last executing test programs:

30m16.166263668s ago: executing program 32 (id=325):
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
recvfrom$inet(0xffffffffffffffff, 0x0, 0x0, 0x700, 0x0, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x2)
ioctl$USBDEVFS_RESETEP(r0, 0x80045503, 0xfffffffffffffffe)

29m33.450719998s ago: executing program 33 (id=1072):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x1, 0x32, 0x0, 0xffffd000)
r0 = socket(0xa, 0x3, 0xff)
setsockopt$inet6_int(r0, 0x29, 0x24, &(0x7f0000000040)=0x9, 0x4)
sendto$inet6(r0, &(0x7f0000000180)="c4", 0x1, 0x40, &(0x7f0000000240)={0xa, 0x4ea2, 0x5, @empty, 0x401}, 0x1c)
read(r0, &(0x7f0000020100)=""/102344, 0x18fc8)

28m41.010352625s ago: executing program 34 (id=1823):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x2c00)
r3 = gettid()
fcntl$setown(0xffffffffffffffff, 0x8, r3)
ptrace$getenv(0x4201, r3, 0x7, &(0x7f0000000440))
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0xc044)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
r5 = syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00')
pread64(r5, &(0x7f0000002240)=""/237, 0xed, 0x4eb)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000ec0)=@base={0x1c, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4002, 0x5, 0x4}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800"/12, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
process_vm_readv(r0, &(0x7f0000000940)=[{0x0}, {&(0x7f0000000180)=""/68, 0x44}, {0x0}, {&(0x7f00000007c0)=""/107, 0x6b}, {&(0x7f0000000200)=""/62, 0x3e}, {&(0x7f0000000840)=""/230, 0xe6}], 0x6, 0x0, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0)

28m15.410473703s ago: executing program 35 (id=2368):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = gettid()
process_vm_writev(r2, 0x0, 0x0, 0x0, 0x0, 0x0)

28m14.778638544s ago: executing program 36 (id=2379):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000001100)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000800000095000000000000009500a5050000000077d8f3b423cdac85800000000000000024e16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0fe8a7d06d7535f7866907dc6751dfb292f7d3acec77f5efad9c11650300000000000000649c1cfd138d5521f9451759c3421eed73d5661cfeecf9c66cf6dd6dcd54c3b3ff02000000d7c983c044c03bf3cc2367a48dfe3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff050011bbecc2f4a37c9af2551ce935b0f327cb3f011a7d069111d5a34ed09baafa9e87110bd5602e2fd5234712596b696418f163d1a13ed38ae89d24e1cebfba2fc7925bfacbb031e7743f541cd0aed4af7588c8e1b44ccb19e810879b70a70000000000000000000000d7900a820b63278f4e9a217b98000000002a92895614cd50cbe43a1ed25268816b00000000000009d27d753a30a1420cfd9e1f84d8271ff6606b2a44bc47b24a48435bd8a568669596e9e08679b3ce48e90defb6670c3d62ad0a97aec773713a66b207000000000000001d24291c25449f106a99893ed20fa7a050fbbef90327e827e513e96068fd1e8a43e89f9c050022a961546ed5365470fa503c1fac35b903e10c62bebc943c17ff1432d0881406bc176e3e69ee52b59d13182e1f24ed200ada12f7a1525320e71666f472a97214d0b2874df30ed5eb1affb87ba55b2d72078e9f40e4ffff06aabca77e64c988dd413230d60a7f7681314df1c2a0f4249c7be5329ac624fb2997df9e6867053a4b239d17ba83b498812a8f57b9b52ebc8b327a967e41f61fe4382601bff5f5dbcd3d50a065bcc67943ba05f3a5366ca6d291f931d9cde41bdabdae4717317621abaa7179e2d44f8ebca654f9e4571963a3f198769e309fc99f6320f47140bb9a5e359804c2653d19462139d5c505dc6e4f178c9a098b51333cccfe0d2eb41dd079de3cfa60365787ca4b8eb920a06969c5da49fc87d37f18205f4b5c0f44d16a2d9f2bc894dfd78e819e54e79eb5ceb91451149e099e47b94fd53ed2dd33d43d8c681e027175e8d281ba4ac708543bc3f9e8e35532b7b90eee5df24d5ec9cd4e33a79f5b123cf15edeb8b0ee7cafbfebb907ccee427f3616d6fd9015432977a55aa000"/849], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'wg0\x00', <r3=>0x0})
sendto$packet(r1, &(0x7f0000000180)="0b03feff4f00020002004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r3}, 0x14)

28m10.082838363s ago: executing program 37 (id=2479):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000040000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000)={0x3ff, 0x8006}, 0x4)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000000)=0x1000, 0x4)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'wg0\x00', <r4=>0x0})
sendto$packet(r3, &(0x7f0000000180)="0b03feff4f00020002004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14)

28m6.404824141s ago: executing program 38 (id=2573):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f00000004c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x31, 0x31, 0x4, [@datasec={0xb, 0x3, 0x0, 0xf, 0x1, [{0x1, 0x4, 0x361}, {0x2, 0x401, 0xe59}, {0x2, 0x64ba, 0x1}], '\v'}]}, {0x0, [0x5f, 0x2e]}}, 0x0, 0x50, 0x0, 0x1, 0x7, 0x10000}, 0x28)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x9, 0x6, 0x8, 0x8}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040), &(0x7f00000004c0), 0xce, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r1}, 0x18)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000180))

27m57.266413139s ago: executing program 39 (id=2776):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r2}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c)

27m42.735921113s ago: executing program 40 (id=3087):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='hrtimer_start\x00', r1}, 0x18)
r2 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
timer_create(0x0, 0x0, &(0x7f0000000000))
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x3d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000500)='hrtimer_start\x00', r3}, 0x10)
timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)

27m39.632710543s ago: executing program 41 (id=3137):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000208e052500000000040000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000040000008500000006000000850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x408, 0xcd, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r2}, 0x10)
socketpair(0xa, 0x1, 0x0, &(0x7f0000000000))

27m18.797894556s ago: executing program 0 (id=3619):
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0x2000000000000178, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000380)='kmem_cache_free\x00', r0}, 0x18)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r2, 0x0)
shutdown(r1, 0x0)
connect$unix(r1, &(0x7f0000fce000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
r3 = accept(r2, 0x0, 0x0)
sendto$inet6(r3, &(0x7f00000002c0)='S', 0x1, 0x404c810, 0x0, 0x0)

27m18.767583099s ago: executing program 0 (id=3620):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0)
ftruncate(r0, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000400)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmmsg(r2, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
sendfile(r1, r0, 0x0, 0x578410e9)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe00}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
sendfile(r1, r0, 0x0, 0x100000000)

27m17.820008475s ago: executing program 0 (id=3640):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0xe8, 0x0, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000300)={0xc9, 0x0, 0xc})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

27m17.626209311s ago: executing program 0 (id=3644):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x10408, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
dup2(r2, r0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x6000, 0x0)
r3 = open(&(0x7f00000003c0)='./file2\x00', 0x81, 0x0)
ioctl$BTRFS_IOC_DEFRAG(r3, 0x4c00, 0x3)

27m17.38651858s ago: executing program 0 (id=3645):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
syz_mount_image$exfat(&(0x7f0000000100), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[], 0x2, 0x1509, &(0x7f0000001c40)="$eJzs3Au0jtXWOPA511oPm8Sb5L7mmg9vclkkSS4JiSRJjiS5JSRJkoTEJrckJCH3JPeQ3EJyv99yT5IjSZKQkGT9h079nXM63+l83znn842z52+MZ+w19/vO+c5nz733+zxrjL2/7jCoSr2qleowM/xT8E8fUgEgBQD6AkAWAIgAoGTWklkBh0IGjan/3IuIf60Hpl7pDsSVJPNP22T+aZvMP22T+adtMv+0Teaftsn80zaZvxBp2dZpua6RI+0e/3v7/yD7///nyPv/f5DDRUd/vr7odR3/Gyky/7RN5p+2yfzTNpl/2ibzT9tk/v/hIoCKf+dhmX/aJvMXIi270vvPclzZ40p//wkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESBvOhcsMAPy6vtJ9CSGEEEIIIYQQ4l8npP/zKN2Va0QIIYQQQgghhBD/RggKNBiIIB2khxTIABnhKsgEV0NmyAIJuAaywrWQDa6D7JADckIuyA15IC9YIHDAEEM+yA9JuB4KwA1QEApBYSgCHopCMbgRisNNUAJuhpJwC5SCW6E0lIGyUA5ug/JwO1SAilAJ7oDKcCdUgapwF1SDu6E63AM14F6oCfdBLbgfasMfoA48AHXhQagHD0F9eBgaQENoBI2hyf8o/3noAi9AV+gGqdAdesCL0BN6QW/oA33hJegHL0N/eAUGwEAYBK/CYHgNhsDrMBSGwXB4A0bASBgFo2EMjIVx8CaMh7dgArwNE2ESTIYpMBWmwXR4B2bATJgF78JseA/mwFyYB/NhAbwPC2ERLIYPYAl8CEthGSyHFbASVsFqWANrYR2shw2wETbBZtgCW+Ej2AbbYQfshF2wG/bAx7AXPoF98Cnsh8/+Oj/L388/+1f5HREQUKFCgwbTYTpMwRTMiBkxE2bCzJgZE5jArJgVs2E2zI7ZMSfmxNyYG/NiXiQkZGTMh/kwiUksgAWwIBbEwlgYPXoshsWwON6EJbAElsSSWApLYWksg2WwHJbD8lgeK2AFrISVsDJWxipYBe/Cu/BurI7VsQbWwJpYE2thLayNtbEO1sG6WBfrYT2sj/WxATbARtgIm2ATbIpNsRk2wxbYAltiS2yFrbA1tsY22AbbYltsh+2wPbbHDtgBO2In7ITP4/P4Ar6A3bCy6o49sAf2xJ7YG/tgH3wJ++HL+DK+ggNwIA7CV/FVfA2H4BkcisNwOA7H8mokjsLRyGosjsNxOB7H4wScgBNxEk7CKTgVp+F0nI4zcCbOxHdxNr6H7+FcnIvzcQEuwIW4CBfjYlyCZ3EpLsPluAJX4ipciWtwLa7B9bgB1+Mm3IRbcAt+hB/hdtyOO3En7sbd+DF+jJ/gJzgA9+N+PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPIfn8Dyexwv4bO4v6+4utG4AqEuMMiqdSqdSVIrKqDKqTCqTyqwyq4RKqKwqq8qmsqnsKrvKqXKq3Cq3yqvyKlKkWMUqn8qnkiqpCqgCqqAqqAqrwsorr4qpYqq4Kq5KqBKqpLpFlVK3qtKqjGruy6lyqrxq4SuoiqqSqqQqqztVFVVVVVXVVDVVXVVXNVQNVVPVVLXU/aq26o698QF1aTL11ECsrwZhA9VQNVKN1Wv4iGqqhmAz1Vy1UI+pYTgUW6mmvrV6UrVRo7CtelqNxmdUezUWO6jnVEfVSXVWz6suqpnv+ut2p5qCPVUv1Vv1UTPwTnVpYlXUK2qAGqgGqVfVfHxNDVGvq6FqmBqu3lAj1Eg1So1WY9RYNU69qcart9QE9baaqCapyWqKmqqmqenqHTVDzVSz1LtqtnpPzVFz1Tw1Xy1Q76uFapFarD5QS9SHaqlapparFWqlWqVWqzVqrVqn1qsNaqPapDarLWqr+khtU9vVDrVT7VK71R71sdqrPlH71Kdqv/pMHVB/VAfV5+qQ+kIdVl+qI+ordVR9rY6pb9Rx9a06oU6qU+o7dVp9r86os+qc+kGdVz+qC+ondVEFBRq10lobHel0Or1O0Rl0Rn2VBn21zqyz6IS+RmfV1+ps+jqdXefQOXUunVvn0Xm11aSdZh3rfDq/TurrdQF9gy6oC+nCuoj2uqgupm/UxfVNuoS+WZfUt+hS+lZdWpfRZXU5fZsur2/XFXRFXUnfoSvrO3UVXVXfpavpu3V1fY+uoe/VNfV9upa+X9fWf9B19AO6rn5Q19MP6fr6Yd1AN9SNdGPdRD+im+pHdTPdXLfQj+mW+nHdSj+hW+sndRv9lG6rn9bt9DO6vX5Wd9DP6Y66k+6sf9IXddBddTedqrvrHvpF3VP30r11H91Xv6T76Zd1f/2KHqAH6kH6VT1Yv6aH6Nf1UD1MD9dv6BF6pB6lR+sxeqwep9/U4/VbeoJ+W0/Uk/RkPUVP1dN0718qzfoH8t/6G/n9f371LXqr/khv09v1Dr1T79K79R69R+/Ve/U+vU/v1/v1AX1AH9QH9SF9SB/Wh/URfUQf1Uf1MX1MH9fH9Ql9Uv+gv9On9ff6jD6rz+of9Hl9Xl/45WsABo0y2hgTmXQmvUkxGUxGc5XJZK42mU0WkzDXmKzmWpPNXGeymxwmp8llcps8Jq+xhowzbGKTz+Q3SXO9KWBuMAVNIVPYFDHeFDXFzI3/dP7v9dfENDFNTVPTzDQzLUwL09K0NK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1Xk2pSTQ/zoulpepnepo/pa14y/Uw/09/0NwPMADPIDDKDzWAzxAwxQ81QM9wMNyPMCDPKjDJjzBgzzowz4814M8FMMBPNRDPZTDZTzVQz3Uw3M8wMM8vMMrPNbDPHzDHzzDyzwCwwC81Cs9gsNkvMErPULDPLzAqzwqwyq8was8asM+vMBrPBbDKbzFKz1Ww128w2s8PsMLvMLrPH7DF7zV6zz+wz+81+c8AcMAfNQXPIHDKHzWFzxBwxR81Rc8wcM8fNcXPCnDCnzClz2pw2Z8wZc86cM+fNeXPBXDAXzcVLl32RilRkIhOli9JFKVFKlDHKGGWKMkWZo8xRIkpEWaOsUbbouih7lCPKGeWKckd5olSwEUUu4iiO8kX5o2R0fVQguiEqGBWKCkdFIh8VjYpFN0bFo5uiEtHNUcnolqhUdGtUOioTlY3KRbdF5aPbowpRxahSdEdUObozqhJVje6KqkV3R9Wje6Ia0b1Rzei+qFZ0f1Q7+kNUJ3ogqhs9GNWLHorqRw9HDaKGUaOocdTkX1o/hDM5HvVdbTebarvbHvZF29P2sr1tH9vXvmT72Zdtf/uKHWAH2kH2VTvYvmaH2NftUDvMDrdv2BF2pB1lR9sxdqwdZ9+04+1bdoJ92060k+xkO8VOtdPsdPuOnWFn2ln2XTvbvmfn2Ll2np1vF9j37UK7yC62H9gl9kO71C6zy+0Ku9KusqvtGrvWrrPr7Qa70W6ym+0Wu9V+ZLfZ7XaH3Wl32d12j/3Y7rWf2H32U7vffmYP2D/ag/Zze8h+YQ/bL+0R+5U9ar+2x+w39rj91p6wJ+0p+509bb+3Z+xZe87+YM/bH+0F+5O9aMOli/tLb+9kyFA6SkcplEIZKSNlokyUmTJTghKUlbJSNspG2Sk75aSclJtyU17KS5cwMeWjfJSkJBWgAlSQClJhKkyePBWjYlScilMJKkElqSSVolJUmkpTWSpLt9FtdDvdThWpIt1Bd9CddCdVpapUjapRdapONagG1aSaVItqUW2qTXWoDtWlulSP6lF9qk8NqAE1okbUhJpQU2pKzagZtaAW1JJaUitqRa2pNbWhNtSW2lI7akftqT11oA7UkTpSZ+pMXagLdaWulEqp1IN6UE/qSb2pN/WlvtSP+lF/6k8DaAANokE0mAbTEBpCQ2kYDac3aASNpFE0msbQWBpH42g8jacJNIEm0kSaTJNpKk2l6TSdZtAMmkWzaDbNpjk0h+bRPFpAC2ghLaTFtJiW0BJaSktpOS2nlbSSVtNqWktraT2tp420kTbTZtpKW2kbbaMdtIN20S7aQ3toL+2lfbSP9tN+OkAH6CAdpEN0iA7TYTpCR+goHaVjdIyO03E6QSfoFJ2i03SaztAZOkfn6Dz9SBfoJ7pIgVKcgozuKpfJXe0yuywuxWVwl+IIAC7FOV0ul9vlcXmdddldjr+IyTlX0BVyhV0R511RV8zd+Ju4tCvjyrpy7jZX3t3uKvwmrubudtXdPa6Gu9dVdXf9RVzT3edquYdcbfewq+MaurqusavnHnL13cOugWvoGrnGrqV73LVyT7jW7knXxj31m3ihW+TWunVuvdvg9rpP3Dn3gzvqvnbn3Y+uq+vm+rqXXD/3suvvXnED3MDfxMPdG26EG+lGudFujBv7m3iym+KmumluunvHzXAzfxMvcO+72W6xm+Pmunlu/s/xpZ4Wuw/cEvehW+qWueVuhVvpVrnVbs3/73WF2+Q2uy1uj/vYbXPb3Q630+1yu3+OL53HPvep2+8+c0fcV+6g+9wdcsfcYfflz/Gl8zvmvnHH3bfuhDvpTrnv3Gn3vTvjzv58/pfO/Tv3k7voggNGVqzZcMTpOD2ncAbOyFdxJr6aM3MWTvA1nJWv5Wx8HWfnHJyTc3FuzsN52TKxY+aY83F+TvL1XIBv4IJciAtzEfZclIvxjVycb+ISfDOX5Fu4FN/KpbkMl+VyfBuX59u5AlfkSnwHVw6Bq3BVvour8d1cne/hGnwv1+T7uBbfz7X5D1yHH+C6/CDX44e4Pj/MDbghN+LG3IQf4ab8KDfj5tyCH+OW/Di34ie4NT/JbfgpbstPczt+htvzs9yBn+OO3Ik78/PchV/grtyNU7k79+AXuSf34t7ch/vyS9yPX+b+/AoP4IE8iF/lwfwaD+HXeSgP4+H8Bo/gkTyKR/MYHsvj+E0ez2/xBH6bJ/IknsxTeCpP4+n8Ds/gmTyL3+XZ/B7P4bk8j+fzAn6fF/IiXswf8BL+kJfyMl7OK3glr+LVvIbX8jpezxt4I2/izbyFt/JHvI238w7eybt4N+/hj3kvf8L7+FPez5/xAf4jH+TP+RB/wYf5Sz7CX/FR/pqP8Td8nL/lE3yST/F3fJq/5zN8ls/xD3yef+QL/BNf5MAQY6xiHZs4itPF6eOUOEOcMb4qzhRfHWeOs8SJ+Jo4a3xtnC2+Ls4e54hzxrni3HGeOG9sY4pdzHEc54vzx8n4+rhAfENcMC4UF46LxD4uGheLb4yLxzfFJeKb45LxLXGp+NYYUsvED91bLr4tLh/fHleIK8aV4jviyvGdcZW4anxXXC2+O64e3xPXiO+NS8T3xbXi++Pa8R/iOvEDcd34wbhe/FBcP344bhA3jBvFjeMm8SNx0/jRuFncPG4RPxa3jB+PW8VPxK3jJ+M28VO/+3hq3D3uEb8YvxiHcI/65T4xuTC5KLk4+UFySfLD5NLksuTy5IrkyuSq5OrkmuTa5Lrk+uSG5MbkpuTm5JZkCFXTg0evvPbGRz6dT+9TfAaf0V/lM/mrfWafxSf8NT6rv9Zn89f57D6Hz+lz+dw+j8/rrSfvPPvY5/P5fdJf7wv4G3xBX8gX9kW890V9Md/YN/FNfFP/qG/mm/sW/jH/mH/cP+6f8E/4J30b/5Rv65/27fwzvr1/1j/rn/MdfSff2T/vu/gXfFffzaf6VN/D9/A9fU/f2/f2fX1f38/38/19fz/AD/CD/CA/2A/2Q/wQP9QP9cP9cD/Cj/Cj/Cg/xo/x4/w4P96P9xP8BD/RT/ST/WQ/1U/10/10P8PP8LP8LD+74Gw/x8/x8/w8v8Av8Av9Qr/YL/ZL/BK/1C/1y/1yv9Kv9Kv9ar/Wr/Xr/Xq/0W/0m/1mv9Vv9dv8Nr/D7/C7/C6/x+/xe/1ev8/v8/v9fn/AH/AH/UF/yH/hD/sv/RH/lT/qv/bH/Df+uP/Wn/An/Sn/nT/tv/dn/Fl/zv/gz/sf/QX/k7/ogx+XeDMxPvFWYkLi7cTExKTE5MSUxNTEtMT0xDuJGYmZiVmJdxOzE+8l5iTmJuYl5icWJN5PLEwsSixOfJBYkvgwsTSxLLE8sSKxMrEqEUKebXHIF/KHZLg+FAg3hIKhUCgcigQfioZi4cZQPNwUSoSbQ8lwSygVbg2lQ5lQNjwcGoSGoVFoHJqER0LT8GhoFpqHFuGx0DI8HlqFJ0Lr8GRoE54KbcPToV14JrQPz4YO4bnQMXQKncPzoUt4IXQN3UJq6B56hBdDz9Ar9A59Qt/wUugXXg79wythQBgYBoVXw+DwWhgSXg9Dw7AwPLwRRoSRYVQYHcaEsWFceDOMD2+FCeHtMDFMCpPDlDA1TAvTwzthRpgZZoV3w+zwXpgT5oZ5YX5YEN4PC8OisDh8EJaED8PSsCwsDyvCyrAqrA5rwtqwLqwPG8LGsClsDlvC1vBR2Ba2hx1hZ9gVdoc94eOwN3wS9oVPw/7wWTgQ/hgOhs/DofBFOBy+DEfCV+Fo+DocC9+E4+HbcCKcDKfCd+F0+D6cCWfDufBDOB9+DBfCT+Gi/M2aEEIIIcQ/RP/O493/xufSAcCvt0Q9AODq7bkO/3XNjdn/tO6lcrdMAMCT3To88OtRuXJqauovz12qIco/FwASf1n/13gZtIDHoTU0h+J/s79eqtN5/p36yVsAMv5ZTgpcji/Xv+m/qP/IY8MXlorPZf079ecCFMx/OScDXI4v1y/xX9TP0fR3+s/w+TiAZn+Wkwkux5frF4NH4Slo/RfPFEIIIYQQQggh/qSXKtvu9+6fL92f5zaXc9LD5fj37s+FEEIIIYQQQghx5T3TqfMTj7Ru3bzdP7bAX/YF/ntZspDFf84iwy8/Ov9X+vk3La7kbyUhhBBCCCHEv8Pli/4r3YkQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCJF2/W/8O7ErfY5CCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHElfb/AgAA//+wBDLo")
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0/file0\x00', 0x101042, 0x101)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
write$FUSE_DIRENTPLUS(r0, 0x0, 0x4057)
rename(&(0x7f0000000000)='./file1\x00', 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVdn:Dd', 0x0)

27m17.294786268s ago: executing program 0 (id=3646):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = inotify_init()
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@ipv6_delroute={0x2c, 0x19, 0x1, 0x0, 0x0, {0xa, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2e00}, [@RTA_PRIORITY={0x8, 0x1e, 0x200}, @RTA_EXPIRES={0x8, 0x17, 0xffffffff}]}, 0x2c}, 0x1, 0x0, 0x0, 0x90}, 0x4000050)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f00000012c0)={'team0\x00', <r7=>0x0})
r8 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r9 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001580)={0x1e, 0x0, 0x0, &(0x7f0000001280)='syzkaller\x00', 0xffff, 0x0, 0x0, 0x40f00, 0x24, '\x00', r7, @sk_lookup=0x24, r8, 0x8, &(0x7f0000001340)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000001380)={0x4, 0x3, 0x60f, 0x7}, 0x10, 0x0, r9, 0x6, &(0x7f0000001480), &(0x7f00000014c0)=[{0x0, 0x2, 0x10, 0x4}, {0x2, 0x2, 0x5, 0x9}, {0x1, 0x3, 0x4, 0x5}, {0x4, 0x4, 0xc, 0x8}, {0x2, 0x3, 0x0, 0x3}, {0x2, 0x4, 0x6, 0x2}], 0x10, 0x6}, 0x94)
r10 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r11 = inotify_add_watch(r5, &(0x7f0000000200)='./file0\x00', 0x400008bf)
write$binfmt_elf32(r10, &(0x7f0000000040)=ANY=[@ANYRES64=r11], 0x69)
close(r10)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)

