program: syz_mount_image$ext4(&(0x7f0000000980)='ext4\x00', &(0x7f0000002000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x58, &(0x7f00000000c0)={[{@orlov}, {@acl}, {@nomblk_io_submit}, {@barrier}, {@norecovery}, {@barrier_val={'barrier', 0x3d, 0x100}}, {@usrquota}, {@nobarrier}]}, 0xfe, 0x799, &(0x7f00000001c0)="$eJzs3c1rHGUYAPBnNp+m1UYQbL00Jy2UbtoaWwWh8SSChYKebcNmG2I22ZLdlCbkYBFBEEGLB0Evnv2oN28ievZv8CIiLVXTYsWDrMx+JJtukm7TTdI2vx9M8r4zs/PMs7Pzvu/uDLsB7FpD6Z9MxIGI+CiJ2Fefn0RET7XUHTFaW+/20mIunZKoVN74M6muc2tpMRdNj0ntqVf2R8SP70UczrTGLc0vTI0VCvnZen24PH1huDS/cGRyemwiP5GfOXFsZOT4yRdOnuhcrn//vLD3+sevPvfN6L/vPn31w5+SGI299WXNeXTKUAzVn5Oe9Cms+b7TUR4MyU7vAJuSnppdtbM8DsS+6KqWAIBHWdr/VwCAXSbR/wPALtP4HODW0mKuMe3sJxLb68YrEdFfy79xfbO2pLt+za6/eh104Fay6spIEhGDHYi/PyI+/+6tr9Iptug6JMBa3rkcEecGh1rb/2TlnoVNOtrGOkN31LV/sH1+SMc/L641/sssj39ijfFP3xrn7mYMRfTWN1fVev5nrq0K2nCqA8Hr47+Xa/e2pYk2jf+Wb1ob7KrXHk8rByNispBP27YnIuJQ9PSdnyzkj20Q49DN/26ut2yoafz315W3v0zjp/9X1shc6+5b/ZjxsfLY/eTc7MbliGe6V+7tu93S/jeOeuv498xGGz64Unztpfc/W2+1NP8038bUmv/WqnwR8WysnX9DsuH9icPp4T9a+7t2jG9//XRgvfjNxz+d0viN9wLbIT3+AxvnP5g0369Z6mz8u+e//Ppf3qH09d+bvFkt99bnXRorl2ePRfQmr7fOP76ytUa9sX6af23Di72xKv+V9i9Zo/1L3xOeazPH7ut/fL35/LdWmv/4PR3/ey9cvT3VtV789o7/SLV0qD6nnfav3R28n+cOAAAAAAAAAAAAAAAAAAAAAAAAANqViYi9kWSyy+VMJput/Yb3UzGQKRRL5cPni3Mz41H9rezB6Mk0vupyX62eNL7/dLCpfvyO+vMR8WREfNL3WLWezRUL4zudPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADU7Vnn9/9Tv/ft9N4BAFumv2VOpVKpNNdv5jdcDAA8dFr7fwDgUaf/B4DdR/8PALuP/h8Adh/9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFvszOnT6VT5Z2kxl9bHL87PTRUvHhnPl6ay03O5bK44eyE7USxOFPLZXHH6btsrFIsXRmJm7tJwOV8qD5fmF85OF+dmymcnp8dOxdl8z7ZkBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3pjS/MDVWKORnH4nCBxHxAOyGQmcLvx35Zf9G61y5y8t4tI1Y/fUT4gFJeecLO9wwAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwk/g8AAP//Ez0kyA==") socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, 0x0, 0x0) mount(&(0x7f0000000080)=@filename='./file0\x00', &(0x7f0000000300)='./file0\x00', &(0x7f0000000200)='btrfs\x00', 0x0, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r1, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00') ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0xc0686611, &(0x7f0000000180)={0x67, 0x0, 0x18, 0x2000, &(0x7f0000ffd000/0x2000)=nil}) r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0xa0, 0x0, 0x9, 0x201, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFCTH_STATUS={0x8, 0x6, 0x1, 0x0, 0x1}, @NFCTH_TUPLE={0x7c, 0x2, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @remote}, {0x14, 0x4, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @ipv4={'\x00', '\xff\xff', @remote}}, {0x14, 0x4, @local}}}, @CTA_TUPLE_ZONE={0x6}]}, @NFCTH_STATUS={0x8, 0x6, 0x1, 0x0, 0x1}]}, 0xa0}, 0x1, 0x0, 0x0, 0x4}, 0x20044000) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000740)={&(0x7f0000000940)={{0x14}, [@NFT_MSG_DELFLOWTABLE={0x104, 0x18, 0xa, 0x801, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_FLOWTABLE_HOOK={0xb8, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'batadv_slave_1\x00'}, {0x14, 0x1, 'wg2\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x68, 0x3, 0x0, 0x1, [{0x14, 0x1, 'macvtap0\x00'}, {0x14, 0x1, 'sit0\x00'}, {0x14, 0x1, 'wlan1\x00'}, {0x14, 0x1, 'ip6_vti0\x00'}, {0x14, 0x1, 'team0\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0xa1}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x4}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x12c}, 0x1, 0x0, 0x0, 0x8040}, 0x8040) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="200000001200010a00000000000000008004"], 