T7611]  __unfreeze_partials+0x160/0x190
[  322.783268][ T7611]  put_cpu_partial+0xc6/0x120
[  322.788208][ T7611]  __slab_free+0x1d4/0x290
[  322.792806][ T7611]  ___cache_free+0x104/0x120
[  322.797637][ T7611]  qlink_free+0x4d/0x90
[  322.802155][ T7611]  qlist_free_all+0x5f/0xb0
[  322.807369][ T7611]  kasan_quarantine_reduce+0x14a/0x170
[  322.814055][ T7611]  __kasan_slab_alloc+0x2f/0xf0
[  322.820196][ T7611]  slab_post_alloc_hook+0x4f/0x2b0
[  322.826784][ T7611]  kmem_cache_alloc+0xf7/0x260
[  322.832140][ T7611]  jbd2__journal_start+0x13d/0x6e0
[  322.837644][ T7611]  __ext4_journal_start_sb+0xfb/0x2b0
[  322.843380][ T7611] 
[  322.846051][ T7611] Memory state around the buggy address:
[  322.852132][ T7611]  ffff88813a0b7280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  322.861820][ T7611]  ffff88813a0b7300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  322.871861][ T7611] >ffff88813a0b7380: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc
[  322.880878][ T7611]                                                                 ^
[  322.889911][ T7611]  ffff88813a0b7400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  322.898532][ T7611]  ffff88813a0b7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  322.907578][ T7611] ==================================================================
[  322.916228][ T7611] Disabling lock debugging due to kernel taint
[  322.963231][ T3475] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0
[  322.972141][ T3475] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0
[  322.981081][ T3475] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0
[  322.989928][ T3475] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0
[  322.990440][ T7616] device veth0 entered promiscuous mode
[  323.006209][ T3475] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0
[  323.016965][ T3475] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0
[  323.026763][ T3475] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0
[  323.035674][ T3475] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0
[  323.044383][ T3475] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0
[  323.053305][ T3475] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0
[  323.061913][ T3475] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0
[  323.070683][ T3475] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0
[  323.078826][ T3475] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0
[  323.087528][ T3475] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0
[  323.098806][ T3475] hid-generic 0000:3000000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  323.141954][ T7617] fido_id[7617]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  323.766157][ T7614] device veth0 left promiscuous mode