27m17.201858495s ago: executing program 42 (id=3646):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = inotify_init()
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@ipv6_delroute={0x2c, 0x19, 0x1, 0x0, 0x0, {0xa, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2e00}, [@RTA_PRIORITY={0x8, 0x1e, 0x200}, @RTA_EXPIRES={0x8, 0x17, 0xffffffff}]}, 0x2c}, 0x1, 0x0, 0x0, 0x90}, 0x4000050)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f00000012c0)={'team0\x00', <r7=>0x0})
r8 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r9 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001580)={0x1e, 0x0, 0x0, &(0x7f0000001280)='syzkaller\x00', 0xffff, 0x0, 0x0, 0x40f00, 0x24, '\x00', r7, @sk_lookup=0x24, r8, 0x8, &(0x7f0000001340)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000001380)={0x4, 0x3, 0x60f, 0x7}, 0x10, 0x0, r9, 0x6, &(0x7f0000001480), &(0x7f00000014c0)=[{0x0, 0x2, 0x10, 0x4}, {0x2, 0x2, 0x5, 0x9}, {0x1, 0x3, 0x4, 0x5}, {0x4, 0x4, 0xc, 0x8}, {0x2, 0x3, 0x0, 0x3}, {0x2, 0x4, 0x6, 0x2}], 0x10, 0x6}, 0x94)
r10 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r11 = inotify_add_watch(r5, &(0x7f0000000200)='./file0\x00', 0x400008bf)
write$binfmt_elf32(r10, &(0x7f0000000040)=ANY=[@ANYRES64=r11], 0x69)
close(r10)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)

21m0.373205541s ago: executing program 9 (id=5523):
r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
pread64(r0, &(0x7f0000001600)=""/4081, 0x7, 0x12)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='sys_enter\x00', r1}, 0x18)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x2, 0x0, 0x0, 0x4, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
pidfd_send_signal(r3, 0x2, 0x0, 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[])
fchownat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
bind$vsock_stream(r4, 0x0, 0x0)

21m0.191244595s ago: executing program 9 (id=5525):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x61, 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
sendmmsg$inet(r3, &(0x7f0000003cc0)=[{{&(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB="14000000000000000000000007"], 0x18}}], 0x1, 0x44008004)

20m59.198103996s ago: executing program 9 (id=5527):
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x800700, &(0x7f0000000740)={[{@grpquota}, {@journal_dev={'journal_dev', 0x3d, 0x101}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4c}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x8}}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x471, &(0x7f0000000200)="$eJzs28tvVFUYAPDv3j4AebQiPkDUKjFpfLS0oLJwo9HEBUYTXeCytgNpGKihNRFCpBiCGxNDomvj0sS/wJ0xMerKxK3uDQlRNqCrmnvnXmjHmUJlOrcyv18y7Tn3ns45X899nHvOTAA9ayT7kURsi4hfI2KokV1ZYKTx6/rVs9N/XT07ncTS0lt/JHm5a1fPTpdFy7/bWmRG04j0QlJUclNWbv70meNT9XrtVLFtfOHEe+Pzp888O3ti6ljtWO3k5KFDBw9MvPD85HMdiTOL69qeD+f27n7tnUuvTx+59O6PX2ft2FbsXx5Hp4xkgf+5lGve92SnK6vY9mXppL/ChrAmfRGRdddAfv4PRV/c7LyhePWjShsHrKvs3rSp/e7FJeAulkTVLQCqUd7os+ff8tWloceGcOWlxgNQFvf14tXY0x9pUWag6fm2k0Yi4sji319kr1ineQgAgOU+mf78cDzTavyXxgPLyu0o1lCGI+LeiNgZEfdFxK6IuD8iL/tgRDy0xvqbloZajH/Sy/8psNuUjf9eLNa2Vo7/ytFfDPcVue15/APJ0dl6bX/xPxmNgU1ZfmKVOr595ZdP2+1bPv7LXln95ViwaMfl/qYJupmphal8UNoBV85H7OlvFX9yYyUgiYjdEbFnbW+9o0zMPvXV3naFbh3/KjqwzrT0ZRbeYhb/YjTFX0pWX58c3xz12v7x8qj4t59+vvhmu/rvKP4OuFJr/F7W/81Fhles186vvY6Lv33c9plmDcf/hXLLzNRCOpi8nffLYLHtg6mFhVMTEYPJ4Ty/YvvkzXcr82X57Pgf3df6/N9Z/E1Wz8MRkR3Ej0TEoxHxWNH2xyPiiYjYt0r8P7zcfl8Zf6QV9f/5iJmW178bx39T/6890Xf8+2/a1X97/X8wT40WW/Lr3y20ak52uWhu4J387wAAAOD/Is0/A5+kYzfSaTo21vgM/664J63PzS88fXTu/ZMzjc/KD8dAWs50DRXzofXZem0iWSzesTE/OlnMFZfzpQeKeePP+rbk+bHpufpMxbFDr9va5vzP/N5XdeuAdbal5dbJwa43BKhA8zp6ujJ77o1uNgboKt/Xht51i/M/7VY7gO5z/4fe1er8P9eUtxYAdyf3f+hdzn/oUel3VbcAqJD7P/SkO/le/zomNm+MZlST2KidkiciykS6IdojsU6Jqq9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfFPAAAA//8TGuuv")
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@ipv6_getaddr={0x18, 0x16, 0x3c2be10bca706f15, 0x0, 0x0, {0x9}}, 0x18}}, 0x0)

20m57.623048243s ago: executing program 9 (id=5532):
socket$nl_route(0x10, 0x3, 0x0)
syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netlink\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='sched_switch\x00', r5}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
preadv(r0, &(0x7f0000000600)=[{&(0x7f0000000280)=""/215, 0xd7}, {0x0}, {&(0x7f0000000480)=""/127, 0x7f}, {&(0x7f0000000500)=""/61, 0x3d}, {&(0x7f0000000880)=""/214, 0xd6}], 0x5, 0x6c, 0x0)

20m56.273835962s ago: executing program 9 (id=5535):
userfaultfd(0x80001)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x7, 0x0, 0x7fff7ffc}]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70200000004000085000000860000009500"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000080)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x4f, 0x6a, 0xa, 0xff00}, [@call={0x55}, @exit, @map_fd, @jmp]}, &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0xe, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d)

20m53.546295193s ago: executing program 9 (id=5539):
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x9, 0x1, 0x7fe2, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
socket$inet6(0xa, 0x800, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
timer_create(0x3, 0x0, &(0x7f00000001c0))
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)

20m37.991473799s ago: executing program 43 (id=5539):
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x9, 0x1, 0x7fe2, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
socket$inet6(0xa, 0x800, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
timer_create(0x3, 0x0, &(0x7f00000001c0))
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)

20m25.228178381s ago: executing program 8 (id=5596):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x44, 0x86}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3008c94, &(0x7f0000000400)={[{@dioread_lock}, {@journal_dev={'journal_dev', 0x3d, 0x2}}, {@quota}, {@norecovery}, {@auto_da_alloc}, {@noquota}, {@grpquota}, {@barrier_val}, {@grpjquota}, {@jqfmt_vfsold}]}, 0x45, 0x7bf, &(0x7f0000000e00)="$eJzs3c9rG1ceAPDvyPLPZNdeWNjNngQLu4EQeZ31Jlso1KWHUmgg0J56aGJkxaSWrWDJITamTSiFXgpt6a295Nyfl9Jrfxx6af+PkhJaJzSlh+Iy+hHLtuRKiS2T5vOBid+beaM333lPb148YymAR1Yu/ScTcSwi3kwixhvrk4gYrKWyETP1cnc31gvpksTm5nM/JLUydzbWC9GyT+pII/P3iPjytYgTmd31VlbXFmZLpeJyIz9ZXbw8WVldO3lpcXa+OF9cOj01PX3qzP/OnN6/WH/6du3o9289/e+PZn559W8fv/FVEjNxtLGtNY79kotc45wMpqdwm6f2u7JD8+nLXRRq6QHZgzwYepQ2zECjVY7FeAzs1T6j/TwyAOCgvBIRm50MdNwCADzUkvr1/4nDPg4AoF+avwe4s7FeaC6H+xuJ/rr1ZESM1ONv3t+sb8k27tmN1O6Djt1Jtt0ZSSJiYh/qz0XEe5+9+EG6xAHdhwRo59r1iLgwkds9/ie7nlno1X/ar55vzeR2bDT+Qf98ns5//t9u/pe5N/+JNvOf4Tbv3fuRS7bnd7//Mzf3oZqO0vnf4y3Ptt1tib9hYqCR+1NtzjeYXLxUKqZj258j4ngMDqf5qT3qOH7719udtrXO/358+6X30/rTn1slMjezw9v3mZutzj5IzK1uXY/4R7Zd/On4P1xr/6TD/Pdcl3U889jr73balsafxttcdsd/sDZvRPyrbftvdcxkz+cTJ2vdYbLZKdr4ZCbGOtWfy261f7qk9Tf/L9APafuP7R3/RNL6vGal65e+97TYNzfGv+hUqLX/t4+/ff8fSp6vpYca667OVqvLUxFDybO715/a2reZb5ZP4z/+z/bv/+b416b/v5C+/oUuT0R2ID6sj5j3E//BSuOf66n9e07EyN2FgU717xF/o/+k7T+9bZ9uxr9uD/BBzh0AAAAAAAAAAAAAAAAAAAAAAAAAdCsTEUcjyeTvpTOZfL7+Hd5/jbFMqVypnrhYXlmai9p3ZU/EYKb5UZfjLZ+HOtX4PPxm/tSO/H8j4i8R8c7waC2fL5RLc4cdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0HOnw/f+p74Z3FB44jCMEAA7EiAs7ADxqkmz2sA8BAOi3kZ5Kjx7YcQAA/dPb9R8A+CNw/QeAR8/vXP93/hkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Orc2bPpsvnzxnohzc9dWV1ZKF85OVesLOQXVwr5Qnn5cn6+XJ4vFfOF8mLHF7pW/1Eqly9Px9LK1clqsVKdrKyunV8sryxVz19anJ0vni8O9i0yAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOheZXVtYbZUKi5L7E9iuHFiu9xr4et68XZlNjcPPxyJvRNxrafmfogSMbQ1Soz2f2ACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeEj8FgAA///+gx9z")
openat(0xffffffffffffff9c, 0x0, 0x40, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
setgroups(0x0, &(0x7f0000000300))

20m23.290550538s ago: executing program 8 (id=5599):
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x8, 0x2, 0x3, 0x5}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/fib_trie\x00')
read$FUSE(r5, &(0x7f0000006180)={0x2020}, 0x2020)

20m22.094972124s ago: executing program 8 (id=5603):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x7, 0x2a, 0x5}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r5, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010026bd70000000000021040000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x2008040}, 0x880)

20m20.026368271s ago: executing program 8 (id=5608):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000080006b113600000000009500000000000000"], &(0x7f00000000c0)='GPL\x00', 0x6, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001000)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0xa08886, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x1, 0x2b0, &(0x7f00000015c0)="$eJzs3F9IU30cx/Gvzkd9fNDJw8MDzwPVt7ypiIPbdaAjXEgDo1xYQnDMsxo7bWNnrCbhFgTedNFN/64riBCE6CIIxC66CiW866I777zIrpKITsxpbja1TJ3k+3Wxfdn39zn8zp8dtt9gs0dvXY5FHCNipqW2sUZqOyUv8zXSKrWyJC+Hroy92XP67LkTgVCo65RqMNDr86tqy77x/mujBybSf5151vKiQSZbz8/O+Wcm/538b/ZL76Woo1FH44m0mjqQSKTNAdvSwTtOzFA9aVumY2k07lipsn7ETiSTWTXjg81NyZTlOGrGsxqzsppOaDqVVfOiGY2rYRja3CRY22jmfmD1bvjJvOvKXPq16zbkxXXdwouN2zg9VNnC+XfdkvN/s9pTwjYquak3itgjmXAmXHwu9gMRiYotlrSLVz5L4RpxH4y5C5dK4fGqfyw0ffjVS1VtlWE7t5jPZcKe8rxPvK6nmCkq1sHuUJdPi8rzf0hTad4vXvmnct5fMV8vB9tK8oZ4ZfqCJMSWqfH9H2d6Ru4u5Yd9qsd6Qivyf8rg8mF6/KFK5wcAAAAAAAAAgI0w9JuK6/dGYcCNIVVtXtEv5iv9PrC0Pl8Q7A51tVdcn6+T/+uquOMAAAAAAOwiTnYoZtq2lfrFovBVfjO28/sVD6//+OC9wbXHtHV4pjrf5pM7Yb9+ovjUtyOmUV7I4urTeoM9m/xOWS7eb8p2ahbnt/qY4/3vnq67nfrvjs9qJrb+rgQAAABgKyx/6O+QXOR5Jtd35Ha15wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwG6zgb8cm7pXqaWF4u9HlVrV3kcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC1fA0AAP//06jNAA==")
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
renameat2(r2, &(0x7f0000000140)='./file1\x00', r2, &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1)
r3 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000080000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f28bd421850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC=r0, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0a0000000440000008000000"], 0x50)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
r4 = gettid()
rt_sigaction(0x16, &(0x7f0000000080)={0x0, 0x90000000, 0x0}, 0x0, 0x8, &(0x7f0000000200))
tkill(r4, 0x16)

20m17.908721873s ago: executing program 8 (id=5615):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
read$msr(0xffffffffffffffff, &(0x7f0000000040)=""/182, 0xb6)
write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0xffffff6a)
pipe2(&(0x7f0000000000)={<r2=>0xffffffffffffffff}, 0x4100)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000e40)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x300, 0x18c, 0x203, 0x300, 0x19030000, 0x3f0, 0x2e0, 0x2e0, 0x3f0, 0x2e0, 0x7fffffe, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x300, 0x0, {0x1000000}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xe}, {}, {0x0, 0x0, 0x3}, {0x2}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {0x16}, {}, {}, {0x7}, {}, {0x0, 0x0, 0x0, 0x101}, {}, {}, {}, {}, {}, {}, {0xfffe}, {}, {}, {}, {0x0, 0xfd}, {}, {0x7a04}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {0xb84, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}]}}]}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz1\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x3e, 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000140)='./file0\x00')
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.current\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000004, 0x28011, r4, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x0, 0x0, r2, 0x1ff, '\x00', 0x0, r2, 0x1, 0x0, 0x2}, 0x50)

20m16.682639512s ago: executing program 8 (id=5619):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
io_getevents(0x0, 0x3, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f00000700000000", @ANYBLOB], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
ioprio_get$pid(0x1, r0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r3}, &(0x7f0000000040), &(0x7f0000000080)=r4}, 0x20)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0xc0)
unshare(0x62040200)

20m16.365373907s ago: executing program 44 (id=5619):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
io_getevents(0x0, 0x3, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f00000700000000", @ANYBLOB], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
ioprio_get$pid(0x1, r0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r3}, &(0x7f0000000040), &(0x7f0000000080)=r4}, 0x20)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0xc0)
unshare(0x62040200)

15m37.184394899s ago: executing program 5 (id=6243):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x60040, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}}, 0x24}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

15m34.173977192s ago: executing program 5 (id=6247):
socket$packet(0x11, 0x2, 0x300)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f00000000c0)={0x0, 0x2, 0x7fffffffffffffff})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001200)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r4}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x19, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000040)={0x1, 0x8, 0x8000, 0x40, 0x0, "4cb8b210acdc716f64cf76062d59a56f2584c4"})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="18000000010000000000000000000000711206000000000095ffff8000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1d}, 0x80)
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, 0x0)
syslog(0x3, &(0x7f0000000200)=""/4096, 0x1000)

15m30.132231119s ago: executing program 5 (id=6250):
syz_emit_ethernet(0x2a, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000580)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32=r4], 0x48)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000d84000)={0xa, 0x2, 0xfffffffc}, 0x1c)
sendto$inet6(r5, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x18115, @rand_addr, 0x983a}, 0x1c)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@ipv4_delroute={0x24, 0x19, 0x1, 0x70bd25, 0x25dfdbff, {0x2, 0x20, 0x80, 0xcc, 0xfd, 0x2, 0xc8, 0x6, 0x400}, [@RTA_OIF={0x8}]}, 0x24}}, 0x0)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendto$inet(r6, &(0x7f0000000080)="6719f58f", 0x4, 0x20004810, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10)
syz_usb_connect$cdc_ecm(0x1, 0x4d, &(0x7f00000017c0)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x3b, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6, 0x0, 0x0, {{0x5}, {0x5}, {0xd}}}}]}}]}}, 0x0)

15m26.923783838s ago: executing program 5 (id=6260):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = socket$igmp(0x2, 0x3, 0x2)
sendmsg$inet(r0, 0x0, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000001700)=0x4)
ptrace$poke(0x4, r1, &(0x7f0000000000), 0x68f6911b)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
ioprio_set$pid(0x2, 0x0, 0x4007)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00'}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

15m20.780235475s ago: executing program 5 (id=6269):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000980)={0x802}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000180)={[{@grpid}, {@mblk_io_submit}, {@nodioread_nolock}, {@test_dummy_encryption}, {@inode_readahead_blks}, {@nodelalloc}, {@minixdf}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}]}, 0x4, 0xbaf, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3ny2zftO+vIi1k0jIi2o07SSYotgKxU3LgTdCg3ppIRMP0giNWkWE/0HRF0LbgS1KF3YdTcKbt1o3VpcCEVioyCikTsfSWxmkrSd5Ibk94Mz95w5d+Z5nrlM7j0wNwHsWgPZQxpxICLOJhGF+vNpRHRXe70Rldp+C/OzI7/Pz44ksbj42i9JJBFxd352pPFeSX27rz7ojYhvX0zif++sjjs5PTM+XC6XJurjI1MXLh+ZnJ55ZuzC8PnS+dLFo8efGzo2dHzwxFDbav3jx1M3fnv85Z8qf37617Vf3/84iVPRV59bWUe7DMTA0meyUmdEDLc7WE466vWsrDPpXOdF6SYnBQBAS+mKa7hHohAdsXzxVoivvss1OQAAAKAtFjsiFgEAAIAdLrH+BwAAgB2u8TuAu/OzI42W7y8Sttad0xHRX6t/od5qM51RqW57oysi9t5NYuVtrUntZQ9tICJu/3Dii6zFJt2HvJbKXEQ82uz4J9X6+6t3ca+uP42IwTbEH7hnvN3qf7q7df2n2hA/7/oB2J1unq6dyFaf/9Kl659ocv7rbHLuehB5n/8a138Lq67/luvvaHH99+oGY1z95MMrreay+p+/8dLnjZbFz7YPVdR9uDMX8Vhns/qTpfqTFvWf3WCMwt9XSq3m8q5/8aOIQ9G8/oZk7f9PdGR0rFwarD02jTH3zdBnreLnXX92/Pe2qH+94395gzHeOHPmequ59etPf+5OXq/2uuvPvDU8NTVxNKI7eWX188fqN7S30Nin8R5Z/YefWPv736z+LESl/jlka4G5+jYbv31PzBeuXf1yrfqztV+ex//cAx7/dzcY48mv3zvcam7l+jdrWfzbSW0tDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaUT0RZIWl/ppWixG7IuI/8fetHxpcuqp0UtvXjyXzUX0R1c6OlYuDUZEoTZOsvHRan95fOye8bMRsT8iPijsqY6LI5fK5/IuHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCX7IqIvkrQYEWlELBTStFjMOysAAACg7frzTgAAAADYdNb/AAAAsPNZ/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDJ9h+8eSuJiMrJPdWW6a7PdeWaGbDZ0rwTAHLTkXcCQG46804AyM19rvFdLsAOlKwz39typqftuQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwfR06cPNWEhGVk3uqLdNdn+tq+oqDW5gdsJnSvBMActOx1mTn1uUBbD1fcdi9mq/xgd0kWWe+d3mfyr9nejYtJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2n75qS9JiRKTVfpoWixH/iYj+6EpGx8qlwYj4b0R8X+jqycY9eScNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA201Oz4wPl8ulCR0dnXw7yfZIo9bJ+y8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5mJyeGR8ul0sTk3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORtcnpmfLhcLk1soHP9fnZe0cm7RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vNPAAAA///5ZQ4Q")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x82400, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0700000004000000800000000400000028"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000700000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x18)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0x32600)

15m19.550689394s ago: executing program 5 (id=6275):
r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x44, 0x86}, 0x0)
r3 = syz_clone(0x100, &(0x7f0000000880)="6d7d3cfe1b5c1d718638ef215ecd54ab256c12856894fe8cb910d1f7135e027a3a4c32d2cda9342a6c2a31f15d590eff2bcaa85dca0f10f0fe12b12fafdbe45c71e0d65daec40c527e763b71192a794d6a0b0a1d75ca3270eea5a0db73442fae5accd452b0561f210b0d379db9d272c8e41ce25d266ea1582762da7123fa5831c9fd1a8dda3a1e586f6184c1177fb37968ba2c74a2072b765959be2ddf79c4512b1a78e9e2e7f24ec66dc67d5327af74c8602b20ee1c49d31be18ef2979d9962ef9a69e191e11c6444d199f18b1333168561425dca7eec24abc7b3aae74bab4cacd48a46c0309e6828af5739696df58517", 0xf1, &(0x7f0000000240), &(0x7f0000000340), &(0x7f00000003c0)="cbfe325f28586be9017a68052a0acb67cf044c57f40036fc8da9de7d809d1574db2045eb5fc72eadb63123dc8b36820880b3e8ad857d")
fcntl$lock(r2, 0x26, &(0x7f0000000980)={0x2, 0x2, 0x81, 0x7, r3})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000ac0), 0x1, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O")
lsetxattr$security_selinux(&(0x7f00000001c0)='.\x00', &(0x7f0000000300), &(0x7f0000000280)='system_u:object_r:hwdata_t:s0\x00', 0xffd7, 0x1)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r0, 0x800448d2, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{}]})

15m3.12388068s ago: executing program 45 (id=6275):
r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x44, 0x86}, 0x0)
r3 = syz_clone(0x100, &(0x7f0000000880)="6d7d3cfe1b5c1d718638ef215ecd54ab256c12856894fe8cb910d1f7135e027a3a4c32d2cda9342a6c2a31f15d590eff2bcaa85dca0f10f0fe12b12fafdbe45c71e0d65daec40c527e763b71192a794d6a0b0a1d75ca3270eea5a0db73442fae5accd452b0561f210b0d379db9d272c8e41ce25d266ea1582762da7123fa5831c9fd1a8dda3a1e586f6184c1177fb37968ba2c74a2072b765959be2ddf79c4512b1a78e9e2e7f24ec66dc67d5327af74c8602b20ee1c49d31be18ef2979d9962ef9a69e191e11c6444d199f18b1333168561425dca7eec24abc7b3aae74bab4cacd48a46c0309e6828af5739696df58517", 0xf1, &(0x7f0000000240), &(0x7f0000000340), &(0x7f00000003c0)="cbfe325f28586be9017a68052a0acb67cf044c57f40036fc8da9de7d809d1574db2045eb5fc72eadb63123dc8b36820880b3e8ad857d")
fcntl$lock(r2, 0x26, &(0x7f0000000980)={0x2, 0x2, 0x81, 0x7, r3})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000ac0), 0x1, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O")
lsetxattr$security_selinux(&(0x7f00000001c0)='.\x00', &(0x7f0000000300), &(0x7f0000000280)='system_u:object_r:hwdata_t:s0\x00', 0xffd7, 0x1)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r0, 0x800448d2, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{}]})

1m17.087363799s ago: executing program 2 (id=8412):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file1\x00', 0x400, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_socket_connect_nvme_tcp()
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="2759b41bd7614af4c0b06fd9c887f8ff000000000000000000000000002a1a233300"/44], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x7, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000001000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70200001f000000850000008600000095"], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r5, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(r5, 0x0)
r6 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r6, &(0x7f0000002300)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x1, {{0x0, 0x200000}, 0x4}}, 0x10, 0x0}, 0x0)
sendmsg$tipc(r6, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0}, 0x0)
accept4(r5, 0x0, 0x0, 0x400000000000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
write$FUSE_LK(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, {{0x3ff, 0x80000001, 0x1, r0}}}, 0x28)
ioctl$BTRFS_IOC_QGROUP_LIMIT(r1, 0x8030942b, &(0x7f0000000100)={0xf36, {0x30, 0xcfd, 0x2, 0x3f8000, 0x2}})
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}, {@uuid_off}]})
setxattr$security_capability(&(0x7f0000000240)='./file0/file1\x00', &(0x7f0000000280), 0x0, 0x0, 0x0)