0x26}}, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r4 = socket$alg(0x26, 0x5, 0x0) setsockopt$netlink_NETLINK_CAP_ACK(0xffffffffffffffff, 0x10e, 0xa, &(0x7f0000000580)=0x6dc1, 0x4) bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58) sendmmsg(r4, &(0x7f0000000ec0)=[{{&(0x7f00000002c0)=@l2tp={0x2, 0x0, @private=0xa010100, 0x4}, 0x80, &(0x7f0000000c80)=[{&(0x7f00000006c0)="cc5c84001214dbd9e5943aa8a315357330c56529d6b619a78687eea13ea02981afbb0fab70e8c3ab037cd82bd48f4947702a177974e7eff5f2ccdec909645f69e3dea5153157374459f6a21ba8609552d9ada54e81b0f19b55b77cf382ad229baa9decce1ea639a300f1fa65b945a0e29d36cb8ed369e91698c0e9", 0x7b}, {&(0x7f00000007c0)="a960e57530b65741465209e7c6235055450b1ed3da8592b928d8e20971659d8e3ca392643af5fa7ae0e3455099a5f7b857afa34cbf9962bdc9db46a15e7dcf9412a2b98b6ae75ca1bd7eae82d94855e9ced28430f77527b7c0b999eab05883ce32fa9b99187b196d53939db62b2b37c0cd0dea2a1be6f97dbcd0937bb416c3fb74a9d08d9afa4c86a507485b0e6821ba9d82e6b8522a6eba1734eccbc5659567aa08b5b93be09bc2a6d6319acbd1aeb751f8e9b7ce", 0xb5}], 0x2}}, {{0x0, 0x0, &(0x7f0000000600)=[{0x0}, {&(0x7f0000000880)="90b9f79fecb3ad0dc00ca95fb148a3ba4355cee5ce27d2c10d8474464a37dea0c1ab2a961404f5aa5493cdadb4b6bf4131e96c0aef0f89065db2aa551c68ce3fa911638fd608ff9e30cce409b6e516e59c272cdbbb88c83dc61199d70f8f7e05d9639d278d53151a6720a51979ffd78dcc1a000929160435bd61e3f36c78b9bd5baef79be54e537dfc26029f52cfd5b4dd3416fc140fce45c077ab5ee206763130ccdaedd3bff9b7a20b6b02e558fd", 0xaf}, {&(0x7f0000000a40)}], 0x3}}], 0x2, 0x11) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r5 = accept4(r4, 0x0, 0x0, 0x800) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000540)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r6, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r7, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r8, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r3, 0xc01864c6, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r9, 0xc01864c6, &(0x7f0000000040)={0x0, 0x0, 0x800}) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @rand_addr=0x64010102}]}, &(0x7f0000000240)=0x10) r10 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2) ioctl$vim2m_VIDIOC_S_CTRL(r10, 0xc008561c, &(0x7f0000000040)={0xf0f024}) [ 85.335828][ T5322] Bluetooth: hci0: command tx timeout [ 85.439305][ T5347] loop0: detected capacity change from 0 to 2048 [ 85.491948][ T5347] ======================================================= [ 85.491948][ T5347] WARNING: The mand mount option has been deprecated and [ 85.491948][ T5347] and is ignored by this kernel. Remove the mand [ 85.491948][ T5347] option from the mount to silence this warning. [ 85.491948][ T5347] ======================================================= [ 85.589927][ T5347] EXT4-fs: Ignoring removed orlov option [ 85.592656][ T5347] EXT4-fs: Ignoring removed nomblk_io_submit option [ 85.643525][ T5347] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 85.676986][ T5347] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 85.680395][ T5347] #PF: supervisor instruction fetch in kernel mode [ 85.683240][ T5347] #PF: error_code(0x0010) - not-present page [ 85.686175][ T5347] PGD 0 P4D 0 [ 85.687905][ T5347] Oops: Oops: 0010 [#1] SMP KASAN NOPTI [ 85.690344][ T5347] CPU: 0 UID: 0 PID: 5347 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 85.694736][ T5347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.699291][ T5347] RIP: 0010:0x0 [ 85.700788][ T5347] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 85.703809][ T5347] RSP: 0018:ffffc9000de27958 EFLAGS: 00010287 [ 85.706417][ T5347] RAX: ffffffff81fbd4f4 RBX: 1ffffd4000118f28 