1m14.122822009s ago: executing program 2 (id=8403):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000007000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB, @ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
keyctl$set_reqkey_keyring(0xe, 0x4)
mount$9p_fd(0x0, 0x0, 0x0, 0x800000, &(0x7f00000006c0)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[], [{@hash}, {@obj_user={'obj_user', 0x3d, 'syz'}}]}})
request_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000002480)={'syz', 0x3}, &(0x7f00000024c0)='\x00', 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x40000002}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='net_dev_xmit\x00', r1}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f00000010c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000001180)={&(0x7f0000001080)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000001140)={&(0x7f0000001100)={0x3c, r4, 0x20, 0x70bd2a, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x200}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40004}, 0x4)
r5 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
r6 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r6, 0x0)
write$selinux_load(r5, &(0x7f0000000000)=ANY=[], 0x1790)
r7 = syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x80c406, &(0x7f0000000540)=ANY=[@ANYBLOB='dots,dots,dmask=000000000200000,nodots,discard,nfs=nostale_ro,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c646f733178666c6f70707900000000000000003030ffffffff303030303031373737373737373756c0f39fdb37372c004c0f1208ec0c34b7df4ba1c1e6b76697434db8574db9bcaef6a61a12c3f260bebc7ac5b1b11361119b83f1cf9f686b715b8e58fd37cea6623dc422c2ddbcefe94e5c255b5e8c90613e6b598b3b7a2c05de53dab7"], 0x1, 0x291, &(0x7f0000000280)="$eJzs3M9r034YwPGn6dZ0+7Ifpy/oxQe96CXMelQPVTYQC0q3inoQMpZpaG1HErQVwZw97e8YHr0J4j+w/8LbEGSnnYyszbKs+4Wza2f7fkHJkzz5tE8SUp5PId16uv66uupbq3YgRl7FEAllR2RWXNmTiZe5dpxLtsvdgoRyY+7N9sfFZ88fFkul+bLqQnHpVkFVp698ffv+09VvwX9PPk+bpmzOvtj6Wfi++f/mpa1fS69cX11f641AbV1uNAJ7ueboiutXLdXHNcf2HXXrvuMdyK/WGmtrLbXrK1OTa57j+2rXW2pIS4OG5uOq6mpZlk5N7sZ5GSG5Px5R2SiX7eK5FIMLw/OKdlZEJg7dDZWNwVQEAAAG6fj+30j22ev/je7+X+SU/v9DvNf0l573/1lJ+v+q0+7/A6+l9kvbTff/ONHZ+n/jfIrB38iEqZV7B1KeV5w4ehD9PwAAAAAAAAAAAAAAAAAAAAAA/4KdKJqJomhmd2mISBSvmyKSTa0fMXSknq0fVunrH6VeZnyBT7j+GAKpB/fyIj/CZqVZybSXnfzCg9L8nLalHvzbbjYr2SR/s5PXg/lxmYzzhSPzObl+rZPfzd1/VErn15uVCVk5sfKwV6cAAAAAAIChZ2liNtmYl2R+b1lqSne+PX/vROH+7wNd8/sxuTzWv+MAAAAAAADH81vvqnat5nj9CbJ9/KwzByJnG347MntSRlZETtmnvCgy+BN1KDDlQpQxzMGdnr1hlBHpbBmPvwy67gIAAAAAw2V/PjDoSgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGF39+OuyQR8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcFH8DgAA//8sg70h")
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4243c, &(0x7f0000000640)=ANY=[@ANYRES64=r7, @ANYRES16=r7, @ANYRESOCT=r7, @ANYBLOB="f1bcca05ed588d63a576cc3afd51baf29cde0400000092f4e66ff7ef22aa9af727ceae8a8ec95fc1b73083de2de825a0cb2b0be774fdb33650d7dace27c16bc23b2f7c7fb72585548939698f280d138aa9255a8a924008f8477e82ba11cdb11efd5ca2f1ab049ce2cc7815d2daf8daea25533a558d561654faf5e0924f1376174f374d664fad4a6ab24ec000ccace822e7f9426e8e5de1fe58085a0ae86fd02a118b9365961834d46208b9fb4c91a1fa962a8b00a9717fcbb46c2400dc2e319379ea1e5a07aeb3f9cd4e648df445a1b4213e732300000000000010000758027a472e7d263ef567a84166f26ee56e701c63a8863787889bf1c90fccf31954a940c8b584ca89a512f28edec08eb1c0823c028840eeaf3f5d8769023c01ac63f7f959571e8e899b43c293bc21a2b833e5c9c703c4cfa063dd050045706bde3d7ac373ab04b62b4111b59eabd436dd97e788a36ef25bad99beec474e667589d37100ec36292c15c6", @ANYRESHEX=r7, @ANYRESHEX=r7, @ANYRES64, @ANYRES32, @ANYRES64, @ANYRES8=0x0], 0x5, 0x0, &(0x7f0000000000))
sync()
statfs(&(0x7f0000000200)='.\x00', &(0x7f0000000440)=""/137)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r8, 0x40345410, &(0x7f0000000300)={{0x0, 0x2, 0xd, 0x0, 0x3}})
ioctl$SNDRV_TIMER_IOCTL_INFO(r8, 0x5423, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='net_dev_xmit\x00', r3}, 0x18)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r9, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e)

1m12.781639478s ago: executing program 2 (id=8409):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff85000000040000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x65, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0xa4}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x0, &(0x7f0000000600), 0x1, 0x555, &(0x7f0000000640)="$eJzs3U9oHNUfAPDvzCb59U9+JhURWxQDHipIt9larHpqe7GHggU9iHhoaDc1dNOEJAUTemjBi1BB1KuHXgTP3iV3byKoN48iVJGIJyEyu7PJmuwmIWSdJPP5wOy+N2+T9747vMx7M/NIAKU1lr2kEScj4noSMdJRNhB54Vjrcyt/3LuRbUmsrr71exJJvq/9+SR/P55njkTEd5cjnqxsrnd+cen2RKNRn8vzZxemZ8/OLy6dmZqeuFW/Vb9TO/fq+Qvjr9XO1/Ys1odfffbLlatvPvvxh++/Mvl940wSF2M4L+uMY6+Mxdjad9Ip+14v7HVlBRroOPYcLJX8+A1GxNMxEpW812dGYuphoY0D+mq1ErEKlFSi/0NJtccB7bl9P+bB+9njS60J0Ob4B1rXRuJIc250bCXpmBm15ruje1B/Vsff9059kW3Rp+sQW7n/ICKe6RZ/0mzbaPMqThZ/+q/404gYz9+z/ed2Wf/YhvxBiv9iR/yXd1l/0fEDUE7Ll1on8s3nv3Rt/BNdxj/DXc5du1H0+a/3+G89/kqP8d+1Hdbx80dXPu1V1jn+y7as/vZY8L/w+EHEqa7xJ2vxJ13iz8Y913dYxxs//HalV1nR8a8+ijjddf6zfkcr2fr+5NnJqUZ9vPXatY5vvn3vy171Fx1/dvyP9Yh/q+Of7ZvdYR1fX3s03ats+/jTX4eSt5upoXzPBxMLC3O1iKHk6ub920xE2p9p/44s/hdf2Lr/d4v/aDZ32GH8s+/cXtl9/P2VxX9zl8f/kx3W8de7d5/rVVZ0/AAAAAAAAHCYpM1nOZK0upZO02q1tYb3qTiWNmbmF16anLl752brmY/RGEzbd7pHWvkky9fy52Hb+XMb8i9HxImI+LxytJmv3php3Cw6eAAAAAAAAAAAAAAAAAAAANgnjm9Y//9npbX+HyiJgaIbABRG/4fy0v+hvPR/KC/9H8pL/4fy0v+hvPR/KC/9H8pL/4fy0v8BAAAA4FA68fzyT0lE3H/9aHPLDOVlg4W2DOi3tOgGAIWpFN0AoDBu/UN5meMDyTblR3oVLG/3kwAAAAAAAAAAAADAXjl90vp/KCvr/6G8rP+H8rL+H8rLHB+w/h8AAAAAAAAAAAAA9r/h5pak1Xwt8HCkabUa8f+IGI3BZHKqUR+PiCci4sfK4P+yfK3oRgMAAAAAAAAAAAAAAAAAAMAhM7+4dHui0ajPSUhISKwliv7LBAAAAAAAAAAAAAAAAAAA5bO+6LfolgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAcdb//3//EkXHCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcTP8EAAD//wugIGI=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r5, 0x2000000, 0x0, 0xfffb)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000180)='sys_enter\x00', r7}, 0x18)
process_mrelease(0xffffffffffffffff, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r8, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
write$P9_RREADLINK(r4, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)

1m11.139162001s ago: executing program 2 (id=8410):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x3, &(0x7f0000000080)=[{0x14, 0x1, 0x5, 0xf}, {0x24, 0x0, 0x7}, {0x6, 0x8, 0x3, 0x7ffffdbd}]})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
madvise(&(0x7f00002e5000/0x400000)=nil, 0x400000, 0xf)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800002, 0xe)
inotify_init()
r3 = timerfd_create(0x8, 0x0)
timerfd_settime(r3, 0x3, &(0x7f0000000140), 0x0)
r4 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000100)={0x90000004})
clock_adjtime(0x0, &(0x7f0000000000)={0xffff, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b9ac9ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000100})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r5, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
membarrier(0x40, 0x0)
r6 = getpid()
syz_pidfd_open(r6, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)

1m10.768248681s ago: executing program 2 (id=8413):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")

1m10.558538418s ago: executing program 2 (id=8414):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r0, &(0x7f0000000080)='cpuset.mems\x00', 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000003c0)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x9)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r9=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r9}]}, 0x20}, 0x1, 0x0, 0x0, 0x8010}, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000001500)="5500000020007fafb72d13b2a4a2719302000000030b43026c26236925000400fe7f0000bd2dca8a9848a3c728f1c46b7b31afdc1338d509000000000100005ae583de0dd7d8319f98af84fda542e718f94b929ade", 0x55}], 0x1}, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@ipv4_newroute={0x24, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x10, 0x0, 0xfe, 0x4, 0x0, 0x1, 0x20000000}, [@RTA_NH_ID={0x8, 0x1e, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4a044}, 0x4010)
syz_emit_ethernet(0x36, &(0x7f0000000240)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x2, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa210104, @local}, {{0x0, 0x400, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)

1m10.492440174s ago: executing program 46 (id=8414):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r0, &(0x7f0000000080)='cpuset.mems\x00', 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000003c0)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x9)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r9=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r9}]}, 0x20}, 0x1, 0x0, 0x0, 0x8010}, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000001500)="5500000020007fafb72d13b2a4a2719302000000030b43026c26236925000400fe7f0000bd2dca8a9848a3c728f1c46b7b31afdc1338d509000000000100005ae583de0dd7d8319f98af84fda542e718f94b929ade", 0x55}], 0x1}, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@ipv4_newroute={0x24, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x10, 0x0, 0xfe, 0x4, 0x0, 0x1, 0x20000000}, [@RTA_NH_ID={0x8, 0x1e, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4a044}, 0x4010)
syz_emit_ethernet(0x36, &(0x7f0000000240)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x2, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa210104, @local}, {{0x0, 0x400, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)

3.259653455s ago: executing program 7 (id=9322):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @remote}, 0x6}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x1, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
syz_emit_ethernet(0x3a, &(0x7f0000000100)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0x3, 0x2c, 0x65, 0x0, 0x7, 0x6, 0x0, @remote, @remote}, {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x2, 0x0, 0xe7, {[@exp_fastopen={0xfe, 0xfffffd03}]}}}}}}}, 0x0)
close(r0)

2.568643082s ago: executing program 1 (id=9328):
syz_emit_ethernet(0x66, &(0x7f00000002c0)=ANY=[], 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @remote}, 0x6}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
syz_emit_ethernet(0x42, &(0x7f0000000280)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0x3, 0x34, 0x64, 0x0, 0x7, 0x6, 0x0, @remote, @remote}, {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0x10, 0x6071, 0x0, 0xe7, {[@generic={0x8, 0xa, "09df168a02010000"}]}}}}}}}, 0x0)

2.354644279s ago: executing program 7 (id=9338):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1770, 0xff00, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xb0, 0x0, [{{0x9, 0x4, 0x0, 0xfa, 0xff, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0xf4f6, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x3, 0x0, 0x9}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
socket$packet(0x11, 0x3, 0x300)
syz_usb_control_io$hid(r0, &(0x7f00000028c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x33}, 0x0}, 0x0)

1.818635242s ago: executing program 6 (id=9353):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = syz_clone(0x200000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000e40)={r0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, 0x0, 0x0, 0x400c040)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
r7 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fcntl$getflags(r7, 0x401)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r6)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r8, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0x1a}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x16}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x4}, {}, {0xd, 0x10}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}}, 0x0)

1.72189109s ago: executing program 1 (id=9354):
r0 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
close(r0)
r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x1a1)
fcntl$setlease(r1, 0x400, 0x1)
execve(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)

1.321127813s ago: executing program 4 (id=9359):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18)
r1 = socket(0x10, 0x3, 0x0)
connect$netlink(r1, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r1, &(0x7f0000000680)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000040)={&(0x7f0000002140)=@newtaction={0x18, 0x32, 0x829, 0x70bdac, 0x0, {0x0, 0x0, 0x2}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4100}, 0x0)

1.126279259s ago: executing program 4 (id=9363):
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000004000000040000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$packet(0x11, 0x3, 0x300)
r3 = socket$inet(0x2, 0x1, 0x0)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x42, 0x1ff)
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x70, 0x4)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000640)=[{0x6, 0x0, 0x0, 0xea}]}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000600)=0x1801, 0x4)
sendmmsg$inet(r3, &(0x7f0000001780)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000004c0)="48ca8b98825ad05ecffa939c1c3f3abe962e289527340a9df3ca6a2d07954526dbc1734e9a6e1e26e4fa634d92009ed008cc3a7e5f36b40685bae810134441fdc3d3a30034038c5ae30a2ecc9ab1e87c3783b1f44bf73bcd89aa1fa45ca62dffe4e3863c445fa43350f4cb136cbfc130c556a37442fad8258458834fc01cbed5a5a48487795104f157aff06b58b8", 0x8e}, {&(0x7f0000000740)="97d17744aa9566d244b4a6a7bac3043aad7ead0625c7a01517485ca1171e2d8b21659736b5247ad8288fdd48f9bc2cdf7ab29c70255fbab7766e6e0d0d3fa89bad35b4aed5a0965fe952f739534fd4b4af3050df9aa7d23396b9d8f3b227083db9ab8c639c9ee9792923dcfe9d05a323c7984d2e7a6fa33748b6729b3ff9b59edf8f98e8ae7521b231410b752a4b3bdc57b6dc866405f0", 0x97}, {&(0x7f0000006200)="7ce25d3d1ff616b9177084ce66661b70adff5e1974482c2e0574573896b909e9096359f8b1ab5032a4478865e7294d4f1132967e5271493a7b8711f1ce353779600c5cab79530917268c15b3c2a9736169a7e6bf69467e0127f832ad8e43040945513537e70b9852bfb336e7a42f4331ed804be1e2c6786f6485a60639058ff9b6e9c96e88dbba0c7a10a29186a66ce520a3884bff954bea8683307de777354c8b8b0a1c05342942a465d13eb0864300cbe91f209d4c9074d0faf49c371c3cf98d224bb2a2a7e2cb66ca83fbdc9f838a79f71f5c2f1c08b3d3902af23ef7eaf496ed24677cda4295945ecd059b7b79e9e8758c40bbbe66e65e65c8229ed44fbcf0e46643c65138ce387cdeb28b99fdf63f20ed9f8f746e83593c5f994af84db339c0d815ac0b1163cc76f58138e8ccdabdff833b7ea97722c6a9260d0389aedd69cf92fb1ca9c302c4c517a79877895a8c203f964091e9caa4fe5a6046531c60f24bedc80761f4b32082c2b97775bd793de992083abf3dd41b6f55432f42631fa998a8b2d237e76617a10346e58c26b577107df17c04d15c36cac62463a780366edfc0b0cec7b72dbb46ffec8ed506f1835c66dac9976f1f4682e90f16adb301034d10fd1a896a0423a97c3cc244c9b3e40a894ea5ba85491356675d191c6274814e03ddeec8cf3315ac2d460ff5c503dbdb52b083cdd8fdf7c0cebd983e4449a1fc247dea198f27d3e014e6cd4b758dfea2a767ebcd325df6bf266286d316b76e9133d16d15f2977bfda3e40ab26866c70e8ed7c92812f791014930c2b54435c4b300bc9c2ea785aedecb85427e81be8c21ef781770e3360f8270493cb8bb063ce95e5e8c574b003a29cdc1c762c3ca5f516461113390fa2778bb5973815ec7dd97e143b38af2e126a3d43c6c7c9174523f17fa231c7163ed2992d27c1d0686c2d3bbf645851cf8e94c7e89cdd609e9dd559f29f74dc8de25edf48e2f93de4c43b8944ee561ea2ed37c698d3f5adea0814e2ef3c493f8ce89cab0b541513e7f9dad78112a60c7005ab6e7ee04860182180a9902733ab355b6462914be4541518ee6f758e4ad0f7c63c9fe7e43dc3f0f33c11cc1ca7a8d5f22c87d4c03094503af4a55490fce9999287aba03010a5e90ae8eee63ed76c9c627a5f0e2dbf4a6fe53eb750ab20cbea7555e07e4ab3c9f2dab51f3bb7b031506eb76016a59913a72a2f365b6c94f3e1bb3ed35fbe33aaefb262a89edd3fbdba43d9ac317b91415fc8b3866116d22975c711df9f3413f5b1bc660d35fec2badb88a4db1d7c61b59fb44e53b33a4e71e362805d02b49067792a7016afc882e50c1f644adc4dcea37fc35ca1da68aec01e961e7a76b03ed0c1c35d5c0ce0e2236059d28c098d0a27a87392901012aacfa0f6f8d1095426807b68f1a9ff516fbbcfdca20db4b9584bc7062d8bb67ca2b676e9cb532b8e9c436c4adf5c0c0f054cd55ff4cd8142bf6dd435c44bf374b347eb1099e043f90ccbd2a0d3899fa039418adef8fd7d31f647fe0deb26cdd2bbca9de7254ecffd7a1f782d9a69cf9d88a09b667231b9f23f0864029cfceded40a2ae8e7ff5dceb5ce1e3914495a5184fcad35dada50bbcff9f21d8d5afcf703c69356a2e17fcdc9227adc0a1910303a8019285eba4dbca9867520cfc71d6f8e94b05b9756d2f45548d9e61c345d52a3871e2db9984e0de3050cb47c0560f753d32f8bebc40574269fb5974d992c2eda1ae728611d411aed61b4eab31618735800045ca972652c156117cdc75024251d9b0fe738025f8db348eeca894b10e47b33f3a54949aaa9229f6e99c50101b2b5920a8d5c9043624bc810797c4144a621da82a0d268da176e0a975f928b3783ca4303087bba544590cf4b5ad7864ac35bcb947263d77edb5921e697ea78b4df17de1260249c69aa4419f28668d1ff80a6e7076d7f65a15f7c62ffba0246919959626a4db0644c60d8fbd1ce8369936a1f1d95d6af94dd52c62d89a0ac7bbde96ecc8cbafc92c35ac17020cec87f24c23cf9276f87659ff9f848b32171c2829972a39a9bd298c02c8590ba7cd982ea27a2e2a2d21bee943147920033df06f234f32f786c26aedbbf893b9b40cfb4ab9a51717758465b10825a497d7b4b8676059f06b88faa5b4a2b476f5c5bb20284c90d3cd137ed092da9932ada95cbf3479913cbf5eae9f60d8693599ca464e3a78c9fb67c6b7503fc474f58e5454f3c0f53c957e020c89201abbae992d089938d612fc45373958c5096ad9885db74777b61bf17c85f933e22136016914870a6e07f0a7f4cae165755536e7bdda07c2991efd5733c06ba577acd565aa55cfec17ddcced81473ecb4a3dd2c9525df071c6497ff38ca85658768fcb6450e68531858e9a517abff0fe8929bfbb9f2fa746478fc4c46af8e93a305c2e97f89ddf040a057a49d8b819b2f6776fba4c9cfc534d36e2350177cac6caa642a39b08d8ddbfef6fa86851a4da57ca5e10318a559e0e4e51a6b9ad6129317b908d0694c4268f6049a4f614fe67c4fa0742155798f105528", 0x714}, {0x0}], 0x4}}, {{0x0, 0x0, &(0x7f0000000980)=[{0x0}, {&(0x7f00000008c0)}], 0x2}}], 0x2, 0x4000040)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000140)='./file0\x00')
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000000), 0x208e24b)
mremap(&(0x7f0000000000/0x9000)=nil, 0x200003, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)
write$P9_RGETLOCK(r0, 0x0, 0xffffff6a)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
ioctl$TIOCGSERIAL(r0, 0x541e, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)})

1.053120174s ago: executing program 4 (id=9366):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newnexthop={0x30, 0x68, 0x1, 0x100003, 0x7ffffffd, {0x0, 0x0, 0x2}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x15}]}, @NHA_RES_GROUP={0x4}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080)

1.033973246s ago: executing program 4 (id=9368):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000001580), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="74010000", @ANYRES16=r1, @ANYBLOB="11060000000000000000010000000800050001000000200108803c0000801400040002000000ac1e00010000000000000000240001000000000000000000000000000000000000000000000000000000000000000000e0000080a400098028000080060001000a0000001400020020010000000000000000000000000001050003000100000028000080060001000a00000014000200ff010000000000000000000000000001050003002aea091428000080060001000a00000014000200ff010000000000000000000000000001050003000300000028020080060001000a00000014000200ff0100000000000000000000000000010500030000000000240001000000000000000000000000000000000000000000000000000000000000000000140004000200000000000000000000000000000024000300000000000000000000000000000000000000000000000000000000000000000014000200776731"], 0x174}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000001}, 0x0)

968.228991ms ago: executing program 4 (id=9369):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
chroot(&(0x7f0000000480)='./file0/file0\x00')
pivot_root(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00')

928.759505ms ago: executing program 4 (id=9370):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = syz_clone(0x200000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000e40)={r0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, 0x0, 0x0, 0x400c040)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
r7 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
fcntl$getflags(r7, 0x401)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r6)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, 0x0, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0x1a}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x16}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x4}, {}, {0xd, 0x10}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}}, 0x0)

928.409794ms ago: executing program 6 (id=9371):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NET_DM_CMD_STOP(r0, 0x0, 0x40c00c4)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000380), r0)
sendmsg$IEEE802154_LIST_IFACE(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)={0x20, r2, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)

837.977812ms ago: executing program 6 (id=9372):
r0 = syz_io_uring_setup(0xea8, &(0x7f0000000480), &(0x7f0000000080)=<r1=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
close(0xffffffffffffffff)
select(0x40, &(0x7f00000002c0)={0xf, 0x8001, 0xfffffffffffff000, 0x7, 0x4, 0x9, 0x4, 0x1000}, 0x0, 0x0, 0x0)
io_uring_enter(r0, 0x47fa, 0xfdef, 0x0, 0x0, 0x0)

837.742752ms ago: executing program 1 (id=9373):
unshare(0x6020400)
r0 = gettid()
syz_open_procfs$namespace(r0, &(0x7f0000000040)='ns/cgroup\x00')
unshare(0x2020000)
close(0x3)

809.976834ms ago: executing program 1 (id=9374):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
statfs(&(0x7f0000000200)='.\x00', &(0x7f0000000440)=""/137)

699.701073ms ago: executing program 6 (id=9376):
r0 = socket$packet(0x11, 0x2, 0x300)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000e00)={@local, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "c88b00", 0x0, 0x84, 0x0, @dev={0xfe, 0x80, '\x00', 0x1e}, @local}}}}, 0x0)

663.900516ms ago: executing program 1 (id=9377):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="02000000040000000700000002"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
r2 = add_key$fscrypt_v1(&(0x7f0000000240), &(0x7f00000003c0)={'fscrypt:', @desc3}, &(0x7f0000000400)={0x0, "67b90a5c5c39c2e70cbe116565ee308beb3a0a9da55955949c1aca5c87252df806a7d423b4a22558123dc6595d07f7ef471b77807aa6a66cd1c23505b61644e9", 0x22}, 0x48, 0xfffffffffffffffb)
keyctl$chown(0x4, r2, 0x0, 0x0)

663.454576ms ago: executing program 3 (id=9378):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000240), 0x1, 0x4bf, &(0x7f0000000540)="$eJzs3c9vG1kdAPDvTJImm81usrASPwRsWRYKqtZO3N1otaflAkKrlRArThzakLhRFDuOYqc0oYf0f0CiEif4EzggcUDqiTs3uCGkckAqUIEaJA5GM56kaWqnEU08Vfz5SE8zb57t73tt573pt41fACPrckTsRcSliLgREbPF9aQo8VGvZK97/OjO8v6jO8tJdLuf/iPJ27NrceQ9mVeLz5yKiB98N+LHybNx2zu760uNRn2rqFc7zc1qe2f3L2vNpdX6an2jVltcWJz/4Nr7tTMb61vNXz/8ztrHP/zdb7/84A973/pp1q2Zou3oOM5Sb+gTh3Ey4xHx8XkEK8FYMZ5LZXeE/0saEZ+JiLez+79bdm8AgGHodmejO3u0DgBcdGmeA0vSSpELmIk0rVR6Obw3YzpttNqdqzdb2xsrvVzZXEykN9ca9fkiVzgXE0lWX8jPn9Rrx+rXIuKNiPjZ5Ct5vbLcaqyU+eADACPs1WPr/78ne+s/AHDBTZXdAQBg6Kz/ADB6rP8AMHqs/wAweqz/ADB6rP8AMHqs/wAwUr7/ySdZ6e4X33+9cmtne711692Venu90txeriy3tjYrq63Wav6dPc3nfV6j1dpceC+2b1c79Xan2t7Zvd5sbW90ruff6329PjGUUQEAJ3njrft/SiJi78NX8hJH9nKwVsPFlpbdAaA0Y2V3ACjNeNkdAErj7/hAny16nzLwvwjdG/gWUwu85K58Qf4fRpX8P4wu+X8YXfL/MLq63cSe/wAwYuT4gXP4938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC48GbykqSVYi/wmUjTSiXitYiYi4nk5lqjPh8Rr0fEHycnJrP6QtmdBgBeUPq3pNj/68rsOzPHWy8l/5nMjxHxk198+vPbS53O1kJ2/Z+H1zv3iuu1EwPZahAASnKwTh+s4wceP7qzfFCG2Z+H3+5tLprF3S9Kr2U8xvPjVP7gMP2vpKj3ZM8rY2cQf+9uRHy+3/iTPDcyV+x8ejx+Fvu1ocZPn4qf5m29Y/Zr8dkz6AuMmvvZ/PNRv/svjcv5sf/9P5XPUC/uYP7bf2b+Sw/nv7EB89/l08Z47/ffG9h2N+KL4/3iJ4fxkwHx3zll/D9/6StvD2rr/jLiSvSPfzRWtdPcrLZ3dt9day6t1lfrG7Xa4sLi/AfX3q9V8xx19SBT/ay/f3j19ZPGPz0g/tRzxv/1U47/V/+98aOvnhD/m1/r//v/5gnxszXxG6eMvzT9m4Hbd2fxV/qPv3jP4PFfPWX8B3/dXTnlSwGAIWjv7K4vNRr1LSdDO8me3V6Cbjgp7ST7E3AWn/O5c+xq2TMTcN6e3PRl9wQAAAAAAAAAAAAAABhkGD/wVPYYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+FwAA//+vctdr")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
fallocate(r1, 0x20, 0x0, 0x8000)

593.424412ms ago: executing program 6 (id=9379):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x141, 0x48, 0x13, 0x44, 0x20, 0x424, 0x7500, 0x69ee, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xb8, 0x7, 0x2, 0x96, 0xd1, 0xca, 0x0, [], [{{0x9, 0x5, 0x6, 0x2, 0x200, 0xd, 0x0, 0x6}}, {{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x1, 0x10}}]}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000900)={0x84, &(0x7f00000003c0)=ANY=[@ANYBLOB="001727000000ab"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000740)={0x44, &(0x7f0000000180)=ANY=[@ANYBLOB="601004000000cf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

593.086362ms ago: executing program 1 (id=9380):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000240), 0x2, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x1000401, &(0x7f0000000100)={[{@user_xattr}, {@data_err_ignore}, {@noblock_validity}]}, 0x84, 0x49e, &(0x7f0000000bc0)="$eJzs3Mtv3MQfAPCvvXn0nfz6K48+oIGCiCgkTVqgByQEAqkXJCQ4wDGkoSpNW9QEiVYVbREqR8RfAByR+As4wQUBJxBXuCOkCvXSwgEtstdOnGwatptuNnQ/H8mbGXtsz3g88diz3gB61kj2kURsi4hfImKoEa0kGMwTZeluXr84/ef1i9NJ1Ouv/jGYp7tx/eJ0mbRcb2sRGU0j0g+T2LvCfufOXzg1NTs7c66Ij8+ffmd87vyFJ0+enjoxc2LmzOTRo0cOTzzz9ORTd6ScWblu7Hn/7L7dx9745OXperz5/ZdZfrcVy6vlaBhe8z5HYiTq9Xo9XTJ3IP98dM1b31i2R8SVIpz0dTkztKwWEVl19eftfyhqsVh5Q/HSB13NHNBR2fVpsGlurfFnIJJs+aZKWuBukmjX0KPKK352/1tO69b52ACuPZ99zuTlv1lMjSV9kd23J8ONO/Zah/a/LSJev/zXp9kUKz6HAAC4s77O+j9PrNT/S+PeSrodxRjKcEQcjIidEfH/iNgVEfdE5Gnvi4j7b3P/+fjTlcV4c//np81tF64FWf/v2WJsa2n/b2HUZrhWxLbn5e9P3jo5O3OoOCaj0T+YxSdW2cc3L/788a2WjVT6f9mU7b/sCxb5+L1v2QO641PzU2spc9W1KxF7+lYqf7IwEpBExO6I2NPG9rNjdvLxL/Zl4R1bm5f/e/lXc7mNHC1V/zzisUb9X45l5S8ljSGSW41Pjm+K2ZlD4+VZ0eyHH6++Uo33V8JrK//aZfW/ZcXzvyh/2QzK8dq5Fjc8sBi8+utHxTabm3K75/9A8tqS3bw3NT9/biJiYCia508urlvGy/RZ+UcPRFwtBoKr7X9nxN+fFevtjYjsJH4gIh6MiP1F3h+KiIcj4sAqh+K7Fx55e/WD1d36P75a/UcMJ9Xx+jYCtVPfflVubKEqi38urdX/kTw0Wsxp5f9fqxm8E8cQAAAANro0H4NO0rGFcJqOjTW+w78rtqSzZ+fmD47Eu2eON8aqh6M/LZ90DVWeh04Uz4bL+OSy+OGI+F/+TaPNeXxs+uzs9m4XHnrc1lu0/80R8VunvvQCbBy39b5W0rl8AOsqf7fH+5rQu1pu//2dzQew/lz/oXdp/9C7Vmr/lyJudiErwDq7rev/c53LB7D+Vmv/HvnB3c39P/Qu7R96UvMr8eVvNLTzpv9iYOexNa3eQ4Fah7Yc1R/t6EAg0q4fuvYD6UbIxv4iMBgRra51qaN1uvz8AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+O/7JwAA///M09j9")
pivot_root(0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x42, 0x0, 0x0)
getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000280))
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee3, 0x8031, 0xffffffffffffffff, 0x28f42000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
syz_open_dev$tty20(0xc, 0x4, 0x1)

550.151845ms ago: executing program 3 (id=9381):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x11)
ioctl$UI_SET_LEDBIT(r0, 0x40045569, 0xc)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000280)={{0x101, 0x200, 0x4, 0x5}, 'syz1\x00', 0x1c})
ioctl$UI_DEV_CREATE(r0, 0x5501)

405.793027ms ago: executing program 3 (id=9382):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000400)=ANY=[@ANYBLOB="020100030e00000000000000000000000500060000003a000a00000000000000fc020000000000000000000000000000000000000000000005000500000000000a0000000000000000000000000000000000ffffffffffff0000000000000000020013"], 0x70}, 0x1, 0x7}, 0x0)

402.595547ms ago: executing program 7 (id=9383):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1200004, &(0x7f0000000100), 0x1, 0x599, &(0x7f0000000540)="$eJzs3T9sG2UbAPDnznHTP/m+9JO+T/pAHSpAKlJVJ+kfKEztiqhUqQMSC0SOG1Vx4ipOoIkike4VogMC1KVsMDCCGBgQCyMrC4gZqaIRSE0HMHJ8TtPULk6I4xL/ftLZ73t39vO+d35e+053cgB962j9IY14KiIuJhHDG5YNRLbwaGO91ZWl4v2VpWIStdqlX5JIIuLeylKxuX6SPR+KiOWI+H9EfJOPOJ6uv+W+ZqG6sDg1Xi6XZrP6yNz01ZHqwuKJK9Pjk6XJ0sypF186c/b0mbGTYxube7+2sZbfWl9v/Hjz3RvfvXL75qefHVkuvj+exLkYypZt7MdOamyTfJzbNP90N4L1UNLrBrAtuSzP66n0vxiOXJb1rdQ2Dg6Du9I8oItqgxE1oE8l8h/6VPN3QP34tznt5u+PO+cbByD1uKsrS8V3ohl/oHFuIvavHZsc/DV56Mikfrx5eDcbyp60fD0iRgcGHv38J9nnb/tGd6KBdNXX5xs76tH9n66PP9Fi/Blqnjv9m5rj32o2/q22iJ9rM/5d7DDG76//9FHb+NcH4+mW8ZP1+EmL+GlEvNlh/FuvfXm23bLaxxHHonX8puTx54dHLl8pl0Ybjy1jfHXsyMvt+x9xsE38xjnb/WtfMxv7vy9rU9ph/7/49vNnlh8T//lnH7//W23/AxHxXofx/3Pvk1fbLbtzPblb/xWw1f2fRD5udxj/hXNHf8iKzhoCAAAAAAAAAMAOSteuZUvSwno5TQuFxj28/42DablSnTt+uTI/M9G45u1w5NPmlVbDjXpSr49l1+M26yc31U/lsoC5A2v1QrFSnuhx3wEAAAAAAAAAAAAAAAAAAOBJcWjT/f+/5dbu/9/8d9XAXtX+L7+BvU7+Q/96OP+TnrUD2H2+/6Fv1eQ/9C/5D/1L/kP/kv/Qv+Q/9C/5D/1L/gMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChPtXurywV6/WJgYX5qcpbJyZK1anC9HyxUKzMXi1MViqT5VKhWJn+q/dLKpWrozEzf21krlSdG6kuLL4xXZmfaf6naCnf9R4BAAAAAAAAAAAAAAAAAADAP8/Q2pSkhYh8o56mhULEvyLicBLJ5Svl0mhE/Dsivs/lB+v1sV43GgAAAAAAAAAAAAAAAAAAAPaY6sLi1Hi5XJrtXmEgC9XFEJ0XBrayckQs72wz6u+45Vflsw3Y4023Nwq5J+Nz+OQXejgoAQAAAAAAAAAAAAAAAABAn3pw02+nr/ijuw0CAAAAAAAAAAAAAAAAAACAvpT+nEREfTo2/NzQ5qX7ktXc2nNEvH3r0gfXxufmZsfq8++uz5/7MJt/shftBzrVzNM0Iup5DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxQXVicGi+XS7PbLAx2sE6v+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwHX8GAAD//xLkz18=")
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x441, 0x108)
write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f00000001c0)={0x2f, 0x3, 0x0, {0x0, 0xe, 0x0, 'timerslack_ns\x00'}}, 0x2f)
r1 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r1, r1, 0x0, 0x800000009)

318.793414ms ago: executing program 3 (id=9384):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="01000000000000009b000040"])
ioctl$KVM_RUN(r2, 0xae80, 0x0)

318.543024ms ago: executing program 7 (id=9385):
syz_mount_image$ext4(&(0x7f0000000100)='ext3\x00', &(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f00000001c0)={[{@jqfmt_vfsold}, {@orlov}, {@sysvgroups}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x51}}, {@nogrpid}]}, 0xfa, 0x489, &(0x7f0000000840)="$eJzs3M1vFOUfAPDvbHdLgR+/VgQVBKmikfjS0vIiBy8aTThoYqIHjKfaFlIp1NCaCCFaPeDRkHg3/hfGk16MetHEq94NCTFcQL2smZ1ZWro77ZZuu7b7+SSzfZ6ZZ3ee78w8s8/MM90AutZg+pJE/C8ifouI/ix7b4HB7M+dW1fH/7p1dTyJavXNP5Naudu3ro7Xi9bftzPLVKt5fluT9V57J2JsenryUp4fnrvw/vDs5SvPT10YOzd5bvLi6KlTx48d7D05eqItcaZx3d7/0cyBfaffvv76+Jnr7/6YlCKLO5bE0S6D2dZt6ql2r6zDdi1KJ+X0tS/PHfp5YUmzI4FO6omIdHdVau2/P3pi+91l/fHqpx2tHLCuqtVqtelZuXYOj/kqsIUl0ekaAJ1R/7pPr3/r0wZ2Pzru5ktZXyeN+04+ZUvKUcoShypLrm/baTAizsz//WU6xTrdhwAAWOzbtP/zXLP+XykeyhK96cv/8zGUgYh4ICJ2R8SDEbEnIvZG1Mo+HBGPrHL9S0dIGvs/pRv3HVwLbu6NeDEf27q3/1eqFxnoyXO7avFXkrNT05NH821yJCrbzk4lkyPLrOO7V379vGjZ4v5fOqXrr/cF83rcKC+5QTcxNje2lpgXu/lJxP5ys/iT/BZgNq63LyL23+c6pp4pFy5bOf5lFH9sy6pfRTyd7f/5WBJ/XVI4PjnywsnRE8N9MT15dLh+VDT66ZdrbxStf03xt0G6/3c0Pf7vxj+Q9EXMXr5yvjZeO7vCB1YaZ137/bPCa5pVHv+nd+XHf2/yVm1Gb77gw7G5uUsjEb3Ja43zRxc+rZ6vl0/jP3K4efvfHQtb4tGIOBARByPisfSiMK/74xHxREQcXmaT/PDyk++tPv6NGStN459Yaf/H4v2/+kTP+e+/WTn+vogo2v/Ha6kj+ZxWzn+tVnAt2w4AAAA2i+wZ+KQ0tJBOhoayZ/j3xI7S9Mzs3LNnZz64OJE9Kz8QlVL9Tlf/ovuhI/m94Xp+dEn+WH7f+Iue7bX80PjM9ESng4cut7Oh/ZdKaftP/dGz7Fs1X9gK2jCOBmxS2j90L+0fulOyYvtv8kQXsGX4/ofu1az9f1xYeujrda0MsKF8/0P3aqH9z2d/insFwOZULswAW50mD12p8H/jS2v6l/8NT/yT/57hf6U+mzbRGxEtFY5Sp6vaJYlyyz9mUZSoNLblan/W/tM525q+q9NnJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPb4NwAA//8k1ON8")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x25)
getdents64(r0, 0x0, 0x0)
lseek(r0, 0x3, 0x1)
getdents64(r0, 0x0, 0x0)

318.372174ms ago: executing program 3 (id=9386):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0)
tkill(r0, 0x13)
ptrace(0x4206, r0)
ptrace(0x11, r0)

28.848478ms ago: executing program 7 (id=9387):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x46c, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'sit0\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f0000000080)="33031600d1fd140000007ef52f555f2a3b9fe67025c1d97bfbf719143baa4b1f0f858c6632f47042195e", 0xfdef, 0x40008c1, &(0x7f00000000c0)={0x11, 0x86dd, r2, 0x1, 0x62}, 0x14)

15.525978ms ago: executing program 7 (id=9388):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000240), 0x2, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x1000401, &(0x7f0000000100)={[{@user_xattr}, {@data_err_ignore}, {@noblock_validity}]}, 0x84, 0x49e, &(0x7f0000000bc0)="$eJzs3Mtv3MQfAPCvvXn0nfz6K48+oIGCiCgkTVqgByQEAqkXJCQ4wDGkoSpNW9QEiVYVbREqR8RfAByR+As4wQUBJxBXuCOkCvXSwgEtstdOnGwatptuNnQ/H8mbGXtsz3g88diz3gB61kj2kURsi4hfImKoEa0kGMwTZeluXr84/ef1i9NJ1Ouv/jGYp7tx/eJ0mbRcb2sRGU0j0g+T2LvCfufOXzg1NTs7c66Ij8+ffmd87vyFJ0+enjoxc2LmzOTRo0cOTzzz9ORTd6ScWblu7Hn/7L7dx9745OXperz5/ZdZfrcVy6vlaBhe8z5HYiTq9Xo9XTJ3IP98dM1b31i2R8SVIpz0dTkztKwWEVl19eftfyhqsVh5Q/HSB13NHNBR2fVpsGlurfFnIJJs+aZKWuBukmjX0KPKK352/1tO69b52ACuPZ99zuTlv1lMjSV9kd23J8ONO/Zah/a/LSJev/zXp9kUKz6HAAC4s77O+j9PrNT/S+PeSrodxRjKcEQcjIidEfH/iNgVEfdE5Gnvi4j7b3P/+fjTlcV4c//np81tF64FWf/v2WJsa2n/b2HUZrhWxLbn5e9P3jo5O3OoOCaj0T+YxSdW2cc3L/788a2WjVT6f9mU7b/sCxb5+L1v2QO641PzU2spc9W1KxF7+lYqf7IwEpBExO6I2NPG9rNjdvLxL/Zl4R1bm5f/e/lXc7mNHC1V/zzisUb9X45l5S8ljSGSW41Pjm+K2ZlD4+VZ0eyHH6++Uo33V8JrK//aZfW/ZcXzvyh/2QzK8dq5Fjc8sBi8+utHxTabm3K75/9A8tqS3bw3NT9/biJiYCia508urlvGy/RZ+UcPRFwtBoKr7X9nxN+fFevtjYjsJH4gIh6MiP1F3h+KiIcj4sAqh+K7Fx55e/WD1d36P75a/UcMJ9Xx+jYCtVPfflVubKEqi38urdX/kTw0Wsxp5f9fqxm8E8cQAAAANro0H4NO0rGFcJqOjTW+w78rtqSzZ+fmD47Eu2eON8aqh6M/LZ90DVWeh04Uz4bL+OSy+OGI+F/+TaPNeXxs+uzs9m4XHnrc1lu0/80R8VunvvQCbBy39b5W0rl8AOsqf7fH+5rQu1pu//2dzQew/lz/oXdp/9C7Vmr/lyJudiErwDq7rev/c53LB7D+Vmv/HvnB3c39P/Qu7R96UvMr8eVvNLTzpv9iYOexNa3eQ4Fah7Yc1R/t6EAg0q4fuvYD6UbIxv4iMBgRra51qaN1uvz8AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+O/7JwAA///M09j9")
pivot_root(0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x42, 0x0, 0x0)
getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000280))
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee3, 0x8031, 0xffffffffffffffff, 0x28f42000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r4], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
syz_open_dev$tty20(0xc, 0x4, 0x1)

12.264049ms ago: executing program 6 (id=9389):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000a40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000800000095000000000000009500a5050000000077d8f3b423cdac8d8000000000000020e16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d10bfe150a7487535f7866907dc6751dfb261a0e3ccae669e173a649c1cfd6587d452d46b7c57d77578f4c35235138d5521f9453559c3421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983c044c03bf3ff03fe3e26e7a23129d6606fd28a7f9105f82317874b33d96b39fa4e045469989d552af6200000003a00000000000000abecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f1623ed38ae89d24e14b40234756ddcebfba2f87925bfacba83109753f543ad027edd68149ee99eebc6f7d6dd4aed4afe1f44ccb19e810879b70a70900000000000000000000d7900a820b6327944e9a217b9800e02a92895614cd50cbf83a1ed25268816b004519c9c5cff097d8000000000009d27d753a30a147b24a48435bd8a568669596e9e08679b3ce48e90defb6670c3d6209000000c773713a66b223fa8b148871c8d31d24000025449f106b99893ed20fa7a050fbbef90327e827e513e9606800000000e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e69ee52b59d13182e1f24ed208ada12f7a1525320e71666f472a972d5eb1affb87ba55b2d72078e9f40b4ae7dc3b2aeb0d11cd22c35d32940f19dff00ffffffff080000ff003853e59de7621e348955735264f34b1046a1813668297a7edad187ef106ae7fcbb25090f17d0baadeb8ae190a1fb5a315f8347fb0379659500000000000000000000000000000000000000002fdf0193ec79c90ed210ebc2fbed6d4216770c1b0dec886b388d138c2b69c6aacb714e7264093061c660a5100b7cc165889eb94c8d7c77b6fa06f1a4d8e4a6b6cb37e319c5c22f276b03cae853f42b07ca0b03b1eb32a6b1a81cd511fd0b59d57a11c6a3ebf9731464ad21f07f618efc31023ac60007426162b57e803519954d7c952197b0a508c0e16fda392fa84be38e937d36af1c35138e05a9e8d6dc0272de72c41500000000304402e22af23437126f330f8eb4075daaeae3134ece35cd86d95bd9836bd186c4b6565e967a4e3e86f299b7400994ba136b4eccf3b0f001a266c0d160b3ce1182001d64b52a5ce7f506295d59eea6903b84ffbabf5a5b91c1d6ecce8728a224aec66c610e3becd60a35e848c224f8251947eed20e2b612cb099bfe8924d33ba7f0691fed04a43e9c64b7a1e3165e86cdb9871c678a6bbb14821f441c6c14d1bd78d8ffdfea12c19ea04264335d60b6b7a7da6fb83f33101db32f6ab137d943dd3c1e8db9f3e1263573dc721ae82fe0bc63598751a5092c9f7dbfc39d564834e3703492c2a651643d8ce5c36d97a4812cf73fc8ea0d6"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0xb)
r1 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
pidfd_send_signal(r1, 0x0, 0x0, 0x2)

0s ago: executing program 3 (id=9390):
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001280)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x61980, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r1}, 0x10)
sendmsg$TIPC_CMD_GET_MAX_PORTS(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)={0x1c}, 0x1c}}, 0x0)

kernel console output (not intermixed with test programs):