RCX: 0000000000100000 [ 85.709913][ T5347] RDX: ffffc90020391000 RSI: ffffea00008c7940 RDI: ffff888040e8f8c0 [ 85.713451][ T5347] RBP: ffffc9000de27a18 R08: ffffea00008c7947 R09: 1ffffd4000118f28 [ 85.716786][ T5347] R10: dffffc0000000000 R11: 0000000000000000 R12: 0000000000000000 [ 85.720112][ T5347] R13: ffffea00008c7948 R14: ffffea00008c7940 R15: 1ffffd4000118f29 [ 85.723528][ T5347] FS: 00007f298ebd86c0(0000) GS:ffff88808d414000(0000) knlGS:0000000000000000 [ 85.727310][ T5347] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.730070][ T5347] CR2: ffffffffffffffd6 CR3: 00000000114da000 CR4: 0000000000352ef0 [ 85.733590][ T5347] Call Trace: [ 85.735065][ T5347] [ 85.736410][ T5347] filemap_read_folio+0x117/0x380 [ 85.738654][ T5347] ? __pfx_filemap_read_folio+0x10/0x10 [ 85.741031][ T5347] do_read_cache_folio+0x358/0x590 [ 85.743292][ T5347] freader_get_folio+0x3c7/0x830 [ 85.745657][ T5347] freader_fetch+0xa3/0x750 [ 85.747717][ T5347] __build_id_parse+0x133/0x7d0 [ 85.749921][ T5347] ? __pfx___build_id_parse+0x10/0x10 [ 85.752408][ T5347] procfs_procmap_ioctl+0x76f/0xce0 [ 85.754625][ T5347] ? __pfx_procfs_procmap_ioctl+0x10/0x10 [ 85.757097][ T5347] ? __fget_files+0x2a/0x420 [ 85.759077][ T5347] ? __fget_files+0x2a/0x420 [ 85.760952][ T5347] ? __fget_files+0x3a0/0x420 [ 85.763037][ T5347] ? __fget_files+0x2a/0x420 [ 85.765084][ T5347] ? bpf_lsm_file_ioctl+0x9/0x20 [ 85.767259][ T5347] ? __pfx_procfs_procmap_ioctl+0x10/0x10 [ 85.769601][ T5347] __se_sys_ioctl+0xfc/0x170 [ 85.771474][ T5347] do_syscall_64+0xec/0xf80 [ 85.773345][ T5347] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.775859][ T5347] ? trace_irq_disable+0x37/0x100 [ 85.777667][ T5347] ? clear_bhb_loop+0x60/0xb0 [ 85.779533][ T5347] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.781939][ T5347] RIP: 0033:0x7f298dd8f7c9 [ 85.783890][ T5347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.792095][ T5347] RSP: 002b:00007f298ebd8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 85.795546][ T5347] RAX: ffffffffffffffda RBX: 00007f298dfe5fa0 RCX: 00007f298dd8f7c9 [ 85.798903][ T5347] RDX: 0000200000000180 RSI: 00000000c0686611 RDI: 0000000000000007 [ 85.802572][ T5347] RBP: 00007f298de13f91 R08: 0000000000000000 R09: 0000000000000000 [ 85.806080][ T5347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 85.809652][ T5347] R13: 00007f298dfe6038 R14: 00007f298dfe5fa0 R15: 00007ffc71676578 [ 85.813212][ T5347] [ 85.814657][ T5347] Modules linked in: [ 85.816203][ T5347] CR2: 0000000000000000 [ 85.817965][ T5347] ---[ end trace 0000000000000000 ]--- [ 85.820400][ T5347] RIP: 0010:0x0 [ 85.821943][ T5347] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 85.825327][ T5347] RSP: 0018:ffffc9000de27958 EFLAGS: 00010287 [ 85.828237][ T5347] RAX: ffffffff81fbd4f4 RBX: 1ffffd4000118f28 RCX: 0000000000100000 [ 85.831675][ T5347] RDX: ffffc90020391000 RSI: ffffea00008c7940 RDI: ffff888040e8f8c0 [ 85.834965][ T5347] RBP: ffffc9000de27a18 R08: ffffea00008c7947 R09: 1ffffd4000118f28 [ 85.838352][ T5347] R10: dffffc0000000000 R11: 0000000000000000 R12: 0000000000000000 [ 85.841877][ T5347] R13: ffffea00008c7948 R14: ffffea00008c7940 R15: 1ffffd4000118f29 [ 85.845113][ T5347] FS: 00007f298ebd86c0(0000) GS:ffff88808d414000(0000) knlGS:0000000000000000 [ 85.848860][ T5347] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.851360][ T5347] CR2: ffffffffffffffd6 CR3: 00000000114da000 CR4: 0000000000352ef0 [ 85.854881][ T5347] Kernel panic - not syncing: Fatal exception [ 85.857755][ T5347] Kernel Offset: disabled [ 85.859701][ T5347] Rebooting in 86400 seconds..