=109 compat=0 ip=0x7f9933e58be9 code=0x7ffc0000
[ 1568.823456][   T30] audit: type=1326 audit(1799.485:10616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24859 comm="syz.7.7904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9933e58be9 code=0x7ffc0000
[ 1568.975408][   T30] audit: type=1326 audit(1799.485:10617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24859 comm="syz.7.7904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9933e58be9 code=0x7ffc0000
[ 1569.046039][   T30] audit: type=1326 audit(1799.485:10618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24859 comm="syz.7.7904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9933e58be9 code=0x7ffc0000
[ 1569.754168][   T30] audit: type=1326 audit(1799.485:10619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24859 comm="syz.7.7904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f9933e58be9 code=0x7ffc0000
[ 1569.806123][   T30] audit: type=1326 audit(1799.485:10620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24859 comm="syz.7.7904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9933e58be9 code=0x7ffc0000
[ 1570.072205][   T30] audit: type=1326 audit(1799.485:10621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24859 comm="syz.7.7904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f9933e58be9 code=0x7ffc0000
[ 1570.115381][   T30] audit: type=1326 audit(1799.485:10622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24859 comm="syz.7.7904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9933e58be9 code=0x7ffc0000
[ 1570.195117][T24872] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1570.223331][   T30] audit: type=1326 audit(1799.485:10623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24859 comm="syz.7.7904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9933e58be9 code=0x7ffc0000
[ 1570.247286][   T30] audit: type=1326 audit(1799.505:10624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24859 comm="syz.7.7904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9933e58be9 code=0x7ffc0000
[ 1570.272105][T24866] tipc: Resetting bearer <eth:syzkaller0>
[ 1570.298773][T24866] tipc: Disabling bearer <eth:syzkaller0>
[ 1571.705256][T24890] loop2: detected capacity change from 0 to 128
[ 1571.722843][T24893] device wg2 entered promiscuous mode
[ 1574.534128][T24905] handle_bad_sector: 4842 callbacks suppressed
[ 1574.534154][T24905] attempt to access beyond end of device
[ 1574.534154][T24905] loop2: rw=2049, want=449, limit=128
[ 1574.672869][T24893] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=32 sclass=netlink_audit_socket pid=24893 comm=syz.3.7913
[ 1574.688464][   T30] kauditd_printk_skb: 18 callbacks suppressed
[ 1574.688485][   T30] audit: type=1400 audit(1805.752:10643): avc:  denied  { audit_read } for  pid=24891 comm="syz.3.7913" capability=37  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1575.048216][T24890] attempt to access beyond end of device
[ 1575.048216][T24890] loop2: rw=524288, want=369, limit=128
[ 1575.063587][T24890] attempt to access beyond end of device
[ 1575.063587][T24890] loop2: rw=0, want=153, limit=128
[ 1575.074939][T24890] attempt to access beyond end of device
[ 1575.074939][T24890] loop2: rw=0, want=153, limit=128
[ 1575.086469][T24890] attempt to access beyond end of device
[ 1575.086469][T24890] loop2: rw=0, want=153, limit=128
[ 1575.105992][T24890] attempt to access beyond end of device
[ 1575.105992][T24890] loop2: rw=0, want=153, limit=128
[ 1575.228136][T24890] attempt to access beyond end of device
[ 1575.228136][T24890] loop2: rw=0, want=153, limit=128
[ 1575.242120][T24890] attempt to access beyond end of device
[ 1575.242120][T24890] loop2: rw=0, want=153, limit=128
[ 1575.911457][T24913] overlayfs: failed to clone upperpath
[ 1576.057394][T24919] loop2: detected capacity change from 0 to 2048
[ 1576.161566][T24919]  loop2: p1 < > p3
[ 1576.168086][T24919] loop2: p3 size 134217728 extends beyond EOD, truncated
[ 1577.561867][   T30] audit: type=1400 audit(1808.641:10644): avc:  denied  { remount } for  pid=24918 comm="syz.2.7919" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1578.052951][T24936] xt_socket: unknown flags 0x8
[ 1579.771644][   T30] audit: type=1400 audit(1811.842:10645): avc:  denied  { setattr } for  pid=24953 comm="syz.1.7930" name="NETLINK" dev="sockfs" ino=91996 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1580.234091][T24968] fuse: Bad value for 'fd'
[ 1585.067959][   T30] audit: type=1400 audit(1817.140:10646): avc:  denied  { setopt } for  pid=25010 comm="syz.3.7944" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1585.116866][T25009] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1585.125131][T25009] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[ 1585.132585][T25009] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[ 1585.140120][T25009] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[ 1585.147809][T25009] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[ 1585.155356][T25009] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[ 1585.163225][T25009] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[ 1586.644054][T25027] loop2: detected capacity change from 0 to 128
[ 1588.001702][T25027] attempt to access beyond end of device
[ 1588.001702][T25027] loop2: rw=2049, want=1041, limit=128
[ 1589.389321][T25027] attempt to access beyond end of device
[ 1589.389321][T25027] loop2: rw=524288, want=369, limit=128
[ 1589.401769][T25027] attempt to access beyond end of device
[ 1589.401769][T25027] loop2: rw=0, want=153, limit=128
[ 1589.413413][T25027] attempt to access beyond end of device
[ 1589.413413][T25027] loop2: rw=0, want=153, limit=128
[ 1589.424549][T25027] attempt to access beyond end of device
[ 1589.424549][T25027] loop2: rw=0, want=153, limit=128
[ 1589.758939][T25040] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev ?, type ?) errno=-22
[ 1589.769546][T25040] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev incremental-fs, type incremental-fs) errno=-22
[ 1589.785505][T25027] attempt to access beyond end of device
[ 1589.785505][T25027] loop2: rw=0, want=153, limit=128
[ 1589.802362][T25027] attempt to access beyond end of device
[ 1589.802362][T25027] loop2: rw=0, want=153, limit=128
[ 1589.816345][T25027] attempt to access beyond end of device
[ 1589.816345][T25027] loop2: rw=0, want=153, limit=128
[ 1589.830910][T25027] attempt to access beyond end of device
[ 1589.830910][T25027] loop2: rw=0, want=153, limit=128
[ 1589.845857][T25027] attempt to access beyond end of device
[ 1589.845857][T25027] loop2: rw=0, want=153, limit=128
[ 1592.333322][T25085] overlayfs: failed to clone upperpath
[ 1595.282014][T25108] loop2: detected capacity change from 0 to 256
[ 1595.570250][T25108] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1595.581192][T25108] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[ 1595.760502][T25108] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[ 1596.071013][T25123] netlink: 12 bytes leftover after parsing attributes in process `syz.7.7969'.
[ 1596.244854][T25123] HTB: quantum of class 8019000C is small. Consider r2q change.
[ 1597.347500][T25118] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7974'.
[ 1597.376655][T25118] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7974'.
[ 1602.339173][T25150] loop2: detected capacity change from 0 to 128
[ 1602.522774][T25150] handle_bad_sector: 1 callbacks suppressed
[ 1602.522799][T25150] attempt to access beyond end of device
[ 1602.522799][T25150] loop2: rw=2049, want=1041, limit=128
[ 1603.471748][T25161] attempt to access beyond end of device
[ 1603.471748][T25161] loop2: rw=524288, want=369, limit=128
[ 1603.510463][T25161] attempt to access beyond end of device
[ 1603.510463][T25161] loop2: rw=0, want=153, limit=128
[ 1603.528675][T25161] attempt to access beyond end of device
[ 1603.528675][T25161] loop2: rw=0, want=153, limit=128
[ 1603.622818][T25161] attempt to access beyond end of device
[ 1603.622818][T25161] loop2: rw=0, want=153, limit=128
[ 1603.649345][T25161] attempt to access beyond end of device
[ 1603.649345][T25161] loop2: rw=0, want=153, limit=128
[ 1603.672465][T25161] attempt to access beyond end of device
[ 1603.672465][T25161] loop2: rw=0, want=153, limit=128
[ 1603.988439][T25161] attempt to access beyond end of device
[ 1603.988439][T25161] loop2: rw=0, want=153, limit=128
[ 1603.999302][T25161] attempt to access beyond end of device
[ 1603.999302][T25161] loop2: rw=0, want=153, limit=128
[ 1604.010389][T25161] attempt to access beyond end of device
[ 1604.010389][T25161] loop2: rw=0, want=153, limit=128
[ 1604.498240][T25175] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7987'.
[ 1604.562789][T25175] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7987'.
[ 1604.913799][T25185] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7990'.
[ 1604.941634][T25185] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7990'.
[ 1605.168123][T25190] 9pnet: Insufficient options for proto=fd
[ 1605.196359][T25190] loop2: detected capacity change from 0 to 256
[ 1605.423311][T25198] sch_tbf: burst 9 is lower than device lo mtu (82) !
[ 1607.546238][T25219] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7997'.
[ 1607.658009][T25219] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7997'.
[ 1608.315191][T25247] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8002'.
[ 1608.335112][T25247] netlink: 12 bytes leftover after parsing attributes in process `syz.6.8002'.
[ 1608.380536][T25243] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8005'.
[ 1609.074265][T25252] netlink: 20 bytes leftover after parsing attributes in process `syz.7.8007'.
[ 1611.344104][T25286] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1611.352340][T25286] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[ 1611.360429][T25286] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[ 1611.367784][T25286] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[ 1611.397285][T25286] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[ 1611.431042][T25266] loop2: detected capacity change from 0 to 40427
[ 1611.440627][T25286] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[ 1611.451193][T25286] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[ 1611.485115][T25266] F2FS-fs (loop2): invalid crc value
[ 1611.583148][T14826] ip6_tunnel: K xmit: Local address not yet configured!
[ 1611.592696][T25266] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1611.902481][T25266] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0
[ 1611.951058][T25266] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[ 1613.119401][T25307] __nla_validate_parse: 1 callbacks suppressed
[ 1613.119421][T25307] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8020'.
[ 1613.155751][T25307] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8020'.
[ 1613.305049][T25321] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8021'.
[ 1613.449527][T25324] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8021'.
[ 1615.468624][    C0] ip6_tunnel: K xmit: Local address not yet configured!
[ 1616.796440][T25360] syz.3.8031[25360] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1616.796531][T25360] syz.3.8031[25360] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1617.284221][   T30] audit: type=1400 audit(1850.356:10647): avc:  denied  { append } for  pid=25361 comm="syz.7.8033" name="event1" dev="devtmpfs" ino=257 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[ 1617.924381][T25379] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8036'.
[ 1617.951821][T25379] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8036'.
[ 1618.031569][T25383] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8037'.
[ 1618.067390][T25383] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8037'.
[ 1621.044870][T25396] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22
[ 1621.054640][T25396] SELinux: security_context_str_to_sid(root) failed for (dev ?, type ?) errno=-22
[ 1621.076406][T25401] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1621.086120][T25401] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[ 1621.093820][T25401] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[ 1621.101418][T25401] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[ 1621.109420][T25401] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[ 1621.117154][T25401] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[ 1621.125124][T25401] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[ 1621.532454][T25405] loop2: detected capacity change from 0 to 128
[ 1621.572139][T25405] handle_bad_sector: 606 callbacks suppressed
[ 1621.572162][T25405] attempt to access beyond end of device
[ 1621.572162][T25405] loop2: rw=2049, want=1041, limit=128
[ 1621.614306][T25405] attempt to access beyond end of device
[ 1621.614306][T25405] loop2: rw=524288, want=369, limit=128
[ 1621.629448][T25405] attempt to access beyond end of device
[ 1621.629448][T25405] loop2: rw=0, want=153, limit=128
[ 1621.641475][T25405] attempt to access beyond end of device
[ 1621.641475][T25405] loop2: rw=0, want=153, limit=128
[ 1621.883430][T25413] overlayfs: failed to clone upperpath
[ 1621.913146][T25405] attempt to access beyond end of device
[ 1621.913146][T25405] loop2: rw=0, want=153, limit=128
[ 1621.932488][T25412] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8045'.
[ 1622.003106][T25405] attempt to access beyond end of device
[ 1622.003106][T25405] loop2: rw=0, want=153, limit=128
[ 1622.021282][T25405] attempt to access beyond end of device
[ 1622.021282][T25405] loop2: rw=0, want=153, limit=128
[ 1622.032894][T25412] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8045'.
[ 1622.055203][T25405] attempt to access beyond end of device
[ 1622.055203][T25405] loop2: rw=0, want=153, limit=128
[ 1622.097803][T25405] attempt to access beyond end of device
[ 1622.097803][T25405] loop2: rw=0, want=153, limit=128
[ 1622.126716][T25405] attempt to access beyond end of device
[ 1622.126716][T25405] loop2: rw=0, want=153, limit=128
[ 1623.078644][    C0] ip6_tunnel: K xmit: Local address not yet configured!
[ 1623.193242][T25432] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1623.201686][T25432] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[ 1623.209242][T25432] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[ 1623.216957][T25432] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[ 1623.224581][T25432] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[ 1623.232106][T25432] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[ 1623.239772][T25432] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[ 1623.615678][T25434] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8053'.
[ 1624.460561][T19566] ip6_tunnel: K xmit: Local address not yet configured!
[ 1624.478638][T19566] ip6_tunnel: K xmit: Local address not yet configured!
[ 1624.514374][T19566] ip6_tunnel: K xmit: Local address not yet configured!
[ 1628.828676][    C1] ip6_tunnel: K xmit: Local address not yet configured!
[ 1629.684342][T25455] loop2: detected capacity change from 0 to 4096
[ 1630.186630][T25455] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[ 1630.195014][T25455] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 1630.399679][T25455] EXT4-fs: failed to create workqueue
[ 1630.405302][T25455] EXT4-fs (loop2): mount failed
[ 1630.462303][  T334] ip6_tunnel: K xmit: Local address not yet configured!
[ 1630.472953][  T334] ip6_tunnel: K xmit: Local address not yet configured!
[ 1631.106224][T25474] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8062'.
[ 1631.137301][T25474] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8062'.
[ 1631.173838][T25465] 9pnet: Insufficient options for proto=fd
[ 1631.206622][T25475] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8059'.
[ 1631.216689][T25475] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8059'.
[ 1631.399010][   T30] audit: type=1400 audit(1864.456:10648): avc:  denied  { nlmsg_read } for  pid=25476 comm="syz.2.8063" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1633.837141][   T30] audit: type=1326 audit(1867.906:10649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25496 comm="syz.3.8069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1633.861644][   T30] audit: type=1326 audit(1867.936:10650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25496 comm="syz.3.8069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1633.897511][   T30] audit: type=1326 audit(1867.936:10651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25496 comm="syz.3.8069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1633.926674][   T30] audit: type=1326 audit(1867.936:10652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25496 comm="syz.3.8069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1633.967901][   T30] audit: type=1326 audit(1867.936:10653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25496 comm="syz.3.8069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1634.029915][   T30] audit: type=1326 audit(1867.936:10654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25496 comm="syz.3.8069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1634.057685][   T30] audit: type=1326 audit(1867.936:10655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25496 comm="syz.3.8069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1634.095847][   T30] audit: type=1326 audit(1867.936:10656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25496 comm="syz.3.8069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1634.625508][   T30] audit: type=1326 audit(1867.936:10657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25496 comm="syz.3.8069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1637.730376][T25519] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8072'.
[ 1637.754588][T25519] netlink: 12 bytes leftover after parsing attributes in process `syz.6.8072'.
[ 1637.788626][    C1] ip6_tunnel: K xmit: Local address not yet configured!
[ 1637.810224][T25529] loop2: detected capacity change from 0 to 256
[ 1637.903093][T25529] FAT-fs (loop2): Unrecognized mount option "utfH" or missing value
[ 1639.023076][T25537] syz.7.8079[25537] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1639.023567][T25537] syz.7.8079[25537] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1640.163016][T25548] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1640.183726][T25548] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1640.874344][   T30] kauditd_printk_skb: 29 callbacks suppressed
[ 1640.996256][   T30] audit: type=1400 audit(2131.381:10687): avc:  denied  { mount } for  pid=25544 comm="syz.6.8081" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[ 1641.650130][T25562] loop2: detected capacity change from 0 to 512
[ 1641.693169][T25556] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1641.837309][T25562] loop3: detected capacity change from 0 to 7
[ 1643.216000][T25577] overlayfs: failed to resolve './file0/file0': -2
[ 1644.433006][T25582] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8091'.
[ 1644.466280][T25582] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8091'.
[ 1645.848239][T25596] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1646.081135][   T30] audit: type=1326 audit(2137.154:10688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25595 comm="syz.6.8095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f322f2dabe9 code=0x7ffc0000
[ 1646.239904][   T30] audit: type=1326 audit(2137.154:10689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25595 comm="syz.6.8095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f322f2dabe9 code=0x7ffc0000
[ 1646.719148][T25608] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[ 1647.764368][   T30] audit: type=1326 audit(2137.154:10690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25595 comm="syz.6.8095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f322f2dabe9 code=0x7ffc0000
[ 1647.810079][T25612] loop2: detected capacity change from 0 to 512
[ 1647.818426][   T30] audit: type=1326 audit(2137.154:10691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25595 comm="syz.6.8095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f322f2dabe9 code=0x7ffc0000
[ 1647.886929][T25612] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1648.000192][   T30] audit: type=1326 audit(2137.154:10692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25595 comm="syz.6.8095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f322f2dabe9 code=0x7ffc0000
[ 1648.063522][   T30] audit: type=1326 audit(2137.154:10693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25595 comm="syz.6.8095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f322f2dcb07 code=0x7ffc0000
[ 1652.425822][T25627] x_tables: duplicate underflow at hook 1
[ 1652.431890][   T30] audit: type=1326 audit(2137.154:10694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25595 comm="syz.6.8095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f322f2dca7c code=0x7ffc0000
[ 1652.455979][   T30] audit: type=1326 audit(2137.154:10695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25595 comm="syz.6.8095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f322f2dc9b4 code=0x7ffc0000
[ 1652.480188][   T30] audit: type=1326 audit(2137.154:10696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25595 comm="syz.6.8095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f322f2dc9b4 code=0x7ffc0000
[ 1652.504101][   T30] audit: type=1326 audit(2137.154:10697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25595 comm="syz.6.8095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f322f2d984a code=0x7ffc0000
[ 1652.511849][    C0] ip6_tunnel: ip6gre4 xmit: Local address not yet configured!
[ 1652.528015][   T30] audit: type=1326 audit(2137.154:10698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25595 comm="syz.6.8095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f322f2dabe9 code=0x7ffc0000
[ 1652.558875][   T30] audit: type=1326 audit(2137.154:10699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25595 comm="syz.6.8095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f322f2dabe9 code=0x7ffc0000
[ 1652.584672][   T30] audit: type=1326 audit(2137.154:10700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25595 comm="syz.6.8095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f322f2dabe9 code=0x7ffc0000
[ 1652.609095][   T30] audit: type=1326 audit(2137.154:10701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25595 comm="syz.6.8095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f322f2dabe9 code=0x7ffc0000
[ 1652.635550][T25635] loop2: detected capacity change from 0 to 128
[ 1652.642038][   T30] audit: type=1326 audit(2137.154:10702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25595 comm="syz.6.8095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f322f2dabe9 code=0x7ffc0000
[ 1652.665857][   T30] audit: type=1326 audit(2137.154:10703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25595 comm="syz.6.8095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f322f2d9550 code=0x7ffc0000
[ 1654.482162][T25649] handle_bad_sector: 2340 callbacks suppressed
[ 1654.482188][T25649] attempt to access beyond end of device
[ 1654.482188][T25649] loop2: rw=2049, want=1041, limit=128
[ 1654.570172][  T334] usb 8-1: new full-speed USB device number 8 using dummy_hcd
[ 1654.583168][T25652] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8106'.
[ 1654.600675][T25652] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8106'.
[ 1655.053405][T25659] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8108'.
[ 1655.110409][T25659] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8108'.
[ 1655.115310][  T334] usb 8-1: config 0 descriptor has 1 excess byte, ignoring
[ 1655.127407][  T334] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1655.138892][  T334] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 255, setting to 64
[ 1655.155525][  T334] usb 8-1: New USB device found, idVendor=050d, idProduct=3201, bcdDevice= 0.00
[ 1655.165054][  T334] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1655.246537][  T334] usb 8-1: config 0 descriptor??
[ 1655.269847][T25640] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1655.290823][  T334] usbhid 8-1:0.0: can't add hid device: -22
[ 1655.297335][  T334] usbhid: probe of 8-1:0.0 failed with error -22
[ 1655.430765][T25666] xt_hashlimit: max too large, truncated to 1048576
[ 1655.470902][T25666] 9pnet: Insufficient options for proto=fd
[ 1655.709575][    C1] ip6_tunnel: K xmit: Local address not yet configured!
[ 1656.976989][T14826] usb 8-1: USB disconnect, device number 8
[ 1658.158972][T25696] x_tables: duplicate underflow at hook 1
[ 1658.973790][T25701] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1658.982094][T25701] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[ 1658.989533][T25701] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[ 1658.996964][T25701] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[ 1659.004573][T25701] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[ 1659.012183][T25701] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[ 1659.019798][T25701] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[ 1659.040057][T25701] IPv6: ADDRCONF(NETDEV_CHANGE): ipip0: link becomes ready
[ 1659.053480][T25701] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1659.061335][T25701] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1659.229521][T25211] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1659.902841][T25699] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8118'.
[ 1659.937962][T25699] netlink: 12 bytes leftover after parsing attributes in process `syz.6.8118'.
[ 1660.270112][T25716] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8123'.
[ 1660.287775][T25716] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8123'.
[ 1664.248226][T25762] overlayfs: failed to resolve './file0/file0': -2
[ 1666.375137][T25779] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8136'.
[ 1666.413916][T25779] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8136'.
[ 1667.648783][T25794] loop2: detected capacity change from 0 to 128
[ 1667.744980][T25794] attempt to access beyond end of device
[ 1667.744980][T25794] loop2: rw=2049, want=1041, limit=128
[ 1668.311783][T25794] attempt to access beyond end of device
[ 1668.311783][T25794] loop2: rw=524288, want=369, limit=128
[ 1668.335297][T25794] attempt to access beyond end of device
[ 1668.335297][T25794] loop2: rw=0, want=153, limit=128
[ 1668.352746][T25794] attempt to access beyond end of device
[ 1668.352746][T25794] loop2: rw=0, want=153, limit=128
[ 1668.363700][T25794] attempt to access beyond end of device
[ 1668.363700][T25794] loop2: rw=0, want=153, limit=128
[ 1668.463454][   T30] kauditd_printk_skb: 18 callbacks suppressed
[ 1668.463700][   T30] audit: type=1400 audit(2160.537:10722): avc:  denied  { ioctl } for  pid=25797 comm="syz.6.8146" path="socket:[93857]" dev="sockfs" ino=93857 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1669.278737][T25823] netlink: 'syz.3.8149': attribute type 3 has an invalid length.
[ 1669.300748][T25823] overlayfs: failed to clone lowerpath
[ 1669.857544][T25823] overlayfs: failed to resolve './file1': -2
[ 1673.002839][T25858] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8159'.
[ 1673.046167][T25858] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8159'.
[ 1673.786419][T25861] incfs: iterate_incfs_dir / -22
[ 1675.043773][T25887] loop2: detected capacity change from 0 to 16
[ 1676.591540][T25887] erofs: (device loop2): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 122700)
[ 1676.924025][T25898] loop2: detected capacity change from 0 to 128
[ 1682.408680][T25927] loop2: detected capacity change from 0 to 128
[ 1682.767197][T25927] attempt to access beyond end of device
[ 1682.767197][T25927] loop2: rw=2049, want=1041, limit=128
[ 1682.798856][T25927] attempt to access beyond end of device
[ 1682.798856][T25927] loop2: rw=524288, want=369, limit=128
[ 1682.836271][T25927] attempt to access beyond end of device
[ 1682.836271][T25927] loop2: rw=0, want=153, limit=128
[ 1682.869688][T25927] attempt to access beyond end of device
[ 1682.869688][T25927] loop2: rw=0, want=153, limit=128
[ 1682.899800][T25927] attempt to access beyond end of device
[ 1682.899800][T25927] loop2: rw=0, want=153, limit=128
[ 1682.927441][T25927] attempt to access beyond end of device
[ 1682.927441][T25927] loop2: rw=0, want=153, limit=128
[ 1682.950684][T25927] attempt to access beyond end of device
[ 1682.950684][T25927] loop2: rw=0, want=153, limit=128
[ 1682.974306][T25927] attempt to access beyond end of device
[ 1682.974306][T25927] loop2: rw=0, want=153, limit=128
[ 1682.997966][T25927] attempt to access beyond end of device
[ 1682.997966][T25927] loop2: rw=0, want=153, limit=128
[ 1683.020057][T25927] attempt to access beyond end of device
[ 1683.020057][T25927] loop2: rw=0, want=153, limit=128
[ 1687.967178][T25981] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8188'.
[ 1687.993280][T25981] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8188'.
[ 1691.521734][    C1] ip6_tunnel: K xmit: Local address not yet configured!
[ 1694.790092][T26035] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8203'.
[ 1694.802839][T26035] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8203'.
[ 1694.911949][T26046] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8210'.
[ 1694.998272][T26044] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8204'.
[ 1695.059736][T26044] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8204'.
[ 1695.568860][T26058] netlink: 88 bytes leftover after parsing attributes in process `syz.1.8212'.
[ 1696.440326][T26070] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8214'.
[ 1696.458397][T26070] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8214'.
[ 1696.728903][T26077] netlink: 16 bytes leftover after parsing attributes in process `syz.7.8216'.
[ 1698.707082][T26079] loop2: detected capacity change from 0 to 512
[ 1701.246897][T26092] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8221'.
[ 1701.271729][T26092] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8221'.
[ 1701.421731][   T30] audit: type=1400 audit(2450.487:10723): avc:  denied  { unmount } for  pid=18516 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[ 1701.840880][T26108] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8222'.
[ 1704.894010][T26133] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8231'.
[ 1704.931738][T26133] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=26133 comm=syz.3.8231
[ 1705.632418][T26138] netlink: 'syz.7.8232': attribute type 4 has an invalid length.
[ 1705.650650][T26138] netlink: 3657 bytes leftover after parsing attributes in process `syz.7.8232'.
[ 1705.869193][T26139] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8230'.
[ 1705.908482][T26139] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8230'.
[ 1706.781620][T26151] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8235'.
[ 1706.826008][T26151] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8235'.
[ 1706.846319][T26156] loop2: detected capacity change from 0 to 128
[ 1707.573856][T26156] 9pnet: Could not find request transport: rdma
[ 1707.580389][   T30] audit: type=1400 audit(2456.667:10724): avc:  denied  { mounton } for  pid=26154 comm="syz.2.8237" path="/351/file0/bus" dev="loop2" ino=1048939 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=file permissive=1
[ 1707.705141][T26164] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1707.920298][T26156] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[ 1708.057423][T26156] FAT-fs (loop2): Filesystem has been set read-only
[ 1710.382552][T26187] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8243'.
[ 1710.651775][T26199] syz.1.8246[26199] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1710.654539][T26199] syz.1.8246[26199] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1711.430119][T26199] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=26199 comm=syz.1.8246
[ 1713.181049][T26207] loop2: detected capacity change from 0 to 128
[ 1713.340920][T26207] handle_bad_sector: 5245 callbacks suppressed
[ 1713.340948][T26207] attempt to access beyond end of device
[ 1713.340948][T26207] loop2: rw=2049, want=1041, limit=128
[ 1714.087594][T26209] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8247'.
[ 1714.097627][T26209] netlink: 12 bytes leftover after parsing attributes in process `syz.6.8247'.
[ 1715.514571][T26229] loop2: detected capacity change from 0 to 256
[ 1716.356065][T26237] xt_NFQUEUE: number of queues (65534) out of range (got 131068)
[ 1719.638542][   T30] audit: type=1400 audit(2469.661:10725): avc:  denied  { mount } for  pid=26257 comm="syz.6.8264" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[ 1719.937285][T26271] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8266'.
[ 1719.972022][T26271] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8266'.
[ 1720.117214][   T30] audit: type=1326 audit(2470.211:10726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26277 comm="syz.2.8269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f633c294be9 code=0x7ffc0000
[ 1720.447397][   T30] audit: type=1326 audit(2470.211:10727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26277 comm="syz.2.8269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f633c294be9 code=0x7ffc0000
[ 1720.472712][   T30] audit: type=1326 audit(2470.211:10728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26277 comm="syz.2.8269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f633c294be9 code=0x7ffc0000
[ 1720.501831][   T30] audit: type=1326 audit(2470.211:10729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26277 comm="syz.2.8269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f633c294be9 code=0x7ffc0000
[ 1720.526788][   T30] audit: type=1326 audit(2470.211:10730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26277 comm="syz.2.8269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f633c294be9 code=0x7ffc0000
[ 1720.552340][   T30] audit: type=1326 audit(2470.211:10731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26277 comm="syz.2.8269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f633c294be9 code=0x7ffc0000
[ 1720.584567][   T30] audit: type=1326 audit(2470.211:10732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26277 comm="syz.2.8269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f633c294be9 code=0x7ffc0000
[ 1720.632895][   T30] audit: type=1326 audit(2470.211:10733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26277 comm="syz.2.8269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f633c294be9 code=0x7ffc0000
[ 1720.668001][T26278] loop2: detected capacity change from 0 to 512
[ 1720.675008][   T30] audit: type=1326 audit(2470.211:10734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26277 comm="syz.2.8269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f633c294be9 code=0x7ffc0000
[ 1720.831389][T26293] netlink: 96 bytes leftover after parsing attributes in process `syz.1.8270'.
[ 1721.737240][T26278] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #15: comm syz.2.8269: casefold flag without casefold feature
[ 1721.750933][T26278] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.8269: couldn't read orphan inode 15 (err -117)
[ 1721.782202][T26278] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1723.286287][T26310] overlayfs: failed to clone lowerpath
[ 1723.320419][T26310] overlayfs: failed to clone upperpath
[ 1723.688786][T26322] loop2: detected capacity change from 0 to 128
[ 1723.795730][T26322] attempt to access beyond end of device
[ 1723.795730][T26322] loop2: rw=2049, want=1041, limit=128
[ 1723.862271][T26322] attempt to access beyond end of device
[ 1723.862271][T26322] loop2: rw=524288, want=369, limit=128
[ 1723.881820][T26322] attempt to access beyond end of device
[ 1723.881820][T26322] loop2: rw=0, want=153, limit=128
[ 1723.911739][T26322] attempt to access beyond end of device
[ 1723.911739][T26322] loop2: rw=0, want=153, limit=128
[ 1723.931675][T26322] attempt to access beyond end of device
[ 1723.931675][T26322] loop2: rw=0, want=153, limit=128
[ 1723.971686][T26322] attempt to access beyond end of device
[ 1723.971686][T26322] loop2: rw=0, want=153, limit=128
[ 1723.991676][T26322] attempt to access beyond end of device
[ 1723.991676][T26322] loop2: rw=0, want=153, limit=128
[ 1724.011652][T26322] attempt to access beyond end of device
[ 1724.011652][T26322] loop2: rw=0, want=153, limit=128
[ 1724.051702][T26322] attempt to access beyond end of device
[ 1724.051702][T26322] loop2: rw=0, want=153, limit=128
[ 1724.071681][T26322] attempt to access beyond end of device
[ 1724.071681][T26322] loop2: rw=0, want=153, limit=128
[ 1724.519517][T26334] netlink: 24 bytes leftover after parsing attributes in process `syz.7.8282'.
[ 1724.528693][T26334] netlink: 24 bytes leftover after parsing attributes in process `syz.7.8282'.
[ 1726.970425][T26363] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8285'.
[ 1726.981186][T26363] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8285'.
[ 1727.861788][   T30] kauditd_printk_skb: 65 callbacks suppressed
[ 1727.861828][   T30] audit: type=1400 audit(2477.861:10800): avc:  denied  { create } for  pid=26365 comm="syz.6.8290" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[ 1728.364343][T26371] loop2: detected capacity change from 0 to 128
[ 1728.647577][T26383] futex_wake_op: syz.7.8292 tries to shift op by 36; fix this program
[ 1728.777344][   T30] audit: type=1400 audit(2478.711:10801): avc:  denied  { create } for  pid=26372 comm="syz.7.8292" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[ 1728.805497][T26371] handle_bad_sector: 4655 callbacks suppressed
[ 1728.805720][T26371] attempt to access beyond end of device
[ 1728.805720][T26371] loop2: rw=0, want=153, limit=128
[ 1728.886773][T26371] attempt to access beyond end of device
[ 1728.886773][T26371] loop2: rw=0, want=153, limit=128
[ 1729.169372][T26371] attempt to access beyond end of device
[ 1729.169372][T26371] loop2: rw=0, want=153, limit=128
[ 1729.184761][T26371] attempt to access beyond end of device
[ 1729.184761][T26371] loop2: rw=0, want=153, limit=128
[ 1729.214887][   T30] audit: type=1400 audit(2479.251:10802): avc:  denied  { create } for  pid=26378 comm="syz.3.8295" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 1729.598758][T26389] loop2: detected capacity change from 0 to 512
[ 1730.213097][T26389] EXT4-fs (loop2): #blocks per group too big: 466944
[ 1731.322785][T26413] incfs: Error accessing: ./file0.
[ 1731.328120][T26413] incfs: mount failed -2
[ 1733.968617][T26432] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=26432 comm=syz.6.8306
[ 1733.981580][T26432] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=26432 comm=syz.6.8306
[ 1734.031167][T26432] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8306'.
[ 1734.061731][   T30] audit: type=1400 audit(2484.091:10803): avc:  denied  { audit_write } for  pid=26421 comm="syz.6.8306" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 1734.312276][T26437] overlayfs: missing 'lowerdir'
[ 1734.845435][T26438] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8305'.
[ 1734.893302][T26438] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8305'.
[ 1734.923846][T26446] loop2: detected capacity change from 0 to 512
[ 1735.268524][T26446] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1736.809270][   T30] audit: type=1400 audit(2486.801:10804): avc:  denied  { create } for  pid=26468 comm="syz.3.8314" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[ 1736.898298][T26471] SELinux: security_context_str_to_sid(staff_u) failed for (dev ?, type ?) errno=-22
[ 1736.908575][T26471] SELinux: security_context_str_to_sid(user_u) failed for (dev ?, type ?) errno=-22
[ 1737.876745][T26477] loop2: detected capacity change from 0 to 512
[ 1738.003830][T26477] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1738.053746][T26479] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8315'.
[ 1739.316109][T26479] netlink: 12 bytes leftover after parsing attributes in process `syz.6.8315'.
[ 1739.614237][   T30] audit: type=1326 audit(2489.711:10805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26494 comm="syz.1.8321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1739.647892][   T30] audit: type=1326 audit(2489.731:10806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26494 comm="syz.1.8321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1739.672864][   T30] audit: type=1326 audit(2489.731:10807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26494 comm="syz.1.8321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1739.697828][   T30] audit: type=1326 audit(2489.731:10808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26494 comm="syz.1.8321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1739.721559][   T30] audit: type=1326 audit(2489.731:10809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26494 comm="syz.1.8321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1739.792465][   T30] audit: type=1326 audit(2489.731:10810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26494 comm="syz.1.8321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1740.109084][   T30] audit: type=1326 audit(2489.731:10811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26494 comm="syz.1.8321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1740.971454][   T30] audit: type=1326 audit(2489.731:10812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26494 comm="syz.1.8321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1741.091991][   T30] audit: type=1326 audit(2489.731:10813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26494 comm="syz.1.8321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1741.117097][   T30] audit: type=1326 audit(2489.731:10814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26494 comm="syz.1.8321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1742.510252][T26498] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8323'.
[ 1742.596087][T26518] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8323'.
[ 1742.609617][T26504] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8322'.
[ 1742.620316][T26504] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8322'.
[ 1744.766088][T26535] loop2: detected capacity change from 0 to 512
[ 1745.326412][T26535] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1745.355768][T26535] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8329'.
[ 1745.368524][T26535] netlink: 'syz.2.8329': attribute type 13 has an invalid length.
[ 1745.377305][T26535] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1745.388590][T26535] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[ 1745.397000][T26535] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[ 1745.405534][T26535] gretap0: refused to change device tx_queue_len
[ 1745.412177][T26535] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[ 1745.420666][T26535] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[ 1745.941256][T26550] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1745.957808][T26550] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[ 1745.966799][T26550] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[ 1745.975715][T26550] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[ 1745.984644][T26550] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[ 1745.996391][T26550] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[ 1746.005463][T26550] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[ 1746.028982][T26550] device wg2 left promiscuous mode
[ 1746.094572][T26550] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1746.117185][T26550] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0.1: link becomes ready
[ 1746.136503][T26550] IPv6: ADDRCONF(NETDEV_CHANGE): ipip0: link becomes ready
[ 1746.154540][T26550] device gretap1 left promiscuous mode
[ 1746.639755][T25893] IPv6: ADDRCONF(NETDEV_CHANGE): veth9: link becomes ready
[ 1746.654225][T19566] ip6_tunnel: ip6gre4 xmit: Local address not yet configured!
[ 1746.662773][T25893] IPv6: ADDRCONF(NETDEV_CHANGE): veth8: link becomes ready
[ 1748.200907][T19566] ip6_tunnel: ip6gre4 xmit: Local address not yet configured!
[ 1748.324206][T26559] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8336'.
[ 1748.334018][T26559] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8336'.
[ 1749.219699][T26572] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8337'.
[ 1749.228730][T26572] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8337'.
[ 1751.071815][T26575] sch_fq: defrate 4294967295 ignored.
[ 1751.295399][T26579] loop2: detected capacity change from 0 to 256
[ 1754.578701][   T30] kauditd_printk_skb: 32 callbacks suppressed
[ 1754.578721][   T30] audit: type=1400 audit(2505.672:10847): avc:  denied  { map } for  pid=26599 comm="syz.7.8345" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=175 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[ 1755.924457][   T30] audit: type=1400 audit(2507.022:10848): avc:  denied  { write } for  pid=26599 comm="syz.7.8345" name="ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 1756.167576][T26612] overlayfs: failed to clone lowerpath
[ 1758.281589][T19566] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[ 1758.779246][T26635] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8353'.
[ 1758.789688][T26635] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8353'.
[ 1759.831627][T19566] usb 8-1: device descriptor read/all, error -71
[ 1761.250285][   T30] audit: type=1326 audit(2512.242:10849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26647 comm="syz.3.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1761.527908][   T30] audit: type=1326 audit(2512.242:10850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26647 comm="syz.3.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1761.555262][   T30] audit: type=1326 audit(2512.242:10851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26647 comm="syz.3.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1761.583167][   T30] audit: type=1326 audit(2512.242:10852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26647 comm="syz.3.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1761.620965][   T30] audit: type=1326 audit(2512.242:10853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26647 comm="syz.3.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1761.646797][   T30] audit: type=1326 audit(2512.242:10854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26652 comm="syz.3.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f178df1f4a5 code=0x7ffc0000
[ 1761.707811][   T30] audit: type=1326 audit(2512.252:10855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26647 comm="syz.3.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1761.778707][   T30] audit: type=1326 audit(2512.252:10856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26647 comm="syz.3.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1762.651897][T26667] bridge0: port 1(syz_tun) entered blocking state
[ 1762.658616][T26667] bridge0: port 1(syz_tun) entered disabled state
[ 1762.679370][T26667] device syz_tun entered promiscuous mode
[ 1762.699024][T26667] bridge0: port 1(syz_tun) entered blocking state
[ 1762.705510][T26667] bridge0: port 1(syz_tun) entered forwarding state
[ 1762.722628][T26669] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8360'.
[ 1763.020928][T26670] overlayfs: failed to clone upperpath
[ 1763.152357][T26666] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8359'.
[ 1766.228712][   T30] audit: type=1326 audit(2512.252:10857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26647 comm="syz.3.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1766.326114][   T30] audit: type=1326 audit(2512.252:10858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26647 comm="syz.3.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=312 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1766.360878][   T30] audit: type=1326 audit(2512.252:10859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26647 comm="syz.3.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1766.388086][   T30] audit: type=1326 audit(2512.252:10860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26647 comm="syz.3.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1766.413263][   T30] audit: type=1326 audit(2512.252:10861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26647 comm="syz.3.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1766.457124][   T30] audit: type=1326 audit(2512.252:10862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26647 comm="syz.3.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1766.519519][   T30] audit: type=1326 audit(2512.252:10863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26647 comm="syz.3.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1766.543485][   T30] audit: type=1326 audit(2512.252:10864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26647 comm="syz.3.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1768.533540][   T30] audit: type=1326 audit(2512.252:10865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26647 comm="syz.3.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1768.592268][   T30] audit: type=1326 audit(2512.252:10866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26647 comm="syz.3.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1768.727688][   T30] audit: type=1326 audit(2512.252:10867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26647 comm="syz.3.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1768.763629][T26695] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1769.243192][T26706] loop2: detected capacity change from 0 to 512
[ 1769.863149][T26706] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1769.927059][T26706] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8367'.
[ 1769.942173][T26706] netlink: 'syz.2.8367': attribute type 13 has an invalid length.
[ 1769.950528][T26706] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1769.961512][T26706] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[ 1769.969408][T26706] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[ 1769.978949][T26706] gretap0: refused to change device tx_queue_len
[ 1769.985930][T26706] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[ 1769.994524][T26706] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[ 1770.241833][    C1] ip6_tunnel: K xmit: Local address not yet configured!
[ 1770.787309][T26714] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8366'.
[ 1771.411869][T26714] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8366'.
[ 1771.964821][T26730] bridge0: port 1(syz_tun) entered blocking state
[ 1771.971445][T26730] bridge0: port 1(syz_tun) entered disabled state
[ 1771.983275][T26730] bridge0: port 1(syz_tun) entered blocking state
[ 1771.989743][T26730] bridge0: port 1(syz_tun) entered forwarding state
[ 1773.200580][T26734] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1773.209471][T26734] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1773.282847][T26739] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8376'.
[ 1773.293467][T26739] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8376'.
[ 1773.603395][T26741] bridge0: port 1(syz_tun) entered disabled state
[ 1779.120033][T26782] xt_NFQUEUE: number of queues (65534) out of range (got 131068)
[ 1782.252569][   T30] kauditd_printk_skb: 42 callbacks suppressed
[ 1782.252605][   T30] audit: type=1107 audit(2533.352:10910): pid=26789 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[ 1782.378642][   T30] audit: type=1326 audit(2533.472:10911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26789 comm="syz.3.8390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7fc00000
[ 1782.777754][   T30] audit: type=1326 audit(2533.472:10912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26789 comm="syz.3.8390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f178deecbe9 code=0x7fc00000
[ 1782.881719][   T30] audit: type=1326 audit(2533.472:10913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26789 comm="syz.3.8390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7fc00000
[ 1782.941563][   T30] audit: type=1326 audit(2533.472:10914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26789 comm="syz.3.8390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7fc00000
[ 1782.966436][   T30] audit: type=1326 audit(2533.472:10915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26789 comm="syz.3.8390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7fc00000
[ 1785.093820][   T30] audit: type=1326 audit(2533.472:10916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26789 comm="syz.3.8390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7fc00000
[ 1785.132922][T26815] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8392'.
[ 1785.962930][T26815] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8392'.
[ 1786.002599][   T30] audit: type=1326 audit(2533.472:10917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26789 comm="syz.3.8390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7fc00000
[ 1786.086989][   T30] audit: type=1326 audit(2533.472:10918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26789 comm="syz.3.8390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7fc00000
[ 1786.221923][   T30] audit: type=1326 audit(2533.472:10919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26789 comm="syz.3.8390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7fc00000
[ 1786.393886][T26832] loop2: detected capacity change from 0 to 256
[ 1788.859484][T26832] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[ 1789.238849][   T30] kauditd_printk_skb: 56 callbacks suppressed
[ 1789.239785][   T30] audit: type=1326 audit(2537.342:10976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26789 comm="syz.3.8390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7fc00000
[ 1793.639188][T26858] SELinux: failed to load policy
[ 1794.581882][T26870] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1794.590351][T26870] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[ 1794.597790][T26870] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[ 1794.605095][T26870] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[ 1794.612719][T26870] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[ 1794.629156][T26870] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[ 1794.640343][T26870] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[ 1794.811246][T26870] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1794.852817][T26870] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0.1: link becomes ready
[ 1794.884567][T26870] IPv6: ADDRCONF(NETDEV_CHANGE): ipip0: link becomes ready
[ 1795.776188][T19566] ip6_tunnel: ip6gre4 xmit: Local address not yet configured!
[ 1796.205545][   T30] audit: type=1400 audit(2548.299:10977): avc:  denied  { rmdir } for  pid=26286 comm="syz.2.8269" name=".index" dev="loop2" ino=1048952 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1796.561971][T26640] ip6_tunnel: ip6gre4 xmit: Local address not yet configured!
[ 1796.833517][T26894] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8411'.
[ 1796.847902][T26902] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8411'.
[ 1796.875921][T26897] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1796.885319][T26910] incfs: Options parsing error. -22
[ 1796.894960][T26897] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1796.905132][T26910] incfs: mount failed -22
[ 1797.177261][T26897] device bridge_slave_0 entered promiscuous mode
[ 1797.183974][   T30] audit: type=1326 audit(2549.269:10978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26907 comm="syz.1.8418" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f754f9e6be9 code=0x0
[ 1797.311949][T26897] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1797.376882][T26897] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1797.447023][T26897] device bridge_slave_1 entered promiscuous mode
[ 1797.579746][T26910] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8419'.
[ 1798.522634][   T30] audit: type=1400 audit(2550.609:10979): avc:  denied  { ioctl } for  pid=26921 comm="syz.3.8422" path="socket:[97256]" dev="sockfs" ino=97256 ioctlcmd=0x89f3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1799.457799][   T30] audit: type=1326 audit(2551.549:10980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26935 comm="syz.3.8424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1799.521311][   T30] audit: type=1326 audit(2551.579:10981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26935 comm="syz.3.8424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f178dee3ba7 code=0x7ffc0000
[ 1799.544900][   T30] audit: type=1326 audit(2551.579:10982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26935 comm="syz.3.8424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f178de88de9 code=0x7ffc0000
[ 1799.583110][   T30] audit: type=1326 audit(2551.579:10983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26935 comm="syz.3.8424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1799.607246][   T30] audit: type=1326 audit(2551.579:10984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26935 comm="syz.3.8424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1799.631236][   T30] audit: type=1326 audit(2551.579:10985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26935 comm="syz.3.8424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1799.670608][   T30] audit: type=1326 audit(2551.579:10986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26935 comm="syz.3.8424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1799.727053][T21322] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1799.740403][T21322] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1799.749427][T21322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1799.757642][T21322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1799.766830][T21322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1799.775946][T21322] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1799.901995][T21322] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1799.909325][T21322] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1800.362048][T21322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1800.862873][T21322] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1800.892745][T21322] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1800.900055][T21322] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1800.924708][T21322] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1800.943265][T26948] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8425'.
[ 1800.961652][T26952] netlink: 12 bytes leftover after parsing attributes in process `syz.6.8425'.
[ 1801.083878][T21322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1801.102084][T21322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1801.133486][T26897] device veth0_vlan entered promiscuous mode
[ 1801.142217][T21322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1801.181821][T21322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1801.207655][T26897] device veth1_macvtap entered promiscuous mode
[ 1801.229831][T21322] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1801.242312][T21322] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1801.253131][T21322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1801.262196][T21322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1801.270698][T21322] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1801.289072][T26963] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8429'.
[ 1801.298976][T21322] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1801.309450][T21322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1801.319819][T21322] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1801.337694][T21322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1801.353652][T26963] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8429'.
[ 1801.647376][T26977] xt_TCPMSS: Only works on TCP SYN packets
[ 1801.657559][T26977] netlink: 9 bytes leftover after parsing attributes in process `syz.4.8415'.
[ 1801.669250][T26977] device gretap0 entered promiscuous mode
[ 1802.139567][T26977] netlink: 5 bytes leftover after parsing attributes in process `syz.4.8415'.
[ 1802.148839][T26977] 0�X��D: renamed from gretap0
[ 1802.241091][T26977] device 
30�X��D left promiscuous mode
[ 1802.257298][T26977] A link change request failed with some changes committed already. Interface 
30�X��D may have been left with an inconsistent configuration, please check.
[ 1805.770988][T27002] overlayfs: missing 'lowerdir'
[ 1808.593647][   T30] kauditd_printk_skb: 43 callbacks suppressed
[ 1808.593665][   T30] audit: type=1400 audit(2560.689:11030): avc:  denied  { mounton } for  pid=27027 comm="syz.7.8444" path="/syzcgroup/cpu/syz7/cpuset.cpus" dev="cgroup" ino=529 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1
[ 1808.621746][T27032] incfs: Backing dir is not set, filesystem can't be mounted.
[ 1808.664935][T27032] incfs: mount failed -2
[ 1809.733246][T27048] loop4: detected capacity change from 0 to 128
[ 1812.482156][T21322] tipc: Subscription rejected, illegal request
[ 1813.454956][   T30] audit: type=1400 audit(2565.549:11031): avc:  denied  { connect } for  pid=27081 comm="syz.1.8458" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1814.323900][T27086] loop4: detected capacity change from 0 to 1024
[ 1814.330737][   T30] audit: type=1400 audit(2566.409:11032): avc:  denied  { read } for  pid=27081 comm="syz.1.8458" path="socket:[98482]" dev="sockfs" ino=98482 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1814.466541][T27086] EXT4-fs (loop4): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000000a,grpquota,auto_da_alloc,grpquota,,errors=continue. Quota mode: writeback.
[ 1814.589267][T27086] serio: Serial port ptm0
[ 1814.640046][T27097] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8461'.
[ 1814.656621][   T30] audit: type=1326 audit(2566.749:11033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27085 comm="syz.4.8459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c02568be9 code=0x7ffc0000
[ 1814.689052][T27097] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8461'.
[ 1814.708932][   T30] audit: type=1326 audit(2566.749:11034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27085 comm="syz.4.8459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c02568be9 code=0x7ffc0000
[ 1814.734799][   T30] audit: type=1326 audit(2566.779:11035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27085 comm="syz.4.8459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c02568be9 code=0x7ffc0000
[ 1814.759169][   T30] audit: type=1326 audit(2566.779:11036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27085 comm="syz.4.8459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c02568be9 code=0x7ffc0000
[ 1814.786564][   T30] audit: type=1326 audit(2566.779:11037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27085 comm="syz.4.8459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c02568be9 code=0x7ffc0000
[ 1814.816214][   T30] audit: type=1326 audit(2566.779:11038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27085 comm="syz.4.8459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c02568be9 code=0x7ffc0000
[ 1814.841359][   T30] audit: type=1326 audit(2566.779:11039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27085 comm="syz.4.8459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c02568be9 code=0x7ffc0000
[ 1814.865325][   T30] audit: type=1326 audit(2566.779:11040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27085 comm="syz.4.8459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c02568be9 code=0x7ffc0000
[ 1814.888916][   T30] audit: type=1326 audit(2566.779:11041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27085 comm="syz.4.8459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c02568be9 code=0x7ffc0000
[ 1815.049030][T27102] loop4: detected capacity change from 0 to 40427
[ 1815.115899][T27106] overlayfs: failed to clone upperpath
[ 1815.369968][T27102] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1815.455805][T27102] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1816.030624][T27121] loop4: detected capacity change from 0 to 16
[ 1816.143477][T27121] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1816.671145][T27128] binder: BINDER_SET_CONTEXT_MGR already set
[ 1816.677207][T27128] binder: 27120:27128 ioctl 4018620d 200000004a80 returned -16
[ 1818.232320][T27142] loop4: detected capacity change from 0 to 8192
[ 1819.665276][T27147] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8476'.
[ 1819.698556][T27147] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8476'.
[ 1819.727737][T27165] overlayfs: failed to clone lowerpath
[ 1820.226568][T27175] loop4: detected capacity change from 0 to 512
[ 1820.278287][T27175] EXT4-fs (loop4): Ignoring removed nobh option
[ 1820.285265][T27175] EXT4-fs (loop4): dax option not supported
[ 1820.688313][T27171] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8479'.
[ 1820.700966][T27171] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8479'.
[ 1820.848817][T27188] futex_wake_op: syz.6.8484 tries to shift op by 32; fix this program
[ 1822.055551][T27201] loop4: detected capacity change from 0 to 2048
[ 1822.133059][T27201] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22
[ 1822.145196][T27201] EXT4-fs (loop4): Unrecognized mount option "dont_measure" or missing value
[ 1822.551948][   T30] kauditd_printk_skb: 13 callbacks suppressed
[ 1822.551974][   T30] audit: type=1326 audit(2574.619:11055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27198 comm="syz.3.8490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1823.289563][   T30] audit: type=1326 audit(2574.619:11056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27198 comm="syz.3.8490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1823.416905][T27200] loop4: detected capacity change from 0 to 4096
[ 1823.961938][T27200] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1824.975547][   T30] audit: type=1326 audit(2574.639:11057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27198 comm="syz.3.8490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1824.999680][   T30] audit: type=1326 audit(2574.639:11058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27198 comm="syz.3.8490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1825.023002][   T30] audit: type=1326 audit(2574.639:11059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27198 comm="syz.3.8490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1825.085205][   T30] audit: type=1326 audit(2574.689:11060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27198 comm="syz.3.8490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1825.109133][   T30] audit: type=1326 audit(2574.689:11061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27198 comm="syz.3.8490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1825.338255][   T30] audit: type=1326 audit(2574.699:11062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27198 comm="syz.3.8490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1825.426881][   T30] audit: type=1326 audit(2574.709:11063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27198 comm="syz.3.8490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1825.437586][T27243] usb usb1: usbfs: process 27243 (syz.4.8499) did not claim interface 0 before use
[ 1825.494454][   T30] audit: type=1326 audit(2574.729:11064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27198 comm="syz.3.8490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1825.627883][T27248] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8498'.
[ 1825.637778][T27248] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8498'.
[ 1825.666790][T27249] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8504'.
[ 1825.688896][T27249] netlink: 12 bytes leftover after parsing attributes in process `syz.6.8504'.
[ 1825.705149][T27255] serio: Serial port ptm0
[ 1825.815480][T27269] loop4: detected capacity change from 0 to 512
[ 1825.850207][T27273] usb usb8: usbfs: process 27273 (syz.7.8516) did not claim interface 0 before use
[ 1825.900795][T27269] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1826.970773][T27325] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8529'.
[ 1826.980446][T27325] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8529'.
[ 1827.184021][T27318] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8536'.
[ 1827.196119][T27318] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8536'.
[ 1827.258055][T27335] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8537'.
[ 1827.267762][T27335] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8537'.
[ 1827.384309][T27355] x_tables: duplicate entry at hook 3
[ 1827.945205][T27387] incfs: Backing dir is not set, filesystem can't be mounted.
[ 1827.954291][T27387] incfs: mount failed -2
[ 1827.980198][T27393] loop4: detected capacity change from 0 to 128
[ 1828.033324][T27393] attempt to access beyond end of device
[ 1828.033324][T27393] loop4: rw=2049, want=1041, limit=128
[ 1828.067878][T27393] attempt to access beyond end of device
[ 1828.067878][T27393] loop4: rw=524288, want=369, limit=128
[ 1828.101956][T27393] attempt to access beyond end of device
[ 1828.101956][T27393] loop4: rw=0, want=153, limit=128
[ 1828.120474][T27408] fuse: Bad value for 'user_id'
[ 1828.125900][T27393] attempt to access beyond end of device
[ 1828.125900][T27393] loop4: rw=0, want=153, limit=128
[ 1828.148984][T27393] attempt to access beyond end of device
[ 1828.148984][T27393] loop4: rw=0, want=153, limit=128
[ 1828.171249][T27393] attempt to access beyond end of device
[ 1828.171249][T27393] loop4: rw=0, want=153, limit=128
[ 1828.191606][T27393] attempt to access beyond end of device
[ 1828.191606][T27393] loop4: rw=0, want=153, limit=128
[ 1828.214534][T27393] attempt to access beyond end of device
[ 1828.214534][T27393] loop4: rw=0, want=153, limit=128
[ 1828.227152][T27420] tmpfs: Unknown parameter 'context�'
[ 1828.236236][T27393] attempt to access beyond end of device
[ 1828.236236][T27393] loop4: rw=0, want=153, limit=128
[ 1828.258278][T27393] attempt to access beyond end of device
[ 1828.258278][T27393] loop4: rw=0, want=153, limit=128
[ 1828.377265][T27433] netlink: 'syz.1.8589': attribute type 32 has an invalid length.
[ 1829.308402][T27450] device vlan2 entered promiscuous mode
[ 1829.420579][T27449] loop4: detected capacity change from 0 to 128
[ 1829.749392][   T30] kauditd_printk_skb: 42 callbacks suppressed
[ 1829.749409][   T30] audit: type=1400 audit(2581.839:11107): avc:  denied  { getopt } for  pid=27476 comm="syz.6.8607" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1830.322117][T27506] /dev/loop0: Can't open blockdev
[ 1830.783246][T27527] __nla_validate_parse: 9 callbacks suppressed
[ 1830.783268][T27527] netlink: 32 bytes leftover after parsing attributes in process `syz.6.8627'.
[ 1831.002809][T27547] netlink: 596 bytes leftover after parsing attributes in process `syz.3.8636'.
[ 1831.218893][T27563] netlink: 68 bytes leftover after parsing attributes in process `syz.1.8643'.
[ 1831.347128][T27572] netlink: 220 bytes leftover after parsing attributes in process `syz.7.8647'.
[ 1831.543722][T27577] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8640'.
[ 1831.558129][T27584] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8646'.
[ 1831.572082][T27577] netlink: 12 bytes leftover after parsing attributes in process `syz.6.8640'.
[ 1831.586525][T27584] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8646'.
[ 1831.662008][T27595] overlayfs: missing 'lowerdir'
[ 1831.787631][T27604] loop4: detected capacity change from 0 to 512
[ 1831.855553][T27604] EXT4-fs (loop4): mounted filesystem without journal. Opts: mb_optimize_scan=0x0000000000000000,nombcache,stripe=0x0000000000000004,,errors=continue. Quota mode: writeback.
[ 1831.856639][T27613] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8664'.
[ 1831.892493][T27613] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8664'.
[ 1832.112445][T27639] loop4: detected capacity change from 0 to 128
[ 1833.094839][T27710] syz.3.8706 uses obsolete (PF_INET,SOCK_PACKET)
[ 1833.437698][T27728] loop4: detected capacity change from 0 to 1024
[ 1833.598007][T27728] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:476: comm syz.4.8712: Invalid block bitmap block 0 in block_group 0
[ 1833.616142][T27728] Quota error (device loop4): write_blk: dquota write failed
[ 1833.623775][T27728] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[ 1833.634605][T27728] EXT4-fs error (device loop4): ext4_acquire_dquot:6198: comm syz.4.8712: Failed to acquire dquot type 0
[ 1833.649619][T27728] EXT4-fs error (device loop4): ext4_free_blocks:6223: comm syz.4.8712: Freeing blocks not in datazone - block = 0, count = 4096
[ 1833.664968][T27728] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.8712: Invalid inode bitmap blk 0 in block_group 0
[ 1833.680154][T27728] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem
[ 1833.689721][T21306] Quota error (device loop4): remove_tree: Getting block too big (0 >= 9)
[ 1833.699547][T27728] EXT4-fs (loop4): 1 orphan inode deleted
[ 1833.705467][T27728] EXT4-fs (loop4): mounted filesystem without journal. Opts: ��; max_batch_time=0x0000000000000006,i_version,,errors=continue. Quota mode: writeback.
[ 1833.954695][T21306] EXT4-fs error (device loop4): ext4_release_dquot:6234: comm kworker/u4:42: Failed to release dquot type 0
[ 1834.883800][T27756] loop4: detected capacity change from 0 to 128
[ 1834.983630][T27756] handle_bad_sector: 30735 callbacks suppressed
[ 1834.983656][T27756] attempt to access beyond end of device
[ 1834.983656][T27756] loop4: rw=2049, want=1041, limit=128
[ 1835.013026][T27756] attempt to access beyond end of device
[ 1835.013026][T27756] loop4: rw=524288, want=369, limit=128
[ 1835.040955][T27756] attempt to access beyond end of device
[ 1835.040955][T27756] loop4: rw=0, want=153, limit=128
[ 1835.059765][T27756] attempt to access beyond end of device
[ 1835.059765][T27756] loop4: rw=0, want=153, limit=128
[ 1835.073406][T27756] attempt to access beyond end of device
[ 1835.073406][T27756] loop4: rw=0, want=153, limit=128
[ 1835.087211][T27756] attempt to access beyond end of device
[ 1835.087211][T27756] loop4: rw=0, want=153, limit=128
[ 1835.104092][T27756] attempt to access beyond end of device
[ 1835.104092][T27756] loop4: rw=0, want=153, limit=128
[ 1835.127806][T27756] attempt to access beyond end of device
[ 1835.127806][T27756] loop4: rw=0, want=153, limit=128
[ 1835.141550][T19566] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[ 1835.147138][T27756] attempt to access beyond end of device
[ 1835.147138][T27756] loop4: rw=0, want=153, limit=128
[ 1835.172534][T27756] attempt to access beyond end of device
[ 1835.172534][T27756] loop4: rw=0, want=153, limit=128
[ 1835.391525][T19566] usb 8-1: Using ep0 maxpacket: 32
[ 1835.522644][T19566] usb 8-1: config 0 has an invalid interface number: 208 but max is 0
[ 1835.535036][T19566] usb 8-1: config 0 has no interface number 0
[ 1835.541548][T19566] usb 8-1: config 0 interface 208 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1835.556805][T19566] usb 8-1: config 0 interface 208 has no altsetting 0
[ 1835.741679][T19566] usb 8-1: New USB device found, idVendor=0a5c, idProduct=6422, bcdDevice=ee.8c
[ 1835.751100][T19566] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1835.759445][T19566] usb 8-1: Product: syz
[ 1835.763738][T19566] usb 8-1: Manufacturer: syz
[ 1835.768643][T19566] usb 8-1: SerialNumber: syz
[ 1835.780921][T19566] usb 8-1: config 0 descriptor??
[ 1836.092544][T19566] ftdi_sio 8-1:0.208: FTDI USB Serial Device converter detected
[ 1836.100646][T19566] usb 8-1: Detected FT-X
[ 1836.168106][T27835] netlink: 'syz.1.8759': attribute type 1 has an invalid length.
[ 1836.309365][T27858] mip6: mip6_rthdr_init_state: spi is not 0: 3523477504
[ 1836.541942][T27866] __nla_validate_parse: 15 callbacks suppressed
[ 1836.541976][T27866] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8767'.
[ 1836.695555][T27869] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8773'.
[ 1836.717820][T27869] device vlan0 entered promiscuous mode
[ 1836.759122][T27871] netlink: 12 bytes leftover after parsing attributes in process `syz.6.8771'.
[ 1836.773611][T27866] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8767'.
[ 1836.793385][T27867] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8771'.
[ 1837.347189][T27879] xt_TCPMSS: Only works on TCP SYN packets
[ 1837.366568][T27879] netlink: 9 bytes leftover after parsing attributes in process `syz.1.8776'.
[ 1837.376686][T27879] device gretap0 entered promiscuous mode
[ 1837.400438][T27879] netlink: 5 bytes leftover after parsing attributes in process `syz.1.8776'.
[ 1837.410520][T27879] 0�X��D: renamed from gretap0
[ 1837.419736][T27879] device 
30�X��D left promiscuous mode
[ 1837.427942][T27879] IPv6: ADDRCONF(NETDEV_CHANGE): 
30�X��D: link becomes ready
[ 1837.435806][T27879] A link change request failed with some changes committed already. Interface 
30�X��D may have been left with an inconsistent configuration, please check.
[ 1838.062390][T19566] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[ 1838.091915][T19566] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[ 1838.198302][T19566] ftdi_sio 8-1:0.208: GPIO initialisation failed: -71
[ 1838.303984][T19566] usb 8-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1838.314360][   T30] audit: type=1400 audit(2590.409:11108): avc:  denied  { module_load } for  pid=27885 comm="syz.7.8779" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[ 1838.396022][   T30] audit: type=1400 audit(2590.489:11109): avc:  denied  { ioctl } for  pid=27892 comm="syz.7.8781" path="socket:[99610]" dev="sockfs" ino=99610 ioctlcmd=0x8915 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1838.421879][T19566] usb 8-1: USB disconnect, device number 11
[ 1838.452800][   T30] audit: type=1400 audit(2590.549:11110): avc:  denied  { getopt } for  pid=27899 comm="syz.7.8786" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1838.457863][T27901] mip6: mip6_destopt_init_state: state's mode is not 2: 1
[ 1838.485880][T19566] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1838.505558][T27903] netlink: 'syz.6.8787': attribute type 4 has an invalid length.
[ 1838.514159][T27903] netlink: 'syz.6.8787': attribute type 5 has an invalid length.
[ 1838.522043][T27903] netlink: 3657 bytes leftover after parsing attributes in process `syz.6.8787'.
[ 1838.526969][T19566] ftdi_sio 8-1:0.208: device disconnected
[ 1838.862438][T27916] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8782'.
[ 1838.943080][T27916] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8782'.
[ 1839.338718][T27958] loop4: detected capacity change from 0 to 512
[ 1839.363216][T27961] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[ 1839.459511][T27958] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1839.470926][   T30] audit: type=1326 audit(2591.559:11111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27976 comm="syz.3.8820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1839.507286][   T30] audit: type=1326 audit(2591.599:11112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27976 comm="syz.3.8820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=100 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1839.614181][   T30] audit: type=1326 audit(2591.599:11113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27976 comm="syz.3.8820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178deecbe9 code=0x7ffc0000
[ 1841.106666][T28038] 9pnet: Insufficient options for proto=fd
[ 1841.192315][T28046] syz.3.8849[28046] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1841.192434][T28046] syz.3.8849[28046] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1841.410857][T28023] loop4: detected capacity change from 0 to 131072
[ 1841.456005][T28023] F2FS-fs (loop4): invalid crc value
[ 1841.463697][T28023] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1841.499218][T28023] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[ 1841.627754][T28064] overlayfs: failed to resolve './file0': -2
[ 1842.022863][   T30] audit: type=1400 audit(2594.119:11114): avc:  denied  { write } for  pid=28102 comm="syz.1.8873" name="file0" dev="tmpfs" ino=3628 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1842.127525][   T30] audit: type=1400 audit(2594.179:11115): avc:  denied  { open } for  pid=28102 comm="syz.1.8873" path="/655/file0" dev="tmpfs" ino=3628 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1842.168133][   T30] audit: type=1400 audit(2594.189:11116): avc:  denied  { ioctl } for  pid=28102 comm="syz.1.8873" path="/655/file0" dev="tmpfs" ino=3628 ioctlcmd=0x1270 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1842.272063][T28110] __nla_validate_parse: 4 callbacks suppressed
[ 1842.272097][T28110] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8852'.
[ 1842.301212][T28110] device vlan2 entered promiscuous mode
[ 1842.306891][T28110] device syz_tun entered promiscuous mode
[ 1842.404640][T28113] syz.7.8876[28113] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1842.404733][T28113] syz.7.8876[28113] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1842.484034][T28109] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8866'.
[ 1842.506779][T28114] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8868'.
[ 1842.517000][T28109] netlink: 12 bytes leftover after parsing attributes in process `syz.6.8866'.
[ 1842.530321][T28114] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8868'.
[ 1843.200306][   T30] audit: type=1326 audit(2595.289:11117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28128 comm="syz.6.8884" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f322f2dabe9 code=0x0
[ 1844.505093][T28159] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8891'.
[ 1844.528663][T28159] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8891'.
[ 1845.113375][T28160] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8892'.
[ 1845.234351][T28165] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8882'.
[ 1845.259978][T28165] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8882'.
[ 1845.438610][T28167] loop4: detected capacity change from 0 to 40427
[ 1845.663736][T28167] F2FS-fs (loop4): Corrupted extension count (64 + 1 > 64)
[ 1845.731136][T28167] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1845.762415][T28167] F2FS-fs (loop4): invalid crc value
[ 1845.782365][T28167] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[ 1845.834350][T28167] F2FS-fs (loop4): recover fsync data on readonly fs
[ 1845.848608][T28167] F2FS-fs (loop4): Try to recover 1th superblock, ret: -30
[ 1845.863289][T28167] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1846.521707][T28219] device bridge0 entered promiscuous mode
[ 1846.527652][T28219] device vlan3 entered promiscuous mode
[ 1846.539494][T28219] bridge0: port 3(vlan3) entered blocking state
[ 1846.546788][T28219] bridge0: port 3(vlan3) entered disabled state
[ 1846.811511][T26640] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[ 1846.947791][T28226] loop4: detected capacity change from 0 to 131072
[ 1846.992474][T28226] F2FS-fs (loop4): Wrong CP boundary, start(512) end(1536) blocks(0)
[ 1847.000655][T28226] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1847.012095][T28226] F2FS-fs (loop4): invalid crc value
[ 1847.040893][T28226] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1847.105816][T28226] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1847.114425][T28226] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[ 1847.165554][T28226] F2FS-fs (loop4): checksum invalid, nid = 4, ino_of_node = 4, 8e2acc4a vs. 159afe7
[ 1847.361604][T26640] usb 8-1: New USB device found, idVendor=0c45, idProduct=8003, bcdDevice=d6.bb
[ 1847.377515][T26640] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1847.401756][T26640] usb 8-1: Product: syz
[ 1847.406105][T26640] usb 8-1: Manufacturer: syz
[ 1847.410738][T26640] usb 8-1: SerialNumber: syz
[ 1847.422736][T26640] usb 8-1: config 0 descriptor??
[ 1847.444782][   T30] audit: type=1326 audit(2599.539:11118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28260 comm="syz.1.8933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1847.480499][   T30] audit: type=1326 audit(2599.569:11119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28260 comm="syz.1.8933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1847.504190][   T30] audit: type=1326 audit(2599.569:11120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28260 comm="syz.1.8933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1847.531989][   T30] audit: type=1326 audit(2599.569:11121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28260 comm="syz.1.8933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1847.559119][   T30] audit: type=1326 audit(2599.569:11122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28260 comm="syz.1.8933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1847.582736][   T30] audit: type=1326 audit(2599.569:11123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28260 comm="syz.1.8933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1847.616255][   T30] audit: type=1326 audit(2599.569:11124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28260 comm="syz.1.8933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1847.650174][   T30] audit: type=1326 audit(2599.569:11125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28260 comm="syz.1.8933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1847.683779][   T30] audit: type=1326 audit(2599.569:11126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28260 comm="syz.1.8933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1847.717326][T26640] usb 8-1: USB disconnect, device number 12
[ 1847.903815][T28281] loop4: detected capacity change from 0 to 1024
[ 1847.923834][T28281] EXT4-fs (loop4): Ignoring removed bh option
[ 1847.931750][T28281] EXT4-fs (loop4): Ignoring removed nobh option
[ 1847.940750][T28281] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1847.963565][T28281] EXT4-fs (loop4): mounted filesystem without journal. Opts: data_err=abort,nojournal_checksum,barrier=0x0000000000000004,bh,data_err=ignore,lazytime,data_err=ignore,journal_dev=0x0000000000000800,nobh,inlinecrypt,data_err=ignore,dioread_nolock,,errors=continue. Quota mode: none.
[ 1848.078557][T28288] __nla_validate_parse: 4 callbacks suppressed
[ 1848.078573][T28288] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8942'.
[ 1848.094860][T28288] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8942'.
[ 1848.311519][T19566] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[ 1848.338535][   T30] audit: type=1326 audit(2600.429:11127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28296 comm="syz.6.8946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f322f2dabe9 code=0x7ffc0000
[ 1848.384670][T28299] netlink: 83 bytes leftover after parsing attributes in process `syz.6.8947'.
[ 1848.574604][T19566] usb 5-1: Using ep0 maxpacket: 16
[ 1848.665065][T28313] syz.6.8954[28313] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1848.665160][T28313] syz.6.8954[28313] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1848.765590][T19566] usb 5-1: config 0 has an invalid interface number: 251 but max is 0
[ 1848.811496][T19566] usb 5-1: config 0 has no interface number 0
[ 1848.817644][T19566] usb 5-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[ 1848.834215][T19566] usb 5-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[ 1849.122303][T19566] usb 5-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[ 1849.158173][T19566] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1849.167876][T19566] usb 5-1: Product: syz
[ 1849.172339][T19566] usb 5-1: Manufacturer: syz
[ 1849.177303][T19566] usb 5-1: SerialNumber: syz
[ 1849.183513][T28329] netlink: 'syz.7.8960': attribute type 16 has an invalid length.
[ 1849.196215][T28329] netlink: 'syz.7.8960': attribute type 3 has an invalid length.
[ 1849.196493][T19566] usb 5-1: config 0 descriptor??
[ 1849.204668][T28329] netlink: 64066 bytes leftover after parsing attributes in process `syz.7.8960'.
[ 1849.221639][T28290] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1849.231723][T28290] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1849.442748][T28290] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1849.450021][T28290] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1849.781506][  T554] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[ 1849.901600][T19566] asix 5-1:0.251 (unnamed net_device) (uninitialized): Interface mode not supported by driver
[ 1849.923411][T19566] asix: probe of 5-1:0.251 failed with error -524
[ 1850.031510][  T554] usb 8-1: Using ep0 maxpacket: 32
[ 1850.104827][T19566] usb 5-1: USB disconnect, device number 5
[ 1850.172970][  T554] usb 8-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1850.191490][  T554] usb 8-1: config 0 interface 0 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1850.217530][  T554] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1850.230820][  T554] usb 8-1: New USB device found, idVendor=056a, idProduct=0094, bcdDevice= 0.00
[ 1850.249855][  T554] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1850.269933][  T554] usb 8-1: config 0 descriptor??
[ 1850.803698][  T554] wacom 0003:056A:0094.0021: Using device in hidraw-only mode
[ 1850.820220][  T554] wacom 0003:056A:0094.0021: hidraw0: USB HID v0.05 Device [HID 056a:0094] on usb-dummy_hcd.7-1/input0
[ 1850.998155][T28389] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8984'.
[ 1851.003990][  T554] usb 8-1: USB disconnect, device number 13
[ 1851.007883][T28389] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8984'.
[ 1853.535075][T28452] loop4: detected capacity change from 0 to 40427
[ 1853.538449][T28474] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9023'.
[ 1853.656562][T28452] F2FS-fs (loop4): Wrong NAT boundary, start(2560) end(3584) blocks(512)
[ 1853.680474][T28452] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1853.704416][T28452] F2FS-fs (loop4): invalid crc value
[ 1853.713670][T28452] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1853.746261][T28452] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1853.753438][T28452] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1853.780132][T28489] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9028'.
[ 1853.789158][   T30] kauditd_printk_skb: 9 callbacks suppressed
[ 1853.789176][   T30] audit: type=1400 audit(2605.869:11137): avc:  denied  { lock } for  pid=28450 comm="syz.4.9014" path="/99/bus/file1" dev="loop4" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 1853.799814][T28489] netlink: 12 bytes leftover after parsing attributes in process `syz.7.9028'.
[ 1853.827561][T26897] handle_bad_sector: 7676 callbacks suppressed
[ 1853.827579][T26897] attempt to access beyond end of device
[ 1853.827579][T26897] loop4: rw=2049, want=40976, limit=40427
[ 1853.966947][T28495] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1853.982347][T28495] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1854.019826][   T30] audit: type=1326 audit(2606.109:11138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28497 comm="syz.4.9031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c02568be9 code=0x7ffc0000
[ 1854.026018][T28498] syz.4.9031[28498] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1854.043026][T28498] syz.4.9031[28498] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1854.043342][   T30] audit: type=1326 audit(2606.109:11139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28497 comm="syz.4.9031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c02568be9 code=0x7ffc0000
[ 1854.075933][T28496] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9030'.
[ 1854.133555][T28496] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9030'.
[ 1854.136242][   T30] audit: type=1326 audit(2606.109:11140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28497 comm="syz.4.9031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c02568be9 code=0x7ffc0000
[ 1854.167012][   T30] audit: type=1326 audit(2606.169:11141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28497 comm="syz.4.9031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c02568be9 code=0x7ffc0000
[ 1854.191536][   T30] audit: type=1326 audit(2606.169:11142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28497 comm="syz.4.9031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c02568be9 code=0x7ffc0000
[ 1854.215045][   T30] audit: type=1326 audit(2606.199:11143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28497 comm="syz.4.9031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c02568be9 code=0x7ffc0000
[ 1854.254890][   T30] audit: type=1326 audit(2606.199:11144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28497 comm="syz.4.9031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c02568be9 code=0x7ffc0000
[ 1854.278819][   T30] audit: type=1326 audit(2606.199:11145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28497 comm="syz.4.9031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c02568be9 code=0x7ffc0000
[ 1854.302335][   T30] audit: type=1326 audit(2606.199:11146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28497 comm="syz.4.9031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=195 compat=0 ip=0x7f2c02568be9 code=0x7ffc0000
[ 1854.568719][T28536] loop4: detected capacity change from 0 to 128
[ 1854.624753][T28536] FAT-fs (loop4): error, invalid FAT chain (i_pos 548, last_block 8)
[ 1854.640924][T28536] FAT-fs (loop4): Filesystem has been set read-only
[ 1854.657268][T28536] FAT-fs (loop4): error, corrupted file size (i_pos 548, 522)
[ 1854.917716][T28556] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1854.971219][T28563] netlink: 28 bytes leftover after parsing attributes in process `syz.4.9058'.
[ 1854.991007][T28563] netlink: 28 bytes leftover after parsing attributes in process `syz.4.9058'.
[ 1855.341591][T14826] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[ 1855.491149][T28581] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9065'.
[ 1855.519721][T28581] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9065'.
[ 1855.536906][T28591] netlink: 148 bytes leftover after parsing attributes in process `syz.6.9071'.
[ 1855.585937][T19566] kernel write not supported for file /uinput (pid: 19566 comm: kworker/1:0)
[ 1855.595438][T14826] usb 5-1: Using ep0 maxpacket: 16
[ 1855.711730][T14826] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1855.731508][T14826] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1855.742251][T14826] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1855.755767][T14826] usb 5-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00
[ 1855.765404][T14826] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1855.782781][T14826] usb 5-1: config 0 descriptor??
[ 1855.902609][T28647] syz.6.9098[28647] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1855.902705][T28647] syz.6.9098[28647] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1855.914571][T19566] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[ 1855.940785][T28649] netlink: 'syz.3.9099': attribute type 2 has an invalid length.
[ 1856.172845][T19566] usb 8-1: Using ep0 maxpacket: 8
[ 1856.262620][T14826] hkems 0003:2006:0118.0022: collection stack underflow
[ 1856.269764][T14826] hkems 0003:2006:0118.0022: item 0 1 0 12 parsing failed
[ 1856.277423][T14826] hkems 0003:2006:0118.0022: parse failed
[ 1856.283246][T14826] hkems: probe of 0003:2006:0118.0022 failed with error -22
[ 1856.311609][T19566] usb 8-1: too many endpoints for config 0 interface 0 altsetting 2: 129, using maximum allowed: 30
[ 1856.323082][T19566] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 136, changing to 11
[ 1856.334441][T19566] usb 8-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 129
[ 1856.347935][T19566] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1856.354862][T19566] usb 8-1: New USB device found, idVendor=04b4, idProduct=ed81, bcdDevice= 0.00
[ 1856.364017][T19566] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1856.372944][T19566] usb 8-1: config 0 descriptor??
[ 1856.467213][T23222] usb 5-1: USB disconnect, device number 6
[ 1856.859735][T19566] cypress 0003:04B4:ED81.0023: unknown main item tag 0x0
[ 1856.867671][T19566] cypress 0003:04B4:ED81.0023: unknown main item tag 0x0
[ 1856.877836][T19566] cypress 0003:04B4:ED81.0023: unknown main item tag 0x0
[ 1856.886546][T19566] cypress 0003:04B4:ED81.0023: hidraw0: USB HID v0.03 Device [HID 04b4:ed81] on usb-dummy_hcd.7-1/input0
[ 1857.049017][T28721] loop4: detected capacity change from 0 to 512
[ 1857.065731][T19566] usb 8-1: USB disconnect, device number 14
[ 1857.135596][T28721] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1858.020612][T28774] syz.4.9154[28774] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1858.020706][T28774] syz.4.9154[28774] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1858.811564][T26640] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[ 1858.892566][T28813] overlayfs: failed to clone upperpath
[ 1858.985005][   T30] kauditd_printk_skb: 27 callbacks suppressed
[ 1858.985022][   T30] audit: type=1326 audit(2611.079:11174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28816 comm="syz.1.9174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1859.053432][   T30] audit: type=1326 audit(2611.109:11175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28816 comm="syz.1.9174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1859.112554][   T30] audit: type=1326 audit(2611.109:11176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28816 comm="syz.1.9174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1859.157195][   T30] audit: type=1326 audit(2611.109:11177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28816 comm="syz.1.9174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1859.211781][   T30] audit: type=1326 audit(2611.109:11178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28816 comm="syz.1.9174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1859.235403][T26640] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 1859.256677][T26640] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1859.276066][T26640] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1859.296504][   T30] audit: type=1326 audit(2611.109:11179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28816 comm="syz.1.9174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=210 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1859.332728][T26640] snd-usb-audio: probe of 5-1:27.0 failed with error -2
[ 1859.362640][   T30] audit: type=1326 audit(2611.109:11180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28816 comm="syz.1.9174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1859.426494][   T30] audit: type=1326 audit(2611.359:11181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28824 comm="syz.1.9178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1859.464592][   T30] audit: type=1326 audit(2611.359:11182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28824 comm="syz.1.9178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1859.497628][   T30] audit: type=1326 audit(2611.359:11183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28824 comm="syz.1.9178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1859.501756][T28838] syz.1.9185[28838] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1859.534095][T26640] usb 5-1: USB disconnect, device number 7
[ 1859.555860][T28838] syz.1.9185[28838] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1859.798963][T28869] __nla_validate_parse: 6 callbacks suppressed
[ 1859.798986][T28869] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9198'.
[ 1859.877097][T28872] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9195'.
[ 1859.897533][T28881] syz.6.9203[28881] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1859.897615][T28881] syz.6.9203[28881] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1859.952685][T28881] incfs: Options parsing error. -22
[ 1859.990297][T28881] incfs: mount failed -22
[ 1860.135013][T28906] netlink: 32 bytes leftover after parsing attributes in process `syz.7.9213'.
[ 1860.412419][T28946] incfs: Options parsing error. -22
[ 1860.417939][T28946] incfs: mount failed -22
[ 1860.485686][T28947] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9227'.
[ 1860.495478][T28947] netlink: 12 bytes leftover after parsing attributes in process `syz.7.9227'.
[ 1860.862933][T28956] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9236'.
[ 1860.872916][T28956] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9236'.
[ 1861.099417][T28982] syz.6.9249[28982] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1861.099489][T28982] syz.6.9249[28982] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1861.113137][T28982] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=28982 comm=syz.6.9249
[ 1861.138831][T28982] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=28982 comm=syz.6.9249
[ 1861.349923][T29001] binder: 29000:29001 ioctl 8010661b 0 returned -22
[ 1861.542011][T29024] loop4: detected capacity change from 0 to 128
[ 1861.595036][T29024] attempt to access beyond end of device
[ 1861.595036][T29024] loop4: rw=2049, want=1041, limit=128
[ 1861.621912][T29024] attempt to access beyond end of device
[ 1861.621912][T29024] loop4: rw=524288, want=369, limit=128
[ 1861.641881][T29024] attempt to access beyond end of device
[ 1861.641881][T29024] loop4: rw=0, want=153, limit=128
[ 1861.655714][T29024] attempt to access beyond end of device
[ 1861.655714][T29024] loop4: rw=0, want=153, limit=128
[ 1861.676431][T29024] attempt to access beyond end of device
[ 1861.676431][T29024] loop4: rw=0, want=153, limit=128
[ 1861.688080][T29024] attempt to access beyond end of device
[ 1861.688080][T29024] loop4: rw=0, want=153, limit=128
[ 1861.721560][T29024] attempt to access beyond end of device
[ 1861.721560][T29024] loop4: rw=0, want=153, limit=128
[ 1861.749342][T29024] attempt to access beyond end of device
[ 1861.749342][T29024] loop4: rw=0, want=153, limit=128
[ 1861.781514][T26640] usb 8-1: new full-speed USB device number 15 using dummy_hcd
[ 1861.789467][T29024] attempt to access beyond end of device
[ 1861.789467][T29024] loop4: rw=0, want=153, limit=128
[ 1861.821770][T29024] attempt to access beyond end of device
[ 1861.821770][T29024] loop4: rw=0, want=153, limit=128
[ 1861.924630][T29049] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9277'.
[ 1862.141608][T26640] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1862.164770][T26640] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1862.185407][T26640] usb 8-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[ 1862.210498][T26640] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1862.235180][T26640] usb 8-1: config 0 descriptor??
[ 1862.282430][T29066] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9288'.
[ 1862.665719][T29088] loop4: detected capacity change from 0 to 40427
[ 1862.681587][T29088] F2FS-fs (loop4): fault_injection options not supported
[ 1862.698182][T29088] F2FS-fs (loop4): invalid crc value
[ 1862.718182][T29088] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1862.733025][T26640] ntrig 0003:1B96:000A.0024: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.7-1/input0
[ 1862.791637][T29088] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1862.931584][T26640] ntrig 0003:1B96:000A.0024: Firmware version: 2.10.30.1.6 (abd5 2ed0)
[ 1863.138678][  T554] usb 8-1: USB disconnect, device number 15
[ 1863.271518][T26640] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[ 1863.508940][T29139] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9319'.
[ 1863.531546][T26640] usb 5-1: Using ep0 maxpacket: 32
[ 1863.674935][T26640] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1863.694360][T26640] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00
[ 1863.704096][T26640] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1863.718212][T26640] usb 5-1: config 0 descriptor??
[ 1863.966663][T26640] usb 5-1: USB disconnect, device number 8
[ 1864.193509][T29157] xt_hashlimit: size too large, truncated to 1048576
[ 1864.821555][T26640] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[ 1865.081603][T26640] usb 8-1: Using ep0 maxpacket: 8
[ 1865.185390][T29219] __nla_validate_parse: 3 callbacks suppressed
[ 1865.185413][T29219] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9353'.
[ 1865.204663][T29219] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9353'.
[ 1865.214321][T26640] usb 8-1: too many endpoints for config 0 interface 0 altsetting 250: 255, using maximum allowed: 30
[ 1865.226121][T26640] usb 8-1: config 0 interface 0 altsetting 250 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[ 1865.239729][T26640] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1865.246424][T26640] usb 8-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[ 1865.255852][T26640] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1865.265419][T26640] usb 8-1: config 0 descriptor??
[ 1865.478534][T29223] loop4: detected capacity change from 0 to 40427
[ 1865.487570][T29223] F2FS-fs (loop4): fault_injection options not supported
[ 1865.494954][T29223] F2FS-fs (loop4): fault_type options not supported
[ 1865.504143][T29223] F2FS-fs (loop4): invalid crc value
[ 1865.518380][T29223] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1865.569759][T29223] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1865.732747][T26640] gt683r_led 0003:1770:FF00.0025: unknown main item tag 0x6
[ 1865.747951][T26640] gt683r_led 0003:1770:FF00.0025: hidraw0: USB HID vf4.f6 Device [HID 1770:ff00] on usb-dummy_hcd.7-1/input0
[ 1865.952127][T26640] usb 8-1: USB disconnect, device number 16
[ 1865.967624][T19566] gt683r_led 0003:1770:FF00.0025: failed to send set report request: -19
[ 1866.007150][T28212] ------------[ cut here ]------------
[ 1866.016442][T28212] WARNING: CPU: 0 PID: 28212 at fs/inode.c:335 drop_nlink+0xc5/0x110
[ 1866.025005][T28212] Modules linked in:
[ 1866.028925][T28212] CPU: 0 PID: 28212 Comm: syz.4.8911 Tainted: G        W         5.15.189-syzkaller-android13-5.15.189_r00 #0
[ 1866.041219][T28212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1866.052948][T28212] RIP: 0010:drop_nlink+0xc5/0x110
[ 1866.061769][T28212] Code: 1b 48 8d bb b8 04 00 00 be 08 00 00 00 e8 43 3b f2 ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 4b be b3 ff <0f> 0b eb 86 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 5e ff ff ff 4c
[ 1866.082002][T28212] RSP: 0018:ffffc90000cc77e8 EFLAGS: 00010293
[ 1866.088718][T28212] RAX: ffffffff81b4f185 RBX: ffff888126552ab0 RCX: ffff888134c862c0
[ 1866.097239][T28212] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1866.107922][T28212] RBP: ffffc90000cc7810 R08: 0000000000000004 R09: 0000000000000003
[ 1866.116455][   T30] kauditd_printk_skb: 53 callbacks suppressed
[ 1866.116469][   T30] audit: type=1326 audit(2618.219:11237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29266 comm="syz.1.9374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1866.120350][T28212] R10: fffff52000198eec R11: 1ffff92000198eec R12: dffffc0000000000
[ 1866.126529][   T30] audit: type=1326 audit(2618.219:11238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29266 comm="syz.1.9374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1866.147130][T28212] R13: 1ffff11024caa55f R14: ffff888126552af8 R15: 0000000000000000
[ 1866.186613][   T30] audit: type=1326 audit(2618.259:11239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29266 comm="syz.1.9374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1866.200791][T28212] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1866.219336][T28212] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1866.231399][T28212] CR2: 00007f1784634000 CR3: 0000000120dcf000 CR4: 00000000003506a0
[ 1866.247278][T28212] Call Trace:
[ 1866.254578][T28212]  <TASK>
[ 1866.257569][T28212]  shmem_rmdir+0x5b/0x90
[ 1866.262772][   T30] audit: type=1326 audit(2618.259:11240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29266 comm="syz.1.9374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1866.273471][T28212]  vfs_rmdir+0x313/0x460
[ 1866.298880][T28212]  incfs_kill_sb+0x105/0x220
[ 1866.304399][T28212]  deactivate_locked_super+0xa0/0x100
[ 1866.306395][   T30] audit: type=1326 audit(2618.279:11241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29266 comm="syz.1.9374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1866.312392][T28212]  deactivate_super+0xaf/0xe0
[ 1866.338325][T28212]  cleanup_mnt+0x446/0x500
[ 1866.339419][   T30] audit: type=1326 audit(2618.279:11242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29266 comm="syz.1.9374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1866.354082][T28212]  __cleanup_mnt+0x19/0x20
[ 1866.370951][T28212]  task_work_run+0x127/0x190
[ 1866.371684][   T30] audit: type=1326 audit(2618.289:11243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29266 comm="syz.1.9374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1866.388860][T28212]  do_exit+0xa7e/0x27a0
[ 1866.399759][   T30] audit: type=1326 audit(2618.289:11244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29266 comm="syz.1.9374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=137 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1866.407396][T28212]  ? put_task_struct+0x90/0x90
[ 1866.432356][   T30] audit: type=1326 audit(2618.289:11245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29266 comm="syz.1.9374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754f9e6be9 code=0x7ffc0000
[ 1866.455813][T28212]  ? __kasan_check_write+0x14/0x20
[ 1866.460975][T28212]  ? _raw_spin_lock_irq+0x8f/0xe0
[ 1866.466642][T28212]  ? __kasan_check_read+0x11/0x20
[ 1866.472065][T28212]  ? cgroup_update_frozen+0x15c/0x970
[ 1866.477651][T28212]  do_group_exit+0x141/0x310
[ 1866.483413][T28212]  get_signal+0x66a/0x1480
[ 1866.487965][T28212]  arch_do_signal_or_restart+0xc1/0x10f0
[ 1866.494079][T28212]  ? nanosleep_copyout+0x120/0x120
[ 1866.499339][T28212]  ? __remove_hrtimer+0x3e0/0x3e0
[ 1866.504690][T28212]  ? get_sigframe_size+0x10/0x10
[ 1866.509843][T28212]  ? __x64_sys_clock_nanosleep+0xb0/0xb0
[ 1866.523212][T28212]  exit_to_user_mode_loop+0xa7/0xe0
[ 1866.530045][T28212]  exit_to_user_mode_prepare+0x5a/0xa0
[ 1866.548905][T28212]  syscall_exit_to_user_mode+0x1a/0x30
[ 1866.555771][T28212]  do_syscall_64+0x58/0xa0
[ 1866.571831][T28212]  ? clear_bhb_loop+0x50/0xa0
[ 1866.576620][T28212]  ? clear_bhb_loop+0x50/0xa0
[ 1866.591895][T28212]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1866.731597][T28212] RIP: 0033:0x7f2c0259b4a5
[ 1866.736275][T28212] Code: Unable to access opcode bytes at RIP 0x7f2c0259b47b.
[ 1866.787822][T28212] RSP: 002b:00007f2c00fd0f80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 1866.888815][T28212] RAX: fffffffffffffdfc RBX: 00007f2c0278ffa0 RCX: 00007f2c0259b4a5
[ 1866.915272][T28212] RDX: 00007f2c00fd0fc0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1866.924825][T28212] RBP: 00007f2c025ebe19 R08: 0000000000000000 R09: 0000000000000000
[ 1866.934409][T28212] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1866.935405][   T30] audit: type=1326 audit(2619.029:11246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29302 comm="syz.6.9389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f322f2dabe9 code=0x7ffc0000
[ 1866.971701][T28212] R13: 00007f2c02790038 R14: 00007f2c0278ffa0 R15: 00007ffdf454d3c8
[ 1866.979839][T28212]  </TASK>
[ 1866.983022][T28212] ---[ end trace fd0907d099ca2007 ]---
[ 1866.988684][T28212] ==================================================================
[ 1866.997041][T28212] BUG: KASAN: null-ptr-deref in ihold+0x20/0x60
[ 1867.003318][T28212] Write of size 4 at addr 0000000000000170 by task syz.4.8911/28212
[ 1867.011502][T28212] 
[ 1867.013860][T28212] CPU: 0 PID: 28212 Comm: syz.4.8911 Tainted: G        W         5.15.189-syzkaller-android13-5.15.189_r00 #0
[ 1867.025744][T28212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1867.036004][T28212] Call Trace:
[ 1867.039307][T28212]  <TASK>
[ 1867.042274][T28212]  __dump_stack+0x21/0x30
[ 1867.046635][T28212]  dump_stack_lvl+0xee/0x150
[ 1867.051330][T28212]  ? show_regs_print_info+0x20/0x20
[ 1867.056545][T28212]  ? _raw_spin_lock+0x8e/0xe0
[ 1867.061251][T28212]  ? _raw_spin_trylock_bh+0x130/0x130
[ 1867.066651][T28212]  ? ihold+0x20/0x60
[ 1867.070573][T28212]  kasan_report+0xe7/0x140
[ 1867.075155][T28212]  ? ihold+0x20/0x60
[ 1867.079067][T28212]  kasan_check_range+0x280/0x290
[ 1867.084102][T28212]  __kasan_check_write+0x14/0x20
[ 1867.089146][T28212]  ihold+0x20/0x60
[ 1867.093088][T28212]  vfs_rmdir+0x1f0/0x460
[ 1867.097358][T28212]  incfs_kill_sb+0x105/0x220
[ 1867.101962][T28212]  deactivate_locked_super+0xa0/0x100
[ 1867.107454][T28212]  deactivate_super+0xaf/0xe0
[ 1867.112172][T28212]  cleanup_mnt+0x446/0x500
[ 1867.116687][T28212]  __cleanup_mnt+0x19/0x20
[ 1867.121136][T28212]  task_work_run+0x127/0x190
[ 1867.125730][T28212]  do_exit+0xa7e/0x27a0
[ 1867.129897][T28212]  ? put_task_struct+0x90/0x90
[ 1867.134691][T28212]  ? __kasan_check_write+0x14/0x20
[ 1867.139930][T28212]  ? _raw_spin_lock_irq+0x8f/0xe0
[ 1867.145145][T28212]  ? __kasan_check_read+0x11/0x20
[ 1867.150206][T28212]  ? cgroup_update_frozen+0x15c/0x970
[ 1867.155608][T28212]  do_group_exit+0x141/0x310
[ 1867.160226][T28212]  get_signal+0x66a/0x1480
[ 1867.164664][T28212]  arch_do_signal_or_restart+0xc1/0x10f0
[ 1867.170336][T28212]  ? nanosleep_copyout+0x120/0x120
[ 1867.175550][T28212]  ? __remove_hrtimer+0x3e0/0x3e0
[ 1867.180603][T28212]  ? get_sigframe_size+0x10/0x10
[ 1867.185564][T28212]  ? __x64_sys_clock_nanosleep+0xb0/0xb0
[ 1867.191505][T28212]  exit_to_user_mode_loop+0xa7/0xe0
[ 1867.197000][T28212]  exit_to_user_mode_prepare+0x5a/0xa0
[ 1867.202464][T28212]  syscall_exit_to_user_mode+0x1a/0x30
[ 1867.207944][T28212]  do_syscall_64+0x58/0xa0
[ 1867.212363][T28212]  ? clear_bhb_loop+0x50/0xa0
[ 1867.217042][T28212]  ? clear_bhb_loop+0x50/0xa0
[ 1867.221822][T28212]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1867.227986][T28212] RIP: 0033:0x7f2c0259b4a5
[ 1867.232407][T28212] Code: Unable to access opcode bytes at RIP 0x7f2c0259b47b.
[ 1867.239770][T28212] RSP: 002b:00007f2c00fd0f80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 1867.248377][T28212] RAX: fffffffffffffdfc RBX: 00007f2c0278ffa0 RCX: 00007f2c0259b4a5
[ 1867.256452][T28212] RDX: 00007f2c00fd0fc0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1867.264440][T28212] RBP: 00007f2c025ebe19 R08: 0000000000000000 R09: 0000000000000000
[ 1867.272412][T28212] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1867.280398][T28212] R13: 00007f2c02790038 R14: 00007f2c0278ffa0 R15: 00007ffdf454d3c8
[ 1867.288382][T28212]  </TASK>
[ 1867.291411][T28212] ==================================================================
[ 1867.299592][T28212] Disabling lock debugging due to kernel taint
[ 1867.318451][T28212] BUG: kernel NULL pointer dereference, address: 0000000000000170
[ 1867.326479][T28212] #PF: supervisor write access in kernel mode
[ 1867.332647][T28212] #PF: error_code(0x0002) - not-present page
[ 1867.338647][T28212] PGD 0 P4D 0 
[ 1867.342064][T28212] Oops: 0002 [#1] PREEMPT SMP KASAN
[ 1867.347294][T28212] CPU: 1 PID: 28212 Comm: syz.4.8911 Tainted: G    B   W         5.15.189-syzkaller-android13-5.15.189_r00 #0
[ 1867.359159][T28212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1867.369219][T28212] RIP: 0010:ihold+0x26/0x60
[ 1867.373770][T28212] Code: 00 00 00 00 55 48 89 e5 41 56 53 48 89 fb e8 61 b6 b3 ff 48 8d bb 70 01 00 00 be 04 00 00 00 e8 30 33 f2 ff 41 be 01 00 00 00 <f0> 44 0f c1 b3 70 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 e1
[ 1867.393380][T28212] RSP: 0018:ffffc90000cc7828 EFLAGS: 00010246
[ 1867.399538][T28212] RAX: ffff888134c86200 RBX: 0000000000000000 RCX: ffff888134c862c0
[ 1867.407520][T28212] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 00000000ffffffff
[ 1867.415494][T28212] RBP: ffffc90000cc7838 R08: 0000000000000004 R09: 0000000000000003
[ 1867.423566][T28212] R10: fffffbfff0e1804c R11: 1ffffffff0e1804c R12: 1ffff11026e89cb0
[ 1867.431663][T28212] R13: dffffc0000000000 R14: 0000000000000001 R15: 0000000000000000
[ 1867.439656][T28212] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1867.448689][T28212] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1867.455452][T28212] CR2: 0000000000000170 CR3: 0000000111663000 CR4: 00000000003506a0
[ 1867.463431][T28212] Call Trace:
[ 1867.466742][T28212]  <TASK>
[ 1867.469686][T28212]  vfs_rmdir+0x1f0/0x460
[ 1867.474023][T28212]  incfs_kill_sb+0x105/0x220
[ 1867.478619][T28212]  deactivate_locked_super+0xa0/0x100
[ 1867.483997][T28212]  deactivate_super+0xaf/0xe0
[ 1867.488677][T28212]  cleanup_mnt+0x446/0x500
[ 1867.493190][T28212]  __cleanup_mnt+0x19/0x20
[ 1867.497609][T28212]  task_work_run+0x127/0x190
[ 1867.502318][T28212]  do_exit+0xa7e/0x27a0
[ 1867.506618][T28212]  ? put_task_struct+0x90/0x90
[ 1867.511384][T28212]  ? __kasan_check_write+0x14/0x20
[ 1867.516672][T28212]  ? _raw_spin_lock_irq+0x8f/0xe0
[ 1867.521700][T28212]  ? __kasan_check_read+0x11/0x20
[ 1867.526733][T28212]  ? cgroup_update_frozen+0x15c/0x970
[ 1867.532158][T28212]  do_group_exit+0x141/0x310
[ 1867.536775][T28212]  get_signal+0x66a/0x1480
[ 1867.541226][T28212]  arch_do_signal_or_restart+0xc1/0x10f0
[ 1867.546892][T28212]  ? nanosleep_copyout+0x120/0x120
[ 1867.552011][T28212]  ? __remove_hrtimer+0x3e0/0x3e0
[ 1867.557047][T28212]  ? get_sigframe_size+0x10/0x10
[ 1867.561999][T28212]  ? __x64_sys_clock_nanosleep+0xb0/0xb0
[ 1867.567759][T28212]  exit_to_user_mode_loop+0xa7/0xe0
[ 1867.573051][T28212]  exit_to_user_mode_prepare+0x5a/0xa0
[ 1867.578615][T28212]  syscall_exit_to_user_mode+0x1a/0x30
[ 1867.584081][T28212]  do_syscall_64+0x58/0xa0
[ 1867.588503][T28212]  ? clear_bhb_loop+0x50/0xa0
[ 1867.593461][T28212]  ? clear_bhb_loop+0x50/0xa0
[ 1867.598145][T28212]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1867.604109][T28212] RIP: 0033:0x7f2c0259b4a5
[ 1867.608876][T28212] Code: Unable to access opcode bytes at RIP 0x7f2c0259b47b.
[ 1867.616239][T28212] RSP: 002b:00007f2c00fd0f80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 1867.624668][T28212] RAX: fffffffffffffdfc RBX: 00007f2c0278ffa0 RCX: 00007f2c0259b4a5
[ 1867.632657][T28212] RDX: 00007f2c00fd0fc0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1867.640649][T28212] RBP: 00007f2c025ebe19 R08: 0000000000000000 R09: 0000000000000000
[ 1867.648720][T28212] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1867.656784][T28212] R13: 00007f2c02790038 R14: 00007f2c0278ffa0 R15: 00007ffdf454d3c8
[ 1867.664911][T28212]  </TASK>
[ 1867.668034][T28212] Modules linked in:
[ 1867.671941][T28212] CR2: 0000000000000170
[ 1867.676135][T28212] ---[ end trace fd0907d099ca2008 ]---
[ 1867.681614][T28212] RIP: 0010:ihold+0x26/0x60
[ 1867.686129][T28212] Code: 00 00 00 00 55 48 89 e5 41 56 53 48 89 fb e8 61 b6 b3 ff 48 8d bb 70 01 00 00 be 04 00 00 00 e8 30 33 f2 ff 41 be 01 00 00 00 <f0> 44 0f c1 b3 70 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 e1
[ 1867.706011][T28212] RSP: 0018:ffffc90000cc7828 EFLAGS: 00010246
[ 1867.712094][T28212] RAX: ffff888134c86200 RBX: 0000000000000000 RCX: ffff888134c862c0
[ 1867.720085][T28212] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 00000000ffffffff
[ 1867.728213][T28212] RBP: ffffc90000cc7838 R08: 0000000000000004 R09: 0000000000000003
[ 1867.736273][T28212] R10: fffffbfff0e1804c R11: 1ffffffff0e1804c R12: 1ffff11026e89cb0
[ 1867.744454][T28212] R13: dffffc0000000000 R14: 0000000000000001 R15: 0000000000000000
[ 1867.752438][T28212] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1867.761377][T28212] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1867.768054][T28212] CR2: 0000000000000170 CR3: 0000000111663000 CR4: 00000000003506a0
[ 1867.776133][T28212] Kernel panic - not syncing: Fatal exception
[ 1867.782481][T28212] Kernel Offset: disabled
[ 1867.786877][T28212] Rebooting in 86400 seconds..